| |
| |||||||
Log-Analyse und Auswertung: Dauernd öffnen sich neue Fenster und Tabs in FirefoxWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
23.04.2014, 09:45
| #1 |
| |  Dauernd öffnen sich neue Fenster und Tabs in Firefox Hallöchen, ich habe schon etwas länger das Problem, dass sich immer wieder zusätzliche Fenster und Tabs öffnen wenn ich über Firefox im Internet surfe. Ich habe schon das Add On NO SCRIPT installiert aber das hilft auch nicht wirklich! Wäre für Hilfe echt dankbar, weil mein Laptop dadurch auch elendig langsma geworden ist! Gruß SCHINSKI |
|
23.04.2014, 10:06
| #2 |
| /// the machine /// TB-Ausbilder    | Dauernd öffnen sich neue Fenster und Tabs in Firefox hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
23.04.2014, 10:51
| #3 |
| | Dauernd öffnen sich neue Fenster und Tabs in FirefoxCode:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2014
Ran by Schinski at 2014-04-23 11:47:34
Running from C:\Users\Schinski\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.7.1.19610 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 2.7.1.19610 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.2.1.650 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.2.1 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (HKLM-x32\...\Adobe Photoshop Elements 9) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 9 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 9 (HKLM-x32\...\PremElem90) (Version: 9.0 - Adobe Systems Incorporated)
Adobe Premiere Elements 9 (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Adobe Reader X (10.1.9) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.9 - Adobe Systems Incorporated)
Agatha Christie - Death on the Nile (x32 Version: 2.2.0.98 - WildTangent) Hidden
AMD APP SDK Runtime (Version: 2.5.775.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{EA4954FD-C685-1C7D-16F3-9BC2FD5E6BD3}) (Version: 3.0.847.0 - Advanced Micro Devices, Inc.)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
Audials (HKLM-x32\...\{8ABEEC21-B23C-4610-B57A-BE94345D4096}) (Version: 9.0.57913.1300 - RapidSolution Software AG)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.350 - Avira)
awesomehp uninstaller (HKLM-x32\...\awesomehp uninstaller) (Version: - awesomehp) <==== ATTENTION
Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center (x32 Version: 2011.1013.754.12275 - Ihr Firmenname) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2011.1013.754.12275 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2011.1013.754.12275 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Mobile (x32 Version: 2011.1013.754.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2011.1013.0753.12275 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2011.1013.754.12275 - Advanced Micro Devices, Inc.) Hidden
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Crazy Chicken Kart 2 (x32 Version: 2.2.0.97 - WildTangent) Hidden
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1720_38230 - CyberLink Corp.)
CyberLink MediaEspresso (x32 Version: 6.5.1720_38230 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd)
eBay Worldwide (HKLM-x32\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM)
Elements 9 Organizer (x32 Version: 9.0 - Adobe Systems Incorporated) Hidden
Elements STI Installer (x32 Version: 1.0 - Adobe Systems Incorporated) Hidden
ETDWare PS/2-X64 8.0.6.0_WHQL (HKLM\...\Elantech) (Version: 8.0.6.0 - ELAN Microelectronic Corp.)
Evernote v. 4.5.1 (HKLM-x32\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.)
FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
Feven Pro 1.2 (HKLM-x32\...\Feven Pro 1.2) (Version: 1.34.2.13 - Feven) <==== ATTENTION
Final Drive: Nitro (x32 Version: 2.2.0.95 - WildTangent) Hidden
Fooz Kids (HKLM-x32\...\FoozKids) (Version: 3.0.8 - FUHU, Inc.)
Fooz Kids (x32 Version: 3.0.8 - FUHU, Inc.) Hidden
Fooz Kids Platform (HKLM-x32\...\{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}) (Version: 2.1 - FUHU, Inc.)
FormatFactory 3.0.1 (HKLM-x32\...\FormatFactory) (Version: 3.0.1 - Free Time)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Free FLV Converter V 7.6.1 (HKLM-x32\...\Free FLV Converter_is1) (Version: 7.6.1.0 - Koyote Lab Inc.)
Free MP3 Cutter and Editor 2.6 (HKLM-x32\...\Free MP3 Cutter and Editor_is1) (Version: - musetips.com)
Free YouTube Download version 3.1.31.706 (HKLM-x32\...\Free YouTube Download_is1) (Version: 3.1.31.706 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.1.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
HomeMedia (HKLM-x32\...\{AA4BF92B-2AAF-11DA-9D78-000129760D75}) (Version: 2.0.8920 - CyberLink Corporation)
IB Updater Service (HKLM-x32\...\WNLT) (Version: 3.0.5.4 - ) <==== ATTENTION
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Packard Bell)
IePluginService12.27.0.3326 (HKLM-x32\...\IePlugins) (Version: 12.27.0.3326 - Cherished Technololgy LIMITED) <==== ATTENTION
Insaniquarium Deluxe (x32 Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Internet Explorer Toolbar 4.6 by SweetPacks (HKLM-x32\...\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D}) (Version: 4.6.0004 - SweetIM Technologies Ltd.) <==== ATTENTION
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Jewel Match 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Jewel Quest Solitaire (x32 Version: 2.2.0.95 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 5.1.7 - Packard Bell)
LyricsDroid (HKLM-x32\...\{77a60bed-26f5-4621-8489-673aead41feb}) (Version: - Droid-Apps Extension Software) <==== ATTENTION
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
Mystery of Mortlake Mansion (x32 Version: 2.2.0.98 - WildTangent) Hidden
Nero 7 Premium (HKLM-x32\...\{C6115A28-F277-4E82-B067-84D28BF21031}) (Version: 7.03.1357 - Nero AG)
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)
NVIDIA PhysX v8.10.29 (HKLM-x32\...\{D56B0E27-4A3E-46C9-B5C1-D93D580C099C}) (Version: 8.10.29 - NVIDIA Corporation)
Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version: - PC Utilities Software Limited) <==== ATTENTION
OptimizerPro (HKLM-x32\...\S-480333868) (Version: 2.0.0.1365 - ) <==== ATTENTION
Packard Bell Games (HKLM-x32\...\WildTangent packardbell Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Packard Bell Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3008 - Packard Bell)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3504 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.04.3504 - Packard Bell)
Packard Bell ScreenSaver (HKLM-x32\...\Packard Bell Screensaver) (Version: 1.1.0915.2011 - Packard Bell )
Packard Bell Social Networks (HKLM-x32\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.)
Packard Bell Social Networks (x32 Version: 3.0.3106 - CyberLink Corp.) Hidden
Packard Bell Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Packard Bell)
Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
ProtectDisc Driver, Version 11 (HKLM-x32\...\ProtectDisc Driver 11) (Version: 11.0.0.12 - ProtectDisc Software GmbH)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6329 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30123 - Realtek Semiconductor Corp.)
RollerCoaster Tycoon 2 (HKLM-x32\...\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}) (Version: - )
RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version: - Atari)
SAiverPro (HKLM-x32\...\{94851E46-5E5B-DD67-2593-709E8D27DC4C}) (Version: - SaverPro)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.0.1.11053_99 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.0.1.11053_99 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.16.0 - SAMSUNG Electronics Co., Ltd.)
savingitOyouu (HKLM-x32\...\{A2616871-3463-BCEE-5AFA-73773317A381}) (Version: - ssavvinegtoyou)
Search Assistant WebSearch 1.74 (HKLM-x32\...\SP_4e24eecb) (Version: - ) <==== ATTENTION
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.12.20.154 - Conduit) <==== ATTENTION
SearchAnonymizer (HKLM\...\SearchAnonymizer) (Version: 1.0.1 (de) - )
SearchNewTab (HKLM-x32\...\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}) (Version: - SearchNewTab) <==== ATTENTION
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Slingo Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Ss.Helper 1.74 (HKLM-x32\...\SP_19703871) (Version: - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SupTab (HKLM-x32\...\SupTab) (Version: 1.1.1.0 - ) <==== ATTENTION
Tom Clancy's Rainbow Six Vegas (HKLM-x32\...\{5731C0A8-B266-451A-8D3F-8066AA21836F}) (Version: 1.06.000 - Ubisoft)
Torchlight (x32 Version: 2.2.0.97 - WildTangent) Hidden
Überwachungstool für die Intel® Turbo-Boost-Technik 2.0 (HKLM\...\{B77EFA0B-9BD3-4122-9F9A-15A963B5EA24}) (Version: 2.1.23.0 - Intel)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2878297) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{9B1DEEA3-B4ED-49F0-9EF7-4A820EEEA7F1}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
Update Manager for SweetPacks 1.1 (HKLM-x32\...\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0}) (Version: 1.1.0008 - SweetIM Technologies Ltd.) <==== ATTENTION
Updater Service (HKLM-x32\...\Updater Service) (Version: 15,9,28,27 - ) <==== ATTENTION
Video Web Camera (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1904 - CyberLink Corp.)
Video Web Camera (x32 Version: 1.0.1904 - CyberLink Corp.) Hidden
Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.97 - WildTangent) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Wedding Dash (x32 Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.02.3504 - Packard Bell)
WildTangent Games App (x32 Version: 4.0.10.17 - WildTangent) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Product Key Finder Pro® 2.3 (HKLM-x32\...\Windows Product Key Finder Pro®_is1) (Version: - )
WinRAR 4.20 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Restore Points =========================
31-03-2014 19:38:01 Geplanter Prüfpunkt
10-04-2014 20:21:22 Windows Update
15-04-2014 15:41:22 Quitado VAFPlayer
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {2787C84F-FAE1-44D3-B933-9894EC6B4C2D} - System32\Tasks\NBAgent => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
Task: {2E7D0102-76D4-4D9A-B1A3-2C3452576996} - System32\Tasks\Feven Pro 1.2-firefoxinstaller => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-firefoxinstaller.exe [2014-02-22] (Feven) <==== ATTENTION
Task: {30B10EC7-B5F0-44E5-80D4-FB956FBF974A} - System32\Tasks\Feven Pro 1.2-chromeinstaller => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-chromeinstaller.exe [2014-02-22] (Feven) <==== ATTENTION
Task: {3D4D3A31-0FFC-4225-9408-CDC798CB696B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-13] (Adobe Systems Incorporated)
Task: {4C7A4F09-0286-4F45-BEDC-B6E6E524BA8A} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {5B1FC646-B246-4BC5-93BA-67BCB8011B76} - System32\Tasks\bench-Updater removing
Task: {940E00DB-A3FA-4C9D-B1ED-DDF60642E1B6} - System32\Tasks\Feven Pro 1.2-updater => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-updater.exe [2014-02-22] (Feven) <==== ATTENTION
Task: {9C376670-C4AB-4C6A-8655-A4B6A3AFE7CC} - System32\Tasks\bench-sys => C:\Program Files (x86)\Bench\Updater\updater.exe [2014-02-12] () <==== ATTENTION
Task: {9DFD2DAA-3432-4AC2-9AC6-C4A76954F29D} - System32\Tasks\OptimizerPro-S-480333868 => c:\programdata\summersoft\optimizerpro\OptimizerPro.exe <==== ATTENTION
Task: {A834051F-2887-49C0-A2F1-9625185CFEE8} - System32\Tasks\Feven Pro 1.2-codedownloader => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-codedownloader.exe [2014-02-22] (Feven) <==== ATTENTION
Task: {B3D3F6EF-1B49-48C5-ACE2-755AA4021A64} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2011-05-20] (CyberLink)
Task: {D07670BE-3560-4219-AAD3-653EB8679F38} - System32\Tasks\Feven Pro 1.2-enabler => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-enabler.exe [2014-02-22] (Feven) <==== ATTENTION
Task: {E0BEBA7A-BA49-4549-86E0-AD3F8AD3D606} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated)
Task: {E3575739-964E-4872-BA83-5BA581C7C27E} - System32\Tasks\LyricsDroid Update => C:\Program Files (x86)\LyricsDroid\LyricsDroid.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\bench-sys.job => C:\Program Files (x86)\Bench\Updater\updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\bench-Updater removing.job => ?
Task: C:\Windows\Tasks\Feven Pro 1.2-chromeinstaller.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven Pro 1.2-codedownloader.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven Pro 1.2-enabler.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven Pro 1.2-firefoxinstaller.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Feven Pro 1.2-updater.job => C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-updater.exe <==== ATTENTION
Task: C:\Windows\Tasks\LyricsDroid Update.job => C:\Program Files (x86)\LyricsDroid\LyricsDroid.exe <==== ATTENTION
Task: C:\Windows\Tasks\OptimizerPro-S-480333868.job => c:\programdata\summersoft\optimizerpro\OptimizerPro.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2009-09-01 05:31 - 2009-09-01 05:31 - 00022016 _____ () C:\Windows\System32\ssp2ml6.dll
2013-01-07 22:09 - 2013-01-07 22:09 - 00040960 _____ () C:\Users\Schinski\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe
2011-10-20 12:09 - 2011-08-09 01:44 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-10-13 08:52 - 2011-10-13 08:52 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-03-14 15:21 - 2011-03-14 15:21 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-02-28 18:41 - 2013-02-24 12:30 - 00397704 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-01-12 20:18 - 2013-12-13 00:19 - 00142848 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll
2014-01-12 20:18 - 2013-11-05 03:12 - 00890592 _____ () C:\Program Files (x86)\Steam\libavutil-52.dll
2013-03-25 15:23 - 2014-02-11 04:34 - 00751616 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2012-09-02 13:46 - 2014-02-25 23:57 - 01135296 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2012-09-02 13:46 - 2014-01-11 01:33 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2012-09-02 13:46 - 2013-06-15 01:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2012-09-02 13:46 - 2013-06-15 01:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2012-09-02 13:46 - 2013-06-15 01:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2013-01-24 13:25 - 2013-01-24 13:25 - 01044480 _____ () C:\Program Files (x86)\WebSearch\sprotector.dll
2014-03-30 13:31 - 2014-03-30 13:31 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-02-16 13:57 - 2014-02-16 13:57 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\3e27ac2000641918e7215d97c63e957d\IsdiInterop.ni.dll
2011-10-20 11:28 - 2011-01-13 02:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-04-13 12:49 - 2014-04-13 12:49 - 16351920 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/23/2014 10:33:37 AM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (04/23/2014 10:33:06 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: taskeng.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79d2c
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000027de
ID des fehlerhaften Prozesses: 0x92c
Startzeit der fehlerhaften Anwendung: 0xtaskeng.exe0
Pfad der fehlerhaften Anwendung: taskeng.exe1
Pfad des fehlerhaften Moduls: taskeng.exe2
Berichtskennung: taskeng.exe3
Error: (04/23/2014 10:32:57 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/22/2014 06:20:52 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
Error: (04/22/2014 06:20:16 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: taskeng.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79d2c
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000027de
ID des fehlerhaften Prozesses: 0x8e4
Startzeit der fehlerhaften Anwendung: 0xtaskeng.exe0
Pfad der fehlerhaften Anwendung: taskeng.exe1
Pfad des fehlerhaften Moduls: taskeng.exe2
Berichtskennung: taskeng.exe3
Error: (04/22/2014 06:20:04 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (04/22/2014 01:12:01 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: taskeng.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79d2c
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000027de
ID des fehlerhaften Prozesses: 0xb70
Startzeit der fehlerhaften Anwendung: 0xtaskeng.exe0
Pfad der fehlerhaften Anwendung: taskeng.exe1
Pfad des fehlerhaften Moduls: taskeng.exe2
Berichtskennung: taskeng.exe3
Error: (04/22/2014 10:39:52 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: taskeng.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79d2c
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000027de
ID des fehlerhaften Prozesses: 0x1914
Startzeit der fehlerhaften Anwendung: 0xtaskeng.exe0
Pfad der fehlerhaften Anwendung: taskeng.exe1
Pfad des fehlerhaften Moduls: taskeng.exe2
Berichtskennung: taskeng.exe3
Error: (04/21/2014 06:31:50 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: taskeng.exe, Version: 6.1.7601.17514, Zeitstempel: 0x4ce79d2c
Name des fehlerhaften Moduls: msvcrt.dll, Version: 7.0.7601.17744, Zeitstempel: 0x4eeb033f
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000027de
ID des fehlerhaften Prozesses: 0x1aac
Startzeit der fehlerhaften Anwendung: 0xtaskeng.exe0
Pfad der fehlerhaften Anwendung: taskeng.exe1
Pfad des fehlerhaften Moduls: taskeng.exe2
Berichtskennung: taskeng.exe3
Error: (04/21/2014 02:05:54 PM) (Source: Steam Client Service) (User: )
Description: Error: Failed to poke open firewall
System errors:
=============
Error: (04/23/2014 10:33:20 AM) (Source: iaStor) (User: )
Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.
