Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira

Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira


Plagegeister aller Art und deren Bekämpfung: Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Seite 1 von 2 1 2
Alt 29.04.2014, 19:43   #1
Damiani
 
Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira - Standard

Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira


Guten Abend,

wie der Titel doch auffällig verrät, haben sich so einige Programme gegen meinen Willen auf dem Laptop installiert. Manuell zu deinstallieren habe ich sie nicht gewagt, wollte erstmal per Anti-Virenschutz-System die Biester zum Boxhorn jagen - ohne Erfolg. Avira hat trotz vollständiger Untersuchung nichts finden können. Demzufolge sitzen unzählige kleine (unbekannte?) Anwendungen auf dem Laptop, meist vermeidliche Virenschutzsysteme, und fordern mich auf, auf dieses und jenes zu reagieren.
Gemütliches Surfen im Netz ist auch nicht möglich - Werbung springt bei jeder Seite auf.
Hoffe ihr könnt mir helfen!

Alt 29.04.2014, 19:57   #2
schrauber
/// the machine
/// TB-Ausbilder
 
Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira - Standard

Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira


hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________
Alt 29.04.2014, 20:24   #3
Damiani
 
Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira - Standard

Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira


Hallo - hier die unveränderten Logfiles:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2014
Ran by xxx (administrator) on LAPPI on 29-04-2014 21:16:27
Running from C:\Users\Jaspar\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Users\Jaspar\AppData\Roaming\VOPackage\VOsrv.exe
() C:\Program Files (x86)\NewPlayer\NewPlayerUpdaterService.exe
(Cherished Technololgy LIMITED) C:\ProgramData\WPM\wprotectmanager.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginService\PluginService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Activeris) C:\Program Files (x86)\Activeris AntiMalware\ActiverisAntiMalware.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
() C:\Program Files (x86)\Re-markit\Re-markitfQLOWw.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
() C:\Program Files (x86)\Re-markit\Re-markitfQL161.exe
() C:\Users\Jaspar\AppData\Local\fst_de_7\upfst_de_7.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\system32\igfxpers.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Conduit) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Conduit) C:\Program Files (x86)\SearchProtect\SearchProtect\bin\cltmng.exe
(Conduit) C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe
() C:\Program Files (x86)\ScanTack\updateScanTack.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_206.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13263072 2012-12-12] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-26] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [fst_de_7] => "C:\Program Files (x86)\fst_de_7\fst_de_7.exe"
HKLM-x32\...\RunOnce: [upfst_de_7.exe] - C:\Users\Jaspar\AppData\Local\fst_de_7\upfst_de_7.exe -runonce [3267536 2014-04-28] ()
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-705164964-436951070-2432176924-1002\...\Run: [Facebook Update] => C:\Users\Jaspar\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2014-03-26] (Facebook Inc.)
HKU\S-1-5-21-705164964-436951070-2432176924-1002\...\MountPoints2: {e713a25a-610e-11e3-be6a-806e6f6e6963} - "E:\Autorun.exe" 
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [1355552 2014-04-08] (Conduit)
AppInit_DLLs:  C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-05-24] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [1050912 2014-04-08] (Conduit)
AppInit_DLLs-x32:  C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-05-24] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:14354
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?gd=&ctid=CT3325582&octid=EB_ORIGINAL_CTID&ISID=MDBA52EED-7457-4DBD-90A1-472A2C2BE351&SearchSource=55&CUI=&UM=2&UP=SPEAFA9A0E-76D6-494C-999F-429BEF4A50E9&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1398708465&from=tugs&uid=HGSTXHTS541010A9E680_JA1000102B9R5P2B9R5PX
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1398708465&from=tugs&uid=HGSTXHTS541010A9E680_JA1000102B9R5P2B9R5PX&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1398708465&from=tugs&uid=HGSTXHTS541010A9E680_JA1000102B9R5P2B9R5PX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1398708465&from=tugs&uid=HGSTXHTS541010A9E680_JA1000102B9R5P2B9R5PX
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1398708465&from=tugs&uid=HGSTXHTS541010A9E680_JA1000102B9R5P2B9R5PX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1398708465&from=tugs&uid=HGSTXHTS541010A9E680_JA1000102B9R5P2B9R5PX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1398708465&from=tugs&uid=HGSTXHTS541010A9E680_JA1000102B9R5P2B9R5PX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1398708465&from=tugs&uid=HGSTXHTS541010A9E680_JA1000102B9R5P2B9R5PX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1398708465&from=tugs&uid=HGSTXHTS541010A9E680_JA1000102B9R5P2B9R5PX&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1398708465&from=tugs&uid=HGSTXHTS541010A9E680_JA1000102B9R5P2B9R5PX
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1398708465&from=tugs&uid=HGSTXHTS541010A9E680_JA1000102B9R5P2B9R5PX&q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1398708465&from=tugs&uid=HGSTXHTS541010A9E680_JA1000102B9R5P2B9R5PX&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1398708465&from=tugs&uid=HGSTXHTS541010A9E680_JA1000102B9R5P2B9R5PX&q={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1398708465&from=tugs&uid=HGSTXHTS541010A9E680_JA1000102B9R5P2B9R5PX&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1398708465&from=tugs&uid=HGSTXHTS541010A9E680_JA1000102B9R5P2B9R5PX&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1398708465&from=tugs&uid=HGSTXHTS541010A9E680_JA1000102B9R5P2B9R5PX&q={searchTerms}
BHO: HQVro-1.91 - {11111111-1111-1111-1111-110511311172} - C:\Program Files (x86)\HQVro-1.91\HQVro-1.91-bho64.dll (HQVro1)
BHO: MediaPlayerplus - {11111111-1111-1111-1111-110511421146} - C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bho64.dll (Freeven)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: HQVro-1.91 - {11111111-1111-1111-1111-110511311172} - C:\Program Files (x86)\HQVro-1.91\HQVro-1.91-bho.dll (HQVro1)
BHO-x32: MediaPlayerplus - {11111111-1111-1111-1111-110511421146} - C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bho.dll (Freeven)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Avira Savings Advisor BHO - {A18A516C-AA41-46A9-92DB-60208917E442} - C:\Program Files (x86)\avira\Internet Explorer\avira32.dll ()
BHO-x32: ScanTack - {d332cff8-358e-4c9e-8af3-a08872ef22c1} - C:\Program Files (x86)\ScanTack\ScanTackbho.dll (ScanTack)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default
FF user.js: detected! => C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\user.js
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: Conduit Search
FF SelectedSearchEngine: Conduit Search
FF Homepage: hxxp://home.tb.ask.com/index.jhtml?ptb=A110357B-3321-456A-8A1B-86E34FBB8771&n=780bd9f3&p2=^AYY^xdm070^YYA^de&si=flvrunner
FF Keyword.URL: hxxp://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=A110357B-3321-456A-8A1B-86E34FBB8771&n=780bd9f3&ind=2014042611&p2=^AYY^xdm070^YYA^de&si=flvrunner&searchfor=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Jaspar\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\searchplugins\ask-web-search.xml
FF SearchPlugin: C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\searchplugins\conduit-search.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Allin1Convert - C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\Extensions\8hffxtbr@Allin1Convert_8h.com [2014-04-26]
FF Extension: MediaPlayerplus - C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\Extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com [2014-04-29]
FF Extension: HQVro-1.91 - C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\Extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com [2014-04-28]
FF Extension: Quick Start - C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\Extensions\quick_start@gmail.com [2014-04-28]
FF Extension: ScanTack - C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\Extensions\{9acd1534-e8f8-40cb-b5ac-4996fe01175b}.xpi [2014-04-29]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com
FF Extension: Quick Start - C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com [2014-04-28]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [{E5D8AC02-473C-FCEB-63FD-A4FF9CD0AE61}] - C:\Program Files (x86)\Re-markit\161.xpi
FF Extension: Re-markit - C:\Program Files (x86)\Re-markit\161.xpi [2014-04-28]

Chrome: 
=======
CHR HomePage: hxxp://istart.webssearches.com/?type=hppp&ts=1398798738&from=tugs&uid=HGSTXHTS541010A9E680_JA1000102B9R5P2B9R5PX
CHR StartupUrls: "hxxp://istart.webssearches.com/?type=hppp&ts=1398798738&from=tugs&uid=HGSTXHTS541010A9E680_JA1000102B9R5P2B9R5PX"
CHR DefaultSearchKeyword: webssearches
CHR DefaultSearchProvider: webssearches
CHR DefaultSearchURL: hxxp://istart.webssearches.com/web/?type=dspp&ts=1398798737&from=tugs&uid=HGSTXHTS541010A9E680_JA1000102B9R5P2B9R5PX&q={searchTerms}
CHR Extension: (Google Docs) - C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-27]
CHR Extension: (Google Drive) - C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-27]
CHR Extension: (YouTube) - C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-27]
CHR Extension: (McAfee Security Scan+) - C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-04-27]
CHR Extension: (Google-Suche) - C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-27]
CHR Extension: (HQVro-1.91) - C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm [2014-04-28]
CHR Extension: (Re-markit) - C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\ibjplhdhngdnjbhmgjekdlpedhlgefhf [2014-04-28]
CHR Extension: (MediaPlayerplus) - C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd [2014-04-28]
CHR Extension: (Google Wallet) - C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-27]
CHR Extension: (Quick Start) - C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma [2014-04-28]
CHR Extension: (Google Mail) - C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-27]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-14] (Avira Operations GmbH & Co. KG)
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-06-19] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] ()
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2470688 2014-04-08] (Conduit)
R2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe [705136 2014-04-11] (Cherished Technololgy LIMITED)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 NewPlayerUpdaterService; C:\Program Files (x86)\NewPlayer\NewPlayerUpdaterService.exe [11776 2014-04-16] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2014-01-23] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-01-23] ()
R2 Re-markit; C:\Program Files (x86)\Re-markit\Re-markitfQL161.exe [143360 2014-04-28] ()
R2 Update ScanTack; C:\Program Files (x86)\ScanTack\updateScanTack.exe [351008 2014-04-29] ()
R2 vosr; C:\Users\Jaspar\AppData\Roaming\VOPackage\VOsrv.exe [52736 2014-04-26] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)
R2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe [566272 2014-04-28] (Cherished Technololgy LIMITED)

