| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: "Quick Start NewTab" entfernenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
13.04.2014, 22:23
| #1 |
 |  "Quick Start NewTab" entfernen Hallo liebe Community, Ich habe mir heute ein Spiel gedownloadet und anscheinend ein wenig Arbeit mitbekommen. Als erstes wars ein Browservirus, das 2. mal wieder. für diese könnte ich auf Chip.de lösungen finden und sie somit entfernen/deinstallieren. Jetzt stehe ich aber bei Quick Start NewTab an! Habe hier im Forum schonmal eine grobe Anleitung gelesen und Malewarebytes Anti Maleware installiert und scannen lassen, hier der LogFile: <?xml version="1.0" encoding="UTF-16"?> -<mbam-log> -<header> <date>2014/04/13 22:58:40 +0200</date> <log>mbam-log-2014-04-13 (22-48-49).xml</log> <isadmin>yes</isadmin> </header> -<engine> <version>2.00.1.1004</version> <rules-database>v2014.04.13.08</rules-database> <swissarmy-database>v2014.03.27.01</swissarmy-database> <license>trial</license> <file-protection>enabled</file-protection> <web-protection>enabled</web-protection> <self-protection>disabled</self-protection> </engine> -<system> <osversion>Windows 7 Service Pack 1</osversion> <arch>x64</arch> <username>Sebastian</username> <filesys>NTFS</filesys> </system> -<summary> <type>threat</type> <result>completed</result> <objects>248658</objects> <time>589</time> <processes>3</processes> <modules>1</modules> <keys>95</keys> <values>4</values> <datas>17</datas> <folders>41</folders> <files>148</files> <sectors>0</sectors> </summary> -<options> <memory>enabled</memory> <startup>enabled</startup> <filesystem>enabled</filesystem> <archives>enabled</archives> <rootkits>disabled</rootkits> <deeprootkit>disabled</deeprootkit> <shuriken>enabled</shuriken> <pup>enabled</pup> <pum>enabled</pum> </options> -<items> -<process> <path>C:\ProgramData\WPM\wprotectmanager.exe</path> <vendor>PUP.Optional.WpManager</vendor> <action>delete-on-reboot</action> <pid>2984</pid> <hash>03d9d653c1ba0e2820ac05552ad71ce4</hash> </process> -<process> <path>C:\ProgramData\IePluginService\PluginService.exe</path> <vendor>PUP.Optional.IePluginService.A</vendor> <action>delete-on-reboot</action> <pid>2780</pid> <hash>66763aefd0ab8babbcbc163a44bd2ad6</hash> </process> -<process> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>delete-on-reboot</action> <pid>2896</pid> <hash>825a4adfe69515212f77b6b4a65c0df3</hash> </process> -<module> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdate.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>delete-on-reboot</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </module> -<key> <path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Wpm</path> <vendor>PUP.Optional.WpManager</vendor> <action>success</action> <hash>03d9d653c1ba0e2820ac05552ad71ce4</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\WPM</path> <vendor>PUP.Optional.WpManager</vendor> <action>success</action> <hash>03d9d653c1ba0e2820ac05552ad71ce4</hash> </key> -<key> <path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginService</path> <vendor>PUP.Optional.IePluginService.A</vendor> <action>success</action> <hash>66763aefd0ab8babbcbc163a44bd2ad6</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>31abff2a3b40181e2adac64da959837d</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>31abff2a3b40181e2adac64da959837d</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>31abff2a3b40181e2adac64da959837d</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>31abff2a3b40181e2adac64da959837d</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>31abff2a3b40181e2adac64da959837d</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>31abff2a3b40181e2adac64da959837d</hash> </key> -<key> <path>HKU\S-1-5-21-1609159171-3726035027-2611498187-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}</path> <vendor>PUP.Optional.QuickShare.A</vendor> <action>success</action> <hash>528a52d72f4cbe78ccb4e7605ca6aa56</hash> </key> -<key> <path>HKU\S-1-5-21-1609159171-3726035027-2611498187-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}</path> <vendor>PUP.Optional.QuickShare.A</vendor> <action>success</action> <hash>528a52d72f4cbe78ccb4e7605ca6aa56</hash> </key> -<key> <path>HKU\S-1-5-21-1609159171-3726035027-2611498187-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3CFAF932-A9CB-4E59-99A0-FE04E9DF9328}</path> <vendor>PUP.Optional.NetTock.A</vendor> <action>success</action> <hash>b62608215427cc6a4fc854be12f0ab55</hash> </key> -<key> <path>HKU\S-1-5-21-1609159171-3726035027-2611498187-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3CFAF932-A9CB-4E59-99A0-FE04E9DF9328}</path> <vendor>PUP.Optional.NetTock.A</vendor> <action>success</action> <hash>b62608215427cc6a4fc854be12f0ab55</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\TYPELIB\{363BB65D-1747-4826-B445-1DA6244E2037}</path> <vendor>PUP.Optional.Amonetize</vendor> <action>success</action> <hash>b62670b949327eb8f412beab3bc64eb2</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\INTERFACE\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}</path> <vendor>PUP.Optional.Amonetize</vendor> <action>success</action> <hash>b62670b949327eb8f412beab3bc64eb2</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}</path> <vendor>PUP.Optional.Amonetize</vendor> <action>success</action> <hash>b62670b949327eb8f412beab3bc64eb2</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{363BB65D-1747-4826-B445-1DA6244E2037}</path> <vendor>PUP.Optional.Amonetize</vendor> <action>success</action> <hash>b62670b949327eb8f412beab3bc64eb2</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}</path> <vendor>PUP.Optional.Amonetize</vendor> <action>success</action> <hash>b62670b949327eb8f412beab3bc64eb2</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdate.OneClickCtrl.9</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>6d6f46e391eacd698326de8c4db56b95</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdate.OneClickProcessLauncherMachine</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>2bb130f9354646f00f9a86e422e0669a</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdate.OneClickProcessLauncherMachine.1.0</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>a13b5acf116a0d29f0b97af02bd79967</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdate.Update3WebControl.3</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>2bb175b4087364d22d7bf2781ee413ed</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.CoCreateAsync</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>4696c861fb80e84e0b9e3e2cf40e35cb</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.CoCreateAsync.1.0</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>9745f534037873c3c6e3185203ffaf51</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.CoreClass</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>32aa67c28fec73c324854a2003ffc53b</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.CoreClass.1</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>d00cb079c4b72115cddc432742c0966a</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.CoreMachineClass</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>23b9a980b9c28da94d5c14560cf6a759</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.CoreMachineClass.1</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>a03c2702205b42f4b4f50268c43ed22e</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.CredentialDialogMachine</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>20bc03267b00b97d4564ea80847e8779</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.CredentialDialogMachine.1.0</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>14c8e5441a61dc5abeeb6bff12f00bf5</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachine</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>8b51d05997e483b3c5e4bcaec93906fa</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachine.1.0</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>5884bb6ebcbfe84efcadec7eb64c5fa1</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachineFallback</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>e5f7ec3db6c5d75f38712149fc061ee2</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachineFallback.1.0</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>f4e8a1880b70b086654446240002ec14</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.OnDemandCOMClassSvc</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>09d383a64e2d95a1b6f3bcaea95944bc</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.OnDemandCOMClassSvc.1.0</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>7e5e28012853072fa801d991d0326d93</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.ProcessLauncher</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>bb2155d45a21b185e5c44a208a78669a</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.ProcessLauncher.1.0</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>459738f1b2c93600a7021a50b15151af</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.Update3COMClassService</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>9f3d03261d5e56e010995e0c08fa03fd</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.Update3COMClassService.1.0</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>716b5acf68131d192980b4b6cf3312ee</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.Update3WebMachine</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>697338f1df9c49ed25843e2cc53d20e0</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.Update3WebMachine.1.0</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>fedee346245725111f8afa70a85a9f61</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.Update3WebMachineFallback</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>20bca782afcc89ad9a0f51192bd706fa</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.Update3WebMachineFallback.1.0</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>a4382900b9c27abcfdac5e0c4eb4c739</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.Update3WebSvc</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>b428b178f586da5cfeabf2787b872ed2</hash> </key> -<key> <path>HKLM\SOFTWARE\CLASSES\PriceMeterLiveUpdateUpdate.Update3WebSvc.1.0</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>0dcf8b9e98e30b2b19906cfe847e19e7</hash> </key> -<key> <path>HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}</path> <vendor>PUP.Optional.Qone8</vendor> <action>success</action> <hash>845830f98bf04fe71521108afb08a957</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\DealPlyLive</path> <vendor>PUP.Optional.DealPly.A</vendor> <action>success</action> <hash>8c50b17885f6ae882ca2266906fdd828</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\InstallIQ</path> <vendor>PUP.Optional.InstallBrain.A</vendor> <action>success</action> <hash>4d8f9c8d9cdfe45216f9bbb707fb7f81</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\webssearchesSoftware</path> <vendor>PUP.Optional.WebsSearches.A</vendor> <action>success</action> <hash>e1fbdb4e1c5f3cfa9f82e08b0cf68977</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdate.OneClickCtrl.9</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>6e6e67c277043303dccd4e1cd131857b</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdate.OneClickProcessLauncherMachine</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>4498f237403b1521911874f6877b9a66</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdate.OneClickProcessLauncherMachine.1.0</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>34a82bfeeb90ac8a2d7c3c2efd05ce32</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdate.Update3WebControl.3</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>d903e9400f6c9d990a9eb0ba15ed8977</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.CoCreateAsync</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>bb21ce5b0e6d072f2a7ff27825dd16ea</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.CoCreateAsync.1.0</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>9943d8510f6c211500a9343662a035cb</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.CoreClass</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>bf1d56d3295222146b3edd8d33cfd729</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.CoreClass.1</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>16c686a3512a94a206a3f872bf43d62a</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.CoreMachineClass</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>25b781a87b00f83eb9f068026d9545bb</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.CoreMachineClass.1</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>4795c861106b92a4edbc3a307c867f81</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.CredentialDialogMachine</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>d5072cfdee8db97d9514fa70e31f4ab6</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.CredentialDialogMachine.1.0</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>508c5ccd92e97fb71297b2b8b54dee12</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachine</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>4d8f01289edd73c3a2076307719107f9</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachine.1.0</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>dc000623abd0cf672e7b8cde49b9a858</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachineFallback</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>