Error: (04/23/2014 10:33:21 AM) (Source: ipnathlp) (User: )
Description: 0
Error: (04/23/2014 10:32:45 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Updater Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (04/22/2014 06:19:54 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Updater Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (04/21/2014 06:31:47 PM) (Source: ipnathlp) (User: )
Description: 0
Error: (04/21/2014 02:04:55 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Updater Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (04/18/2014 06:39:32 PM) (Source: ipnathlp) (User: )
Description: 0
Error: (04/18/2014 03:39:19 PM) (Source: ipnathlp) (User: )
Description: 0
Error: (04/18/2014 03:16:53 PM) (Source: iaStor) (User: )
Description: Das Gerät \Device\Ide\iaStor0 hat innerhalb der Fehlerwartezeit nicht geantwortet.
Error: (04/18/2014 03:16:02 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Updater Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 68%
Total physical RAM: 5995.86 MB
Available physical RAM: 1872.43 MB
Total Pagefile: 11989.9 MB
Available Pagefile: 7387.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (Packard Bell) (Fixed) (Total:446.66 GB) (Free:261.27 GB) NTFS
Drive d: (DATA) (Fixed) (Total:465.76 GB) (Free:450.33 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: AB5B099E)
Partition 1: (Not Active) - (Size=19 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=447 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: AB5B09A8)
Partition 1: (Not Active) - (Size=466 GB) - (Type=07 NTFS)
==================== End Of Log ============================
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 22-04-2014 Ran by Schinski (administrator) on SCHINSKI-PC on 23-04-2014 11:46:20 Running from C:\Users\Schinski\Downloads Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe (AMD) C:\Windows\system32\atieclxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe (Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe () C:\Users\Schinski\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Windows\system32\igfxsrvc.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Intel Corporation) C:\Windows\system32\igfxext.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Samsung Electronics) C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe (SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (Conduit) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe (Conduit) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe (Conduit) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11785832 2011-03-10] (Realtek Semiconductor) HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2588968 2010-11-12] (ELAN Microelectronics Corp.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated) HKLM\...\Run: [Power Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated) HKLM\...\Run: [Ocs_SM] => C:\Users\Schinski\AppData\Roaming\OCS\SM\SearchAnonymizer.exe [106496 2013-01-07] (OCS) HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-13] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-20] (Nullsoft, Inc.) HKLM-x32\...\Run: [Sweetpacks Communicator] => C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe [231768 2012-08-15] (SweetIM Technologies Ltd.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2432839586-755392640-722003589-1000\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [309688 2012-12-03] (Samsung Electronics Co., Ltd.) HKU\S-1-5-21-2432839586-755392640-722003589-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2008-01-22] (Nero AG) HKU\S-1-5-21-2432839586-755392640-722003589-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1821888 2014-02-25] (Valve Corporation) HKU\S-1-5-21-2432839586-755392640-722003589-1000\...\Run: [KiesPDLR] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843704 2012-12-03] (Samsung) HKU\S-1-5-21-2432839586-755392640-722003589-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [577536 2012-11-28] (Samsung Electronics) HKU\S-1-5-21-2432839586-755392640-722003589-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [967608 2012-12-03] (Samsung) HKU\S-1-5-21-2432839586-755392640-722003589-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843704 2012-12-03] (Samsung) HKU\S-1-5-21-2432839586-755392640-722003589-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd) HKU\S-1-5-21-2432839586-755392640-722003589-1000\...\Run: [Optimizer Pro] => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe [135672 2013-09-29] (PC Utilities Pro) HKU\S-1-5-21-2432839586-755392640-722003589-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log HKU\S-1-5-21-2432839586-755392640-722003589-1000\...\MountPoints2: {7fabd595-5e6e-11e3-9274-dc0ea11e27ec} - G:\HTC_Sync_Manager_PC.exe HKU\S-1-5-21-2432839586-755392640-722003589-1000\...\MountPoints2: {c93c7b45-6d66-11e2-8a26-dc0ea11e27ec} - G:\LaunchU3.exe -a AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1355552 2014-04-08] (Conduit) AppInit_DLLs: c:\PROGRA~2\OPTIMI~1\OPTPRO~2.DLL => C:\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll [4664136 2013-10-19] () AppInit_DLLs-x32: c:\progra~2\searchprotect\searchprotect\bin\spvc32loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1050912 2014-04-08] (Conduit) AppInit_DLLs-x32: c:\progra~2\websea~1\sprote~1.dll => C:\Program Files (x86)\WebSearch\sprotector.dll [1044480 2013-01-24] () AppInit_DLLs-x32: c:\progra~2\ssde96~1.hel\psupport.dll => "c:\progra~2\ssde96~1.hel\psupport.dll" File Not Found AppInit_DLLs-x32: c:\progra~2\optimi~1\optpro~1.dll => "c:\progra~2\optimi~1\optpro~1.dll" File Not Found GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?gd=&ctid=CT3324774&octid=EB_ORIGINAL_CTID&ISID=M25A17D02-D085-443B-A5C4-AB53E3E1B53D&SearchSource=55&CUI=&UM=5&UP=SPC96BB3BA-3C82-475F-A6C5-D49240FB5C6D&SSPV= HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329 HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329 HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329 HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.awesomehp.com/?type=hp&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329&q={searchTerms} StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.awesomehp.com/?type=sc&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329 SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329&q={searchTerms} SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329&q={searchTerms} SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=384&systemid=406&sr=0&q={searchTerms} SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329&q={searchTerms} SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329&q={searchTerms} SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=384&systemid=406&sr=0&q={searchTerms} SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.youwillfind.info/?l=1&q={searchTerms}&pid=512&r=2013/05/03&hid=1234782284&lg=EN&cc=DE SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.00000&barid={32011A5C-5906-11E2-9C2B-DC0EA11E27EC} SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329&q={searchTerms} SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&affID=119776&babsrc=SP_ss&mntrId=d280d51e0000000000009cb70d16967a SearchScopes: HKCU - {2D09DD1D-9C68-4C8F-BA1A-C03E0B5CE95E} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=b7e0b699-5711-44c5-a146-7fc29288b21e&pid=freewarede&mode=bounce&k=0 SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329&q={searchTerms} SearchScopes: HKCU - {3EBAF3BC-5CCE-4A13-BB63-AABBD10DAD5E} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=b7e0b699-5711-44c5-a146-7fc29288b21e&pid=freewarede&mode=bounce&k=0 SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com.anonymize-me.de/?anonymto=687474703A2F2F6474732E7365617263682D726573756C74732E636F6D2F73723F7372633D6965622661707069643D3338342673797374656D69643D3430362673723D3026713D7B7365617263685465726D737D&st={searchTerms}&clid=b7e0b699-5711-44c5-a146-7fc29288b21e&pid=freewarede&k=0 SearchScopes: HKCU - {9EAADE31-6ABE-42D0-8A4C-E368E95E10AF} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=b7e0b699-5711-44c5-a146-7fc29288b21e&pid=freewarede&mode=bounce&k=0 SearchScopes: HKCU - {A9DA8665-2E6E-4716-AAE1-B478EE985A05} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=b7e0b699-5711-44c5-a146-7fc29288b21e&pid=freewarede&mode=bounce&k=0 SearchScopes: HKCU - {AE2C77B5-9A71-46A5-8C32-E5A65BE1493C} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=b7e0b699-5711-44c5-a146-7fc29288b21e&pid=freewarede&mode=bounce&k=0 SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.youwillfind.info/?l=1&q={searchTerms}&pid=512&r=2013/05/03&hid=1234782284&lg=EN&cc=DE SearchScopes: HKCU - {BDDC99F7-7090-4F0B-8183-1DC3F9FDEF84} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=b7e0b699-5711-44c5-a146-7fc29288b21e&pid=freewarede&mode=bounce&k=0 SearchScopes: HKCU - {C1D2A191-C86B-4ACA-8BFD-770CC1BBBA93} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=30DE7638-AB25-472C-80AE-817941E6BFF2&apn_sauid=E8FE0BF4-C847-4393-A0F8-95A099EF0186 SearchScopes: HKCU - {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} URL = hxxp://mystart.incredibar.com/mb201/?search={searchTerms}&loc=IB_DS&a=6OyZAVXy0E&i=26 SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.00000&barid={32011A5C-5906-11E2-9C2B-DC0EA11E27EC} BHO: Feven Pro 1.2 - {11111111-1111-1111-1111-110511161182} - C:\Program Files (x86)\Feven Pro 1.2\Feven Pro 1.2-bho64.dll (Feven) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.) BHO-x32: LyricsSpeaker - {15467C9F-3784-4109-89C9-6ED7100B96B8} - C:\Program Files (x86)\LyricsSpeaker\120.dll No File BHO-x32: SearchNewTab - {25CE78C4-4F48-92C6-1927-8470F03FAD32} - C:\ProgramData\SearchNewTab\5183dd16ab45c.dll () BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited) BHO-x32: SearchNewTab - {3EC7971B-FC7E-C51C-0976-01D9FB20F652} - C:\ProgramData\SearchNewTab\5183dc8adcf91.dll () BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: continuetosiavee - {B1AA7241-6BEC-B310-4584-1DD92E629B6A} - C:\ProgramData\continuetosiavee\5183dce5db37d.dll () BHO-x32: LyricsDroid - {C08AE725-F500-49E9-8958-2E176C8CDFD5} - C:\Program Files (x86)\LyricsDroid\120.dll No File BHO-x32: SearchNewTab - {CBE01183-B756-7639-AA89-75A09E9668DF} - C:\ProgramData\SearchNewTab\5183dcec47f1b.dll () BHO-x32: continuetosiavee - {D0FBB402-A966-2264-FA92-92D3EBDA66BD} - C:\ProgramData\continuetosiavee\5183dc78499a3.dll () BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: SweetPacks Browser Helper - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll (SweetIM Technologies Ltd.) Toolbar: HKLM - No Name - !{EEE6C35B-6118-11DC-9C72-001320C79847} - No File Toolbar: HKLM-x32 - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKLM-x32 - No Name - !{EEE6C35B-6118-11DC-9C72-001320C79847} - No File Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233 FF user.js: detected! => C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\user.js FF NewTab: chrome://quick_start/content/index.html FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", ""); FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", ""); FF SelectedSearchEngine: Google FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll () FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.) FF SearchPlugin: C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\searchplugins\conduit-search.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\awesomehp.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Feven Pro 1.2 - C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\Extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com [2014-03-09] FF Extension: NetVideoHunter - C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\Extensions\netvideohunter@netvideohunter.com [2013-12-03] FF Extension: savingitOyouu - C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\Extensions\qkrlnna@pfrej.edu [2013-12-24] FF Extension: Quick Start - C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\Extensions\quick_start@gmail.com [2014-04-11] FF Extension: SAiverPro - C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\Extensions\yfoetx.ulb@gy-dpxlamq-.co.uk [2013-12-24] FF Extension: DownloadHelper - C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-28] FF Extension: NoScript - C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-01-26] FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com FF Extension: Quick Start - C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com [2014-04-11] FF HKCU\...\Firefox\Extensions: [{d94342cc-b2eb-4bb9-8ef0-782a1bd67c83}] - C:\Program Files (x86)\LyricsDroid\133.xpi FF Extension: LyricsDroid - C:\Program Files (x86)\LyricsDroid\133.xpi [2013-09-12] Chrome: ======= CHR HomePage: hxxp://websearch.youwillfind.info/?pid=512&r=2013/05/03&hid=1234782284&lg=EN&cc=DE CHR RestoreOnStartup: "hxxp://websearch.youwillfind.info/?pid=512&r=2013/05/03&hid=1234782284&lg=EN&cc=DE" CHR Extension: (No Name) - C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\2.0.0.0_0 [2013-01-22] CHR Extension: (SearchNewTab) - C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\doaiokannffekfihkidnidknomcpiccc [2013-05-03] CHR Extension: (ApptoUU) - C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnnihpoinhbcnickbglbkjdfmnmpmbee [2014-02-15] CHR Extension: (SAiverPro) - C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbfjknbbblnnonjefigjanccdiaaoanb [2013-12-22] CHR Extension: (Feven Pro 1.2) - C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh [2014-02-22] CHR Extension: (continuetosiavee) - C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfbobiellkpaalcodkljaaggclpocdkb [2013-05-03] CHR Extension: (Iminent) - C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl [2013-01-22] CHR Extension: (continuetosiavee) - C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlkkodjjkbpmaifigdgmdnjacooaefhf [2013-05-03] CHR Extension: (SearchNewTab) - C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\lggdcfghpfeafgpdbpoflaedkhklhfhl [2013-05-03] CHR Extension: (continuetosiavee) - C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkclkknolljimgdphclodbljhjcbp [2013-05-03] CHR Extension: (SearchNewTab) - C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\mncjainlbgolhkgdhlkicphjfigaimif [2013-05-03] CHR Extension: (DoWnload, keepaEr) - C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\phieagnndjpmlgocaofoeakghpmbabnh [2013-10-19] CHR Extension: (savingitOyouu) - C:\ProgramData\oeklfogdojkneagmhfjlnmckkibpojmi [2013-12-22] CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx [2013-12-22] CHR HKLM-x32\...\Chrome\Extension: [blaofbhgbmeikidhlkmjhbkbfohpgekf] - C:\Program Files (x86)\Movie2KDownloader.com\Movie2KDownloader10.crx [2013-12-22] CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\IB Updater\source.crx [2013-12-22] CHR HKLM-x32\...\Chrome\Extension: [jbpkiefagocgkmemidfngdkamloieekf] - C:\Program Files (x86)\TornTV.com\torn11.crx [2013-12-22] CHR HKLM-x32\...\Chrome\Extension: [olmmlhjmcpkhnmfcbelohhaifhilieje] - C:\Program Files (x86)\LyricsDroid\133.crx [2013-09-11] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= S2 70e6ca8c; C:\Program Files (x86)\Optimizer Pro\OptProCrashSvc.dll [193176 2013-10-19] () R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG) R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2470688 2014-04-08] (Conduit) R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [872552 2011-08-02] (Acer Incorporated) R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [36456 2011-05-30] (Acer Incorporated) S2 IBUpdaterService; C:\Windows\system32\dmwu.exe [1447728 2013-05-21] () R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED) R2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [244624 2011-04-22] (Acer Incorporated) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.) R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation) R2 SearchAnonymizer; C:\Users\Schinski\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [40960 2013-01-07] () ==================== Drivers (Whitelisted) ==================== R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-07-22] () R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-05-30] (DT Soft Ltd) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-07-22] () S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-01-03] (RapidSolution Software AG) R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-01-03] (RapidSolution Software AG) S3 massfilter; system32\drivers\massfilter.sys [X] U2 wuaserv; S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X] S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X] S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-23 11:46 - 2014-04-23 11:47 - 00030848 _____ () C:\Users\Schinski\Downloads\FRST.txt 2014-04-23 11:46 - 2014-04-23 11:46 - 00000000 ____D () C:\FRST 2014-04-23 11:45 - 2014-04-23 11:45 - 02061312 _____ (Farbar) C:\Users\Schinski\Downloads\FRST64.exe 2014-04-15 20:00 - 2014-04-23 10:33 - 00000286 _____ () C:\Windows\Tasks\bench-Updater removing.job 2014-04-15 20:00 - 2014-04-15 20:00 - 00003226 _____ () C:\Windows\System32\Tasks\bench-Updater removing 2014-04-15 17:53 - 2014-04-15 17:53 - 00000088 _____ () C:\Windows\SysWOW64\2858362086739529277.log 2014-04-15 17:52 - 2014-04-15 17:52 - 00003196 _____ () C:\Windows\System32\Tasks\{CA9D6F40-78EE-4FA3-9F01-18E9E177AD8F} 2014-04-15 17:40 - 2014-04-15 17:40 - 00003176 _____ () C:\Windows\System32\Tasks\{D9CCB5D3-98CE-40BE-AC48-0116BD5F3302} 2014-04-15 17:31 - 2014-04-15 17:31 - 00001332 _____ () C:\Users\Public\Desktop\Freemake Video Converter.lnk 2014-04-15 17:31 - 2014-04-15 17:31 - 00000000 ____D () C:\Users\Schinski\Documents\Freemake 2014-04-15 17:31 - 2014-04-15 17:31 - 00000000 ____D () C:\Users\Schinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake 2014-04-15 17:31 - 2014-04-15 17:31 - 00000000 ____D () C:\ProgramData\Freemake 2014-04-15 17:30 - 2014-04-15 17:31 - 00000004 _____ () C:\end 2014-04-15 17:30 - 2014-04-15 17:31 - 00000000 ____D () C:\Program Files (x86)\Freemake 2014-04-15 17:29 - 2014-04-15 17:29 - 01308144 _____ (Ellora Assets Corporation ) C:\Users\Schinski\Downloads\FreemakeVideoConverterSetup_4.1.3.15.exe 2014-04-15 17:25 - 2014-04-15 17:26 - 00929416 _____ (CNET Download.com) C:\Users\Schinski\Downloads\cbsidlm-cbsi188-Free_WMV_to_AVI_Converter-ORG-75925889(1).exe 2014-04-15 17:24 - 2014-04-15 17:24 - 00000000 ____D () C:\Users\Schinski\AppData\Local\SearchProtect 2014-04-15 17:24 - 2014-04-15 17:24 - 00000000 ____D () C:\Program Files (x86)\SearchProtect 2014-04-15 17:23 - 2014-04-15 17:23 - 00929416 _____ (CNET Download.com) C:\Users\Schinski\Downloads\cbsidlm-cbsi188-Free_WMV_to_AVI_Converter-ORG-75925889.exe 2014-04-15 17:20 - 2014-04-15 17:20 - 00000000 ____D () C:\Users\Schinski\AppData\Roaming\AVS4YOU 2014-04-15 17:20 - 2014-04-15 17:20 - 00000000 ____D () C:\ProgramData\AVS4YOU 2014-04-15 17:19 - 2014-04-15 17:25 