==================== Drivers (Whitelisted) ====================

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-04-29] (ASUS Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2014-02-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-14] (Avira Operations GmbH & Co. KG)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
U0 msahci; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-29 21:15 - 2014-04-29 21:16 - 00036840 _____ () C:\Users\Jaspar\Downloads\Addition.txt
2014-04-29 21:15 - 2014-04-29 21:16 - 00022511 _____ () C:\Users\Jaspar\Downloads\FRST.txt
2014-04-29 21:15 - 2014-04-29 21:16 - 00000000 ____D () C:\FRST
2014-04-29 21:14 - 2014-04-29 21:14 - 02061824 _____ (Farbar) C:\Users\Jaspar\Downloads\FRST64.exe
2014-04-29 21:13 - 2014-04-29 21:13 - 00000000 ____D () C:\Program Files (x86)\ScanTack
2014-04-29 21:12 - 2014-04-29 21:12 - 00000000 ____D () C:\Users\Jaspar\AppData\Local\SearchProtect
2014-04-29 21:12 - 2014-04-29 21:12 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-04-29 20:24 - 2014-04-29 20:24 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jaspar\Downloads\HiJackThis204.exe
2014-04-29 20:24 - 2014-04-29 20:24 - 00010828 _____ () C:\Users\Jaspar\Downloads\hijackthis.log
2014-04-28 20:38 - 2014-04-29 19:00 - 00003108 _____ () C:\Windows\System32\Tasks\RegClean Pro
2014-04-28 20:38 - 2014-04-29 18:58 - 00003318 _____ () C:\Windows\System32\Tasks\Advanced System Protector
2014-04-28 20:38 - 2014-04-28 20:38 - 00003016 _____ () C:\Windows\System32\Tasks\RegClean Pro_UPDATES
2014-04-28 20:38 - 2014-04-28 20:38 - 00002860 _____ () C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
2014-04-28 20:38 - 2014-04-28 20:38 - 00000298 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-04-28 20:38 - 2014-04-28 20:38 - 00000290 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-04-28 20:38 - 2014-04-28 20:38 - 00000000 ____D () C:\Users\Jaspar\AppData\Roaming\rightbackup
2014-04-28 20:38 - 2014-04-28 20:38 - 00000000 ____D () C:\Users\Jaspar\AppData\Roaming\Advanced System Protector
2014-04-28 20:24 - 2014-04-29 18:58 - 00003104 _____ () C:\Windows\System32\Tasks\Activeris AntiMalware_startup
2014-04-28 20:18 - 2014-04-29 20:22 - 00001054 _____ () C:\Users\Jaspar\Desktop\Continue VuuPC Installation.lnk
2014-04-28 20:18 - 2014-04-28 20:18 - 00000000 ____D () C:\Users\Jaspar\AppData\Local\com
2014-04-28 20:15 - 2014-04-28 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-04-28 20:11 - 2014-04-29 21:11 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-04-28 20:11 - 2014-04-28 20:44 - 00000380 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-04-28 20:11 - 2014-04-28 20:23 - 00002812 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-04-28 20:11 - 2014-04-28 20:23 - 00002810 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-04-28 20:11 - 2014-04-28 20:23 - 00002810 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-04-28 20:11 - 2014-04-28 20:23 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-04-28 20:10 - 2014-04-28 20:11 - 00237856 _____ (Premium Installer ) C:\Users\Jaspar\Downloads\Player-Firefox.exe
2014-04-28 20:09 - 2014-04-29 20:09 - 00002204 _____ () C:\Windows\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-4.job
2014-04-28 20:09 - 2014-04-29 20:09 - 00001550 _____ () C:\Windows\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-5.job
2014-04-28 20:09 - 2014-04-29 20:09 - 00001464 _____ () C:\Windows\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-5.job
2014-04-28 20:09 - 2014-04-29 20:09 - 00001456 _____ () C:\Windows\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-1.job
2014-04-28 20:09 - 2014-04-29 20:09 - 00001436 _____ () C:\Windows\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-2.job
2014-04-28 20:09 - 2014-04-28 20:10 - 00002852 _____ () C:\Users\Jaspar\AppData\Roaming\aps.scan.results
2014-04-28 20:09 - 2014-04-28 20:10 - 00001180 _____ () C:\Users\Jaspar\AppData\Roaming\aps.scan.quick.results
2014-04-28 20:09 - 2014-04-28 20:10 - 00000318 _____ () C:\Users\Jaspar\AppData\Roaming\aps.uninstall.scan.results
2014-04-28 20:09 - 2014-04-28 20:09 - 00005208 _____ () C:\Windows\System32\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-4
2014-04-28 20:09 - 2014-04-28 20:09 - 00004554 _____ () C:\Windows\System32\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-5
2014-04-28 20:09 - 2014-04-28 20:09 - 00004468 _____ () C:\Windows\System32\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-5
2014-04-28 20:09 - 2014-04-28 20:09 - 00004460 _____ () C:\Windows\System32\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-1
2014-04-28 20:09 - 2014-04-28 20:09 - 00004440 _____ () C:\Windows\System32\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-2
2014-04-28 20:09 - 2014-04-28 20:09 - 00001047 _____ () C:\Users\Jaspar\Desktop\AnyProtect.lnk
2014-04-28 20:09 - 2014-04-28 20:09 - 00000000 ____D () C:\Users\Jaspar\AppData\Roaming\SupTab
2014-04-28 20:09 - 2014-04-28 20:09 - 00000000 ____D () C:\Users\Jaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-04-28 20:09 - 2014-04-28 20:09 - 00000000 ____D () C:\Users\Jaspar\AppData\Local\newplayer
2014-04-28 20:09 - 2014-04-28 20:09 - 00000000 ____D () C:\ProgramData\WPM
2014-04-28 20:09 - 2014-04-28 20:09 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-28 20:09 - 2014-04-28 20:09 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-28 20:08 - 2014-04-29 20:08 - 00003136 _____ () C:\Windows\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-3.job
2014-04-28 20:08 - 2014-04-29 20:08 - 00001360 _____ () C:\Windows\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-1.job
2014-04-28 20:08 - 2014-04-29 20:08 - 00001350 _____ () C:\Windows\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-2.job
2014-04-28 20:08 - 2014-04-28 20:09 - 00004354 _____ () C:\Windows\System32\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-2
2014-04-28 20:08 - 2014-04-28 20:09 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerplus
2014-04-28 20:08 - 2014-04-28 20:09 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-04-28 20:08 - 2014-04-28 20:08 - 01107768 _____ (AnyProtect.com) C:\Users\Jaspar\AppData\Local\nsn5D7A.tmp
2014-04-28 20:08 - 2014-04-28 20:08 - 00006140 _____ () C:\Windows\System32\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-3
2014-04-28 20:08 - 2014-04-28 20:08 - 00004364 _____ () C:\Windows\System32\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-1
2014-04-28 20:08 - 2014-04-28 20:08 - 00001160 _____ () C:\Users\Public\Desktop\Activeris AntiMalware.lnk
2014-04-28 20:08 - 2014-04-28 20:08 - 00001115 _____ () C:\Users\Public\Desktop\NewPlayer.lnk
2014-04-28 20:08 - 2014-04-28 20:08 - 00001052 _____ () C:\Users\Public\Desktop\RegClean Pro.lnk
2014-04-28 20:08 - 2014-04-28 20:08 - 00000000 ____D () C:\Users\Jaspar\AppData\Roaming\VOPackage
2014-04-28 20:08 - 2014-04-28 20:08 - 00000000 ____D () C:\Users\Jaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-04-28 20:08 - 2014-04-28 20:08 - 00000000 ____D () C:\Users\Jaspar\AppData\Roaming\Activeris
2014-04-28 20:08 - 2014-04-28 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
2014-04-28 20:08 - 2014-04-28 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer
2014-04-28 20:08 - 2014-04-28 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activeris AntiMalware
2014-04-28 20:08 - 2014-04-28 20:08 - 00000000 ____D () C:\ProgramData\Activeris
2014-04-28 20:08 - 2014-04-28 20:08 - 00000000 ____D () C:\Program Files (x86)\NewPlayer
2014-04-28 20:08 - 2014-04-28 20:08 - 00000000 ____D () C:\Program Files (x86)\Activeris AntiMalware
2014-04-28 20:08 - 2012-09-26 19:03 - 00020480 _____ () C:\Windows\system32\acrisnative64.exe
2014-04-28 20:07 - 2014-04-29 21:13 - 00000000 ____D () C:\Users\Jaspar\AppData\Local\fst_de_7
2014-04-28 20:07 - 2014-04-29 20:08 - 00000390 _____ () C:\Windows\Tasks\Re-markit_wd.job
2014-04-28 20:07 - 2014-04-29 20:07 - 00002418 _____ () C:\Windows\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-3.job
2014-04-28 20:07 - 2014-04-29 20:07 - 00002352 _____ () C:\Windows\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-4.job
2014-04-28 20:07 - 2014-04-29 19:59 - 00000400 _____ () C:\Windows\Tasks\Re-markit Update.job
2014-04-28 20:07 - 2014-04-28 20:09 - 00000000 ____D () C:\Program Files (x86)\HQVro-1.91
2014-04-28 20:07 - 2014-04-28 20:08 - 00000004 _____ () C:\end
2014-04-28 20:07 - 2014-04-28 20:08 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-04-28 20:07 - 2014-04-28 20:07 - 00005422 _____ () C:\Windows\System32\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-3
2014-04-28 20:07 - 2014-04-28 20:07 - 00005356 _____ () C:\Windows\System32\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-4
2014-04-28 20:07 - 2014-04-28 20:07 - 00003042 _____ () C:\Windows\System32\Tasks\Re-markit Update
2014-04-28 20:07 - 2014-04-28 20:07 - 00002972 _____ () C:\Windows\System32\Tasks\Re-markit_wd
2014-04-28 20:07 - 2014-04-28 20:07 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-04-28 20:07 - 2014-04-28 20:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free_soft_today
2014-04-28 20:07 - 2014-04-28 20:07 - 00000000 ____D () C:\Program Files (x86)\Re-markit
2014-04-28 20:07 - 2014-04-28 20:07 - 00000000 ____D () C:\Program Files (x86)\fst_de_7
2014-04-28 20:06 - 2014-04-28 20:06 - 00502224 _____ () C:\Users\Jaspar\Downloads\Player_Setup.exe
2014-04-27 00:17 - 2014-04-27 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-27 00:16 - 2014-04-29 19:22 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-27 00:16 - 2014-04-29 18:57 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-27 00:16 - 2014-04-27 00:17 - 00000000 ____D () C:\Users\Jaspar\AppData\Local\Google
2014-04-27 00:16 - 2014-04-27 00:17 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-27 00:16 - 2014-04-27 00:16 - 00884720 _____ (Google Inc.) C:\Users\Jaspar\Downloads\ChromeSetup.exe
2014-04-27 00:16 - 2014-04-27 00:16 - 00004094 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-27 00:16 - 2014-04-27 00:16 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-26 23:54 - 2014-04-28 20:08 - 00000000 ____D () C:\Users\Jaspar\AppData\Roaming\systweak
2014-04-26 23:54 - 2014-04-27 13:48 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector
2014-04-26 23:54 - 2014-04-21 14:51 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2014-04-26 23:53 - 2014-04-26 23:53 - 04960768 _____ (Systweak Inc ) C:\Users\Jaspar\Downloads\regclean_my40945.exe
2014-04-12 12:14 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-12 12:14 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-12 12:14 - 2014-01-31 05:55 - 00209712 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-04-12 12:14 - 2014-01-31 02:48 - 00564736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-04-12 12:14 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2014-04-12 12:14 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-12 12:14 - 2014-01-31 02:48 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-12 12:14 - 2014-01-31 02:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-04-12 12:14 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-04-12 12:14 - 2014-01-31 02:06 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-12 12:14 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-12 12:14 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-12 12:14 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-04-12 12:14 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-04-12 12:14 - 2014-01-27 01:17 - 00386722 _____ () C:\Windows\system32\ApnDatabase.xml
2014-04-12 12:14 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-04-12 12:14 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-12 12:14 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-12 12:14 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-04-12 12:14 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-04-12 12:13 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-12 12:13 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-12 12:13 - 2014-03-07 02:47 - 14357504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-12 12:13 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-12 12:13 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-12 12:13 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-12 12:13 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-12 12:13 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-12 12:13 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-12 12:13 - 2014-03-07 02:08 - 19273216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-12 12:13 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-12 12:13 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-12 12:13 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-12 12:13 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-12 12:13 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-12 12:13 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-04-12 12:13 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-12 12:13 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-12 12:13 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-12 12:13 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-04-12 12:13 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-04-12 12:13 - 2013-05-14 15:14 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-12 12:13 - 2013-05-14 11:23 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-12 12:13 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-12 12:13 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-12 12:13 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-12 12:13 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-12 12:13 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-12 12:13 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-12 12:13 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-04-12 12:13 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-12 12:13 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-12 12:13 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-09 14:32 - 2014-02-06 01:41 - 01257984 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 14:32 - 2014-02-06 01:41 - 00978432 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-09 14:32 - 2014-02-06 01:26 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-04-09 14:32 - 2014-02-06 01:19 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