f3e9cb5ea3d825112089fe6cd32fa15f</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.OnDemandCOMClassMachineFallback.1.0</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>34a8e940f08b3402a70286e4649ee11f</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.OnDemandCOMClassSvc</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>d9038f9a6d0e6ccadfca600a6f93ba46</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.OnDemandCOMClassSvc.1.0</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>a73546e39ae10e289f0afd6d6b97c937</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.ProcessLauncher</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>974566c39ddecd69efbab6b4d42ef808</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.ProcessLauncher.1.0</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>29b3eb3e0b7062d45752b0ba5ca6e21e</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.Update3COMClassService</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>34a806237cff290d7f2a5317ca38cb35</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.Update3COMClassService.1.0</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>28b49891512a39fd1c8da4c68b7726da</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.Update3WebMachine</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>499384a594e771c578311e4c877bc23e</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.Update3WebMachine.1.0</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>be1ecf5a95e6c175d9d0f476fb079868</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.Update3WebMachineFallback</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>914b4edb601b1026357427438a78817f</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.Update3WebMachineFallback.1.0</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>1cc0c0693348b4820f9ae684bb4742be</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.Update3WebSvc</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>1dbf8d9cbebd360018916bff48bae020</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\PriceMeterLiveUpdateUpdate.Update3WebSvc.1.0</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>904c41e8304b54e2acfd3b2fb74b1ce4</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}</path> <vendor>PUP.Optional.Qone8</vendor> <action>success</action> <hash>07d5d4550b706ccabf7776244ab9a65a</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\VITTALIA\AxtanInstaller</path> <vendor>PUP.Optional.BundleInstaller.A</vendor> <action>success</action> <hash>fedea089601b50e615a15f1651b13cc4</hash> </key> -<key> <path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\pricemeterliveUpdate</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>825a4adfe69515212f77b6b4a65c0df3</hash> </key> -<key> <path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\pricemeterliveUpdatem</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>825a4adfe69515212f77b6b4a65c0df3</hash> </key> -<key> <path>HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\PRICEMETERLIVEUPDATE.EXE</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>825a4adfe69515212f77b6b4a65c0df3</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\PRICEMETERLIVEUPDATE.EXE</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>825a4adfe69515212f77b6b4a65c0df3</hash> </key> -<key> <path>HKU\S-1-5-21-1609159171-3726035027-2611498187-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S</path> <vendor>PUP.Optional.InstallCore.A</vendor> <action>success</action> <hash>617bef3a3348340270bfbcbc36ccbc44</hash> </key> -<key> <path>HKU\S-1-5-21-1609159171-3726035027-2611498187-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE</path> <vendor>PUP.Optional.InstallCore.A</vendor> <action>success</action> <hash>d606012857245dd9d694f29cd92a718f</hash> </key> -<key> <path>HKU\S-1-5-21-1609159171-3726035027-2611498187-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}</path> <vendor>PUP.Optional.Qone8</vendor> <action>success</action> <hash>f6e609202f4c5dd9cf66d7c3c73c8f71</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{89449F37-4AB2-46ED-A566-BB3A7797701B}</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{89449F37-4AB2-46ED-A566-BB3A7797701B}</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{89449F37-4AB2-46ED-A566-BB3A7797701B}</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F509ADC2-B40E-470F-A7B7-45191486B5CB}</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F509ADC2-B40E-470F-A7B7-45191486B5CB}</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{F509ADC2-B40E-470F-A7B7-45191486B5CB}</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4211E851-747F-4470-923D-6EF683EE79CA}</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </key> -<key> <path>HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{74930D00-2198-46FE-B6BC-FEEC60C666C9}</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </key> -<value> <path>HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS</path> <valuename>quick_start@gmail.com</valuename> <vendor>PUP.Optional.QuickStart.A</vendor> <action>success</action> <valuedata>C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\577yui5v.default\extensions\quick_start@gmail.com</valuedata> <hash>924a50d9c1ba65d1c7179fcc837f03fd</hash> </value> -<value> <path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WPM</path> <valuename>ImagePath</valuename> <vendor>PUP.Optional.WpManager.A</vendor> <action>success</action> <valuedata>C:\ProgramData\WPM\wprotectmanager.exe -service</valuedata> <hash>bf1d6cbd5d1e54e21202e0bfdd26e917</hash> </value> -<value> <path>HKU\S-1-5-21-1609159171-3726035027-2611498187-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE</path> <valuename>tb</valuename> <vendor>PUP.Optional.InstallCore.A</vendor> <action>success</action> <valuedata>0R2Y1I1P1N0J1U1C</valuedata> <hash>d606012857245dd9d694f29cd92a718f</hash> </value> -<value> <path>HKU\S-1-5-21-1609159171-3726035027-2611498187-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS</path> <valuename>ProxyServer</valuename> <vendor>PUM.Bad.Proxy</vendor> <action>success</action> <valuedata>http=127.0.0.1:13828</valuedata> <hash>0bd1bd6c9fdc75c189d106a1f310c838</hash> </value> -<data> <path>HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND</path> <valuename/> <vendor>PUP.Optional.WebsSearches.A</vendor> <action>replaced</action> <valuedata>C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1397417116&from=amt&uid=ST500DM002-1BD142_S2AKEAXWXXXXS2AKEAXW</valuedata> <baddata>C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1397417116&from=amt&uid=ST500DM002-1BD142_S2AKEAXWXXXXS2AKEAXW</baddata> <gooddata>iexplore.exe</gooddata> <hash>29b390997803a98dfff8b46209fbb64a</hash> </data> -<data> <path>HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN</path> <valuename>Start