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU 2014-04-15 17:19 - 2010-05-11 14:17 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2014-04-15 17:19 - 2010-05-11 14:17 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll 2014-04-15 17:18 - 2014-04-15 17:19 - 42631936 _____ (Online Media Technologies Ltd. ) C:\Users\Schinski\Downloads\AVSVideoReMaker.exe 2014-04-10 20:41 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-04-10 20:41 - 2014-03-31 03:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-04-10 20:41 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-04-10 20:41 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-04-10 20:41 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-04-10 20:41 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2014-04-10 20:41 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2014-04-10 20:41 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2014-04-10 20:41 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2014-04-10 20:41 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2014-04-10 20:41 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2014-04-10 20:41 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2014-04-10 20:41 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2014-04-10 20:41 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2014-04-10 20:41 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2014-04-10 20:41 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-04-10 20:41 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-04-10 20:41 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2014-04-10 20:41 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll 2014-04-10 20:41 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll 2014-04-10 20:41 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-03-30 13:31 - 2014-03-30 13:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox ==================== One Month Modified Files and Folders ======= 2014-04-23 11:47 - 2014-04-23 11:46 - 00030848 _____ () C:\Users\Schinski\Downloads\FRST.txt 2014-04-23 11:46 - 2014-04-23 11:46 - 00000000 ____D () C:\FRST 2014-04-23 11:45 - 2014-04-23 11:45 - 02061312 _____ (Farbar) C:\Users\Schinski\Downloads\FRST64.exe 2014-04-23 11:36 - 2013-06-29 14:00 - 00000398 _____ () C:\Windows\Tasks\LyricsDroid Update.job 2014-04-23 11:13 - 2012-07-22 13:08 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-23 10:58 - 2014-02-22 11:53 - 00002298 _____ () C:\Windows\Tasks\Feven Pro 1.2-firefoxinstaller.job 2014-04-23 10:53 - 2014-02-22 11:53 - 00001526 _____ () C:\Windows\Tasks\Feven Pro 1.2-updater.job 2014-04-23 10:53 - 2014-02-22 11:53 - 00001482 _____ () C:\Windows\Tasks\Feven Pro 1.2-codedownloader.job 2014-04-23 10:53 - 2014-02-22 11:53 - 00001380 _____ () C:\Windows\Tasks\Feven Pro 1.2-enabler.job 2014-04-23 10:52 - 2014-02-22 11:52 - 00003106 _____ () C:\Windows\Tasks\Feven Pro 1.2-chromeinstaller.job 2014-04-23 10:40 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-23 10:40 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-23 10:37 - 2012-02-05 00:53 - 01390326 _____ () C:\Windows\WindowsUpdate.log 2014-04-23 10:33 - 2014-04-15 20:00 - 00000286 _____ () C:\Windows\Tasks\bench-Updater removing.job 2014-04-23 10:33 - 2013-06-15 15:21 - 00000439 _____ () C:\Windows\system32\Drivers\etc\hosts.ics 2014-04-23 10:32 - 2013-10-19 21:17 - 00000470 ____H () C:\Windows\Tasks\OptimizerPro-S-480333868.job 2014-04-23 10:32 - 2013-05-30 16:04 - 00036009 _____ () C:\Windows\setupact.log 2014-04-23 10:32 - 2012-09-02 13:44 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-04-23 10:32 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-22 12:00 - 2014-02-15 16:35 - 00000350 _____ () C:\Windows\Tasks\bench-sys.job 2014-04-22 10:42 - 2012-02-05 09:45 - 00699666 _____ () C:\Windows\system32\perfh007.dat 2014-04-22 10:42 - 2012-02-05 09:45 - 00149774 _____ () C:\Windows\system32\perfc007.dat 2014-04-22 10:42 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-04-15 20:00 - 2014-04-15 20:00 - 00003226 _____ () C:\Windows\System32\Tasks\bench-Updater removing 2014-04-15 17:56 - 2014-02-15 16:35 - 00000000 ____D () C:\Program Files (x86)\Bench 2014-04-15 17:56 - 2013-10-19 21:16 - 00000000 ____D () C:\ProgramData\DoWnload, keepaEr 2014-04-15 17:56 - 2013-06-01 09:02 - 00204210 _____ () C:\Windows\PFRO.log 2014-04-15 17:53 - 2014-04-15 17:53 - 00000088 _____ () C:\Windows\SysWOW64\2858362086739529277.log 2014-04-15 17:52 - 2014-04-15 17:52 - 00003196 _____ () C:\Windows\System32\Tasks\{CA9D6F40-78EE-4FA3-9F01-18E9E177AD8F} 2014-04-15 17:50 - 2013-05-03 17:48 - 00000000 ____D () C:\ProgramData\continuetosiavee 2014-04-15 17:47 - 2014-02-22 11:53 - 00000000 ____D () C:\ProgramData\WPM 2014-04-15 17:42 - 2013-05-18 11:10 - 00000000 ____D () C:\Users\Schinski\AppData\Roaming\player 2014-04-15 17:40 - 2014-04-15 17:40 - 00003176 _____ () C:\Windows\System32\Tasks\{D9CCB5D3-98CE-40BE-AC48-0116BD5F3302} 2014-04-15 17:31 - 2014-04-15 17:31 - 00001332 _____ () C:\Users\Public\Desktop\Freemake Video Converter.lnk 2014-04-15 17:31 - 2014-04-15 17:31 - 00000000 ____D () C:\Users\Schinski\Documents\Freemake 2014-04-15 17:31 - 2014-04-15 17:31 - 00000000 ____D () C:\Users\Schinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake 2014-04-15 17:31 - 2014-04-15 17:31 - 00000000 ____D () C:\ProgramData\Freemake 2014-04-15 17:31 - 2014-04-15 17:30 - 00000004 _____ () C:\end 2014-04-15 17:31 - 2014-04-15 17:30 - 00000000 ____D () C:\Program Files (x86)\Freemake 2014-04-15 17:30 - 2012-12-18 00:14 - 00000000 ____D () C:\Users\Schinski\AppData\Roaming\OpenCandy 2014-04-15 17:29 - 2014-04-15 17:29 - 01308144 _____ (Ellora Assets Corporation ) C:\Users\Schinski\Downloads\FreemakeVideoConverterSetup_4.1.3.15.exe 2014-04-15 17:26 - 2014-04-15 17:25 - 00929416 _____ (CNET Download.com) C:\Users\Schinski\Downloads\cbsidlm-cbsi188-Free_WMV_to_AVI_Converter-ORG-75925889(1).exe 2014-04-15 17:25 - 2014-04-15 17:19 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU 2014-04-15 17:24 - 2014-04-15 17:24 - 00000000 ____D () C:\Users\Schinski\AppData\Local\SearchProtect 2014-04-15 17:24 - 2014-04-15 17:24 - 00000000 ____D () C:\Program Files (x86)\SearchProtect 2014-04-15 17:23 - 2014-04-15 17:23 - 00929416 _____ (CNET Download.com) C:\Users\Schinski\Downloads\cbsidlm-cbsi188-Free_WMV_to_AVI_Converter-ORG-75925889.exe 2014-04-15 17:20 - 2014-04-15 17:20 - 00000000 ____D () C:\Users\Schinski\AppData\Roaming\AVS4YOU 2014-04-15 17:20 - 2014-04-15 17:20 - 00000000 ____D () C:\ProgramData\AVS4YOU 2014-04-15 17:19 - 2014-04-15 17:18 - 42631936 _____ (Online Media Technologies Ltd. ) C:\Users\Schinski\Downloads\AVSVideoReMaker.exe 2014-04-13 12:50 - 2012-07-21 18:06 - 00000000 ____D () C:\Users\Schinski\AppData\Local\Adobe 2014-04-13 12:49 - 2012-07-22 13:08 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-04-13 12:49 - 2012-07-22 13:08 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-04-13 12:49 - 2011-10-20 12:30 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-04-12 20:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-04-11 21:20 - 2014-02-22 11:53 - 00000000 ____D () C:\ProgramData\IePluginService 2014-04-11 21:20 - 2014-02-22 11:53 - 00000000 ____D () C:\Program Files (x86)\SupTab 2014-04-11 20:39 - 2014-02-22 11:52 - 00000000 ____D () C:\Program Files (x86)\Feven Pro 1.2 2014-04-10 22:25 - 2012-07-22 13:03 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-04-10 22:24 - 2013-08-17 09:59 - 00000000 ____D () C:\Windows\system32\MRT 2014-04-10 22:22 - 2012-07-27 17:05 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-04-06 09:51 - 2012-08-18 18:00 - 00000000 ____D () C:\Users\Schinski\AppData\Local\CrashDumps 2014-03-31 18:05 - 2012-07-22 13:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-03-31 03:16 - 2014-04-10 20:41 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-03-31 03:13 - 2014-04-10 20:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-03-31 02:13 - 2014-04-10 20:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-03-31 01:57 - 2014-04-10 20:41 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-03-30 19:24 - 2012-07-22 15:54 - 00000000 ____D () C:\Users\Schinski\AppData\Roaming\vlc 2014-03-30 13:31 - 2014-03-30 13:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox Some content of TEMP: ==================== C:\Users\Schinski\AppData\Local\Temp\avgnt.exe C:\Users\Schinski\AppData\Local\Temp\DTLite4471-0333.exe C:\Users\Schinski\AppData\Local\Temp\FreemakeVideoConverter_4.1.3.15.exe C:\Users\Schinski\AppData\Local\Temp\instract.exe C:\Users\Schinski\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe C:\Users\Schinski\AppData\Local\Temp\LDroidtemp.exe C:\Users\Schinski\AppData\Local\Temp\LiveSupport_setup.exe C:\Users\Schinski\AppData\Local\Temp\LyrcStmp.exe C:\Users\Schinski\AppData\Local\Temp\nsa178F.exe C:\Users\Schinski\AppData\Local\Temp\nsg1010.exe C:\Users\Schinski\AppData\Local\Temp\nsgDC8E.exe C:\Users\Schinski\AppData\Local\Temp\nsiEC0C.exe C:\Users\Schinski\AppData\Local\Temp\nsnE610.exe C:\Users\Schinski\AppData\Local\Temp\nssE14E.exe C:\Users\Schinski\AppData\Local\Temp\nssEFF3.exe C:\Users\Schinski\AppData\Local\Temp\nsvE48A.exe C:\Users\Schinski\AppData\Local\Temp\Player_Setup(1).exe C:\Users\Schinski\AppData\Local\Temp\SIntf16.dll C:\Users\Schinski\AppData\Local\Temp\SIntf32.dll C:\Users\Schinski\AppData\Local\Temp\SIntfNT.dll C:\Users\Schinski\AppData\Local\Temp\sngalng.exe C:\Users\Schinski\AppData\Local\Temp\sp-downloader.exe C:\Users\Schinski\AppData\Local\Temp\uninst1.exe C:\Users\Schinski\AppData\Local\Temp\vcredist_x86.exe C:\Users\Schinski\AppData\Local\Temp\vlc-2.0.6-win32.exe C:\Users\Schinski\AppData\Local\Temp\vlc-2.0.8-win32.exe C:\Users\Schinski\AppData\Local\Temp\vlc-2.1.2-win32.exe C:\Users\Schinski\AppData\Local\Temp\vlc-2.1.3-win32.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-04-22 11:49 ==================== End Of Log ============================ |
|
24.04.2014, 07:15
| #4 |
| /// the machine /// TB-Ausbilder | Dauernd öffnen sich neue Fenster und Tabs in Firefox Revo Uninstaller - Download - Filepony Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION Mit Revo auch Moderat die Reste entfernen lassen. Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
24.04.2014, 09:31
| #5 |
| | Dauernd öffnen sich neue Fenster und Tabs in FirefoxCode:
ATTFilter ComboFix 14-04-20.01 - Schinski 24.04.2014 9:00.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.5996.3721 [GMT 2:00]
ausgeführt von:: c:\users\Schinski\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Desktop *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\program files (x86)\AddLyrics
c:\program files (x86)\SingAlong
c:\program files (x86)\YTKaraoke
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\doaiokannffekfihkidnidknomcpiccc
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\doaiokannffekfihkidnidknomcpiccc\1\5183dcec47ce84.90805773.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\doaiokannffekfihkidnidknomcpiccc\1\background.html
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\doaiokannffekfihkidnidknomcpiccc\1\content.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\doaiokannffekfihkidnidknomcpiccc\1\lsdb.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\doaiokannffekfihkidnidknomcpiccc\1\manifest.json
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\doaiokannffekfihkidnidknomcpiccc\1\newtab.html
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\doaiokannffekfihkidnidknomcpiccc\1\sqlite.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnnihpoinhbcnickbglbkjdfmnmpmbee
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnnihpoinhbcnickbglbkjdfmnmpmbee\4.61\background.html
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnnihpoinhbcnickbglbkjdfmnmpmbee\4.61\content.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnnihpoinhbcnickbglbkjdfmnmpmbee\4.61\DWFEvD3Gv.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnnihpoinhbcnickbglbkjdfmnmpmbee\4.61\lsdb.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnnihpoinhbcnickbglbkjdfmnmpmbee\4.61\manifest.json
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\background.html
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\chromeCoreFilesIndex.txt
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\crossriderManifest.json
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\extensionData\manifest.xml
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\extensionData\plugins.json
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\extensionData\plugins\1_base.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\extensionData\plugins\102_dealply_m.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\extensionData\plugins\103_intext_5_m.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\extensionData\plugins\14_CrossriderUtils.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\extensionData\plugins\155_ibario_pops_m.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\extensionData\plugins\17_jQuery.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\extensionData\plugins\177_crossriderDashboard.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\extensionData\plugins\182_openUrl.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\extensionData\plugins\183_tabsWrapper.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\extensionData\plugins\19_CHAppAPIWrapper.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\extensionData\plugins\191_ciuvo_m.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\extensionData\plugins\207_dbWrapper.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\extensionData\plugins\21_debug.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\extensionData\plugins\22_resources.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\extensionData\plugins\223_imonomy_m.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\extensionData\plugins\230_revizer_ws_dynamic_b2b_2_m.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\extensionData\plugins\28_initializer.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\extensionData\plugins\4_jquery_1_7_1.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\extensionData\plugins\47_resources_background.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\extensionData\plugins\64_appApiMessage.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\extensionData\plugins\72_appApiValidation.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\extensionData\plugins\78_CrossriderInfo.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\extensionData\plugins\80_CHPopupAppAPI.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\extensionData\plugins\91_monetizationLoader.js.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\extensionData\plugins\97_resourceApiWrapper.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\extensionData\userCode\background.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\extensionData\userCode\extension.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\icons\actions\1.png
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\icons\icon128.png
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\icons\icon16.png
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\icons\icon48.png
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\js\api\chrome.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\js\api\cookie.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\js\api\message.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\js\api\monitor.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\js\api\pageAction.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\js\api\pageActionBG.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\js\background.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\js\lib\app_api.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\js\lib\bg_app_api.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\js\lib\consts.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\js\lib\cookie_store.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\js\lib\crossriderAPI.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\js\lib\delegate.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\js\lib\events.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\js\lib\extensionDataStore.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\js\lib\installer.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\js\lib\logFile.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\js\lib\logging.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\js\lib\onBGDocumentLoad.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\js\lib\popupResource\newPopup.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\js\lib\popupResource\popup.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\js\lib\reports.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\js\lib\storageWrapper.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\js\lib\updateManager.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\js\lib\util.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\js\lib\xhr.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\js\main.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\js\platformVersion.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\manifest.json
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcjbopemebdnolilndkpjfmhakccapkh\1.26.15_0\popup.html
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfbobiellkpaalcodkljaaggclpocdkb
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfbobiellkpaalcodkljaaggclpocdkb\1\5183dc784976c8.00353578.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfbobiellkpaalcodkljaaggclpocdkb\1\background.html
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfbobiellkpaalcodkljaaggclpocdkb\1\content.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfbobiellkpaalcodkljaaggclpocdkb\1\lsdb.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfbobiellkpaalcodkljaaggclpocdkb\1\manifest.json
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfbobiellkpaalcodkljaaggclpocdkb\1\sqlite.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlkkodjjkbpmaifigdgmdnjacooaefhf
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlkkodjjkbpmaifigdgmdnjacooaefhf\1\5183dd0e203360.98776825.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlkkodjjkbpmaifigdgmdnjacooaefhf\1\background.html
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlkkodjjkbpmaifigdgmdnjacooaefhf\1\content.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlkkodjjkbpmaifigdgmdnjacooaefhf\1\lsdb.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlkkodjjkbpmaifigdgmdnjacooaefhf\1\manifest.json
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlkkodjjkbpmaifigdgmdnjacooaefhf\1\sqlite.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\lggdcfghpfeafgpdbpoflaedkhklhfhl