==================== One Month Modified Files and Folders =======

2014-04-29 21:16 - 2014-04-29 21:15 - 00036840 _____ () C:\Users\Jaspar\Downloads\Addition.txt
2014-04-29 21:16 - 2014-04-29 21:15 - 00022511 _____ () C:\Users\Jaspar\Downloads\FRST.txt
2014-04-29 21:16 - 2014-04-29 21:15 - 00000000 ____D () C:\FRST
2014-04-29 21:14 - 2014-04-29 21:14 - 02061824 _____ (Farbar) C:\Users\Jaspar\Downloads\FRST64.exe
2014-04-29 21:13 - 2014-04-29 21:13 - 00000000 ____D () C:\Program Files (x86)\ScanTack
2014-04-29 21:13 - 2014-04-28 20:07 - 00000000 ____D () C:\Users\Jaspar\AppData\Local\fst_de_7
2014-04-29 21:12 - 2014-04-29 21:12 - 00000000 ____D () C:\Users\Jaspar\AppData\Local\SearchProtect
2014-04-29 21:12 - 2014-04-29 21:12 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-04-29 21:11 - 2014-04-28 20:11 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP2.job
2014-04-29 21:01 - 2013-12-09 22:30 - 01747032 _____ () C:\Windows\WindowsUpdate.log
2014-04-29 21:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-04-29 20:55 - 2014-02-28 20:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-29 20:29 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-04-29 20:24 - 2014-04-29 20:24 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jaspar\Downloads\HiJackThis204.exe
2014-04-29 20:24 - 2014-04-29 20:24 - 00010828 _____ () C:\Users\Jaspar\Downloads\hijackthis.log
2014-04-29 20:22 - 2014-04-28 20:18 - 00001054 _____ () C:\Users\Jaspar\Desktop\Continue VuuPC Installation.lnk
2014-04-29 20:09 - 2014-04-28 20:09 - 00002204 _____ () C:\Windows\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-4.job
2014-04-29 20:09 - 2014-04-28 20:09 - 00001550 _____ () C:\Windows\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-5.job
2014-04-29 20:09 - 2014-04-28 20:09 - 00001464 _____ () C:\Windows\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-5.job
2014-04-29 20:09 - 2014-04-28 20:09 - 00001456 _____ () C:\Windows\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-1.job
2014-04-29 20:09 - 2014-04-28 20:09 - 00001436 _____ () C:\Windows\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-2.job
2014-04-29 20:08 - 2014-04-28 20:08 - 00003136 _____ () C:\Windows\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-3.job
2014-04-29 20:08 - 2014-04-28 20:08 - 00001360 _____ () C:\Windows\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-1.job
2014-04-29 20:08 - 2014-04-28 20:08 - 00001350 _____ () C:\Windows\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-2.job
2014-04-29 20:08 - 2014-04-28 20:07 - 00000390 _____ () C:\Windows\Tasks\Re-markit_wd.job
2014-04-29 20:07 - 2014-04-28 20:07 - 00002418 _____ () C:\Windows\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-3.job
2014-04-29 20:07 - 2014-04-28 20:07 - 00002352 _____ () C:\Windows\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-4.job
2014-04-29 19:59 - 2014-04-28 20:07 - 00000400 _____ () C:\Windows\Tasks\Re-markit Update.job
2014-04-29 19:22 - 2014-04-27 00:16 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-29 19:15 - 2014-03-26 20:10 - 00000944 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-705164964-436951070-2432176924-1002UA.job
2014-04-29 19:15 - 2014-03-26 20:10 - 00000922 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-705164964-436951070-2432176924-1002Core.job
2014-04-29 19:00 - 2014-04-28 20:38 - 00003108 _____ () C:\Windows\System32\Tasks\RegClean Pro
2014-04-29 19:00 - 2013-12-09 22:47 - 00003474 _____ () C:\Windows\System32\Tasks\ASUS Live Update1
2014-04-29 19:00 - 2013-12-09 22:47 - 00003464 _____ () C:\Windows\System32\Tasks\ASUS Live Update2
2014-04-29 18:58 - 2014-04-28 20:38 - 00003318 _____ () C:\Windows\System32\Tasks\Advanced System Protector
2014-04-29 18:58 - 2014-04-28 20:24 - 00003104 _____ () C:\Windows\System32\Tasks\Activeris AntiMalware_startup
2014-04-29 18:58 - 2014-01-22 02:44 - 00000062 _____ () C:\Users\Jaspar\AppData\Roaming\sp_data.sys
2014-04-29 18:57 - 2014-04-27 00:16 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-28 20:44 - 2014-04-28 20:11 - 00000380 _____ () C:\Windows\Tasks\APSnotifierPP1.job
2014-04-28 20:38 - 2014-04-28 20:38 - 00003016 _____ () C:\Windows\System32\Tasks\RegClean Pro_UPDATES
2014-04-28 20:38 - 2014-04-28 20:38 - 00002860 _____ () C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
2014-04-28 20:38 - 2014-04-28 20:38 - 00000298 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-04-28 20:38 - 2014-04-28 20:38 - 00000290 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-04-28 20:38 - 2014-04-28 20:38 - 00000000 ____D () C:\Users\Jaspar\AppData\Roaming\rightbackup
2014-04-28 20:38 - 2014-04-28 20:38 - 00000000 ____D () C:\Users\Jaspar\AppData\Roaming\Advanced System Protector
2014-04-28 20:23 - 2014-04-28 20:11 - 00002812 _____ () C:\Windows\System32\Tasks\APSnotifierPP1
2014-04-28 20:23 - 2014-04-28 20:11 - 00002810 _____ () C:\Windows\System32\Tasks\APSnotifierPP3
2014-04-28 20:23 - 2014-04-28 20:11 - 00002810 _____ () C:\Windows\System32\Tasks\APSnotifierPP2
2014-04-28 20:23 - 2014-04-28 20:11 - 00000378 _____ () C:\Windows\Tasks\APSnotifierPP3.job
2014-04-28 20:18 - 2014-04-28 20:18 - 00000000 ____D () C:\Users\Jaspar\AppData\Local\com
2014-04-28 20:15 - 2014-04-28 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-04-28 20:15 - 2014-02-20 17:26 - 00002068 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-04-28 20:11 - 2014-04-28 20:10 - 00237856 _____ (Premium Installer ) C:\Users\Jaspar\Downloads\Player-Firefox.exe
2014-04-28 20:10 - 2014-04-28 20:09 - 00002852 _____ () C:\Users\Jaspar\AppData\Roaming\aps.scan.results
2014-04-28 20:10 - 2014-04-28 20:09 - 00001180 _____ () C:\Users\Jaspar\AppData\Roaming\aps.scan.quick.results
2014-04-28 20:10 - 2014-04-28 20:09 - 00000318 _____ () C:\Users\Jaspar\AppData\Roaming\aps.uninstall.scan.results
2014-04-28 20:09 - 2014-04-28 20:09 - 00005208 _____ () C:\Windows\System32\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-4
2014-04-28 20:09 - 2014-04-28 20:09 - 00004554 _____ () C:\Windows\System32\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-5
2014-04-28 20:09 - 2014-04-28 20:09 - 00004468 _____ () C:\Windows\System32\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-5
2014-04-28 20:09 - 2014-04-28 20:09 - 00004460 _____ () C:\Windows\System32\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-1
2014-04-28 20:09 - 2014-04-28 20:09 - 00004440 _____ () C:\Windows\System32\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-2
2014-04-28 20:09 - 2014-04-28 20:09 - 00001047 _____ () C:\Users\Jaspar\Desktop\AnyProtect.lnk
2014-04-28 20:09 - 2014-04-28 20:09 - 00000000 ____D () C:\Users\Jaspar\AppData\Roaming\SupTab
2014-04-28 20:09 - 2014-04-28 20:09 - 00000000 ____D () C:\Users\Jaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2014-04-28 20:09 - 2014-04-28 20:09 - 00000000 ____D () C:\Users\Jaspar\AppData\Local\newplayer
2014-04-28 20:09 - 2014-04-28 20:09 - 00000000 ____D () C:\ProgramData\WPM
2014-04-28 20:09 - 2014-04-28 20:09 - 00000000 ____D () C:\ProgramData\IePluginService
2014-04-28 20:09 - 2014-04-28 20:09 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-04-28 20:09 - 2014-04-28 20:08 - 00004354 _____ () C:\Windows\System32\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-2
2014-04-28 20:09 - 2014-04-28 20:08 - 00000000 ____D () C:\Program Files (x86)\MediaPlayerplus
2014-04-28 20:09 - 2014-04-28 20:08 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-04-28 20:09 - 2014-04-28 20:07 - 00000000 ____D () C:\Program Files (x86)\HQVro-1.91
2014-04-28 20:08 - 2014-04-28 20:08 - 01107768 _____ (AnyProtect.com) C:\Users\Jaspar\AppData\Local\nsn5D7A.tmp
2014-04-28 20:08 - 2014-04-28 20:08 - 00006140 _____ () C:\Windows\System32\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-3
2014-04-28 20:08 - 2014-04-28 20:08 - 00004364 _____ () C:\Windows\System32\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-1
2014-04-28 20:08 - 2014-04-28 20:08 - 00001160 _____ () C:\Users\Public\Desktop\Activeris AntiMalware.lnk
2014-04-28 20:08 - 2014-04-28 20:08 - 00001115 _____ () C:\Users\Public\Desktop\NewPlayer.lnk
2014-04-28 20:08 - 2014-04-28 20:08 - 00001052 _____ () C:\Users\Public\Desktop\RegClean Pro.lnk
2014-04-28 20:08 - 2014-04-28 20:08 - 00000000 ____D () C:\Users\Jaspar\AppData\Roaming\VOPackage
2014-04-28 20:08 - 2014-04-28 20:08 - 00000000 ____D () C:\Users\Jaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-04-28 20:08 - 2014-04-28 20:08 - 00000000 ____D () C:\Users\Jaspar\AppData\Roaming\Activeris
2014-04-28 20:08 - 2014-04-28 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
2014-04-28 20:08 - 2014-04-28 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewPlayer
2014-04-28 20:08 - 2014-04-28 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activeris AntiMalware
2014-04-28 20:08 - 2014-04-28 20:08 - 00000000 ____D () C:\ProgramData\Activeris
2014-04-28 20:08 - 2014-04-28 20:08 - 00000000 ____D () C:\Program Files (x86)\NewPlayer
2014-04-28 20:08 - 2014-04-28 20:08 - 00000000 ____D () C:\Program Files (x86)\Activeris AntiMalware
2014-04-28 20:08 - 2014-04-28 20:07 - 00000004 _____ () C:\end
2014-04-28 20:08 - 2014-04-28 20:07 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-04-28 20:08 - 2014-04-26 23:54 - 00000000 ____D () C:\Users\Jaspar\AppData\Roaming\systweak
2014-04-28 20:07 - 2014-04-28 20:07 - 00005422 _____ () C:\Windows\System32\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-3
2014-04-28 20:07 - 2014-04-28 20:07 - 00005356 _____ () C:\Windows\System32\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-4
2014-04-28 20:07 - 2014-04-28 20:07 - 00003042 _____ () C:\Windows\System32\Tasks\Re-markit Update
2014-04-28 20:07 - 2014-04-28 20:07 - 00002972 _____ () C:\Windows\System32\Tasks\Re-markit_wd
2014-04-28 20:07 - 2014-04-28 20:07 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-04-28 20:07 - 2014-04-28 20:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free_soft_today
2014-04-28 20:07 - 2014-04-28 20:07 - 00000000 ____D () C:\Program Files (x86)\Re-markit
2014-04-28 20:07 - 2014-04-28 20:07 - 00000000 ____D () C:\Program Files (x86)\fst_de_7
2014-04-28 20:07 - 2014-02-21 19:18 - 00000000 ____D () C:\Users\Jaspar\AppData\Roaming\TS3Client
2014-04-28 20:07 - 2014-02-20 18:48 - 00001383 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-04-28 20:07 - 2014-02-20 18:48 - 00001371 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-04-28 20:07 - 2014-01-22 02:44 - 00001674 _____ () C:\Users\Jaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-04-28 20:07 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-28 20:07 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-04-28 20:06 - 2014-04-28 20:06 - 00502224 _____ () C:\Users\Jaspar\Downloads\Player_Setup.exe
2014-04-28 19:49 - 2014-02-20 18:51 - 00000000 ____D () C:\Users\Jaspar\AppData\Local\PMB Files
2014-04-28 18:58 - 2014-02-28 20:48 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-28 17:58 - 2014-02-20 18:51 - 00000000 ____D () C:\ProgramData\PMB Files
2014-04-27 21:21 - 2012-08-03 01:02 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-04-27 21:21 - 2012-08-03 01:02 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-04-27 21:21 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-27 21:15 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-27 21:14 - 2012-08-02 15:24 - 00107422 _____ () C:\Windows\PFRO.log
2014-04-27 21:14 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-04-27 13:55 - 2014-01-22 02:51 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-705164964-436951070-2432176924-1002
2014-04-27 13:48 - 2014-04-26 23:54 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector
2014-04-27 13:44 - 2013-04-26 01:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-04-27 13:44 - 2013-04-26 01:16 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-04-27 13:42 - 2014-01-22 02:45 - 00000000 ___RD () C:\Users\Jaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-27 13:41 - 2013-04-26 01:15 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-27 00:17 - 2014-04-27 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-27 00:17 - 2014-04-27 00:16 - 00000000 ____D () C:\Users\Jaspar\AppData\Local\Google
2014-04-27 00:17 - 2014-04-27 00:16 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-27 00:16 - 2014-04-27 00:16 - 00884720 _____ (Google Inc.) C:\Users\Jaspar\Downloads\ChromeSetup.exe
2014-04-27 00:16 - 2014-04-27 00:16 - 00004094 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-27 00:16 - 2014-04-27 00:16 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-26 23:53 - 2014-04-26 23:53 - 04960768 _____ (Systweak Inc ) C:\Users\Jaspar\Downloads\regclean_my40945.exe
2014-04-21 14:51 - 2014-04-26 23:54 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2014-04-14 22:06 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-04-14 10:59 - 2014-01-22 02:45 - 00000000 ___RD () C:\Users\Jaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-14 10:56 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-04-14 10:56 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-04-09 20:53 - 2014-02-20 20:25 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 20:51 - 2014-02-20 20:25 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-09 14:30 - 2014-02-21 19:18 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client
2014-04-01 17:45 - 2013-04-26 01:15 - 06321198 _____ () C:\Windows\AsDebug.log
2014-03-31 23:18 - 2014-02-22 11:40 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-31 23:18 - 2014-02-22 11:40 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