Page</valuename> <vendor>PUP.Optional.WebsSearches.A</vendor> <action>replaced</action> <valuedata>hxxp://istart.webssearches.com/?type=hp&ts=1397417116&from=amt&uid=ST500DM002-1BD142_S2AKEAXWXXXXS2AKEAXW</valuedata> <baddata>hxxp://istart.webssearches.com/?type=hp&ts=1397417116&from=amt&uid=ST500DM002-1BD142_S2AKEAXWXXXXS2AKEAXW</baddata> <gooddata>www.google.com</gooddata> <hash>b8245ccdd2a92b0bc13a73a3d1339070</hash> </data> -<data> <path>HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN</path> <valuename>Default_Search_URL</valuename> <vendor>PUP.Optional.WebsSearches.A</vendor> <action>replaced</action> <valuedata>hxxp://istart.webssearches.com/web/?type=ds&ts=1397417116&from=amt&uid=ST500DM002-1BD142_S2AKEAXWXXXXS2AKEAXW&q={searchTerms}</valuedata> <baddata>hxxp://istart.webssearches.com/web/?type=ds&ts=1397417116&from=amt&uid=ST500DM002-1BD142_S2AKEAXWXXXXS2AKEAXW&q={searchTerms}</baddata> <gooddata>www.google.com</gooddata> <hash>27b585a4b4c773c315e5070f7f851be5</hash> </data> -<data> <path>HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN</path> <valuename>Default_Page_URL</valuename> <vendor>PUP.Optional.WebsSearches.A</vendor> <action>replaced</action> <valuedata>hxxp://istart.webssearches.com/?type=hp&ts=1397417116&from=amt&uid=ST500DM002-1BD142_S2AKEAXWXXXXS2AKEAXW</valuedata> <baddata>hxxp://istart.webssearches.com/?type=hp&ts=1397417116&from=amt&uid=ST500DM002-1BD142_S2AKEAXWXXXXS2AKEAXW</baddata> <gooddata>www.google.com</gooddata> <hash>efedd4555c1fe84ef702070f64a013ed</hash> </data> -<data> <path>HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES</path> <valuename>DefaultScope</valuename> <vendor>PUP.Optional.Qone8</vendor> <action>replaced</action> <valuedata>{33BB0A4E-99AF-4226-BDF6-49120163DE86}</valuedata> <baddata>{33BB0A4E-99AF-4226-BDF6-49120163DE86}</baddata> <gooddata>{0633EE93-D776-472f-A0FF-E1416B8B2E3A}</gooddata> <hash>904ce2477cff39fdd90ef030768e11ef</hash> </data> -<data> <path>HKLM\SOFTWARE\WOW6432NODE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND</path> <valuename/> <vendor>PUP.Optional.WebsSearches.A</vendor> <action>replaced</action> <valuedata>C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1397417116&from=amt&uid=ST500DM002-1BD142_S2AKEAXWXXXXS2AKEAXW</valuedata> <baddata>C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1397417116&from=amt&uid=ST500DM002-1BD142_S2AKEAXWXXXXS2AKEAXW</baddata> <gooddata>iexplore.exe</gooddata> <hash>07d57dac7506013554a3c551ce368779</hash> </data> -<data> <path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN</path> <valuename>Start Page</valuename> <vendor>PUP.Optional.WebsSearches.A</vendor> <action>replaced</action> <valuedata>hxxp://istart.webssearches.com/?type=hp&ts=1397417116&from=amt&uid=ST500DM002-1BD142_S2AKEAXWXXXXS2AKEAXW</valuedata> <baddata>hxxp://istart.webssearches.com/?type=hp&ts=1397417116&from=amt&uid=ST500DM002-1BD142_S2AKEAXWXXXXS2AKEAXW</baddata> <gooddata>www.google.com</gooddata> <hash>8c502900116aa690f60532e406fe7888</hash> </data> -<data> <path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN</path> <valuename>Default_Search_URL</valuename> <vendor>PUP.Optional.WebsSearches.A</vendor> <action>replaced</action> <valuedata>hxxp://istart.webssearches.com/web/?type=ds&ts=1397417116&from=amt&uid=ST500DM002-1BD142_S2AKEAXWXXXXS2AKEAXW&q={searchTerms}</valuedata> <baddata>hxxp://istart.webssearches.com/web/?type=ds&ts=1397417116&from=amt&uid=ST500DM002-1BD142_S2AKEAXWXXXXS2AKEAXW&q={searchTerms}</baddata> <gooddata>www.google.com</gooddata> <hash>6379b07984f716205e9c30e6da2a0bf5</hash> </data> -<data> <path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN</path> <valuename>Default_Page_URL</valuename> <vendor>PUP.Optional.WebsSearches.A</vendor> <action>replaced</action> <valuedata>hxxp://istart.webssearches.com/?type=hp&ts=1397417116&from=amt&uid=ST500DM002-1BD142_S2AKEAXWXXXXS2AKEAXW</valuedata> <baddata>hxxp://istart.webssearches.com/?type=hp&ts=1397417116&from=amt&uid=ST500DM002-1BD142_S2AKEAXWXXXXS2AKEAXW</baddata> <gooddata>www.google.com</gooddata> <hash>8458cc5de893d462ac4d66b041c3c838</hash> </data> -<data> <path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES</path> <valuename>DefaultScope</valuename> <vendor>PUP.Optional.Qone8</vendor> <action>replaced</action> <valuedata>{33BB0A4E-99AF-4226-BDF6-49120163DE86}</valuedata> <baddata>{33BB0A4E-99AF-4226-BDF6-49120163DE86}</baddata> <gooddata>{0633EE93-D776-472f-A0FF-E1416B8B2E3A}</gooddata> <hash>18c49a8f572460d62fb8bf619a6abe42</hash> </data> -<data> <path>HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL</path> <valuename>Default</valuename> <vendor>PUP.Optional.SnapDo.A</vendor> <action>replaced</action> <valuedata>hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbaDK_XpD2DT87tQiO39kR580HzoZGWerp-2vVf8vhe6vAG8eEE5nbM9wg4NpJBkx6zMIdsiYcVQHUthTBx0jINnrF-zwmkPiN2N4hEzsBxJaOElQWtDz73HWAjRwzBaec-eT9obGRqhkRUkWDpPKDyhCa1VXIBE1CUWI_lU9vN9Yp9peL9UrVTTi9rZ5BNvg7QlF93mwsk,&q={searchTerms}</valuedata> <baddata>hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbaDK_XpD2DT87tQiO39kR580HzoZGWerp-2vVf8vhe6vAG8eEE5nbM9wg4NpJBkx6zMIdsiYcVQHUthTBx0jINnrF-zwmkPiN2N4hEzsBxJaOElQWtDz73HWAjRwzBaec-eT9obGRqhkRUkWDpPKDyhCa1VXIBE1CUWI_lU9vN9Yp9peL9UrVTTi9rZ5BNvg7QlF93mwsk,&q={searchTerms}</baddata> <gooddata>www.google.com</gooddata> <hash>a9330d1c6f0c82b47e70120483814cb4</hash> </data> -<data> <path>HKU\S-1-5-21-1609159171-3726035027-2611498187-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN</path> <valuename>Search Page</valuename> <vendor>PUP.Optional.Snapdo</vendor> <action>replaced</action> <valuedata>hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbaDK_XpD2DT87tQiO39kR580HzoZGWerp-2vVf8vhe6vAG8eEE5nbM9wg4NpJBkx6zMIdsiYcVQHUthTBx0jINnrF-zwmkPiN2N4hEzsBxJaOElQWtDz73HWAjRwzBaec-eT9obGRqhkRUkWDpPKDyhCa1VXIBE1CUWI_lU9vN9Yp9peL9UrVTTi9rZ5BNvg7QlF93mws4,&q={searchTerms}</valuedata> <baddata>hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbaDK_XpD2DT87tQiO39kR580HzoZGWerp-2vVf8vhe6vAG8eEE5nbM9wg4NpJBkx6zMIdsiYcVQHUthTBx0jINnrF-zwmkPiN2N4hEzsBxJaOElQWtDz73HWAjRwzBaec-eT9obGRqhkRUkWDpPKDyhCa1VXIBE1CUWI_lU9vN9Yp9peL9UrVTTi9rZ5BNvg7QlF93mws4,&q={searchTerms}</baddata> <gooddata>hxxp://www.google.com</gooddata> <hash>c5170c1d1e5d221494c37fa1e2227987</hash> </data> -<data> <path>HKU\S-1-5-21-1609159171-3726035027-2611498187-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN</path> <valuename>Start