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\lggdcfghpfeafgpdbpoflaedkhklhfhl\1\5183dd16ab2028.86582343.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\lggdcfghpfeafgpdbpoflaedkhklhfhl\1\background.html
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\lggdcfghpfeafgpdbpoflaedkhklhfhl\1\content.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\lggdcfghpfeafgpdbpoflaedkhklhfhl\1\lsdb.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\lggdcfghpfeafgpdbpoflaedkhklhfhl\1\manifest.json
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\lggdcfghpfeafgpdbpoflaedkhklhfhl\1\newtab.html
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\lggdcfghpfeafgpdbpoflaedkhklhfhl\1\sqlite.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkclkknolljimgdphclodbljhjcbp
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkclkknolljimgdphclodbljhjcbp\1\5183dce5db0f29.75383495.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkclkknolljimgdphclodbljhjcbp\1\background.html
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkclkknolljimgdphclodbljhjcbp\1\content.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkclkknolljimgdphclodbljhjcbp\1\lsdb.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkclkknolljimgdphclodbljhjcbp\1\manifest.json
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkclkknolljimgdphclodbljhjcbp\1\sqlite.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\mncjainlbgolhkgdhlkicphjfigaimif
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\mncjainlbgolhkgdhlkicphjfigaimif\1\5183dc8adcd876.02239043.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\mncjainlbgolhkgdhlkicphjfigaimif\1\background.html
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\mncjainlbgolhkgdhlkicphjfigaimif\1\content.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\mncjainlbgolhkgdhlkicphjfigaimif\1\lsdb.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\mncjainlbgolhkgdhlkicphjfigaimif\1\manifest.json
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\mncjainlbgolhkgdhlkicphjfigaimif\1\newtab.html
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\mncjainlbgolhkgdhlkicphjfigaimif\1\sqlite.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\phieagnndjpmlgocaofoeakghpmbabnh
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\phieagnndjpmlgocaofoeakghpmbabnh\1.6\background.html
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\phieagnndjpmlgocaofoeakghpmbabnh\1.6\content.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\phieagnndjpmlgocaofoeakghpmbabnh\1.6\lsdb.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\phieagnndjpmlgocaofoeakghpmbabnh\1.6\manifest.json
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\phieagnndjpmlgocaofoeakghpmbabnh\1.6\sqlite.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\phieagnndjpmlgocaofoeakghpmbabnh\1.6\TH.js
c:\users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome.manifest
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\api.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\api\asyncDB.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\api\background.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\api\browserAction.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\api\contextMenu.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\api\dbManager.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\api\dom_bg.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\api\fileManager.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\api\firefox.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\api\firefoxNotifications.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\api\firefoxOmnibox.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\api\message.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\api\pageAction.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\api\request.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\api\tabs.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\api\webRequest.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\api\windowsMessagingHandler.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\background.html
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\baseObject.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\browser.xul
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\core\addressBarChangeObserver.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\core\console.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\core\consts.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\core\delegate.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\core\extensionDataStore.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\core\folderIOWrapper.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\core\httpObserver.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\core\IDBWrapper.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\core\installer.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\core\logFile.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\core\prefs.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\core\progressListenerObserver.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\core\registry.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\core\reloadObserver.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\core\reports.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\core\requestObject.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\core\searchSettings.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\core\uninstallObserver.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\core\updateManager.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\core\utils.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\core\xhr.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\dialog.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\ffCoreFilesIndex.txt
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\main.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\options.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\options.xul
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\platformVersion.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\chrome\content\search_dialog.xul
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\defaults\preferences\prefs.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\manifest.xml
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins.json
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\1_base.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\103_intext_5_m.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\14_CrossriderUtils.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\155_ibario_pops_m.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\16_FFAppAPIWrapper.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\17_jQuery.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\177_crossriderDashboard.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\180_bpo_serp_m.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\182_openUrl.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\183_tabsWrapper.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\191_ciuvo_m.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\207_dbWrapper.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\21_debug.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\217_similar_products_m.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\22_resources.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\223_imonomy_m.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\230_revizer_ws_dynamic_b2b_2_m.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\233_revizer_p_dynamic_b2b_2_m.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\242_price_gong_m.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\246_setup.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\28_initializer.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\4_jquery_1_7_1.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\47_resources_background.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\64_appApiMessage.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\7_hooks.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\72_appApiValidation.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\78_CrossriderInfo.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\9_search_engine_hook.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\91_monetizationLoader.js.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\plugins\98_omniCommands.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\userCode\background.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\extensionData\userCode\extension.js
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\install.rdf
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\locale\en-US\translations.dtd
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\skin\button1.png
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\skin\button2.png
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\skin\button3.png
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\skin\button4.png
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\skin\button5.png
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\skin\crossrider_statusbar.png
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\skin\icon128.png
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\skin\icon16.png
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\skin\icon24.png
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\skin\icon48.png
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\skin\panelarrow-up.png
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\skin\popup.html
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\skin\skin.css
c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\e49d3f99-7c89-4eb4-99f3-ff903e2189b2@5288754a-7a48-41a0-a10f-e98c9ac12040.com\skin\update.css
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-03-24 bis 2014-04-24 ))))))))))))))))))))))))))))))
.
.
2014-04-24 07:22 . 2014-04-24 07:22 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-04-24 06:34 . 2014-04-14 18:13 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-04-24 06:30 . 2014-04-24 06:30 -------- d-----w- c:\program files (x86)\VS Revo Group
2014-04-23 09:46 . 2014-04-23 09:48 -------- d-----w- C:\FRST
2014-04-15 15:31 . 2014-04-15 15:31 -------- d-----w- c:\programdata\Freemake
2014-04-15 15:30 . 2014-04-15 15:31 -------- d-----w- c:\program files (x86)\Freemake
2014-04-15 15:20 . 2014-04-15 15:20 -------- d-----w- c:\users\Schinski\AppData\Roaming\AVS4YOU
2014-04-15 15:20 . 2014-04-15 15:20 -------- d-----w- c:\programdata\AVS4YOU
2014-04-15 15:19 . 2014-04-15 15:25 -------- d-----w- c:\program files (x86)\Common Files\AVSMedia
2014-04-15 15:19 . 2014-04-15 15:25 -------- d-----w- c:\program files (x86)\AVS4YOU
2014-04-15 15:19 . 2010-05-11 12:17 24576 ----a-w- c:\windows\SysWow64\msxml3a.dll
2014-04-15 15:19 . 2010-05-11 12:17 1700352 ----a-w- c:\windows\SysWow64\GdiPlus.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-04-13 10:49 . 2012-07-22 11:08 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-04-13 10:49 . 2011-10-20 10:30 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-10 20:22 . 2012-07-27 15:05 90655440 ----a-w- c:\windows\system32\MRT.exe
2014-03-04 09:17 . 2014-04-10 18:41 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2014-03-01 05:16 . 2014-03-14 12:53 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-03-01 04:58 . 2014-03-14 12:53 2765824 ----a-w- c:\windows\system32\iertutil.dll
2014-03-01 04:52 . 2014-03-14 12:53 66048 ----a-w- c:\windows\system32\iesetup.dll
2014-03-01 04:51 . 2014-03-14 12:53 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-03-01 04:42 . 2014-03-14 12:53 53760 ----a-w- c:\windows\system32\jsproxy.dll
2014-03-01 04:40 . 2014-03-14 12:53 33792 ----a-w- c:\windows\system32\iernonce.dll
2014-03-01 04:37 . 2014-03-14 12:53 574976 ----a-w- c:\windows\system32\ieui.dll
2014-03-01 04:33 . 2014-03-14 12:53 139264 ----a-w- c:\windows\system32\ieUnatt.exe
2014-03-01 04:33 . 2014-03-14 12:53 111616 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-03-01 04:32 . 2014-03-14 12:53 708608 ----a-w- c:\windows\system32\jscript9diag.dll
2014-03-01 04:23 . 2014-03-14 12:53 940032 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-03-01 04:17 . 2014-03-14 12:53 218624 ----a-w- c:\windows\system32\ie4uinit.exe
2014-03-01 04:02 . 2014-03-14 12:53 195584 ----a-w- c:\windows\system32\msrating.dll
2014-03-01 03:54 . 2014-03-14 12:53 5768704 ----a-w- c:\windows\system32\jscript9.dll
2014-03-01 03:52 . 2014-03-14 12:53 61952 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-03-01 03:51 . 2014-03-14 12:53 51200 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-03-01 03:42 . 2014-03-14 12:53 627200 ----a-w- c:\windows\system32\msfeeds.dll
2014-03-01 03:38 . 2014-03-14 12:53 112128 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-03-01 03:37 . 2014-03-14 12:53 553472 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-03-01 03:35 . 2014-03-14 12:53 2041856 ----a-w- c:\windows\system32\inetcpl.cpl
2014-03-01 03:18 . 2014-03-14 12:53 13051904 ----a-w- c:\windows\system32\ieframe.dll
2014-03-01 03:14 . 2014-03-14 12:53 4244480 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-03-01 03:10 . 2014-03-14 12:53 2334208 ----a-w- c:\windows\system32\wininet.dll
2014-03-01 03:00 . 2014-03-14 12:53 1964032 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-03-01 02:38 . 2014-03-14 12:53 1393664 ----a-w- c:\windows\system32\urlmon.dll
2014-03-01 02:32 . 2014-03-14 12:53 1820160 ----a-w- c:\windows\SysWow64\wininet.dll
2014-03-01 02:25 . 2014-03-14 12:53 817664 ----a-w- c:\windows\system32\ieapfltr.dll
2014-02-07 01:23 . 2014-03-14 12:53 3156480 ----a-w- c:\windows\system32\win32k.sys
2014-02-04 02:32 . 2014-03-14 12:52 1424384 ----a-w- c:\windows\system32\WindowsCodecs.dll
2014-02-04 02:32 . 2014-03-14 12:52 624128 ----a-w- c:\windows\system32\qedit.dll
2014-02-04 02:04 . 2014-03-14 12:52 1230336 ----a-w- c:\windows\SysWow64\WindowsCodecs.dll
2014-02-04 02:04 . 2014-03-14 12:52 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-01-29 02:32 . 2014-03-14 12:53 484864 ----a-w- c:\windows\system32\wer.dll
2014-01-29 02:06 . 2014-03-14 12:53 381440 ----a-w- c:\windows\SysWow64\wer.dll
2014-01-28 02:32 . 2014-03-14 12:53 228864 ----a-w- c:\windows\system32\wwansvc.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{B1AA7241-6BEC-B310-4584-1DD92E629B6A}]
2013-05-03 15:51 112128 ----a-w- c:\programdata\continuetosiavee\5183dce5db37d.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D0FBB402-A966-2264-FA92-92D3EBDA66BD}]
2013-05-03 15:49 112128 ----a-w- c:\programdata\continuetosiavee\5183dc78499a3.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2012-12-03 309688]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe" [2008-01-22 152872]
"Steam"="c:\program files (x86)\Steam\steam.exe" [2014-04-21 1826496]
"KiesPDLR"="c:\program files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [2012-12-03 843704]
"KiesAirMessage"="c:\program files (x86)\Samsung\Kies\KiesAirMessage.exe" [2012-11-28 577536]
"KiesPreload"="c:\program files (x86)\Samsung\Kies\Kies.exe" [2012-12-03 967608]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-03-14 3672640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Norton Online Backup"="c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" [2010-06-01 1155928]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2011-10-13 343168]
"LManager"="c:\program files (x86)\Launch Manager\LManager.exe" [2011-07-01 1103440]
"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2012-06-20 74752]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-02-20 689744]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"SpUninstallCleanUp"="REG delete HKEY_LOCAL_MACHINE\Software\SearchProtect" [X]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 70e6ca8c;Optimizer Pro Crash Monitor;c:\windows\system32\rundll32.exe;c:\windows\SYSNATIVE\rundll32.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 androidusb;SAMSUNG Android Composite ADB Interface Driver;c:\windows\system32\Drivers\ssadadb.sys;c:\windows\SYSNATIVE\Drivers\ssadadb.sys [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys;c:\windows\SYSNATIVE\drivers\massfilter.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RRNetCap;RRNetCap Service;c:\windows\system32\DRIVERS\rrnetcap.sys;c:\windows\SYSNATIVE\DRIVERS\rrnetcap.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\System32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM);c:\windows\system32\DRIVERS\ssadbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssadbus.sys [x]
R3 ssadmdfl;SAMSUNG Android USB Modem (Filter);c:\windows\system32\DRIVERS\ssadmdfl.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdfl.sys [x]
R3 ssadmdm;SAMSUNG Android USB Modem Drivers;c:\windows\system32\DRIVERS\ssadmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssadmdm.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.0;c:\program files\Intel\TurboBoost\TurboBoost.exe;c:\program files\Intel\TurboBoost\TurboBoost.exe [x]
R4 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 acedrv11;acedrv11;c:\windows\system32\drivers\acedrv11.sys;c:\windows\SYSNATIVE\drivers\acedrv11.sys [x]
S2 AdobeActiveFileMonitor9.0;Adobe Active File Monitor V9;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 DsiWMIService;Dritek WMI Service;c:\program files (x86)\Launch Manager\dsiwmis.exe;c:\program files (x86)\Launch Manager\dsiwmis.exe [x]
S2 ePowerSvc;ePower Service;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe;c:\program files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [x]
S2 GREGService;GREGService;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe;c:\program files (x86)\Packard Bell\Registration\GREGsvc.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 Live Updater Service;Live Updater Service;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe;c:\program files\Packard Bell\Packard Bell Updater\UpdaterService.exe [x]
S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x]
S2 SearchAnonymizer;SearchAnonymizer;c:\users\Schinski\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe;c:\users\Schinski\AppData\Roaming\OCS\SM\SearchAnonymizerHelper.exe [x]
S2 TurboB;Turbo Boost UI Monitor driver;c:\windows\system32\DRIVERS\TurboB.sys;c:\windows\SYSNATIVE\DRIVERS\TurboB.sys [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys;c:\windows\SYSNATIVE\DRIVERS\ETD.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C62x64.sys [x]
S3 RRNetCapMP;RRNetCapMP;c:\windows\system32\DRIVERS\rrnetcap.sys;c:\windows\SYSNATIVE\DRIVERS\rrnetcap.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-04-24 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-07-22 10:49]
.