Files to move or delete:
====================
C:\ProgramData\SetStretch.exe
C:\ProgramData\SetStretch.VBS


Some content of TEMP:
====================
C:\Users\Jaspar\AppData\Local\Temp\AutoRun.exe
C:\Users\Jaspar\AppData\Local\Temp\AutoRunGUI.dll
C:\Users\Jaspar\AppData\Local\Temp\avgnt.exe
C:\Users\Jaspar\AppData\Local\Temp\BackupSetup.exe
C:\Users\Jaspar\AppData\Local\Temp\COMAP.EXE
C:\Users\Jaspar\AppData\Local\Temp\dlLogic.exe
C:\Users\Jaspar\AppData\Local\Temp\dltr.exe
C:\Users\Jaspar\AppData\Local\Temp\drm_dyndata_7400006.dll
C:\Users\Jaspar\AppData\Local\Temp\GCVerifier.dll
C:\Users\Jaspar\AppData\Local\Temp\Medal of Honor_uninst.exe
C:\Users\Jaspar\AppData\Local\Temp\nsc191E.exe
C:\Users\Jaspar\AppData\Local\Temp\nsd1CC9.exe
C:\Users\Jaspar\AppData\Local\Temp\nsi1B13.exe
C:\Users\Jaspar\AppData\Local\Temp\nsl3C6B.exe
C:\Users\Jaspar\AppData\Local\Temp\nsr3F98.exe
C:\Users\Jaspar\AppData\Local\Temp\nss416E.exe
C:\Users\Jaspar\AppData\Local\Temp\rcpsetup_isppi.exe
C:\Users\Jaspar\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\Jaspar\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Jaspar\AppData\Local\Temp\verifier.exe
C:\Users\Jaspar\AppData\Local\Temp\VP6Install.exe
C:\Users\Jaspar\AppData\Local\Temp\VP6VFW.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-04-27 13:55

==================== End Of Log ============================
--- --- ---





Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29-04-2014
Ran by xxx at 2014-04-29 21:15:56
Running from C:\Users\Jaspar\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Activeris AntiMalware (HKLM-x32\...\94EAE98D-444B-4817-858C-13DB943DF4F1_Activeris_A~741EE3A2_is1) (Version: 1.0.0.1 - Activeris)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.206 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.4.117.01527 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.4.117.01527 - Alcor Micro Corp.) Hidden
AnyProtect (HKLM-x32\...\AnyProtect) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.2.2 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}) (Version: 3.0.4 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 2.1.4 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 2.01.0005 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.1.5 - ASUS)
ASUS WebStorage Sync Agent (HKLM-x32\...\ASUS WebStorage) (Version: 1.1.18.159 - ASUS Cloud Corporation)
ASUSDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5230.52 - CyberLink Corp.)
ASUSDVD (x32 Version: 10.0.5230.52 - CyberLink Corp.) Hidden
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.7 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0030 - ASUS)
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.3.338 - Avira)
Avira Savings Advisor (HKLM-x32\...\{A18A516C-AA41-46A9-92DB-60208917E442}) (Version: 1.5.14 - Avira) <==== ATTENTION
Azteca (x32 Version: 2.2.0.97 - WildTangent) Hidden
Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
Call of Duty(R) 2 (HKLM-x32\...\InstallShield_{D0A05794-48C2-4424-A15A-9F20FCFDD374}) (Version: 1.2 - Activision)
Call of Duty(R) 2 (x32 Version: 1.2 - Activision) Hidden
Cut the Rope (x32 Version: 3.0.2.38 - WildTangent) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Die Sims™ 2 (HKLM-x32\...\{2C82E097-694E-44ea-A947-2750679469CF}) (Version:  - Electronic Arts)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Fotogalerie (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
fst_de_7 (HKLM-x32\...\fst_de_7_is1) (Version:  - free_soft_today)
Galerie de photos (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
Google Update Helper (x32 Version: 1.3.23.9 - Google Inc.) Hidden
HQVro-1.91 (HKLM-x32\...\HQVro-1.91) (Version: 1.34.4.10 - HQVro1)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2884 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Medal of Honor (TM) (HKLM-x32\...\{415030B8-3E8B-462A-8C03-41D95AA3AB3B}) (Version: 1.0.0.0 - Electronic Arts)
MediaPlayerplus (HKLM-x32\...\MediaPlayerplus) (Version: 1.34.4.10 - Freeven) <==== ATTENTION
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NewPlayer (HKLM-x32\...\NewPlayer) (Version: v2.1.1.7 - ) <==== ATTENTION
NVIDIA Control Panel 311.70 (Version: 311.70 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 311.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.70 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.124.810 - NVIDIA Corporation) Hidden
NVIDIA Optimus 4.11.9 (Version: 4.11.9 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.0325 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.0325 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0325 - NVIDIA Corporation)
NVIDIA Update 4.11.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 4.11.9 - NVIDIA Corporation)
NVIDIA Update Components (Version: 4.11.9 - NVIDIA Corporation) Hidden
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Peggle (x32 Version: 2.2.0.95 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.989 - Even Balance, Inc.)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Raccolta foto (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6804 - Realtek Semiconductor Corp.)
RegClean-Pro (HKLM-x32\...\RegClean-Pro_is1) (Version: 6.21 - Systweak Inc)
Re-markit (HKLM-x32\...\76299AFE-7A34-5625-60C5-04F0D2CD07C9) (Version:  - Re-markit-software) <==== ATTENTION
ScanTack (HKLM\...\ScanTack) (Version: 2014.04.29.145350 - ScanTack) <==== ATTENTION
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.12.20.154 - Conduit) <==== ATTENTION
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
webssearches uninstaller (HKLM-x32\...\webssearches uninstaller) (Version:  - webssearches) <==== ATTENTION
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.0.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.10.5 - WildTangent) Hidden
Windows Driver Package - ASUS (ATP) Mouse  (01/10/2013 1.0.0.170) (HKLM\...\4A9DE1E9EBC800B7F01739D4DE7363EF6751BDF5) (Version: 01/10/2013 1.0.0.170 - ASUS)
Windows Live (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 2.42.0 - ASUS)
Worms World Party (HKLM-x32\...\{AD309EDF-17A6-4968-9CE9-35887D9E1871}) (Version: 1.00.000 - )
WPM18.8.0.212 (HKLM-x32\...\WPM) (Version: 18.8.0.212 - Cherished Technololgy LIMITED) <==== ATTENTION

==================== Restore Points  =========================

13-04-2014 17:22:42 Windows Update
21-04-2014 13:31:54 Geplanter Prüfpunkt
27-04-2014 11:45:52 Removed Microsoft Office