Page</valuename> <vendor>PUP.Optional.WebsSearches.A</vendor> <action>replaced</action> <valuedata>hxxp://istart.webssearches.com/?type=hp&ts=1397417116&from=amt&uid=ST500DM002-1BD142_S2AKEAXWXXXXS2AKEAXW</valuedata> <baddata>hxxp://istart.webssearches.com/?type=hp&ts=1397417116&from=amt&uid=ST500DM002-1BD142_S2AKEAXWXXXXS2AKEAXW</baddata> <gooddata>www.google.com</gooddata> <hash>09d340e9fa8151e5ba05d24f7e86639d</hash> </data> -<data> <path>HKU\S-1-5-21-1609159171-3726035027-2611498187-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN</path> <valuename>Search Bar</valuename> <vendor>PUP.Optional.Snapdo</vendor> <action>replaced</action> <valuedata>hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbaDK_XpD2DT87tQiO39kR580HzoZGWerp-2vVf8vhe6vAG8eEE5nbM9wg4NpJBkx6zMIdsiYcVQHUthTBx0jINnrF-zwmkPiN2N4hEzsBxJaOElQWtDz73HWAjRwzBaec-eT9obGRqhkRUkWDpPKDyhCa1VXIBE1CUWI_lU9vN9Yp9peL9UrVTTi9rZ5BNvg7QlF93mws4,&q={searchTerms}</valuedata> <baddata>hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbaDK_XpD2DT87tQiO39kR580HzoZGWerp-2vVf8vhe6vAG8eEE5nbM9wg4NpJBkx6zMIdsiYcVQHUthTBx0jINnrF-zwmkPiN2N4hEzsBxJaOElQWtDz73HWAjRwzBaec-eT9obGRqhkRUkWDpPKDyhCa1VXIBE1CUWI_lU9vN9Yp9peL9UrVTTi9rZ5BNvg7QlF93mws4,&q={searchTerms}</baddata> <gooddata>hxxp://www.google.com</gooddata> <hash>0bd16cbdabd03006aea844dcff05d32d</hash> </data> -<data> <path>HKU\S-1-5-21-1609159171-3726035027-2611498187-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH</path> <valuename>Default_Search_URL</valuename> <vendor>PUP.Optional.Snapdo</vendor> <action>replaced</action> <valuedata>hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbaDK_XpD2DT87tQiO39kR580HzoZGWerp-2vVf8vhe6vAG8eEE5nbM9wg4NpJBkx6zMIdsiYcVQHUthTBx0jINnrF-zwmkPiN2N4hEzsBxJaOElQWtDz73HWAjRwzBaec-eT9obGRqhkRUkWDpPKDyhCa1VXIBE1CUWI_lU9vN9Yp9peL9UrVTTi9rZ5BNvg7QlF93mws4,&q={searchTerms}</valuedata> <baddata>hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbaDK_XpD2DT87tQiO39kR580HzoZGWerp-2vVf8vhe6vAG8eEE5nbM9wg4NpJBkx6zMIdsiYcVQHUthTBx0jINnrF-zwmkPiN2N4hEzsBxJaOElQWtDz73HWAjRwzBaec-eT9obGRqhkRUkWDpPKDyhCa1VXIBE1CUWI_lU9vN9Yp9peL9UrVTTi9rZ5BNvg7QlF93mws4,&q={searchTerms}</baddata> <gooddata>hxxp://www.google.com</gooddata> <hash>cd0fad7cd9a2f04674e565bbf21217e9</hash> </data> -<data> <path>HKU\S-1-5-21-1609159171-3726035027-2611498187-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH</path> <valuename>SearchAssistant</valuename> <vendor>PUP.Optional.Snapdo</vendor> <action>replaced</action> <valuedata>hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbaDK_XpD2DT87tQiO39kR580HzoZGWerp-2vVf8vhe6vAG8eEE5nbM9wg4NpJBkx6zMIdsiYcVQHUthTBx0jINnrF-zwmkPiN2N4hEzsBxJaOElQWtDz73HWAjRwzBaec-eT9obGRqhkRUkWDpPKDyhCa1VXIBE1CUWI_lU9vN9Yp9peL9UrVTTi9rZ5BNvg7QlF93mws4,&q={searchTerms}</valuedata> <baddata>hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbaDK_XpD2DT87tQiO39kR580HzoZGWerp-2vVf8vhe6vAG8eEE5nbM9wg4NpJBkx6zMIdsiYcVQHUthTBx0jINnrF-zwmkPiN2N4hEzsBxJaOElQWtDz73HWAjRwzBaec-eT9obGRqhkRUkWDpPKDyhCa1VXIBE1CUWI_lU9vN9Yp9peL9UrVTTi9rZ5BNvg7QlF93mws4,&q={searchTerms}</baddata> <gooddata>hxxp://www.google.com</gooddata> <hash>32aa17121a6166d02a305fc1dd276799</hash> </data> -<data> <path>HKU\S-1-5-21-1609159171-3726035027-2611498187-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL</path> <valuename>Default</valuename> <vendor>PUP.Optional.SnapDo.A</vendor> <action>replaced</action> <valuedata>hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbaDK_XpD2DT87tQiO39kR580HzoZGWerp-2vVf8vhe6vAG8eEE5nbM9wg4NpJBkx6zMIdsiYcVQHUthTBx0jINnrF-zwmkPiN2N4hEzsBxJaOElQWtDz73HWAjRwzBaec-eT9obGRqhkRUkWDpPKDyhCa1VXIBE1CUWI_lU9vN9Yp9peL9UrVTTi9rZ5BNvg7QlF93mws4,&q={searchTerms}</valuedata> <baddata>hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRbaDK_XpD2DT87tQiO39kR580HzoZGWerp-2vVf8vhe6vAG8eEE5nbM9wg4NpJBkx6zMIdsiYcVQHUthTBx0jINnrF-zwmkPiN2N4hEzsBxJaOElQWtDz73HWAjRwzBaec-eT9obGRqhkRUkWDpPKDyhCa1VXIBE1CUWI_lU9vN9Yp9peL9UrVTTi9rZ5BNvg7QlF93mws4,&q={searchTerms}</baddata> <gooddata>www.google.com</gooddata> <hash>ab319297493279bd08e78c8a3fc53cc4</hash> </data> -<folder> <path>C:\Program Files (x86)\SupTab</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </folder> -<folder> <path>C:\Program Files (x86)\SupTab\web</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </folder> -<folder> <path>C:\Program Files (x86)\SupTab\web\img</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </folder> -<folder> <path>C:\Program Files (x86)\SupTab\web\img\weather</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </folder> -<folder> <path>C:\Program Files (x86)\SupTab\web\js</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </folder> -<folder> <path>C:\Program Files (x86)\SupTab\web\_locales</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </folder> -<folder> <path>C:\Program Files (x86)\SupTab\web\_locales\en-US</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </folder> -<folder> <path>C:\Program Files (x86)\SupTab\web\_locales\es-419</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </folder> -<folder> <path>C:\Program Files (x86)\SupTab\web\_locales\es-ES</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </folder> -<folder> <path>C:\Program Files (x86)\SupTab\web\_locales\fr-BE</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </folder> -<folder> <path>C:\Program Files (x86)\SupTab\web\_locales\fr-CA</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </folder> -<folder> <path>C:\Program Files (x86)\SupTab\web\_locales\fr-CH</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </folder> -<folder> <path>C:\Program Files (x86)\SupTab\web\_locales\fr-FR</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </folder> -<folder> <path>C:\Program Files (x86)\SupTab\web\_locales\fr-LU</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </folder> -<folder> <path>C:\Program Files (x86)\SupTab\web\_locales\it-CH</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </folder> -<folder> <path>C:\Program Files (x86)\SupTab\web\_locales\it-IT</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </folder> -<folder> <path>C:\Program Files (x86)\SupTab\web\_locales\pl</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </folder> -<folder> <path>C:\Program Files (x86)\SupTab\web\_locales\pt</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </folder> -<folder> <path>C:\Program Files (x86)\SupTab\web\_locales\pt-BR</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </folder> -<folder> <path>C:\Program Files (x86)\SupTab\web\_locales\ru</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </folder> -<folder> <path>C:\Program Files (x86)\SupTab\web\_locales\ru-MO</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </folder> -<folder> <path>C:\Program Files (x86)\SupTab\web\_locales\tr-TR</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </folder> -<folder> <path>C:\Program Files (x86)\SupTab\web\_locales\vi-VI</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </folder> -<folder> <path>C:\Program Files (x86)\SupTab\web\_locales\zh-CN</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </folder> -<folder> <path>C:\Program Files (x86)\SupTab\web\_locales\zh-TW</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </folder> -<folder> <path>C:\Users\Sebastian\AppData\Local\WeatherAlerts</path> <vendor>PUP.Optional.WeatherAlerts</vendor> <action>success</action> <hash>6874ba6f82f946f0f1f988d434cecf31</hash> </folder> -<folder> <path>C:\ProgramData\IePluginService</path> <vendor>PUP.Optional.IePluginService.A</vendor> <action>delete-on-reboot</action> <hash>f2eab9706813f93d255b7fde986a5da3</hash> </folder> -<folder> <path>C:\ProgramData\IePluginService\update</path> <vendor>PUP.Optional.IePluginService.A</vendor> <action>success</action> <hash>f2eab9706813f93d255b7fde986a5da3</hash> </folder> -<folder> <path>C:\Users\Sebastian\AppData\Roaming\webssearches</path> <vendor>PUP.Optional.WebsSearches.A</vendor> <action>success</action> <hash>38a416136d0e0c2a3d7b80e1986afe02</hash> </folder> -<folder> <path>C:\Users\Sebastian\AppData\Roaming\webssearches\images</path> <vendor>PUP.Optional.WebsSearches.A</vendor> <action>success</action> <hash>38a416136d0e0c2a3d7b80e1986afe02</hash> </folder> -<folder> <path>C:\Users\Sebastian\AppData\Roaming\webssearches\log</path> <vendor>PUP.Optional.WebsSearches.A</vendor> <action>success</action> <hash>38a416136d0e0c2a3d7b80e1986afe02</hash> </folder> -<folder> <path>C:\Users\Sebastian\AppData\Roaming\PriceMeterUpdater</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>518b8b9ed5a6c76f2eb5acb5a55dac54</hash> </folder> -<folder> <path>C:\Users\Sebastian\AppData\Roaming\PriceMeterUpdater\UpdateProc</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>518b8b9ed5a6c76f2eb5acb5a55dac54</hash> </folder> -<folder> <path>C:\Program Files (x86)\PriceMeterLiveUpdate</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>delete-on-reboot</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </folder> -<folder> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\CrashReports</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </folder> -<folder> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>delete-on-reboot</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </folder> -<folder> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>delete-on-reboot</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </folder> -<folder> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\Download</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </folder> -<folder> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\Install</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </folder> -<folder> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\Offline</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </folder> -<folder> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\Offline\{81687F83-A633-4063-8C92-7C0DCAFFF90B}</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </folder> -<file> <path>C:\Users\Sebastian\AppData\Local\Temp\core.exe</path> <vendor>Adware.Bundle</vendor> <action>delete-on-reboot</action> <hash>eeee77b233486dc90e27f91dad54d62a</hash> </file> -<file> <path>C:\Users\Sebastian\AppData\Local\Temp\melc.exe</path> <vendor>Adware.Bundle</vendor> <action>delete-on-reboot</action> <hash>815bd752dba096a084b1cf472ad77b85</hash> </file> -<file> <path>C:\ProgramData\WPM\wprotectmanager.exe</path> <vendor>PUP.Optional.WpManager</vendor> <action>delete-on-reboot</action> <hash>03d9d653c1ba0e2820ac05552ad71ce4</hash> </file> -<file> <path>C:\ProgramData\IePluginService\PluginService.exe</path> <vendor>PUP.Optional.IePluginService.A</vendor> <action>delete-on-reboot</action> <hash>66763aefd0ab8babbcbc163a44bd2ad6</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\SupTab.dll</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>31abff2a3b40181e2adac64da959837d</hash> </file> -<file> <path>C:\Users\Sebastian\AppData\Roaming\SupTab\SupTab.dll</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>6676ed3c1d5e78be86c4171ee81817e9</hash> </file> -<file> <path>C:\Users\Sebastian\AppData\Local\Temp\20575733.exe</path> <vendor>PUP.Optional.SafeInstall.A</vendor> <action>success</action> <hash>716be742a6d586b02f7b143279883cc4</hash> </file> -<file> <path>C:\Users\Sebastian\AppData\Local\Temp\21323253.exe</path> <vendor>PUP.Optional.SafeInstall.A</vendor> <action>success</action> <hash>a636cf5ad1aa81b5eac0bb8b946da15f</hash> </file> -<file> <path>C:\Users\Sebastian\AppData\Local\Temp\MediaPlayer__5647_il380.exe</path> <vendor>PUP.Optional.Amonetize.A</vendor> <action>success</action> <hash>3ba1c2674b303afcdd7cb38936cad12f</hash> </file> -<file> <path>C:\Users\Sebastian\AppData\Local\Temp\fox.exe</path> <vendor>Adware.Bundle</vendor> <action>success</action> <hash>9646ec3df9828fa767ce869050b1738d</hash> </file> -<file> <path>C:\Users\Sebastian\AppData\Local\Temp\svhosts.exe</path> <vendor>Adware.Bundle</vendor> <action>success</action> <hash>27b5c762fa81af8742f36bab6e932bd5</hash> </file> -<file> <path>C:\Users\Sebastian\AppData\Local\Temp\instloffer.exe</path> <vendor>PUP.Optional.Vittalia</vendor> <action>success</action> <hash>924aae7b34471e18e6e8ff759d6414ec</hash> </file> -<file> <path>C:\Users\Sebastian\AppData\Local\Temp\fullpackage_temp1397417104\alilog.dll</path> <vendor>PUP.Optional.SkyTech.A</vendor> <action>success</action> <hash>489441e8c4b761d5da3833fffe02f709</hash> </file> -<file> <path>C:\Users\Sebastian\AppData\Local\Temp\fullpackage_temp1397417104\package1.zip</path> <vendor>PUP.Optional.SkyTech.A</vendor> <action>success</action> <hash>1dbf79b0d8a3ea4cd73b89a9cb35827e</hash> </file> -<file> <path>C:\Users\Sebastian\AppData\Local\Temp\fullpackage_temp1397417104\tmp\SupTab.exe</path> <vendor>PUP.Optional.IePluginService.A</vendor> <action>success</action> <hash>b12b0f1aaecdc47298e09cb4728fe31d</hash> </file> -<file> <path>C:\Users\Sebastian\AppData\Local\Temp\fullpackage_temp1397417104\tmp\wpm.exe</path> <vendor>PUP.Optional.WpManager</vendor> <action>success</action> <hash>ae2e36f3d9a2ed49527a3e1cbc45ef11</hash> </file> -<file> <path>C:\Users\Sebastian\AppData\Local\Temp\Phx8E12\DesktopWeatherAlertsSetup.exe</path> <vendor>PUP.Optional.WeatherAlerts.A</vendor> <action>success</action> <hash>49930e1bb4c7df5718588fbaa16303fd</hash> </file> -<file> <path>C:\Users\Sebastian\Downloads\installer_microsoft_picture_it_9_0_Deutsch.exe</path> <vendor>PUP.Optional.Vittalia</vendor> <action>success</action> <hash>c715f33695e6e94d1db34807bc4539c7</hash> </file> -<file> <path>C:\Users\Sebastian\AppData\Local\41\a18467.exe</path> <vendor>PUP.Optional.Amonetize</vendor> <action>success</action> <hash>b62670b949327eb8f412beab3bc64eb2</hash> </file> -<file> <path>C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineCore.job</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>f8e425044d2ef442d2d88bdf976b8080</hash> </file> -<file> <path>C:\Windows\Tasks\PriceMeterLiveUpdateUpdateTaskMachineUA.job</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>0bd137f2f28991a5e3c78ddd49b98779</hash> </file> -<file> <path>C:\Windows\Tasks\PriceMeterUpdater.job</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>8b5155d48cef46f0eac1e28829d9d42c</hash> </file> -<file> <path>C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\webssearches.xml</path> <vendor>PUP.Optional.WebsSearches.A</vendor> <action>success</action> <hash>fce087a286f5f442b370016a37cb58a8</hash> </file> -<file> <path>C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\577yui5v.default\searchplugins\Web