2014-04-23 c:\windows\Tasks\bench-sys.job
- c:\program files (x86)\Bench\Updater\updater.exe [2014-02-12 18:24]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2011-03-10 11785832]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-08-09 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-09 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-08-09 416024]
"IntelTBRunOnce"="wscript.exe" [2013-10-12 168960]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-07-29 497648]
"Power Management"="c:\program files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" [2011-08-02 1831016]
"Ocs_SM"="c:\users\Schinski\AppData\Roaming\OCS\SM\SearchAnonymizer.exe" [2013-01-07 106496]
.
------- Zusätzlicher Suchlauf -------
.
uStart Page = hxxp://www.awesomehp.com/?type=hp&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329
uLocal Page = c:\windows\system32\blank.htm
mDefault_Search_URL = hxxp://www.awesomehp.com/web/?type=ds&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329&q={searchTerms}
mDefault_Page_URL = hxxp://www.awesomehp.com/?type=hp&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329
mStart Page = hxxp://www.awesomehp.com/?type=hp&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.awesomehp.com/web/?type=ds&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329&q={searchTerms}
IE: An OneNote s&enden - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Free YouTube Download - c:\users\Schinski\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.search.selectedEngine - Google
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{15467C9F-3784-4109-89C9-6ED7100B96B8} - c:\program files (x86)\LyricsSpeaker\120.dll
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
Toolbar-!{EEE6C35B-6118-11DC-9C72-001320C79847} - (no file)
Wow6432Node-HKCU-Run-LiveSupport - c:\program files (x86)\LiveSupport\LiveSupport.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
BHO-{11111111-1111-1111-1111-110511161182} - c:\program files (x86)\Feven Pro 1.2\Feven Pro 1.2-bho64.dll
Toolbar-Locked - (no file)
Toolbar-10 - (no file)
HKLM-Run-ETDCtrl - c:\program files (x86)\Elantech\ETDCtrl.exe
AddRemove-Updater Service - c:\programdata\IBUpdaterService\ibsvc.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-04-24 09:50:13
ComboFix-quarantined-files.txt 2014-04-24 07:50
.
Vor Suchlauf: 10 Verzeichnis(se), 280.904.228.864 Bytes frei
Nach Suchlauf: 18 Verzeichnis(se), 282.394.689.536 Bytes frei
.
- - End Of File - - E1A8FC6F0FF504427B7625216D1F2EB0
|
|
24.04.2014, 20:05
| #6 |
| /// the machine /// TB-Ausbilder | Dauernd öffnen sich neue Fenster und Tabs in Firefox Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Dauernd öffnen sich neue Fenster und Tabs in Firefox |
|
25.04.2014, 10:29
| #7 |
| | Dauernd öffnen sich neue Fenster und Tabs in Firefox Moin, erstmal muss ich sagen dass der Support echt super und fix ist und ich merke bei jedem Schritt wie viel besser der Laptop wieder funktioniert *Daumen hoch* Hier die Log-Dateien in der von dir angegebenen Reihenfolge: MBAM: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 25.04.2014 Suchlauf-Zeit: 10:53:19 Logdatei: mbam.txt Administrator: Ja Version: 2.00.1.1004 Malware Datenbank: v2014.04.25.04 Rootkit Datenbank: v2014.03.27.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Chameleon: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Schinski Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 272487 Verstrichene Zeit: 22 Min, 1 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Aktiviert Shuriken: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 41 PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [54ac4cb4c43c23dd9b8ccd82fe048f71], PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [54ac4cb4c43c23dd9b8ccd82fe048f71], PUP.Optional.LyricsAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{15467C9F-3784-4109-89C9-6ED7100B96B8}, In Quarantäne, [51af9b656997c53b4d942bf13bc7c43c], PUP.Optional.LyricsAd, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{15467C9F-3784-4109-89C9-6ED7100B96B8}, In Quarantäne, [51af9b656997c53b4d942bf13bc7c43c], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, In Quarantäne, [8d7337c99e62ab55ee7f6be480828f71], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, In Quarantäne, [986816ea24dc17e9c4aac78821e12bd5], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D0FBB402-A966-2264-FA92-92D3EBDA66BD}, In Quarantäne, [0ef219e7f709da26ce8dd929e51cfd03], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D0FBB402-A966-2264-FA92-92D3EBDA66BD}, In Quarantäne, [0ef219e7f709da26ce8dd929e51cfd03], PUP.Optional.MultiPlug.A, HKU\S-1-5-21-2432839586-755392640-722003589-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{D0FBB402-A966-2264-FA92-92D3EBDA66BD}, Löschen bei Neustart, [0ef219e7f709da26ce8dd929e51cfd03], PUP.Optional.MultiPlug.A, HKU\S-1-5-21-2432839586-755392640-722003589-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{D0FBB402-A966-2264-FA92-92D3EBDA66BD}, Löschen bei Neustart, [0ef219e7f709da26ce8dd929e51cfd03], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{B1AA7241-6BEC-B310-4584-1DD92E629B6A}, In Quarantäne, [936d728e50b0d828bc9f699950b1e51b], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{B1AA7241-6BEC-B310-4584-1DD92E629B6A}, In Quarantäne, [936d728e50b0d828bc9f699950b1e51b], PUP.Optional.MultiPlug.A, HKU\S-1-5-21-2432839586-755392640-722003589-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{B1AA7241-6BEC-B310-4584-1DD92E629B6A}, Löschen bei Neustart, [936d728e50b0d828bc9f699950b1e51b], PUP.Optional.MultiPlug.A, HKU\S-1-5-21-2432839586-755392640-722003589-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{B1AA7241-6BEC-B310-4584-1DD92E629B6A}, Löschen bei Neustart, [936d728e50b0d828bc9f699950b1e51b], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{94851E46-5E5B-DD67-2593-709E8D27DC4C}, In Quarantäne, [956bc53bac543bc5b934bd88ef12f709], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{A2616871-3463-BCEE-5AFA-73773317A381}, In Quarantäne, [8a763fc13ac6f709d617d96ce02145bb], PUP.Optional.Incredibar.A, HKLM\SOFTWARE\IB Updater, In Quarantäne, [857b3ec258a879873196eb853cc6d12f], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0051682.BHO, In Quarantäne, [738df50b7f81ca368bb29efd649f2cd4], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0051682.BHO.1, In Quarantäne, [d22e88783ac6996782bb4c4f887b25db], PUP.Optional.Incredibar.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\dlnembnfbcpjnepmfjmngjenhhajpdfd, In Quarantäne, [d828976913ed8878bb0a254bba4816ea], PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [629e857ba65a9769d24d584e4eb546ba], PUP.Optional.Awesomehp.A, HKLM\SOFTWARE\WOW6432NODE\awesomehpSoftware, In Quarantäne, [e31d9070a45c847c15ee463b46bc837d], PUP.Optional.Incredibar.A, HKLM\SOFTWARE\WOW6432NODE\IB Updater, In Quarantäne, [6a968c74728e32ceb80ff87826dc5fa1], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, In Quarantäne, [a45c619f49b75da3ec35a9dca55dc937], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0051682.BHO, In Quarantäne, [bf41e61abf4146ba82bb207b8c77d32d], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0051682.BHO.1, In Quarantäne, [5ba5857b05fb59a7be7f79223cc78f71], PUP.Optional.Incredibar.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\dlnembnfbcpjnepmfjmngjenhhajpdfd, In Quarantäne, [24dce21e45bb21df685dc6aaa85ade22], PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [9a6654ac639df90725fa951117ec4db3], PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM, In Quarantäne, [47b901ff3ac626da132e9b009271f30d], PUP.Optional.FevenPro.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Feven Pro 1.2, Löschen bei Neustart, [9d63f40c31cfde22523688f62ed437c9], PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-2432839586-755392640-722003589-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, Löschen bei Neustart, [9a66b34daa566b954f5de1ba38cba55b], PUP.Optional.Delta.A, HKU\S-1-5-21-2432839586-755392640-722003589-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\delta LTD, Löschen bei Neustart, [c838db257e82926e5098c8d35ba8857b], PUP.Optional.FevenPro.A, HKU\S-1-5-21-2432839586-755392640-722003589-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Feven Pro 1.2, Löschen bei Neustart, [08f83ac6ad53718f94f4116d41c145bb], PUP.Optional.InstallCore.A, HKU\S-1-5-21-2432839586-755392640-722003589-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Löschen bei Neustart, [38c851afae52d42c8c9c5133f909c53b], PUP.Optional.InstallCore.A, HKU\S-1-5-21-2432839586-755392640-722003589-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Löschen bei Neustart, [3ac6c33d38c8c63a7dd6f4a68d7606fa], PUP.Optional.Feven.A, HKU\S-1-5-21-2432839586-755392640-722003589-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Feven, Löschen bei Neustart, [55ab0ff11ee28d734d5f0f99a95a07f9], PUP.Optional.Qone8, HKU\S-1-5-21-2432839586-755392640-722003589-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Löschen bei Neustart, [758bfb05fd03748c100e03a3b152a15f], PUP.Optional.WebSearchInfo, HKU\S-1-5-21-2432839586-755392640-722003589-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}, Löschen bei Neustart, [847cfc040ff18a76ddd56642c340629e], PUP.Optional.SweetIM.A, HKU\S-1-5-21-2432839586-755392640-722003589-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM, Löschen bei Neustart, [b24e1ce4cd334ab6ea56e9b24cb703fd], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110511161182}, In Quarantäne, [c63aa55bb14f4db3ec1e36fc31d3cc34], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110511161182}, In Quarantäne, [c63aa55bb14f4db3ec1e36fc31d3cc34], Registrierungswerte: 8 PUP.Optional.HomePageProtector.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS\{336D0C35-8A85-403a-B9D2-65C292C39087}, In Quarantäne, [7d838977f20e2fd1c521c058f60c639d], PUP.Optional.HomePageProtector.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{336D0C35-8A85-403A-B9D2-65C292C39087}, C:\Program Files\IB Updater\Firefox, In Quarantäne, [7d838977f20e2fd1c521c058f60c639d] PUP.Optional.HomePageProtector.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{336D0C35-8A85-403A-B9D2-65C292C39087}, C:\Program Files\IB Updater\Firefox, In Quarantäne, [7d838977f20e2fd1c521c058f60c639d] PUP.Optional.HomePageProtector.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS\{336D0C35-8A85-403a-B9D2-65C292C39087}, In Quarantäne, [738df60a34cc926eebfbcc4c56ac916f], PUP.Optional.QuickStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|quick_start@gmail.com, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com, In Quarantäne, [cd33619f2bd5aa567c61ccab639f768a] PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM|simapp_id, {32011A5C-5906-11E2-9C2B-DC0EA11E27EC}, In Quarantäne, [47b901ff3ac626da132e9b009271f30d] PUP.Optional.InstallCore.A, HKU\S-1-5-21-2432839586-755392640-722003589-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0B1R1N1K2T2Y1K, Löschen bei Neustart, [3ac6c33d38c8c63a7dd6f4a68d7606fa] PUP.Optional.SweetIM.A, HKU\S-1-5-21-2432839586-755392640-722003589-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM|simapp_id, {32011A5C-5906-11E2-9C2B-DC0EA11E27EC}, Löschen bei Neustart, [b24e1ce4cd334ab6ea56e9b24cb703fd] Registrierungsdaten: 7 PUP.Optional.Awesomehp.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.awesomehp.com/?type=hp&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329, Gut: (hxxp://www.google.com), Schlecht: (hxxp://www.awesomehp.com/?type=hp&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329),Ersetzt,[6a96ce324eb2f60a54266fb6d82cbf41] PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[916f04fc3fc1d927979eef407a8a728e] PUP.Optional.Awesomehp.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.awesomehp.com/web/?type=ds&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329&q={searchTerms}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://www.awesomehp.com/web/?type=ds&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329&q={searchTerms}),Ersetzt,[60a04ab606fa58a8f583949106fee020] PUP.Optional.Awesomehp.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.awesomehp.com/?type=hp&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329, Gut: (hxxp://www.google.com), Schlecht: (hxxp://www.awesomehp.com/?type=hp&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329),Ersetzt,[37c9dc24a957b947cba8e63f838126da] PUP.Optional.Awesomehp.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.awesomehp.com/?type=hp&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329, Gut: (hxxp://www.google.com), Schlecht: (hxxp://www.awesomehp.com/?type=hp&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329),Ersetzt,[51af45bb1ae62ad65723061ffa0a22de] PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[16ea3dc326daf808ce67959ada2a40c0] PUP.Optional.Awesomehp.A, HKU\S-1-5-21-2432839586-755392640-722003589-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.awesomehp.com/?type=hp&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329, Gut: (hxxp://www.google.com), Schlecht: (hxxp://www.awesomehp.com/?type=hp&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329),Löschen bei Neustart,[df217f8130d0d22e89f27da818ecd62a] Ordner: 60 PUP.Optional.OpenCandy, C:\Users\Schinski\AppData\Roaming\OpenCandy, In Quarantäne, [2bd58d7379870cf443d7f86a768c7987], PUP.Optional.OpenCandy, C:\Users\Schinski\AppData\Roaming\OpenCandy\7C82064CBC5D40B79A428B747F692747, In Quarantäne, [2bd58d7379870cf443d7f86a768c7987], PUP.Optional.OpenCandy, C:\Users\Schinski\AppData\Roaming\OpenCandy\D1AD438D6D5C43FCBF4B09793746D0FB, In Quarantäne, [2bd58d7379870cf443d7f86a768c7987], PUP.Optional.OpenCandy, C:\Users\Schinski\AppData\Roaming\OpenCandy\FCB07E21221143DC9B8838EFCE1BB99F, In Quarantäne, [2bd58d7379870cf443d7f86a768c7987], PUP.Optional.FileScout.A, C:\Users\Schinski\AppData\Roaming\File Scout, In Quarantäne, [629e817fb34d26da092960026e94a45c], PUP.Optional.AdwarePlugin, C:\Program Files (x86)\Bench\Updater, In Quarantäne, [6e923ec259a72dd3ee753d2637cbf709], PUP.Optional.AdwarePlugin, C:\Program Files (x86)\Bench\Updater\1.7.0.0, In Quarantäne, [6e923ec259a72dd3ee753d2637cbf709], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\images, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\lib, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\de, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\Webmail, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\advertising, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\fx2, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\fx2\off, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\fx2\on, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\games, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\menu_page, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\_locales, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\_locales\en, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\_locales\fr, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\content, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\content\include, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\content\include\tools, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\content\js, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\en, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\en-US, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\es, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\es-419, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\fr, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\fr-BE, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\fr-CA, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\fr-CH, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\fr-LU, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\it, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\it-CH, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\pl, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\pt-BR, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\ru, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\ru-MO, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\tr, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\vi, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\zh-CN, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\zh-TW, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\skin, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\skin\weather, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\defaults, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\defaults\preferences, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\modules, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.TornTV.A, C:\Program Files (x86)\TornTV.com, In Quarantäne, [40c01ee24cb43bc5ef7cee7b9969a060], Dateien: 370 PUP.Optional.MultiPlug.A, C:\ProgramData\continuetosiavee\5183dc78499a3.dll, In Quarantäne, [0ef219e7f709da26ce8dd929e51cfd03], PUP.Optional.MultiPlug.A, C:\ProgramData\continuetosiavee\5183dce5db37d.dll, In Quarantäne, [936d728e50b0d828bc9f699950b1e51b], PUP.Optional.MultiPlug.A, C:\ProgramData\continuetosiavee\5183dd0e20558.dll, In Quarantäne, [996711ef867abc44bf9c748e41c014ec], PUP.Optional.MultiPlug.A, C:\ProgramData\SAiverPro\5TphpM.dll, In Quarantäne, [817f0ff1a25e5fa16b8279cc07fa16ea], PUP.Optional.MultiPlug.A, C:\ProgramData\SAiverPro\5TphpM.exe, In Quarantäne, [956bc53bac543bc5b934bd88ef12f709], PUP.Optional.MultiPlug.A, C:\ProgramData\savingitOyouu\EM.dll, In Quarantäne, [c63a9a66c43c1de31bd21431e120d12f], PUP.Optional.MultiPlug.A, C:\ProgramData\savingitOyouu\EM.exe, In Quarantäne, [8a763fc13ac6f709d617d96ce02145bb], PUP.Optional.FileScout.A, C:\Users\Schinski\AppData\Roaming\File Scout\filescout.exe, In Quarantäne, [8878619fd42c51af81009c677b869967], PUP.Optional.Conduit.A, C:\Users\Schinski\AppData\Roaming\OpenCandy\D1AD438D6D5C43FCBF4B09793746D0FB\search_protect_global.exe, In Quarantäne, [c53bd42c6c94a55b8ca60c0ced14bb45], PUP.Optional.DomaIQ, C:\Users\Schinski\Downloads\Player_Setup(1).exe, In Quarantäne, [31cfa45c4fb1c13f481e53ce44bd6d93], PUP.Optional.DomaIQ, C:\Users\Schinski\Downloads\Player_Setup.exe, In Quarantäne, [0cf450b0a25e9769ca9c59c8fd04eb15], PUP.Optional.Softonic, C:\Users\Schinski\Downloads\SoftonicDownloader_fuer_format-factory.exe, In Quarantäne, [06fa22def90720e0bd9d788808f9a45c], PUP.BundleInstaller.DW, C:\Users\Schinski\Downloads\Yu-Gi-Oh_Staffel_1.exe, In Quarantäne, [e21e16ea17e9d927a997f907659cf907], PUP.Optional.Bandoo, C:\Users\Schinski\Downloads\iLividSetup(1).exe, In Quarantäne, [b24edb2530d005fb5ffb23e231d01fe1], PUP.Optional.Bandoo, C:\Users\Schinski\Downloads\iLividSetup-r484-n-bf(1).exe, In Quarantäne, [dc24b7493cc4de221c3e1ee71be6669a], PUP.Optional.Bandoo, C:\Users\Schinski\Downloads\iLividSetup-r484-n-bf.exe, In Quarantäne, [57a936cad42c619f7ddd12f3fc0516ea], PUP.Optional.Bandoo, C:\Users\Schinski\Downloads\iLividSetup.exe, In Quarantäne, [d729738da65aa65aeb6fa2631de4728e], PUP.Optional.BundleInstaller.A, C:\Users\Schinski\Downloads\Java.exe, In Quarantäne, [27d9ce32e21e4db3cfe2b78938c9eb15], PUP.Optional.InstallBrain.A, C:\Users\Schinski\Downloads\CodecPerformerSetup.exe, In Quarantäne, [32ce28d8a35db54bc7d5e7563cc5f60a], PUP.BundleInstaller.DW, C:\Users\Schinski\Downloads\Yu-Gi-Oh_Staffel_1(1).exe, In Quarantäne, [9b6552ae16ea57a97cc445bb58a9c53b], PUP.Optional.OptimumInstaller.A, C:\Users\Schinski\Downloads\Updater_Setup.exe, In Quarantäne, [d52beb15c7397c84c59d58f1a35e6997], Adware.InstallBrain, C:\Users\Schinski\Downloads\VideoPerformerSetup.exe, In Quarantäne, [bc44768af01007f95b1951b23ec3ae52], PUP.BundleInstaller.DW, C:\Users\Schinski\Downloads\Yu-Gi-Oh!_Power_of_Chaos_Collection_PC_GERMAN-ROORzange(1).exe, In Quarantäne, [23dd26da16ea0ff10e32c13fff0240c0], PUP.BundleInstaller.DW, C:\Users\Schinski\Downloads\Yu-Gi-Oh!_Power_of_Chaos_Collection_PC_GERMAN-ROORzange.exe, In Quarantäne, [09f7a45c12ee3ec2c080f60a629f768a], PUP.FakeFlash.Domaiq, C:\Users\Schinski\Downloads\FlashPlayer_V.138553283b.exe, In Quarantäne, [7e8233cde41cc8385869c61c5ba5df21], PUP.Optional.Koyote.A, C:\Users\Schinski\Downloads\FreeFLVConverterSetup_7.6.1.exe, In Quarantäne, [897745bb50b015eb1e9983b89d64867a], PUP.Optional.Conduit.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\searchplugins\conduit-search.xml, In Quarantäne, [936d12ee9e62a65a58a1ccacd42e18e8], PUP.Optional.Awesomehp.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\awesomehp.xml, In Quarantäne, [619f7f81d22e8e720fcf7c048a78a15f], PUP.Optional.BenchUpdater.A, C:\Windows\Tasks\bench-sys.job, In Quarantäne, [d927748cba46877916c2d0b56d957987], PUP.Optional.BenchUpdater.A, C:\Windows\Tasks\bench-Updater removing.job, In Quarantäne, [b050e21ebf41f808e8f0c0c5df2349b7], PUP.Optional.OpenCandy, C:\Users\Schinski\AppData\Roaming\OpenCandy\7C82064CBC5D40B79A428B747F692747\TuneUpUtilities2013-2200218_de-DE.exe, In Quarantäne, [2bd58d7379870cf443d7f86a768c7987], PUP.Optional.OpenCandy, C:\Users\Schinski\AppData\Roaming\OpenCandy\FCB07E21221143DC9B8838EFCE1BB99F\DivXInstaller.exe, In Quarantäne, [2bd58d7379870cf443d7f86a768c7987], PUP.Optional.FileScout.A, C:\Users\Schinski\AppData\Roaming\File Scout\uninst.exe, In Quarantäne, [629e817fb34d26da092960026e94a45c], PUP.Optional.AdwarePlugin, C:\Program Files (x86)\Bench\Updater\products.xml, In Quarantäne, [6e923ec259a72dd3ee753d2637cbf709], PUP.Optional.AdwarePlugin, C:\Program Files (x86)\Bench\Updater\updater.exe, In Quarantäne, [6e923ec259a72dd3ee753d2637cbf709], PUP.Optional.AdwarePlugin, C:\Program Files (x86)\Bench\Updater\1.7.0.0\updater.exe, In Quarantäne, [6e923ec259a72dd3ee753d2637cbf709], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\manifest.json, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\images\icon_19.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\images\logo128.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\images\logo16.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\images\logo48.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\background.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\contentScript.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\SOAP.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\lib\jquery.min.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\config.xml, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\menu.css, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\minibar.min.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\template.css, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\01net.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\amazon.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\antronio.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\ask.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\autoscout.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\avmagazine.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\banners-test.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\basecamphq.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\blog.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\blogger.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\bomnegocio.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\ciao.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\conduit.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\dailymotion.css, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\dailymotion.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\diretta.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\drivingitalia.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\ebay.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\ebayit.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\ehow.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\everyeye.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\facebook.css, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\facebook.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\flickr.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\forum.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\forumVB.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\foxsports.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\france_hardware.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\friv.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\gamekult.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\gamesvillage.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\globo.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\google-map.css, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\google-map.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\guiadohardware.