==================== Hosts content: ==========================

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {0AF9EBB0-F587-4A8B-988A-75C392FE53D0} - System32\Tasks\Activeris AntiMalware_startup => C:\Program Files (x86)\Activeris AntiMalware\ActiverisAntiMalware.exe [2014-01-23] (Activeris)
Task: {16A2D8CE-E411-4C01-B04B-01110DEE9285} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2014-04-21] (Systweak Inc) <==== ATTENTION
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {29C8F143-93B7-4D36-9887-BE74A1A04A5C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-04-28] (Adobe Systems Incorporated)
Task: {3756E873-0EF6-4A66-B447-A6ECA4C015C9} - System32\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-4 => C:\Program Files (x86)\MediaPlayerplus\923e656c-7931-4c44-9b19-6d3c00ebfbd9-4.exe [2014-04-28] (Freeven) <==== ATTENTION
Task: {4B810D1F-9552-4D64-BD26-D03834A682E9} - System32\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-5 => C:\Program Files (x86)\MediaPlayerplus\923e656c-7931-4c44-9b19-6d3c00ebfbd9-5.exe [2014-04-28] (Freeven) <==== ATTENTION
Task: {4FADF387-1074-4E27-994C-383186C16E6C} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-04-28] (AnyProtect by CMI) <==== ATTENTION
Task: {5182CD89-2ABB-4A25-9699-A86FE7A2DC3A} - System32\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-1 => C:\Program Files (x86)\HQVro-1.91\HQVro-1.91-codedownloader.exe [2014-04-28] (HQVro1)
Task: {51891AB9-3251-483E-A30F-A6C4C72867A4} - System32\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-3 => C:\Program Files (x86)\HQVro-1.91\6e36e8b7-5a33-405b-889f-ed80ffb3f521-3.exe [2014-04-28] (HQVro1)
Task: {5AD7EC94-F415-4850-8158-B862B0CC6100} - System32\Tasks\Re-markit_wd => C:\Program Files (x86)\Re-markit\Re-markitfQLOWw.exe [2014-04-28] () <==== ATTENTION
Task: {67AAD43C-3478-448F-AC40-0DB554DF1160} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-27] (Google Inc.)
Task: {6DF948A0-96C9-480A-8DC7-5DE39C4CE038} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-04-27] (Google Inc.)
Task: {749C614E-0A2A-4533-BFB6-48EB2F27A60D} - System32\Tasks\ASUS Touchpad Launcher (x64) => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2013-04-29] (AsusTek)
Task: {7953E083-E916-4AD6-8912-C82A4C56C362} - System32\Tasks\aviraSWU => Cscript.exe "C:\Program Files (x86)\avira\Internet Explorer\swu.vbs"
Task: {7A149252-9D63-4542-BF20-A34966A2AFC4} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-03-20] (ASUSTeK Computer Inc.)
Task: {7BE140B9-CC56-443D-9A26-75E7F0B52A1C} - System32\Tasks\Advanced System Protector => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe [2014-04-23] (Systweak Inc                                                ) <==== ATTENTION
Task: {84887AC2-DAAC-4922-868F-653C4E80A79A} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-09-18] (ASUSTek Computer Inc.)
Task: {91A84639-D2D7-4B99-B3E1-1A9E42E50B4A} - System32\Tasks\ASUS InstantOn Config => C:\Program Files\ASUS\P4G\InsOnCfg.exe
Task: {9AD6F047-7C69-4C41-B14D-56BD9365026D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-705164964-436951070-2432176924-1002Core => C:\Users\Jaspar\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-26] (Facebook Inc.)
Task: {9BBB19E8-29EF-46B9-BCFD-CC1AA9CD95D2} - System32\Tasks\Re-markit Update => C:\Program Files (x86)\Re-markit\Re-markitfQL.exe [2014-04-28] () <==== ATTENTION
Task: {A088BFDF-1E64-4AFE-A58B-99F97117AFC6} - System32\Tasks\ASUS P4G => C:\Program Files\ASUS\P4G\BatteryLife.exe [2013-06-19] (ASUS)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {B0779287-4AAD-43D1-B73D-8743029E265E} - System32\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-4 => C:\Program Files (x86)\HQVro-1.91\6e36e8b7-5a33-405b-889f-ed80ffb3f521-4.exe [2014-04-28] (HQVro1)
Task: {C6260AD7-37AF-4D03-8633-6354ACB4F44B} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2014-04-21] (Systweak Inc) <==== ATTENTION
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {CB7BDE1B-592E-479D-AB95-FE843E2A8279} - System32\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-5 => C:\Program Files (x86)\HQVro-1.91\6e36e8b7-5a33-405b-889f-ed80ffb3f521-5.exe [2014-04-28] (HQVro1)
Task: {CBE33414-4239-4D8A-A1C9-3F910FCA848E} - System32\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-2 => C:\Program Files (x86)\MediaPlayerplus\923e656c-7931-4c44-9b19-6d3c00ebfbd9-2.exe [2014-04-28] (Freeven) <==== ATTENTION
Task: {CED0486D-30D8-49C9-982D-32193939DF81} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-04-28] (AnyProtect by CMI) <==== ATTENTION
Task: {D35414E7-8ACA-415C-B110-AF4C4DA67040} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2014-04-21] (Systweak Inc) <==== ATTENTION
Task: {DF61849F-8368-4423-B6BC-92E80E839026} - System32\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-3 => C:\Program Files (x86)\MediaPlayerplus\923e656c-7931-4c44-9b19-6d3c00ebfbd9-3.exe [2014-04-28] (Freeven) <==== ATTENTION
Task: {E06C5CEA-E1DA-45FD-8BDD-93B51A8307FD} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe [2013-03-20] (ASUSTeK Computer Inc.)
Task: {E12A3223-E067-48C6-A6AD-9A6B42237C4F} - System32\Tasks\ASUS Splendid ColorU => C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe [2013-02-26] (ASUSTeK Computer Inc.)
Task: {E2E7DD00-5B9C-4010-9E98-36A7D3F911B3} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-04-28] (AnyProtect by CMI) <==== ATTENTION
Task: {E5099665-C751-4F8E-94F3-F2B5CC4BAAFD} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-01-31] (Microsoft Corporation)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F142EA38-44C1-45A1-B12B-D626628E060E} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2012-11-28] (ASUS)
Task: {F24A4FF6-DB76-4B61-AC80-EA54DAE3AEBC} - System32\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-1 => C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe [2014-04-28] (Freeven) <==== ATTENTION
Task: {F25B59D5-8329-405F-9504-1A83BA1C4020} - System32\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-2 => C:\Program Files (x86)\HQVro-1.91\6e36e8b7-5a33-405b-889f-ed80ffb3f521-2.exe [2014-04-28] (HQVro1)
Task: {F552A5A7-502F-41B9-A4BE-96429DC34C3B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-705164964-436951070-2432176924-1002UA => C:\Users\Jaspar\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-26] (Facebook Inc.)
Task: C:\Windows\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-1.job => C:\Program Files (x86)\HQVro-1.91\HQVro-1.91-codedownloader.exe
Task: C:\Windows\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-2.job => C:\Program Files (x86)\HQVro-1.91\6e36e8b7-5a33-405b-889f-ed80ffb3f521-2.exe
Task: C:\Windows\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-3.job => C:\Program Files (x86)\HQVro-1.91\6e36e8b7-5a33-405b-889f-ed80ffb3f521-3.exe
Task: C:\Windows\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-4.job => C:\Program Files (x86)\HQVro-1.91\6e36e8b7-5a33-405b-889f-ed80ffb3f521-4.exe
Task: C:\Windows\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-5.job => C:\Program Files (x86)\HQVro-1.91\6e36e8b7-5a33-405b-889f-ed80ffb3f521-5.exe
Task: C:\Windows\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-1.job => C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe
Task: C:\Windows\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-2.job => C:\Program Files (x86)\MediaPlayerplus\923e656c-7931-4c44-9b19-6d3c00ebfbd9-2.exe
Task: C:\Windows\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-3.job => C:\Program Files (x86)\MediaPlayerplus\923e656c-7931-4c44-9b19-6d3c00ebfbd9-3.exe
Task: C:\Windows\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-4.job => C:\Program Files (x86)\MediaPlayerplus\923e656c-7931-4c44-9b19-6d3c00ebfbd9-4.exe
Task: C:\Windows\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-5.job => C:\Program Files (x86)\MediaPlayerplus\923e656c-7931-4c44-9b19-6d3c00ebfbd9-5.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-705164964-436951070-2432176924-1002Core.job => C:\Users\Jaspar\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-705164964-436951070-2432176924-1002UA.job => C:\Users\Jaspar\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Re-markit Update.job => C:\Program Files (x86)\Re-markit\Re-markitfQL.exe <==== ATTENTION
Task: C:\Windows\Tasks\Re-markit_wd.job => C:\Program Files (x86)\Re-markit\Re-markitfQLOWw.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2012-12-19 08:10 - 2012-12-19 08:10 - 00072192 _____ () C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
2014-01-23 17:19 - 2014-01-23 17:19 - 00075064 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-01-23 17:20 - 2014-01-23 17:20 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-04-26 19:58 - 2014-04-26 19:58 - 00052736 _____ () C:\Users\Jaspar\AppData\Roaming\VOPackage\VOsrv.exe
2014-04-16 17:14 - 2014-04-16 17:14 - 00011776 _____ () C:\Program Files (x86)\NewPlayer\NewPlayerUpdaterService.exe
2013-06-19 22:49 - 2013-06-19 22:49 - 00031360 _____ () C:\Program Files\ASUS\P4G\DevMng.dll
2014-04-28 20:07 - 2014-04-28 20:07 - 00077312 _____ () C:\Program Files (x86)\Re-markit\Re-markitfQLOWw.exe
2014-04-28 20:07 - 2014-04-28 20:07 - 00143360 _____ () C:\Program Files (x86)\Re-markit\Re-markitfQL161.exe
2014-04-28 20:07 - 2014-04-28 11:09 - 03267536 _____ () C:\Users\Jaspar\AppData\Local\fst_de_7\upfst_de_7.exe
2013-04-26 10:38 - 2013-01-02 08:55 - 00175008 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-06-28 11:18 - 2012-11-21 10:58 - 00094208 _____ () C:\Windows\system32\IccLibDll_x64.dll
2014-04-29 16:53 - 2014-04-29 16:53 - 00351008 _____ () C:\Program Files (x86)\ScanTack\updateScanTack.exe
2013-12-09 22:37 - 2012-06-25 12:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2014-02-20 17:25 - 2014-02-14 12:00 - 00394808 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2014-04-28 20:08 - 2012-09-26 15:31 - 00886272 _____ () C:\Program Files (x86)\Activeris AntiMalware\System.Data.SQLite.dll
2014-04-28 20:08 - 2014-01-23 19:04 - 01718264 _____ () C:\Program Files (x86)\Activeris AntiMalware\acrissys.dll
2014-04-28 20:07 - 2014-04-28 20:07 - 00133120 _____ () C:\Program Files (x86)\Re-markit\Re-markitfQL161.dll
2014-03-29 02:57 - 2014-03-29 02:57 - 03642480 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/29/2014 07:15:05 PM) (Source: Google Update) (User: Lappi)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, named proxy=http=127.0.0.1:14354, bypass=.
trying CUP:WinHTTP.
Send request returned 0x80072f78. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.

Error: (04/28/2014 10:15:05 PM) (Source: Google Update) (User: Lappi)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, named proxy=http=127.0.0.1:14144, bypass=.
trying CUP:WinHTTP.
Send request returned 0x80072f78. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.

Error: (04/27/2014 00:21:00 AM) (Source: MsiInstaller) (User: NT-AUTORITÄT)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "GUID") für Schlüssel "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219".

Error: (04/26/2014 11:54:51 PM) (Source: MsiInstaller) (User: Lappi)
Description: Nicht erwarteter oder fehlender Wert (Name: "PackageCode", Wert: "GUID") für Schlüssel "HKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219".