Search.xml</path> <vendor>PUP.Optional.WebSearch.A</vendor> <action>success</action> <hash>31ab8c9d95e6f93dc621a7c619e93fc1</hash> </file> -<file> <path>C:\Windows\System32\roboot64.exe</path> <vendor>PUP.Optional.PCPerformer.A</vendor> <action>success</action> <hash>e1fb27020e6d54e226c3bdb4cc36867a</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\install.data</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\uninstall.exe</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\WebDataJs</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\data.html</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\indexIE.html</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\indexIE8.html</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\main.css</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\ver.txt</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\img\arrow.png</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\img\default_add_logo.png</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\img\default_add_logo_hover.png</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\img\default_logo.png</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\img\googlelogo.png</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\img\googlelogo2.png</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\img\google_trends.png</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\img\icon128.png</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\img\icon16.png</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\img\icon48.png</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\img\loading.gif</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\img\logo32.ico</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\img\search.png</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\img\sliders.png</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\img\weather\0.png</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\js\common.js</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\js\ga.js</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\js\ie8.js</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\js\jquery-1.11.0.min.js</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\js\js.js</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\js\library.js</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\js\xagainit.js</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\_locales\pt\messages.json</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json</path> <vendor>PUP.Optional.SupTab.A</vendor> <action>success</action> <hash>7b61b27758237abca343abc9ea181ce4</hash> </file> -<file> <path>C:\Windows\Tasks\PassShow Update.job</path> <vendor>PUP.Optional.PassShow.A</vendor> <action>success</action> <hash>9448b6732e4d1a1cb75dec8c23dfbf41</hash> </file> -<file> <path>C:\Windows\Tasks\AmiUpdXp.job</path> <vendor>PUP.Software.Updater</vendor> <action>success</action> <hash>d00cc2676e0d7cba4784334c27dbe818</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>delete-on-reboot</action> <hash>825a4adfe69515212f77b6b4a65c0df3</hash> </file> -<file> <path>C:\ProgramData\IePluginService\update\conf</path> <vendor>PUP.Optional.IePluginService.A</vendor> <action>success</action> <hash>f2eab9706813f93d255b7fde986a5da3</hash> </file> -<file> <path>C:\Users\Sebastian\AppData\Roaming\PriceMeterUpdater\UpdateProc\config.dat</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>518b8b9ed5a6c76f2eb5acb5a55dac54</hash> </file> -<file> <path>C:\Users\Sebastian\AppData\Roaming\PriceMeterUpdater\UpdateProc\info.dat</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>518b8b9ed5a6c76f2eb5acb5a55dac54</hash> </file> -<file> <path>C:\Users\Sebastian\AppData\Roaming\PriceMeterUpdater\UpdateProc\STTL.DAT</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>518b8b9ed5a6c76f2eb5acb5a55dac54</hash> </file> -<file> <path>C:\Users\Sebastian\AppData\Roaming\PriceMeterUpdater\UpdateProc\TTL.DAT</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>518b8b9ed5a6c76f2eb5acb5a55dac54</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_de.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_el.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_en-GB.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_en.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_es-419.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_es.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_et.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_fa.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_fi.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_fil.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_fr.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_gu.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_hi.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_hr.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_hu.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_id.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_it.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_iw.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_ja.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_kn.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_ko.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_lt.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_lv.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_ml.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_mr.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_ms.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_nl.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_no.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_pl.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_pt-BR.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_pt-PT.