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\gumtree.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\hardware.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\hi5.css, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\hi5.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\ilmeteo.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\imdb.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\infos_du_net.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\jappy.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\leboncoin.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\libero.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\lokalisten.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\macitynet.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\marca.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\meebo.css, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\meebo.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\meteonetwork.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\milanuncios.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\mundoanuncio.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\myspace.css, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\myspace.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\netlog.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\nexopia.css, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\nexopia.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\nirvam.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\ohmydollz.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\orkut.css, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\orkut.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\pagesjaunes.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\photobucket.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\pinterest.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\schueler.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\segundamano.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\shopping.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\skype.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\skyrock.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\subito.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\t-online.css, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\t-online.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\tagged.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\taringa.css, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\taringa.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\terra.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\tibiabr.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\tiscali.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\tripadvisor.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\craigslist.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\imdb.css, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\movie2k.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\poptropica.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\twitter.css, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\twitter.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\uol.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\v9.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\virgilio.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\voila.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\weather.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\web.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\wordpress.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\wp-admin.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\xvideos.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\yahoo.css, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\yahoo.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\yammer.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\yellowpages.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\yelp.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\youtube.css, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\youtube.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\de\lokalisten.css, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\de\lokalisten.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\de\schueler.css, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\de\schueler.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\de\stayfriends.css, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\de\stayfriends.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\de\studivz.css, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\de\studivz.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\de\wer-kennt-wen.css, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\de\wer-kennt-wen.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\Webmail\aol.css, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\Webmail\aol.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\Webmail\gmail.css, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\Webmail\gmail.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\Webmail\hotmail.css, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\Webmail\hotmail.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\Webmail\orange.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\adapters\Webmail\outlook.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\advertising\AdFrame.html, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\advertising\adsmanagement.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\advertising\rmx.js, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\fx2\led_background.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\fx2\off\blink.gif, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\fx2\off\flip.gif, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\fx2\off\led.gif, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\fx2\off\rainbow.gif, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\fx2\off\typed.gif, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\fx2\off\wave.gif, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\fx2\on\blink.gif, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\fx2\on\flip.gif, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\fx2\on\led.gif, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\fx2\on\rainbow.gif, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\fx2\on\typed.gif, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\fx2\on\wave.gif, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\home.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\arrow.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\ArrowExpandBar.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\BkgExpandBar.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\close.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\default_icon.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\default_icon_states.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\Expand-26x24.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\FB_Share.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\FB_Share_Tiny.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\gifts.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\help.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\imbwin1.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\imbwin1_409daae67f73f4fb84c27d6d70463f2b.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\imbwin_bg.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\imbwin_hf.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\imbwin_vf.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\iminentbutton.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\iminentbutton_bg.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\InviteFriends.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\LeftExpandBar.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\leftTooltip.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\Line.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\Line2.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\mailfooter.jpg, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\Minibar_buttons.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\new.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\notification.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\RightExpandBar.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\rightTooltip.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\s10.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\search.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\separator.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\social_games.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\TellAFriendBackground.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\toolbarbutton_bg.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\toolbar_bg.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\tooltipArrow.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\ui-check-box-checked.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\ui-check-box.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F90B0.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F9299.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\E29ABD.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\E29BB5.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F8C99.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F8C9F.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F8CB9.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F8D80.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F8DBB.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F8E81.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F8E89.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F8EB1.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F8EB6.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F8EB8.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F908D.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F90A7.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F90AC.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F90AE.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F90AF.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F90B1.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F90B4.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F90B6.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F90B7.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F90B9.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F918C.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F918D.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F918E.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F91BD.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F9280.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F9284.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F928B.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F928D.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F928F.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F9293.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F9294.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F9297.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F929B.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F929C.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F929D.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F92A4.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F92A9.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F92AA.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F93B1.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F94A5.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F9881.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F9882.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F9884.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F9889.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F988A.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F988C.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F988D.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F9892.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F9893.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F9894.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F9896.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F9898.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F989A.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F989C.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F98A1.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F98AD.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F98B2.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F98B3.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F9A97.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\content\images\emoji\F09F9ABD.png, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\games\gameiframe1.html, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\games\gameiframe2.html, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\games\gameiframe3.html, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\games\gameiframe4.html, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\games\games.css, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\games\games.html, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\menu_page\1031.html, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\menu_page\1033.html, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\menu_page\1036.html, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\menu_page\1040.html, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\menu_page\1048.html, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\menu_page\1055.html, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\menu_page\2070.html, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\menu_page\3082.html, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\scripts\minibar\menu_page\ShareMenu.css, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\_locales\en\messages.json, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.Conduit, C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.3.2.1_0\_locales\fr\messages.json, In Quarantäne, [d62a13ed877917e912d3214240c232ce], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome.manifest, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\install.rdf, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\content\index.html, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\content\quick_start.js, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\content\quick_start.xul, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\content\include\speed_dial.js, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\content\include\tools\about_blank_hook.js, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\content\include\tools\misc.js, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\content\include\tools\popup_image_helper.js, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\content\include\tools\urlrequestor.js, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\content\js\common.js, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\content\js\doT.min.js, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\content\js\ga.js, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\content\js\jquery-2.1.0.min.js, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\content\js\jquery.autocomplete.js, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\content\js\js.js, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\content\js\xagainit.js, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\en\locale.properties, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\en-US\locale.properties, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\es\locale.properties, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\es-419\locale.properties, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\fr\locale.properties, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\fr-BE\locale.properties, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\fr-CA\locale.properties, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\fr-CH\locale.properties, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\fr-LU\locale.properties, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\it\locale.properties, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\it-CH\locale.properties, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\pl\locale.properties, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\pt-BR\locale.properties, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\ru\locale.properties, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\ru-MO\locale.properties, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\tr\locale.properties, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\vi\locale.properties, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\zh-CN\locale.properties, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\locale\zh-TW\locale.properties, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\skin\arrow.png, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\skin\default_add_logo.png, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\skin\default_add_logo_hover.png, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\skin\default_logo.png, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\skin\googlelogo.png, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\skin\googlelogo2.png, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\skin\google_trends.png, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\skin\icon.png, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\skin\loading.gif, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\skin\logo.ico, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\skin\logo.png, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\skin\logo32.ico, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\skin\style.css, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\chrome\skin\weather\0.png, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\defaults\preferences\fvd.js, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\modules\addonmanager.js, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\modules\aes.js, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\modules\config.js, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\modules\dialogs.js, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\modules\last_tab.js, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\modules\misc.js, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\modules\properties.js, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\modules\remoterequest.js, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\modules\restoreprefs.js, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.QuickStart.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\quick_start@gmail.com\modules\settings.js, In Quarantäne, [f60abd4301ffc13fdfdd4622857d926e], PUP.Optional.CrossRider.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\prefs.js, Gut: (), Schlecht: (user_pref("extensions.crossrider.bic", "1445903e0481a12453b3cbfe8fd78c39");), Ersetzt,[f20e0000b749a858bab8c793d43057a9] PUP.Optional.Babylon.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.prtkDS", 0);), Ersetzt,[b9479769de2205fbb8ca580244c05ca4] PUP.Optional.Babylon.A, C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.prtkHmpg", 0);), Ersetzt,[de22867aee12dd234f33baa011f38779] Physische Sektoren: 0 (No malicious items detected) (end) |
|
25.04.2014, 10:30
| #8 |
| | Dauernd öffnen sich neue Fenster und Tabs in Firefox Und der Rest: ADW: Code:
ATTFilter # AdwCleaner v3.202 - Bericht erstellt am 25/04/2014 um 11:04:43
# Aktualisiert 23/04/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Schinski - SCHINSKI-PC
# Gestartet von : C:\Users\Schinski\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
[#] Dienst Gelöscht : 70e6ca8c
Dienst Gelöscht : SearchAnonymizer
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\IBUpdaterService
Ordner Gelöscht : C:\ProgramData\StarApp
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\ProgramData\continuetosiavee
Ordner Gelöscht : C:\ProgramData\DoWnload, keepaEr
Ordner Gelöscht : C:\ProgramData\SAiverPro
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
Ordner Gelöscht : C:\Program Files (x86)\Bench
Ordner Gelöscht : C:\Program Files (x86)\myfree codec
Ordner Gelöscht : C:\Program Files (x86)\Red Sky
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Ordner Gelöscht : C:\Windows\SysWOW64\AI_RecycleBin
Ordner Gelöscht : C:\Users\Schinski\AppData\Local\DownTango
Ordner Gelöscht : C:\Users\Schinski\AppData\Local\Ilivid Player
Ordner Gelöscht : C:\Users\Schinski\AppData\Local\PutLockerDownloader
Ordner Gelöscht : C:\Users\Schinski\AppData\LocalLow\DataMngr
Ordner Gelöscht : C:\Users\Schinski\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\Schinski\AppData\LocalLow\continuetosiavee
Ordner Gelöscht : C:\Users\Schinski\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Schinski\AppData\Roaming\DesktopIconForAmazon
Ordner Gelöscht : C:\Users\Schinski\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Schinski\AppData\Roaming\OCS
Ordner Gelöscht : C:\Users\Schinski\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\Extensions\yfoetx.ulb@gy-dpxlamq-.co.uk
Datei Gelöscht : C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\user.js
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\*\shell\filescout
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Movie2KDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\addlyrics_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\addlyrics_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Deal Boat_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Deal Boat_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Deal Boat-InternalInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Deal Boat-InternalInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Movie2KDownloader_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Movie2KDownloader_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Searchqu Toolbar uninstall_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Softonic_chr_1-8-8-11_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Softonic_chr_1-8-8-11_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetim_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\sweetpacksupdatemanager_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SweetPacksUpdateManager_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_19703871
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_format-factory_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_format-factory_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{00B11DA2-75ED-4364-ABA5-9A95B1F5E946}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD501041-8EBE-11CE-8183-00AA00577DA2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47C0-9269-B4C6572FD61A}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\IM
Schlüssel Gelöscht : HKCU\Software\ImInstaller
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\performersoft llc
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\Babylon
Schlüssel Gelöscht : HKLM\Software\Bench
Schlüssel Gelöscht : HKLM\Software\Myfree Codec
Schlüssel Gelöscht : HKLM\Software\SP Global
Schlüssel Gelöscht : HKLM\Software\SProtector
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\Wpm
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Updater Service
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchAnonymizer
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16521
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v28.0 (de)
[ Datei : C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\prefs.js ]
Zeile gelöscht : user_pref("accessibility.lightning.homepage", "hxxp://www.awesomehp.com/?type=hp&ts=1393062767&from=tugs&uid=WDCXWD5000BPVT-22HXZT3_WD-WXA1CC1H2329H2329");
Zeile gelöscht : user_pref("aol_toolbar.default.homepage.check", false);
Zeile gelöscht : user_pref("aol_toolbar.default.search.check", false);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Zeile gelöscht : user_pref("extensions.LaX.scode", "(function(){try{var url=(window.self.location.href + document.cookie);if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumorob[...]