Error: (04/26/2014 06:46:54 PM) (Source: Application Hang) (User: )
Description: Programm wwahost.exe, Version 6.2.9200.16420 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 17f0

Startzeit: 01cf616f13060a33

Endzeit: 4294967295

Anwendungspfad: C:\Windows\system32\wwahost.exe

Berichts-ID: 5bbb671e-cd62-11e3-be83-bcee7bc04578

Vollständiger Name des fehlerhaften Pakets: Microsoft.Bing_1.5.1.259_x64__8wekyb3d8bbwe

Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Microsoft.Bing

Error: (04/26/2014 06:46:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (User: Lappi)
Description: Das Paket „Microsoft.Bing_1.5.1.259_x64__8wekyb3d8bbwe“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (04/23/2014 00:38:44 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (04/22/2014 10:04:15 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: daemonu.exe, Version: 4.11.9.1, Zeitstempel: 0x5194eb80
Name des fehlerhaften Moduls: daemonu.exe, Version: 4.11.9.1, Zeitstempel: 0x5194eb80
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00025fc5
ID des fehlerhaften Prozesses: 0x514
Startzeit der fehlerhaften Anwendung: 0xdaemonu.exe0
Pfad der fehlerhaften Anwendung: daemonu.exe1
Pfad des fehlerhaften Moduls: daemonu.exe2
Berichtskennung: daemonu.exe3
Vollständiger Name des fehlerhaften Pakets: daemonu.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: daemonu.exe5

Error: (04/21/2014 08:36:48 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005

Error: (04/14/2014 11:36:11 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80070005


System errors:
=============
Error: (04/29/2014 08:48:53 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0922 fehlgeschlagen: Sicherheitsupdate für Internet Explorer Flash Player für Windows 8 für x64-Systeme (KB2961887)

Error: (04/27/2014 09:15:30 PM) (Source: DCOM) (User: Lappi)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}LappiJasparS-1-5-21-705164964-436951070-2432176924-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (04/27/2014 09:15:30 PM) (Source: DCOM) (User: Lappi)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}LappiJasparS-1-5-21-705164964-436951070-2432176924-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (04/27/2014 09:15:30 PM) (Source: DCOM) (User: Lappi)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}LappiJasparS-1-5-21-705164964-436951070-2432176924-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (04/22/2014 10:04:22 PM) (Source: Service Control Manager) (User: )
Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (04/16/2014 10:37:19 AM) (Source: DCOM) (User: Lappi)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}LappiJasparS-1-5-21-705164964-436951070-2432176924-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (04/08/2014 02:42:54 PM) (Source: Service Control Manager) (User: )
Description: Dienst "NVIDIA Update Service Daemon" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/29/2014 03:11:44 PM) (Source: DCOM) (User: Lappi)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}LappiJasparS-1-5-21-705164964-436951070-2432176924-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/29/2014 03:11:44 PM) (Source: DCOM) (User: Lappi)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}LappiJasparS-1-5-21-705164964-436951070-2432176924-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (03/25/2014 09:15:08 PM) (Source: DCOM) (User: Lappi)
Description: AnwendungsspezifischLokalStart{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}LappiJasparS-1-5-21-705164964-436951070-2432176924-1002LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar


Microsoft Office Sessions:
=========================
Error: (04/29/2014 07:15:05 PM) (Source: Google Update)(User: Lappi)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, named proxy=http=127.0.0.1:14354, bypass=.
trying CUP:WinHTTP.
Send request returned 0x80072f78. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.

Error: (04/28/2014 10:15:05 PM) (Source: Google Update)(User: Lappi)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, named proxy=http=127.0.0.1:14144, bypass=.
trying CUP:WinHTTP.
Send request returned 0x80072f78. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=FireFox, direct connection.
trying CUP:WinHTTP.

Error: (04/27/2014 00:21:00 AM) (Source: MsiInstaller)(User: NT-AUTORITÄT)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)

Error: (04/26/2014 11:54:51 PM) (Source: MsiInstaller)(User: Lappi)
Description: PackageCodeGUIDHKLM\Software\Classes\Installer\Products\B476F94747628E7478C965620AB6A219(NULL)(NULL)(NULL)

Error: (04/26/2014 06:46:54 PM) (Source: Application Hang)(User: )
Description: wwahost.exe6.2.9200.1642017f001cf616f13060a334294967295C:\Windows\system32\wwahost.exe5bbb671e-cd62-11e3-be83-bcee7bc04578Microsoft.Bing_1.5.1.259_x64__8wekyb3d8bbweMicrosoft.Bing

Error: (04/26/2014 06:46:48 PM) (Source: Microsoft-Windows-Immersive-Shell)(User: Lappi)
Description: Microsoft.Bing_1.5.1.259_x64__8wekyb3d8bbwe

Error: (04/23/2014 00:38:44 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (04/22/2014 10:04:15 PM) (Source: Application Error)(User: )
Description: daemonu.exe4.11.9.15194eb80daemonu.exe4.11.9.15194eb80c000000500025fc551401cf5a2421937559C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exeC:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe472af19a-ca59-11e3-be83-bcee7bc04578

Error: (04/21/2014 08:36:48 PM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005

Error: (04/14/2014 11:36:11 AM) (Source: Customer Experience Improvement Program)(User: )
Description: 80070005


==================== Memory info =========================== 

Percentage of memory in use: 27%
Total physical RAM: 8077.57 MB
Available physical RAM: 5868.98 MB
Total Pagefile: 9293.57 MB
Available Pagefile: 6608.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:372.6 GB) (Free:307.25 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Data) (Fixed) (Total:537.8 GB) (Free:537.64 GB) NTFS
Drive e: (TAIS_TOI) (CDROM) (Total:3.65 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 932 GB) (Disk ID: 0FE4DC0A)

Partition: GPT Partition Type.

==================== End Of Log ============================
__________________
Alt 30.04.2014, 23:43   #4
schrauber
/// the machine
/// TB-Ausbilder
 
Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira - Standard

Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira


Revo Uninstaller - Download - Filepony
Damit alles deinstallieren was Du in der Additional.txt findest mit dem Zusatz <== ATTENTION

Mit Revo auch Moderat die Reste entfernen lassen.




Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.05.2014, 18:58   #5
Damiani
 
Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira - Standard

Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira


Erfolgreich wurden unzählige Daten gelöscht, doch ich habe das unangenehme Gefühl, dass sich noch andere Schädlinge auf dem PC befinden, denn ich werde nachwievor bei einem Klick im Browser zu irgendeinem dubiosen Download weitergeleitet.