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_ro.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdate.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>delete-on-reboot</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_am.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_ar.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_bg.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_bn.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_ca.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_cs.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_sk.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_sl.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_sr.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_sv.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_sw.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_ta.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_te.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_th.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_tr.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_uk.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_ur.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_vi.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_zh-CN.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_zh-TW.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\npGoogleUpdate3.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\PriceMeterLiveUpdate.exe</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\PriceMeterLiveUpdateBroker.exe</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\PriceMeterLiveUpdateHandler.exe</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\PriceMeterLiveUpdateHelper.msi</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\PriceMeterLiveUpdateOnDemand.exe</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\psmachine.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\psuser.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_da.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_is.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdateres_ru.dll</path> <vendor>PUP.Optional.PriceMeter.A</vendor> <action>success</action> <hash>ebf15acf1f5ca096e5ff2e3343bf1fe1</hash> </file> -<file> <path>C:\Users\Sebastian\AppData\Local\Temp\rundll32.exe</path> <vendor>Heuristics.Reserved.Word.Exploit</vendor> <action>success</action> <hash>38a42dfc0774de58903fec35966ec040</hash> </file> </items> </mbam-log> Dann noch mit ADWCLeaner drüber, hier der logFile: # AdwCleaner v3.023 - Bericht erstellt am 13/04/2014 um 23:16:02 # Aktualisiert 01/04/2014 von Xplode # Betriebssystem : Windows 7 Professional N Service Pack 1 (64 bits) # Benutzername : Sebastian - SEBASTIAN-PC # Gestartet von : C:\Users\Sebastian\Desktop\adwcleaner.exe # Option : Löschen ***** [ Dienste ] ***** ***** [ Dateien / Ordner ] ***** Ordner Gelöscht : C:\ProgramData\WPM Ordner Gelöscht : C:\Program Files (x86)\smart pc cleaner Ordner Gelöscht : C:\Users\SEBAST~1\AppData\Local\Temp\OCS Ordner Gelöscht : C:\Users\Sebastian\AppData\Roaming\SupTab Ordner Gelöscht : C:\Users\Sebastian\Documents\smart pc cleaner Datei Gelöscht : C:\Users\Sebastian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk Datei Gelöscht : C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\577yui5v.default\user.js ***** [ Verknüpfungen ] ***** Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Mozilla Firefox.lnk Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk ***** [ Registrierungsdatenbank ] ***** Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Updater.AmiUpd Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5} Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] Schlüssel Gelöscht : HKCU\Software\OCS Schlüssel Gelöscht : HKCU\Software\SmartBar Schlüssel Gelöscht : HKLM\Software\IePlugin Schlüssel Gelöscht : HKLM\Software\supTab Schlüssel Gelöscht : HKLM\Software\supWPM Schlüssel Gelöscht : HKLM\Software\Vittalia Schlüssel Gelöscht : HKLM\Software\Wpm ***** [ Browser ] ***** -\\ Internet Explorer v11.0.9600.16521 Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] -\\ Mozilla Firefox v28.0 (de) [ Datei : C:\Users\Sebastian\AppData\Roaming\Mozilla\Firefox\Profiles\577yui5v.default\prefs.js ] Zeile gelöscht : user_pref("extensions.helperbar.BackPageActive", true); Zeile gelöscht : user_pref("extensions.helperbar.DockingPositionDown", false); Zeile gelöscht : user_pref("extensions.helperbar.SmartbarDisabled", false); Zeile gelöscht : user_pref("extensions.helperbar.SmartbarStateMinimaized", false); Zeile gelöscht : user_pref("extensions.helperbar.Visibility", true); Zeile gelöscht : user_pref("extensions.helperbar.backPageCapacity", 3); Zeile gelöscht : user_pref("extensions.helperbar.backPageCounter", 0); Zeile gelöscht : user_pref("extensions.helperbar.backPageDay", 13); Zeile gelöscht : user_pref("extensions.helperbar.backPageLastEvent", "1397239562309"); Zeile gelöscht : user_pref("extensions.helperbar.backPageMinInterval", 15); Zeile gelöscht : user_pref("extensions.helperbar.barcodeid", "126436"); Zeile gelöscht : user_pref("extensions.helperbar.countryiso", "at"); Zeile gelöscht : user_pref("extensions.helperbar.downloadprovider", "vertitechnologyybch"); Zeile gelöscht : user_pref("extensions.helperbar.externalJsFiles", "{\"d\":\"[{\\\"ExcludeDomains\\\":[\\\"snap.do\\\",\\\"snapdo.com\\\"],\\\"hxxpInjection\\\":\\\"hxxp:\\\\\\/\\\\\\/www.superfish.com\\\\\\/ws\\\\\\/[...] Zeile gelöscht : user_pref("extensions.helperbar.fromautoupdate", "false"); Zeile gelöscht : user_pref("extensions.helperbar.installationid", "da50b1bf-5fd6-ed05-535b-a3825fd7922b"); Zeile gelöscht : user_pref("extensions.helperbar.installdate", "13/04/2014"); Zeile gelöscht : user_pref("extensions.helperbar.keepAliveLastevent", "1397412362"); Zeile gelöscht : user_pref("extensions.helperbar.lastExternalJsUpdate", "1397412373194"); Zeile gelöscht : user_pref("extensions.helperbar.publisher", "vertitechnologyyb"); ************************* AdwCleaner[R0].txt - [6583 octets] - [13/04/2014 23:14:15] AdwCleaner[S0].txt - [5722 octets] - [13/04/2014 23:16:02] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5782 octets] ########## Wie gehts jetzt weiter? mfg Sebastian |
| Themen zu "Quick Start NewTab" entfernen |
| c:\windows\system32\roboot64.exe, chip.de, dateien, explorer, firefox, gelöscht, helper, iexplore.exe, install.exe, internet, internet explorer, logfile, microsoft, newtab, ordner, pup.optional.pricemeter.a, quick_start, registrierungsdatenbank, rootkits, rundll, rundll32.exe, service.exe, software, system32, temp, win32/adware.addlyrics.aj, win32/trojandownloader.vb.qls, windows |
Baum-Darstellung