Zeile gelöscht : user_pref("extensions.YG1GLqiiK.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumorobo\")>-1||url.i[...]
Zeile gelöscht : user_pref("extensions._XrT.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"immediate-support.com\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-[...]
Zeile gelöscht : user_pref("extensions.crossrider.bic", "1445903e0481a12453b3cbfe8fd78c39");
Zeile gelöscht : user_pref("extensions.kOtyyT9F.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"txtlnkusaolp00000800\")>-1||url.indexOf(\"sumorobo\")>-1||url.in[...]
Zeile gelöscht : user_pref("extensions.qwG8N93_.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"immediate-support.com\")>-1||url.indexOf(\"txtlnkusaolp00000800\[...]
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.enable", "");
*************************
AdwCleaner[R0].txt - [23118 octets] - [25/04/2014 11:03:29]
AdwCleaner[S0].txt - [21905 octets] - [25/04/2014 11:04:43]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [21966 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Schinski on 25.04.2014 at 11:10:24,96
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2432839586-755392640-722003589-1000\Software\ib updater
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2432839586-755392640-722003589-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111271147}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111271147}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C1D2A191-C86B-4ACA-8BFD-770CC1BBBA93}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\Schinski\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Program Files (x86)\ss.helper"
Successfully deleted: [Empty Folder] C:\Users\Schinski\appdata\local\{8DD517CE-3175-47D9-9561-A0588C95726A}
Successfully deleted: [Empty Folder] C:\Users\Schinski\appdata\local\{BA042859-CD1F-45FB-AB2C-894239A8B3D8}
Successfully deleted: [Empty Folder] C:\Users\Schinski\appdata\local\{CEDAB8DD-4D5A-44D7-BC96-9F9FF311DA51}
~~~ FireFox
Successfully deleted: [File] C:\user.js
Successfully deleted the following from C:\Users\Schinski\AppData\Roaming\mozilla\firefox\profiles\afwjeajy.default-1381504014233\prefs.js
user_pref("extensions._XrT.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"immediate-support.com\")>-1||url.indexOf(\"
Emptied folder: C:\Users\Schinski\AppData\Roaming\mozilla\firefox\profiles\afwjeajy.default-1381504014233\minidumps [93 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.04.2014 at 11:15:55,50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Schinski on 25.04.2014 at 11:10:24,96
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2432839586-755392640-722003589-1000\Software\ib updater
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2432839586-755392640-722003589-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110111271147}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110111271147}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{C1D2A191-C86B-4ACA-8BFD-770CC1BBBA93}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\Schinski\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\Program Files (x86)\ss.helper"
Successfully deleted: [Empty Folder] C:\Users\Schinski\appdata\local\{8DD517CE-3175-47D9-9561-A0588C95726A}
Successfully deleted: [Empty Folder] C:\Users\Schinski\appdata\local\{BA042859-CD1F-45FB-AB2C-894239A8B3D8}
Successfully deleted: [Empty Folder] C:\Users\Schinski\appdata\local\{CEDAB8DD-4D5A-44D7-BC96-9F9FF311DA51}
~~~ FireFox
Successfully deleted: [File] C:\user.js
Successfully deleted the following from C:\Users\Schinski\AppData\Roaming\mozilla\firefox\profiles\afwjeajy.default-1381504014233\prefs.js
user_pref("extensions._XrT.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"immediate-support.com\")>-1||url.indexOf(\"
Emptied folder: C:\Users\Schinski\AppData\Roaming\mozilla\firefox\profiles\afwjeajy.default-1381504014233\minidumps [93 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 25.04.2014 at 11:15:55,50
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Gruß SCHINSKI |
|
26.04.2014, 07:28
| #9 |
| /// the machine /// TB-Ausbilder | Dauernd öffnen sich neue Fenster und Tabs in FirefoxESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
26.04.2014, 15:03
| #10 |
| | Dauernd öffnen sich neue Fenster und Tabs in Firefox Moin, läuft alles wieder super. Hier die Logs: ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=b1b4e6bfad7d8c4cab02143e0ee907d6
# engine=18039
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-04-26 01:44:46
# local_time=2014-04-26 03:44:46 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=1799 16775165 100 96 19291 169191191 12066 0
# compatibility_mode=5893 16776574 100 94 24877891 150149736 0 0
# scanned=229202
# found=18
# cleaned=0
# scan_time=18351
sh=3AEF532A0211CE7869F0EB51E940D9E0C7CAE321 ft=1 fh=c7560653d3ee2314 vn="a variant of Win32/Adware.Yontoo.B application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{361E80BE-388B-4270-BF54-A10C2B756504}\_Setupx.dll.vir"
sh=7B981A33EA2EAE391B33B84C2714AE5D2BB5CAE8 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\Extensions\yfoetx.ulb@gy-dpxlamq-.co.uk\content\bg.js.vir"
sh=522D6A103BE5BFA0014F4AEFC0BC371E0F2B07FF ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\ProgramData\oeklfogdojkneagmhfjlnmckkibpojmi\rp4b.js"
sh=1460DDFCE2DD7D9362D428B2B742795DBB0A9FE8 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\Qoobox\Quarantine\C\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\doaiokannffekfihkidnidknomcpiccc\1\5183dcec47ce84.90805773.js.vir"
sh=ED208E183D731E1DD9C05B35FF9323B67DCB8D14 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\Qoobox\Quarantine\C\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfbobiellkpaalcodkljaaggclpocdkb\1\5183dc784976c8.00353578.js.vir"
sh=EDB13302C6B71A0FB3E5FE3819E2293DAE8E31B2 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\Qoobox\Quarantine\C\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlkkodjjkbpmaifigdgmdnjacooaefhf\1\5183dd0e203360.98776825.js.vir"
sh=957F22FCECC7759786269CACD5CA7AD0E636E326 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\Qoobox\Quarantine\C\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\lggdcfghpfeafgpdbpoflaedkhklhfhl\1\5183dd16ab2028.86582343.js.vir"
sh=6F6DED7519B3D5B4D70576BB97D109F97C4E038D ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\Qoobox\Quarantine\C\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkclkknolljimgdphclodbljhjcbp\1\5183dce5db0f29.75383495.js.vir"
sh=17252FF3B37FFC22E4811B21BA317002CF29EE43 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\Qoobox\Quarantine\C\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\mncjainlbgolhkgdhlkicphjfigaimif\1\5183dc8adcd876.02239043.js.vir"
sh=A608CAD58E0BD7B4E8936B6434D8FDF747B80AF4 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\Qoobox\Quarantine\C\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\phieagnndjpmlgocaofoeakghpmbabnh\1.6\TH.js.vir"
sh=522D6A103BE5BFA0014F4AEFC0BC371E0F2B07FF ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\Users\All Users\oeklfogdojkneagmhfjlnmckkibpojmi\rp4b.js"
sh=C2BF3E8F8E302902FBCF2B7F932C399FE70A442F ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbfjknbbblnnonjefigjanccdiaaoanb\4.31\i21CtGMP.js"
sh=E0BCC19B168EB6A1768C5310E9EC8DAECFC39713 ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\extensions\qkrlnna@pfrej.edu\content\bg.js"
sh=A59D7DCE4EE58A2A35E1594D29E44113A67DD9B7 ft=0 fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAH trojan" ac=I fn="C:\Users\Schinski\Downloads\PESEdit.com_2012_Patch_3.3.1.rar"
sh=FCE6868FD26D6F736DB0BF557650582FEBD90A03 ft=1 fh=6b433aec157dc527 vn="Win32/Adware.1ClickDownload.AM application" ac=I fn="C:\Users\Schinski\Downloads\The_Walking_Dead.exe"
sh=32407796CA748D3DC50ABB59C2676D2DCA33B289 ft=1 fh=ade8c551908e9420 vn="Win32/Adware.1ClickDownload.W application" ac=I fn="C:\Users\Schinski\Downloads\Yu-Gi-Oh!.exe"
sh=CF8FDDF77FDCFF5F668653CC153DF239A638A1E5 ft=1 fh=fa660130d63c4941 vn="a variant of Win32/Packed.VMProtect.AAH trojan" ac=I fn="D:\Spiele\PES 2012\rld.dll"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="a variant of Win32/Packed.VMProtect.AAD trojan" ac=I fn="D:\Spiele\Spiele\Fifa Manager\Fifa.Manager.11-RELOADED\rld-fm11.iso"
Code:
ATTFilter Results of screen317's Security Check version 0.99.82
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avira Desktop
Antivirus up to date! (On Access scanning disabled!)
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 55
Adobe Flash Player 13.0.0.182
Adobe Reader 10.1.9 Adobe Reader out of Date!
Mozilla Firefox (28.0)
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-04-2014 Ran by Schinski (administrator) on SCHINSKI-PC on 26-04-2014 16:00:21 Running from C:\Users\Schinski\Desktop Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (AMD) C:\Windows\system32\atiesrxx.exe (AMD) C:\Windows\system32\atieclxx.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps32.exe (Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe (Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe (Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Intel Corporation) C:\Windows\system32\igfxsrvc.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe (Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe (Samsung Electronics) C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe (Intel Corporation) C:\Windows\system32\igfxext.exe (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe (Nero AG) C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexStoreSvr.exe (Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe (Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe (Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe (CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_182.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11785832 2011-03-10] (Realtek Semiconductor) HKLM\...\Run: [IntelTBRunOnce] => wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2588968 2010-11-12] (ELAN Microelectronics Corp.) HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated) HKLM\...\Run: [Power Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [1831016 2011-08-02] (Acer Incorporated) HKLM\...\Run: [Ocs_SM] => C:\Users\Schinski\AppData\Roaming\OCS\SM\SearchAnonymizer.exe HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-02] (Symantec Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2011-10-13] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-20] (Nullsoft, Inc.) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-20] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-2432839586-755392640-722003589-1000\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [309688 2012-12-03] (Samsung Electronics Co., Ltd.) HKU\S-1-5-21-2432839586-755392640-722003589-1000\...\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Ahead\Lib\NMBgMonitor.exe [152872 2008-01-22] (Nero AG) HKU\S-1-5-21-2432839586-755392640-722003589-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1825984 2014-04-24] (Valve Corporation) HKU\S-1-5-21-2432839586-755392640-722003589-1000\...\Run: [KiesPDLR] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843704 2012-12-03] (Samsung) HKU\S-1-5-21-2432839586-755392640-722003589-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [577536 2012-11-28] (Samsung Electronics) HKU\S-1-5-21-2432839586-755392640-722003589-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [967608 2012-12-03] (Samsung) HKU\S-1-5-21-2432839586-755392640-722003589-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd) HKU\S-1-5-21-2432839586-755392640-722003589-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843704 2012-12-03] (Samsung) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKCU - {2D09DD1D-9C68-4C8F-BA1A-C03E0B5CE95E} URL = hxxp://www.pricerunner.de.anonymize-me.de/?to=707269636572756E6E65722E6465&st={searchTerms}&clid=b7e0b699-5711-44c5-a146-7fc29288b21e&pid=freewarede&mode=bounce&k=0 SearchScopes: HKCU - {3EBAF3BC-5CCE-4A13-BB63-AABBD10DAD5E} URL = hxxp://www.amazon.de.anonymize-me.de/?to=616D617A6F6E2E6465&st={searchTerms}&clid=b7e0b699-5711-44c5-a146-7fc29288b21e&pid=freewarede&mode=bounce&k=0 SearchScopes: HKCU - {9EAADE31-6ABE-42D0-8A4C-E368E95E10AF} URL = hxxp://www.myvideo.de.anonymize-me.de/?to=6D79766964656F2E6465&st={searchTerms}&clid=b7e0b699-5711-44c5-a146-7fc29288b21e&pid=freewarede&mode=bounce&k=0 SearchScopes: HKCU - {A9DA8665-2E6E-4716-AAE1-B478EE985A05} URL = hxxp://de.wikipedia.org.anonymize-me.de/?to=64652E77696B6970656469612E6F7267&st={searchTerms}&clid=b7e0b699-5711-44c5-a146-7fc29288b21e&pid=freewarede&mode=bounce&k=0 SearchScopes: HKCU - {AE2C77B5-9A71-46A5-8C32-E5A65BE1493C} URL = hxxp://search.ebay.de.anonymize-me.de/?to=656261792E6465&st={searchTerms}&clid=b7e0b699-5711-44c5-a146-7fc29288b21e&pid=freewarede&mode=bounce&k=0 SearchScopes: HKCU - {BDDC99F7-7090-4F0B-8183-1DC3F9FDEF84} URL = hxxp://www.otto.de.anonymize-me.de/?to=6F74746F2E6465&st={searchTerms}&clid=b7e0b699-5711-44c5-a146-7fc29288b21e&pid=freewarede&mode=bounce&k=0 BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM-x32 - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKLM-x32 - No Name - !{EEE6C35B-6118-11DC-9C72-001320C79847} - No File Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233 FF NewTab: chrome://quick_start/content/index.html FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", ""); FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", ""); FF SelectedSearchEngine: Google FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll () FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: NetVideoHunter - C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\Extensions\netvideohunter@netvideohunter.com [2013-12-03] FF Extension: savingitOyouu - C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\Extensions\qkrlnna@pfrej.edu [2013-12-24] FF Extension: DownloadHelper - C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-03-28] FF Extension: NoScript - C:\Users\Schinski\AppData\Roaming\Mozilla\Firefox\Profiles\afwjeajy.default-1381504014233\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-01-26] Chrome: ======= Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION CHR Extension: (No Name) - C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\2.0.0.0_0 [2013-01-22] CHR Extension: (SAiverPro) - C:\Users\Schinski\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbfjknbbblnnonjefigjanccdiaaoanb [2013-12-22] CHR Extension: (savingitOyouu) - C:\ProgramData\oeklfogdojkneagmhfjlnmckkibpojmi [2013-12-22] CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Services (Whitelisted) ================= R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-20] (Avira Operations GmbH & Co. KG) R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [872552 2011-08-02] (Acer Incorporated) R2 GREGService; C:\Program Files (x86)\Packard Bell\Registration\GREGsvc.exe [36456 2011-05-30] (Acer Incorporated) R2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [244624 2011-04-22] (Acer Incorporated) R3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [275752 2008-01-22] (Nero AG) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation) ==================== Drivers (Whitelisted) ==================== U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation) R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-07-22] () R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2013-12-18] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2013-12-18] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-01] (Avira Operations GmbH & Co. KG) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-05-30] (DT Soft Ltd) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-07-22] () S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-04-25] (Malwarebytes Corporation) S3 RRNetCap; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-01-03] (RapidSolution Software AG) R3 RRNetCapMP; C:\Windows\System32\DRIVERS\rrnetcap.sys [37480 2012-01-03] (RapidSolution Software AG) S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 massfilter; system32\drivers\massfilter.sys [X] U2 wuaserv; S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X] S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X] S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-26 