Code:
ATTFilter
ComboFix 14-04-30.01 - Jaspar 01.05.2014  19:38:58.1.4 - x64
Microsoft Windows 8  6.2.9200.0.1252.49.1031.18.8078.6087 [GMT 2:00]
ausgeführt von:: c:\users\Jaspar\Desktop\ComboFix.exe
AV: Avira Desktop *Disabled/Outdated* {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Avira Desktop *Disabled/Outdated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\programdata\IePluginService
c:\programdata\IePluginService\PluginService.exe
c:\programdata\SetStretch.exe
c:\programdata\SetStretch.VBS
c:\users\Jaspar\AppData\Local\AnyProtectScannerSetup.exe
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\background.html
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\chromeCoreFilesIndex.txt
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\crossriderManifest.json
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\manifest.xml
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins.json
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\1.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\102.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\103.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\104.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\119.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\123.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\13.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\14.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\155.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\17.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\177.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\178.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\179.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\180.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\182.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\183.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\184.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\19.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\190.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\191.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\195.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\207.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\21.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\22.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\220.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\221.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\223.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\231.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\232.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\242.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\246.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\257.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\28.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\4.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\47.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\64.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\7.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\72.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\78.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\80.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\9.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\91.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\93.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\plugins\97.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\userCode\background.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\extensionData\userCode\extension.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\icons\actions\1.png
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\icons\icon128.png
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\icons\icon16.png
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\icons\icon48.png
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\js\api\chrome.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\js\api\cookie.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\js\api\message.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\js\api\monitor.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\js\api\pageAction.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\js\api\pageActionBG.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\js\background.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\js\lib\app_api.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\js\lib\bg_app_api.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\js\lib\consts.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\js\lib\cookie_store.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\js\lib\crossriderAPI.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\js\lib\delegate.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\js\lib\events.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\js\lib\extensionDataStore.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\js\lib\installer.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\js\lib\logFile.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\js\lib\logging.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\js\lib\onBGDocumentLoad.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\js\lib\popupResource\newPopup.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\js\lib\popupResource\popup.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\js\lib\reports.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\js\lib\storageWrapper.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\js\lib\updateManager.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\js\lib\util.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\js\lib\xhr.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\js\main.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\js\platformVersion.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\manifest.json
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.48_0\popup.html
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\background.html
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\chromeCoreFilesIndex.txt
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\crossriderManifest.json
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\manifest.xml
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins.json
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\1.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\102.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\103.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\104.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\13.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\14.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\155.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\17.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\177.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\182.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\183.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\184.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\19.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\190.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\191.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\195.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\207.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\21.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\211.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\22.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\220.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\226.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\233.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\242.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\246.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\28.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\4.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\47.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\64.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\7.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\72.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\78.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\80.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\9.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\91.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\93.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\plugins\97.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\userCode\background.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\extensionData\userCode\extension.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\icons\actions\1.png
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\icons\icon128.png
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\icons\icon16.png
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\icons\icon48.png
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\js\api\chrome.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\js\api\cookie.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\js\api\message.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\js\api\monitor.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\js\api\pageAction.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\js\api\pageActionBG.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\js\background.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\js\lib\app_api.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\js\lib\bg_app_api.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\js\lib\consts.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\js\lib\cookie_store.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\js\lib\crossriderAPI.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\js\lib\delegate.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\js\lib\events.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\js\lib\extensionDataStore.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\js\lib\installer.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\js\lib\logFile.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\js\lib\logging.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\js\lib\onBGDocumentLoad.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\js\lib\popupResource\newPopup.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\js\lib\popupResource\popup.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\js\lib\reports.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\js\lib\storageWrapper.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\js\lib\updateManager.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\js\lib\util.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\js\lib\xhr.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\js\main.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\js\platformVersion.js
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\manifest.json
c:\users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0\popup.html
c:\users\Jaspar\AppData\Local\nsn5D7A.tmp
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome.manifest
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\api.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\api\asyncDB.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\api\background.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\api\browserAction.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\api\contextMenu.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\api\dbManager.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\api\dom_bg.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\api\fileManager.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\api\firefox.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\api\firefoxNotifications.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\api\firefoxOmnibox.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\api\message.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\api\pageAction.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\api\request.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\api\tabs.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\api\webRequest.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\api\windowsMessagingHandler.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\background.html
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\baseObject.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\browser.xul
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\core\addressBarChangeObserver.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\core\console.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\core\consts.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\core\delegate.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\core\extensionDataStore.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\core\folderIOWrapper.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\core\httpObserver.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\core\IDBWrapper.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\core\installer.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\core\logFile.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\core\prefs.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\core\progressListenerObserver.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\core\registry.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\core\reloadObserver.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\core\reports.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\core\requestObject.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\core\searchSettings.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\core\uninstallObserver.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\core\updateManager.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\core\utils.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\core\xhr.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\dialog.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\ffCoreFilesIndex.txt
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\main.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\options.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\options.xul
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\platformVersion.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\chrome\content\search_dialog.xul
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\defaults\preferences\prefs.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\manifest.xml
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins.json
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\1.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\102.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\103.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\104.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\13.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\14.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\155.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\16.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\17.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\177.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\182.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\183.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\184.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\190.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\191.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\195.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\207.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\21.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\211.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\22.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\220.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\226.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\233.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\242.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\244.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\246.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\28.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\4.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\47.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\64.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\7.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\72.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\78.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\9.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\91.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\93.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\plugins\98.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\userCode\background.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\extensionData\userCode\extension.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\install.rdf
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\locale\en-US\translations.dtd
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\skin\button1.png
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\skin\button2.png
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\skin\button3.png
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\skin\button4.png
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\skin\button5.png
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\skin\crossrider_statusbar.png
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\skin\icon128.png
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\skin\icon16.png
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\skin\icon24.png
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\skin\icon48.png
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\skin\panelarrow-up.png
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\skin\popup.html
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\skin\skin.css
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\a9719e64-232b-4695-ae9c-a89cd7f2aa84@ca1279df-bc0d-44a8-97ef-19301c922b68.com\skin\update.css
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome.manifest
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\asyncDB.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\background.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\browserAction.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\contextMenu.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\dbManager.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\dom_bg.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\fileManager.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\firefox.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\firefoxNotifications.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\firefoxOmnibox.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\message.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\pageAction.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\request.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\tabs.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\webRequest.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\windowsMessagingHandler.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\background.html
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\baseObject.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\browser.xul
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\addressBarChangeObserver.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\console.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\consts.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\delegate.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\extensionDataStore.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\folderIOWrapper.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\httpObserver.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\IDBWrapper.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\installer.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\logFile.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\prefs.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\progressListenerObserver.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\registry.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\reloadObserver.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\reports.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\requestObject.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\searchSettings.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\uninstallObserver.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\updateManager.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\utils.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\xhr.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\dialog.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\ffCoreFilesIndex.txt
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\main.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\options.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\options.xul
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\platformVersion.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\search_dialog.xul
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\defaults\preferences\prefs.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\manifest.xml
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins.json
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\1.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\102.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\103.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\104.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\119.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\123.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\13.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\14.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\155.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\16.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\17.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\177.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\178.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\179.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\180.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\182.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\183.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\184.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\190.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\191.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\195.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\207.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\21.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\22.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\220.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\221.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\223.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\231.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\232.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\242.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\244.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\246.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\257.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\28.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\4.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\47.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\64.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\7.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\72.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\78.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\9.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\91.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\93.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\98.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\userCode\background.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\userCode\extension.js
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\install.rdf
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\locale\en-US\translations.dtd
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\button1.png
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\button2.png
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\button3.png
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\button4.png
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\button5.png
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\crossrider_statusbar.png
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\icon128.png
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\icon16.png
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\icon24.png
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\icon48.png
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\panelarrow-up.png
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\popup.html
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\skin.css
c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\update.css
c:\windows\IsUn0415.exe
.
.
(((((((((((((((((((((((((((((((((((((((   Treiber/Dienste   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_IePluginService
-------\Legacy_IePluginService
-------\Service_IePluginService
-------\Service_IePluginService
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-04-01 bis 2014-05-01  ))))))))))))))))))))))))))))))
.
.
2014-05-01 17:42 . 2014-05-01 17:44	--------	d-----w-	c:\users\Jaspar\AppData\Local\temp
2014-05-01 17:42 . 2014-05-01 17:42	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-05-01 17:16 . 2014-05-01 17:16	--------	d-----w-	c:\program files (x86)\BlockAndSurf-soft
2014-05-01 17:16 . 2014-05-01 17:16	--------	d-----w-	c:\users\Jaspar\AppData\Roaming\Speedial
2014-05-01 17:16 . 2014-05-01 17:16	--------	d-----w-	c:\program files (x86)\Speedial
2014-05-01 17:02 . 2014-05-01 17:02	--------	d-----w-	c:\program files (x86)\VS Revo Group
2014-04-30 15:33 . 2014-04-29 14:18	61112	----a-w-	c:\windows\system32\drivers\{9acd1534-e8f8-40cb-b5ac-4996fe01175b}Gw64.sys
2014-04-29 19:15 . 2014-04-29 19:17	--------	d-----w-	C:\FRST
2014-04-29 19:13 . 2014-05-01 17:43	--------	d-----w-	c:\program files (x86)\ScanTack
2014-04-28 18:38 . 2014-04-28 18:38	--------	d-----w-	c:\users\Jaspar\AppData\Roaming\rightbackup
2014-04-28 18:38 . 2014-04-28 18:38	--------	d-----w-	c:\users\Jaspar\AppData\Roaming\Advanced System Protector
2014-04-28 18:18 . 2014-04-28 18:18	--------	d-----w-	c:\users\Jaspar\AppData\Local\com
2014-04-28 18:09 . 2014-04-28 18:09	--------	d-----w-	c:\users\Jaspar\AppData\Roaming\SupTab
2014-04-28 18:09 . 2014-04-28 18:09	--------	d-----w-	c:\program files (x86)\SupTab
2014-04-28 18:08 . 2014-04-28 18:08	--------	d-----w-	c:\users\Jaspar\AppData\Roaming\Activeris
2014-04-28 18:08 . 2014-04-28 18:09	--------	d-----w-	c:\program files (x86)\MediaPlayerplus
2014-04-28 18:08 . 2014-05-01 17:17	--------	d-----w-	c:\users\Jaspar\AppData\Roaming\webssearches
2014-04-28 18:08 . 2014-04-28 18:08	--------	d-----w-	c:\programdata\Activeris
2014-04-28 18:08 . 2014-04-28 18:08	--------	d-----w-	c:\program files (x86)\Activeris AntiMalware
2014-04-28 18:08 . 2012-09-26 17:03	20480	----a-w-	c:\windows\system32\acrisnative64.exe
2014-04-28 18:07 . 2014-04-28 18:09	--------	d-----w-	c:\program files (x86)\HQVro-1.91
2014-04-28 18:07 . 2014-05-01 17:45	--------	d-----w-	c:\users\Jaspar\AppData\Local\fst_de_7
2014-04-28 18:07 . 2014-04-28 18:07	--------	d-----w-	c:\program files (x86)\fst_de_7
2014-04-26 22:16 . 2014-04-26 22:17	--------	d-----w-	c:\program files (x86)\Google
2014-04-26 22:16 . 2014-04-26 22:17	--------	d-----w-	c:\users\Jaspar\AppData\Local\Google
2014-04-26 21:54 . 2014-04-27 11:48	--------	d-----w-	c:\program files (x86)\Advanced System Protector
2014-04-26 21:54 . 2014-04-21 12:51	20312	----a-w-	c:\windows\system32\roboot64.exe
2014-04-26 21:54 . 2014-05-01 17:20	--------	d-----w-	c:\users\Jaspar\AppData\Roaming\systweak
2014-04-26 21:53 . 2014-04-26 21:53	--------	d-----w-	c:\users\Jaspar\AppData\Local\Programs
2014-04-24 10:30 . 2014-04-24 10:30	217776	----a-w-	c:\programdata\Microsoft\Windows\Sqm\Manifest\Sqm10237.bin
2014-04-12 10:13 . 2014-03-07 00:48	1766400	----a-w-	c:\windows\SysWow64\wininet.dll
2014-04-09 12:32 . 2014-02-05 23:41	978432	----a-w-	c:\windows\system32\KernelBase.dll
2014-04-09 12:32 . 2014-02-05 23:41	1257984	----a-w-	c:\windows\system32\kernel32.dll
2014-04-09 12:32 . 2014-02-05 23:26	666112	----a-w-	c:\windows\SysWow64\KernelBase.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-05-01 17:44 . 2014-01-22 00:44	62	----a-w-	c:\users\Jaspar\AppData\Roaming\sp_data.sys
2014-04-09 18:51 . 2014-02-20 18:25	90655440	----a-w-	c:\windows\system32\MRT.exe
2014-03-31 21:18 . 2014-02-22 09:40	78296	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-31 21:18 . 2014-02-22 09:40	694232	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-21 06:01 . 2014-02-21 06:01	84720	----a-w-	c:\windows\system32\drivers\avnetflt.sys
2014-02-14 10:00 . 2014-02-20 15:25	28600	----a-w-	c:\windows\system32\drivers\avkmgr.sys
2014-02-14 10:00 . 2014-02-20 15:25	131576	----a-w-	c:\windows\system32\drivers\avipbb.sys
2014-02-14 10:00 . 2014-02-20 15:25	108440	----a-w-	c:\windows\system32\drivers\avgntflt.sys
2014-02-08 04:34 . 2014-03-13 11:03	4036608	----a-w-	c:\windows\system32\win32k.sys
2014-02-05 23:41 . 2014-03-13 11:03	595968	----a-w-	c:\windows\system32\qedit.dll
2014-02-05 23:37 . 2014-03-13 11:03	496640	----a-w-	c:\windows\SysWow64\qedit.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110511311172}]
2014-04-28 18:08	500072	----a-w-	c:\program files (x86)\HQVro-1.91\HQVro-1.91-bho.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
2014-04-11 02:05	513648	----a-w-	c:\program files (x86)\SupTab\SupTab.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{d332cff8-358e-4c9e-8af3-a08872ef22c1}]
2014-04-29 14:53	249632	----a-w-	c:\program files (x86)\ScanTack\ScanTackBHO.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BlockNSurf"="c:\program files (x86)\BlockAndSurf-soft\BlockNSurf.exe" [2014-05-01 104448]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe" [2010-11-15 35736]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-11-15 932288]
"ASUSPRP"="c:\program files (x86)\ASUS\APRP\APRP.EXE" [2013-04-25 3187360]
"ASUSWebStorage"="c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe" [2012-12-19 3576784]
"RemoteControl10"="c:\program files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" [2013-03-08 95192]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2014-02-14 689744]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\RunOnce]
"upfst_de_7.exe"="c:\users\Jaspar\AppData\Local\fst_de_7\upfst_de_7.exe" [2014-04-28 3267536]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\StartUp\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.141\SSScheduler.exe [2014-1-16 329944]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
"EnableCursorSuppression"= 1 (0x1)
"ConsentPromptBehaviorUser"= 3 (0x3)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]
@=""
.
R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.141\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.141\McCHSvc.exe [x]
R3 RTL8168;Realtek 8168 NT-Treiber;c:\windows\system32\DRIVERS\Rt630x64.sys;c:\windows\SYSNATIVE\DRIVERS\Rt630x64.sys [x]
S0 iaStorA;iaStorA;c:\windows\System32\drivers\iaStorA.sys;c:\windows\SYSNATIVE\drivers\iaStorA.sys [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S1 {9acd1534-e8f8-40cb-b5ac-4996fe01175b}Gw64;{9acd1534-e8f8-40cb-b5ac-4996fe01175b}Gw64;c:\windows\system32\drivers\{9acd1534-e8f8-40cb-b5ac-4996fe01175b}Gw64.sys;c:\windows\SYSNATIVE\drivers\{9acd1534-e8f8-40cb-b5ac-4996fe01175b}Gw64.sys [x]
S1 ATKWMIACPIIO;ATKWMIACPI Driver;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys;c:\program files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [x]
S2 ASUS InstantOn;ASUS InstantOn Service;c:\program files\ASUS\P4G\InsOnSrv.exe;c:\program files\ASUS\P4G\InsOnSrv.exe [x]
S2 Asus WebStorage Windows Service;Asus WebStorage Windows Service;c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe;c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [x]
S2 BlockAndSurf;BlockAndSurf;c:\program files (x86)\BlockAndSurf-soft\BlockAndSurfKF161.exe;c:\program files (x86)\BlockAndSurf-soft\BlockAndSurfKF161.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 Update ScanTack;Update ScanTack;c:\program files (x86)\ScanTack\updateScanTack.exe;c:\program files (x86)\ScanTack\updateScanTack.exe [x]
S2 Util ScanTack;Util ScanTack;c:\program files (x86)\ScanTack\bin\utilScanTack.exe;c:\program files (x86)\ScanTack\bin\utilScanTack.exe [x]
S3 AiCharger;ASUS Charger Driver;c:\windows\system32\DRIVERS\AiCharger.sys;c:\windows\SYSNATIVE\DRIVERS\AiCharger.sys [x]
S3 ATP;ASUS Input Device;c:\windows\System32\drivers\AsusTP.sys;c:\windows\SYSNATIVE\drivers\AsusTP.sys [x]
S3 HIDSwitch;ASUS Wireless Radio Control;c:\windows\System32\drivers\AsHIDSwitch64.sys;c:\windows\SYSNATIVE\drivers\AsHIDSwitch64.sys [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C63x64.sys;c:\windows\SYSNATIVE\DRIVERS\L1C63x64.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-04-26 22:17	1078088	----a-w-	c:\program files (x86)\Google\Chrome\Application\34.0.1847.131\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-05-01 c:\windows\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-1.job
- c:\program files (x86)\HQVro-1.91\HQVro-1.91-codedownloader.exe [2014-04-28 18:08]
.
2014-05-01 c:\windows\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-2.job
- c:\program files (x86)\HQVro-1.91\6e36e8b7-5a33-405b-889f-ed80ffb3f521-2.exe [2014-04-28 18:08]
.
2014-05-01 c:\windows\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-3.job
- c:\program files (x86)\HQVro-1.91\6e36e8b7-5a33-405b-889f-ed80ffb3f521-3.exe [2014-04-28 18:07]
.
2014-05-01 c:\windows\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-4.job
- c:\program files (x86)\HQVro-1.91\6e36e8b7-5a33-405b-889f-ed80ffb3f521-4.exe [2014-04-28 18:07]
.
2014-05-01 c:\windows\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-5.job
- c:\program files (x86)\HQVro-1.91\6e36e8b7-5a33-405b-889f-ed80ffb3f521-5.exe [2014-04-28 18:09]
.
2014-05-01 c:\windows\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-1.job
- c:\program files (x86)\MediaPlayerplus\MediaPlayerplus-codedownloader.exe [2014-04-28 18:09]
.
2014-05-01 c:\windows\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-2.job
- c:\program files (x86)\MediaPlayerplus\923e656c-7931-4c44-9b19-6d3c00ebfbd9-2.exe [2014-04-28 18:09]
.
2014-05-01 c:\windows\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-3.job
- c:\program files (x86)\MediaPlayerplus\923e656c-7931-4c44-9b19-6d3c00ebfbd9-3.exe [2014-04-28 18:08]
.
2014-05-01 c:\windows\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-4.job
- c:\program files (x86)\MediaPlayerplus\923e656c-7931-4c44-9b19-6d3c00ebfbd9-4.exe [2014-04-28 18:09]
.
2014-05-01 c:\windows\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-5.job
- c:\program files (x86)\MediaPlayerplus\923e656c-7931-4c44-9b19-6d3c00ebfbd9-5.exe [2014-04-28 18:09]
.
2014-05-01 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-28 16:58]
.
2014-05-01 c:\windows\Tasks\BlockAndSurf Update.job
- c:\program files (x86)\BlockAndSurf-soft\BlockAndSurfp72.exe [2014-05-01 17:16]
.
2014-05-01 c:\windows\Tasks\BlockAndSurf_wd.job
- c:\program files (x86)\BlockAndSurf-soft\BlockAndSurfC.exe [2014-05-01 17:16]
.
2014-05-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-705164964-436951070-2432176924-1002Core.job
- c:\users\Jaspar\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-26 18:10]
.
2014-05-01 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-705164964-436951070-2432176924-1002UA.job
- c:\users\Jaspar\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-03-26 18:10]
.
2014-05-01 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-26 22:16]
.
2014-05-01 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-04-26 22:16]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{11111111-1111-1111-1111-110511421146}]
2014-04-28 18:09	665448	----a-w-	c:\program files (x86)\MediaPlayerplus\MediaPlayerplus-bho64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2012-09-27 07:15	1472512	----a-w-	c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2012-09-27 07:15	1472512	----a-w-	c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\!AsusWSShellExt_U]
@="{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}"
[HKEY_CLASSES_ROOT\CLSID\{1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4D}]
2012-09-27 07:15	1472512	----a-w-	c:\program files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-11-21 171064]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-11-21 399416]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RAVCpl64.exe" [2012-12-12 13263072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.conduit.com/?gd=&ctid=CT3325582&octid=EB_ORIGINAL_CTID&ISID=MDBA52EED-7457-4DBD-90A1-472A2C2BE351&SearchSource=55&CUI=&UM=2&UP=SPEAFA9A0E-76D6-494C-999F-429BEF4A50E9&SSPV=
mDefault_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1398708465&from=tugs&uid=HGSTXHTS541010A9E680_JA1000102B9R5P2B9R5PX&q={searchTerms}
mDefault_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1398708465&from=tugs&uid=HGSTXHTS541010A9E680_JA1000102B9R5P2B9R5PX
mStart Page = hxxp://speedial.com/?f=1&a=spd_cmi_14_18_ff&cd=2XzuyEtN2Y1L1Qzu0B0C0E0EyB0B0CtDyEyDyBzz0A0EyDtDtN0D0Tzu0SzzyDtBtN1L2XzutBtFtBtDtFyCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StC0B0CyDyB0FyEzytGyE0DzytBtGyDzzyCtDtG0ByCzztDtGtDzz0C0FtByC0B0FyD0CtDyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0D0D0AyByC0ByCtGyEzzyD0CtGtCtC0C0DtG0AtAtBtDtGyEzzyByE0CyB0D0BzzzzyBtB2Q&cr=219129652&ir=
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1398708465&from=tugs&uid=HGSTXHTS541010A9E680_JA1000102B9R5P2B9R5PX&q={searchTerms}
uInternet Settings,ProxyServer = http=127.0.0.1:13932
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\
FF - prefs.js: browser.startup.homepage - hxxp://speedial.com/?f=1&a=spd_cmi_14_18_ff&cd=2XzuyEtN2Y1L1Qzu0B0C0E0EyB0B0CtDyEyDyBzz0A0EyDtDtN0D0Tzu0SzzyDtBtN1L2XzutBtFtBtDtFyCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StC0B0CyDyB0FyEzytGyE0DzytBtGyDzzyCtDtG0ByCzztDtGtDzz0C0FtByC0B0FyD0CtDyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0D0D0AyByC0ByCtGyEzzyD0CtGtCtC0C0DtG0AtAtBtDtGyEzzyByE0CyB0D0BzzzzyBtB2Q&cr=219129652&ir=
FF - prefs.js: keyword.URL - hxxp://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=A110357B-3321-456A-8A1B-86E34FBB8771&n=780bd9f3&ind=2014042611&p2=^AYY^xdm070^YYA^de&si=flvrunner&searchfor=
FF - user.js: extensions.nspdlsd.aflt - spd_cmi_14_18_ff
FF - user.js: extensions.nspdlsd.instlRef - 140305_a
FF - user.js: extensions.nspdlsd.cr - 219129652
FF - user.js: extensions.nspdlsd.cd - 2XzuyEtN2Y1L1Qzu0B0C0E0EyB0B0CtDyEyDyBzz0A0EyDtDtN0D0Tzu0SzzyDtBtN1L2XzutBtFtBtDtFyCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StC0B0CyDyB0FyEzytGyE0DzytBtGyDzzyCtDtG0ByCzztDtGtDzz0C0FtByC0B0FyD0CtDyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0D0D0AyByC0ByCtGyEzzyD0CtGtCtC0C0DtG0AtAtBtDtGyEzzyByE0CyB0D0BzzzzyBtB2Q
FF - user.js: extensions.autoDisableScopes - 0
FF - user.js: extensions.shownSelectionUI - true
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
Wow6432Node-HKLM-Run-fst_de_7 - c:\program files (x86)\fst_de_7\fst_de_7.exe
Toolbar-Locked - (no file)
ShellIconOverlayIdentifiers-{F241C880-6982-4CE5-8CF7-7085BA96DA5A} - (no file)
ShellIconOverlayIdentifiers-{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} - (no file)
ShellIconOverlayIdentifiers-{BBACC218-34EA-4666-9D7A-C78F2274A524} - (no file)
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc_moh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
   00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
@SACL=(02 0000)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
c:\program files (x86)\ASUS\Splendid\ACMON.exe
c:\program files (x86)\Activeris AntiMalware\ActiverisAntiMalware.exe
c:\program files (x86)\ASUS\Splendid\ColorUService.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
c:\program files (x86)\Avira\AntiVir Desktop\avguard.exe
c:\program files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\PnkBstrB.exe
c:\program files\ASUS\P4G\InsOnWMI.exe
c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
c:\program files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
c:\program files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
c:\program files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-05-01  19:48:32 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-05-01 17:48
.
Vor Suchlauf: 9 Verzeichnis(se), 329.522.618.368 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 329.644.441.600 Bytes frei
.
- - End Of File - - 2A26C726A8FF426191A7A72CE7302D83