15:59 - 2014-04-26 15:59 - 00000814 _____ () C:\Users\Schinski\Desktop\checkup.txt 2014-04-26 15:58 - 2014-04-26 15:58 - 00855379 _____ () C:\Users\Schinski\Desktop\SecurityCheck.exe 2014-04-26 10:28 - 2014-04-26 10:28 - 02347384 _____ (ESET) C:\Users\Schinski\Desktop\esetsmartinstaller_enu.exe 2014-04-25 11:17 - 2014-04-26 16:00 - 00017453 _____ () C:\Users\Schinski\Desktop\FRST.txt 2014-04-25 11:17 - 2014-04-25 11:17 - 00000000 ____D () C:\Users\Schinski\Desktop\FRST-OlderVersion 2014-04-25 11:15 - 2014-04-25 11:15 - 00002592 _____ () C:\Users\Schinski\Desktop\JRT.txt 2014-04-25 11:10 - 2014-04-25 11:10 - 00000000 ____D () C:\Windows\ERUNT 2014-04-25 11:09 - 2014-04-25 11:09 - 01016261 _____ (Thisisu) C:\Users\Schinski\Desktop\JRT.exe 2014-04-25 11:07 - 2014-04-25 11:07 - 00022251 _____ () C:\Users\Schinski\Desktop\AdwCleaner[S0].txt 2014-04-25 11:03 - 2014-04-25 11:04 - 00000000 ____D () C:\AdwCleaner 2014-04-25 11:02 - 2014-04-25 11:02 - 01365865 _____ () C:\Users\Schinski\Desktop\adwcleaner.exe 2014-04-25 10:54 - 2014-04-25 11:24 - 00108748 _____ () C:\Users\Schinski\Desktop\mbam.txt 2014-04-25 10:29 - 2014-04-25 11:23 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-25 10:29 - 2014-04-25 10:29 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-04-25 10:29 - 2014-04-25 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-04-25 10:29 - 2014-04-25 10:29 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-25 10:29 - 2014-04-25 10:29 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-04-25 10:29 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-04-25 10:29 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-04-25 10:29 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-04-25 10:28 - 2014-04-25 10:28 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Schinski\Downloads\mbam-setup-2.0.1.1004.exe 2014-04-24 09:50 - 2014-04-24 09:50 - 00062829 _____ () C:\ComboFix.txt 2014-04-24 08:58 - 2014-04-24 09:51 - 00000000 ____D () C:\Qoobox 2014-04-24 08:58 - 2014-04-24 09:41 - 00000000 ____D () C:\Windows\erdnt 2014-04-24 08:58 - 2014-02-16 13:09 - 00000426 _____ () C:\AVScanner.ini 2014-04-24 08:58 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-04-24 08:58 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-04-24 08:58 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-04-24 08:58 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-04-24 08:58 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-04-24 08:58 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-04-24 08:58 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-04-24 08:58 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-04-24 08:55 - 2014-04-24 08:56 - 05196870 ____R (Swearware) C:\Users\Schinski\Desktop\ComboFix.exe 2014-04-24 08:34 - 2014-04-24 08:34 - 00004224 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log 2014-04-24 08:34 - 2014-04-24 08:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-04-24 08:34 - 2014-04-14 20:13 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-04-24 08:34 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-04-24 08:34 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-04-24 08:34 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-04-24 08:30 - 2014-04-24 08:30 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-04-24 08:29 - 2014-04-24 08:29 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Schinski\Downloads\revosetup95.exe 2014-04-23 11:46 - 2014-04-26 16:00 - 00000000 ____D () C:\FRST 2014-04-23 11:45 - 2014-04-25 11:17 - 02061824 _____ (Farbar) C:\Users\Schinski\Desktop\FRST64.exe 2014-04-15 17:53 - 2014-04-15 17:53 - 00000088 _____ () C:\Windows\SysWOW64\2858362086739529277.log 2014-04-15 17:52 - 2014-04-15 17:52 - 00003196 _____ () C:\Windows\System32\Tasks\{CA9D6F40-78EE-4FA3-9F01-18E9E177AD8F} 2014-04-15 17:40 - 2014-04-15 17:40 - 00003176 _____ () C:\Windows\System32\Tasks\{D9CCB5D3-98CE-40BE-AC48-0116BD5F3302} 2014-04-15 17:31 - 2014-04-15 17:31 - 00000000 ____D () C:\Users\Schinski\Documents\Freemake 2014-04-15 17:31 - 2014-04-15 17:31 - 00000000 ____D () C:\Users\Schinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake 2014-04-15 17:31 - 2014-04-15 17:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake 2014-04-15 17:31 - 2014-04-15 17:31 - 00000000 ____D () C:\ProgramData\Freemake 2014-04-15 17:30 - 2014-04-15 17:31 - 00000000 ____D () C:\Program Files (x86)\Freemake 2014-04-15 17:29 - 2014-04-15 17:29 - 01308144 _____ (Ellora Assets Corporation ) C:\Users\Schinski\Downloads\FreemakeVideoConverterSetup_4.1.3.15.exe 2014-04-15 17:25 - 2014-04-15 17:26 - 00929416 _____ (CNET Download.com) C:\Users\Schinski\Downloads\cbsidlm-cbsi188-Free_WMV_to_AVI_Converter-ORG-75925889(1).exe 2014-04-15 17:23 - 2014-04-15 17:23 - 00929416 _____ (CNET Download.com) C:\Users\Schinski\Downloads\cbsidlm-cbsi188-Free_WMV_to_AVI_Converter-ORG-75925889.exe 2014-04-15 17:20 - 2014-04-15 17:20 - 00000000 ____D () C:\Users\Schinski\AppData\Roaming\AVS4YOU 2014-04-15 17:20 - 2014-04-15 17:20 - 00000000 ____D () C:\ProgramData\AVS4YOU 2014-04-15 17:19 - 2014-04-15 17:25 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU 2014-04-15 17:19 - 2010-05-11 14:17 - 01700352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll 2014-04-15 17:19 - 2010-05-11 14:17 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll 2014-04-15 17:18 - 2014-04-15 17:19 - 42631936 _____ (Online Media Technologies Ltd. ) C:\Users\Schinski\Downloads\AVSVideoReMaker.exe 2014-04-10 20:41 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-04-10 20:41 - 2014-03-31 03:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-04-10 20:41 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-04-10 20:41 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-04-10 20:41 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-04-10 20:41 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2014-04-10 20:41 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2014-04-10 20:41 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2014-04-10 20:41 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2014-04-10 20:41 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2014-04-10 20:41 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2014-04-10 20:41 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2014-04-10 20:41 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2014-04-10 20:41 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2014-04-10 20:41 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2014-04-10 20:41 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys 2014-04-10 20:41 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys 2014-04-10 20:41 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys 2014-04-10 20:41 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll 2014-04-10 20:41 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll 2014-04-10 20:41 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys 2014-03-30 13:31 - 2014-03-30 13:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox ==================== One Month Modified Files and Folders ======= 2014-04-26 16:01 - 2014-04-25 11:17 - 00017453 _____ () C:\Users\Schinski\Desktop\FRST.txt 2014-04-26 16:00 - 2014-04-23 11:46 - 00000000 ____D () C:\FRST 2014-04-26 15:59 - 2014-04-26 15:59 - 00000814 _____ () C:\Users\Schinski\Desktop\checkup.txt 2014-04-26 15:58 - 2014-04-26 15:58 - 00855379 _____ () C:\Users\Schinski\Desktop\SecurityCheck.exe 2014-04-26 15:13 - 2012-07-22 13:08 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-04-26 13:28 - 2012-02-05 00:53 - 01522152 _____ () C:\Windows\WindowsUpdate.log 2014-04-26 10:28 - 2014-04-26 10:28 - 02347384 _____ (ESET) C:\Users\Schinski\Desktop\esetsmartinstaller_enu.exe 2014-04-26 10:25 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-04-26 10:25 - 2009-07-14 06:45 - 00016752 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-04-26 10:22 - 2012-09-02 13:44 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-04-26 10:18 - 2013-06-15 15:21 - 00000439 _____ () C:\Windows\system32\Drivers\etc\hosts.ics 2014-04-26 10:18 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-04-26 10:17 - 2013-05-30 16:04 - 00036345 _____ () C:\Windows\setupact.log 2014-04-25 11:24 - 2014-04-25 10:54 - 00108748 _____ () C:\Users\Schinski\Desktop\mbam.txt 2014-04-25 11:23 - 2014-04-25 10:29 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-04-25 11:17 - 2014-04-25 11:17 - 00000000 ____D () C:\Users\Schinski\Desktop\FRST-OlderVersion 2014-04-25 11:17 - 2014-04-23 11:45 - 02061824 _____ (Farbar) C:\Users\Schinski\Desktop\FRST64.exe 2014-04-25 11:15 - 2014-04-25 11:15 - 00002592 _____ () C:\Users\Schinski\Desktop\JRT.txt 2014-04-25 11:10 - 2014-04-25 11:10 - 00000000 ____D () C:\Windows\ERUNT 2014-04-25 11:09 - 2014-04-25 11:09 - 01016261 _____ (Thisisu) C:\Users\Schinski\Desktop\JRT.exe 2014-04-25 11:07 - 2014-04-25 11:07 - 00022251 _____ () C:\Users\Schinski\Desktop\AdwCleaner[S0].txt 2014-04-25 11:04 - 2014-04-25 11:03 - 00000000 ____D () C:\AdwCleaner 2014-04-25 11:02 - 2014-04-25 11:02 - 01365865 _____ () C:\Users\Schinski\Desktop\adwcleaner.exe 2014-04-25 10:55 - 2013-06-01 09:02 - 00394332 _____ () C:\Windows\PFRO.log 2014-04-25 10:55 - 2011-10-20 12:15 - 00000000 ____D () C:\Windows\fr 2014-04-25 10:54 - 2013-12-22 15:44 - 00000000 ____D () C:\ProgramData\savingitOyouu 2014-04-25 10:29 - 2014-04-25 10:29 - 00001114 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-04-25 10:29 - 2014-04-25 10:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-04-25 10:29 - 2014-04-25 10:29 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-25 10:29 - 2014-04-25 10:29 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-04-25 10:28 - 2014-04-25 10:28 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Schinski\Downloads\mbam-setup-2.0.1.1004.exe 2014-04-24 09:51 - 2014-04-24 08:58 - 00000000 ____D () C:\Qoobox 2014-04-24 09:51 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default 2014-04-24 09:50 - 2014-04-24 09:50 - 00062829 _____ () C:\ComboFix.txt 2014-04-24 09:41 - 2014-04-24 08:58 - 00000000 ____D () C:\Windows\erdnt 2014-04-24 09:23 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2014-04-24 08:58 - 2009-07-14 05:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup 2014-04-24 08:56 - 2014-04-24 08:55 - 05196870 ____R (Swearware) C:\Users\Schinski\Desktop\ComboFix.exe 2014-04-24 08:34 - 2014-04-24 08:34 - 00004224 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_55-b14.log 2014-04-24 08:34 - 2014-04-24 08:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-04-24 08:34 - 2014-01-12 21:40 - 00000000 ____D () C:\ProgramData\Oracle 2014-04-24 08:34 - 2014-01-12 21:40 - 00000000 ____D () C:\Program Files (x86)\Java 2014-04-24 08:32 - 2012-07-22 13:04 - 00001154 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-04-24 08:32 - 2012-07-21 18:06 - 00001433 _____ () C:\Users\Schinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-04-24 08:30 - 2014-04-24 08:30 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group 2014-04-24 08:29 - 2014-04-24 08:29 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Schinski\Downloads\revosetup95.exe 2014-04-22 10:42 - 2012-02-05 09:45 - 00699666 _____ () C:\Windows\system32\perfh007.dat 2014-04-22 10:42 - 2012-02-05 09:45 - 00149774 _____ () C:\Windows\system32\perfc007.dat 2014-04-22 10:42 - 2009-07-14 07:13 - 01620612 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-04-15 17:53 - 2014-04-15 17:53 - 00000088 _____ () C:\Windows\SysWOW64\2858362086739529277.log 2014-04-15 17:52 - 2014-04-15 17:52 - 00003196 _____ () C:\Windows\System32\Tasks\{CA9D6F40-78EE-4FA3-9F01-18E9E177AD8F} 2014-04-15 17:45 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2014-04-15 17:42 - 2013-05-18 11:10 - 00000000 ____D () C:\Users\Schinski\AppData\Roaming\player 2014-04-15 17:40 - 2014-04-15 17:40 - 00003176 _____ () C:\Windows\System32\Tasks\{D9CCB5D3-98CE-40BE-AC48-0116BD5F3302} 2014-04-15 17:31 - 2014-04-15 17:31 - 00000000 ____D () C:\Users\Schinski\Documents\Freemake 2014-04-15 17:31 - 2014-04-15 17:31 - 00000000 ____D () C:\Users\Schinski\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake 2014-04-15 17:31 - 2014-04-15 17:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake 2014-04-15 17:31 - 2014-04-15 17:31 - 00000000 ____D () C:\ProgramData\Freemake 2014-04-15 17:31 - 2014-04-15 17:30 - 00000000 ____D () C:\Program Files (x86)\Freemake 2014-04-15 17:29 - 2014-04-15 17:29 - 01308144 _____ (Ellora Assets Corporation ) C:\Users\Schinski\Downloads\FreemakeVideoConverterSetup_4.1.3.15.exe 2014-04-15 17:26 - 2014-04-15 17:25 - 00929416 _____ (CNET Download.com) C:\Users\Schinski\Downloads\cbsidlm-cbsi188-Free_WMV_to_AVI_Converter-ORG-75925889(1).exe 2014-04-15 17:25 - 2014-04-15 17:19 - 00000000 ____D () C:\Program Files (x86)\AVS4YOU 2014-04-15 17:23 - 2014-04-15 17:23 - 00929416 _____ (CNET Download.com) C:\Users\Schinski\Downloads\cbsidlm-cbsi188-Free_WMV_to_AVI_Converter-ORG-75925889.exe 2014-04-15 17:20 - 2014-04-15 17:20 - 00000000 ____D () C:\Users\Schinski\AppData\Roaming\AVS4YOU 2014-04-15 17:20 - 2014-04-15 17:20 - 00000000 ____D () C:\ProgramData\AVS4YOU 2014-04-15 17:19 - 2014-04-15 17:18 - 42631936 _____ (Online Media Technologies Ltd. ) C:\Users\Schinski\Downloads\AVSVideoReMaker.exe 2014-04-14 20:13 - 2014-04-24 08:34 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-04-14 20:05 - 2014-04-24 08:34 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-04-14 20:05 - 2014-04-24 08:34 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-04-14 20:04 - 2014-04-24 08:34 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-04-13 12:50 - 2012-07-21 18:06 - 00000000 ____D () C:\Users\Schinski\AppData\Local\Adobe 2014-04-13 12:49 - 2012-07-22 13:08 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-04-13 12:49 - 2012-07-22 13:08 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-04-13 12:49 - 2011-10-20 12:30 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-04-12 20:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-04-10 22:25 - 2012-07-22 13:03 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-04-10 22:24 - 2013-08-17 09:59 - 00000000 ____D () C:\Windows\system32\MRT 2014-04-10 22:22 - 2012-07-27 17:05 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-04-06 09:51 - 2012-08-18 18:00 - 00000000 ____D () C:\Users\Schinski\AppData\Local\CrashDumps 2014-04-03 09:51 - 2014-04-25 10:29 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-04-03 09:51 - 2014-04-25 10:29 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-04-03 09:50 - 2014-04-25 10:29 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-03-31 18:05 - 2012-07-22 13:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-03-31 03:16 - 2014-04-10 20:41 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-03-31 03:13 - 2014-04-10 20:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-03-31 02:13 - 2014-04-10 20:41 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-03-31 01:57 - 2014-04-10 20:41 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-03-30 19:24 - 2012-07-22 15:54 - 00000000 ____D () C:\Users\Schinski\AppData\Roaming\vlc 2014-03-30 13:31 - 2014-03-30 13:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox Some content of TEMP: ==================== C:\Users\Schinski\AppData\Local\Temp\avgnt.exe C:\Users\Schinski\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2014-04-22 11:49 ==================== End Of Log ============================ Soll ich eigentlich irgendein Programm behalten oder kann ich alles deinstallieren? |
|
26.04.2014, 18:46
| #11 |
| /// the machine /// TB-Ausbilder | Dauernd öffnen sich neue Fenster und Tabs in Firefox Adobe updaten. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter C:\ProgramData\oeklfogdojkneagmhfjlnmckkibpojmi
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
26.04.2014, 22:11
| #12 |
| | Dauernd öffnen sich neue Fenster und Tabs in Firefox Nabend, jetzt sind keine Fragen mehr offen. Vielen vielen Dank |
|
27.04.2014, 18:46
| #13 |
| /// the machine /// TB-Ausbilder | Dauernd öffnen sich neue Fenster und Tabs in Firefox Gern Geschehen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
WARNUNG an die MITLESER: 
Linear-Darstellung