Alt 02.05.2014, 16:42   #6
schrauber
/// the machine
/// TB-Ausbilder
 
Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira - Standard

Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
--> Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira

Alt 02.05.2014, 20:56   #7
Damiani
 
Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira - Standard

Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira


Unzählige Löschungen sind auf ein Neues entstanden. Malware Bytes Anti Malware fand über 400 schädliche Anwendungen.

Suchlauf- und Schutzprotokoll:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 02.05.2014
Suchlauf-Zeit: 20:20:21
Logdatei: mbam_suchlauf.txt
Administrator: Ja

Version: 2.00.1.1004
Malware Datenbank: v2014.05.02.10
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert

Betriebssystem: Windows 8
CPU: x64
Dateisystem: NTFS
Benutzer: Jaspar

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 287264
Verstrichene Zeit: 28 Min, 32 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 6
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack\updateScanTack.exe, 7904, Löschen bei Neustart, [8d73b050ea163dc3e374ed732dd4fc04]
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack\bin\utilScanTack.exe, 7940, Löschen bei Neustart, [20e0827ed52b7f814c0b86dae918c838]
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack\bin\ScanTack.BrowserAdapter.exe, 5416, Löschen bei Neustart, [b64a629e738d44bc638c1d6557abc53b]
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack\bin\ScanTack.PurBrowse64.exe, 3944, Löschen bei Neustart, [b64a629e738d44bc638c1d6557abc53b]
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfKF161.exe, 3732, Löschen bei Neustart, [17e967996799847cd5ae215c887a34cc]
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf-soft\BlockNSurf.exe, 5852, Löschen bei Neustart, [39c7df21b44c8c7421e2a3ccd131f10f]

Module: 2
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack\bin\{9acd1534-e8f8-40cb-b5ac-4996fe01175b}.dll, Löschen bei Neustart, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfKF161.dll, Löschen bei Neustart, [39c7df21b44c8c7421e2a3ccd131f10f], 

Registrierungsschlüssel: 43
PUP.Optional.ScanTack.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update ScanTack, In Quarantäne, [8d73b050ea163dc3e374ed732dd4fc04], 
PUP.Optional.ScanTack.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util ScanTack, In Quarantäne, [20e0827ed52b7f814c0b86dae918c838], 
PUP.Optional.MediaPlayerplus.A, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110511421146}, In Quarantäne, [bb45c739ea16ac546f0e6602e21f2bd5], 
PUP.Optional.MediaPlayerplus.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110511421146}, In Quarantäne, [bb45c739ea16ac546f0e6602e21f2bd5], 
PUP.Optional.MediaPlayerplus.A, HKLM\SOFTWARE\CLASSES\CLSID\{22222222-2222-2222-2222-220522422246}, In Quarantäne, [bb45c739ea16ac546f0e6602e21f2bd5], 
PUP.Optional.MediaPlayerplus.A, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110511421146}\INPROCSERVER32, In Quarantäne, [bb45c739ea16ac546f0e6602e21f2bd5], 
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [f30dd52b0ff1c43cfe5b67eda35f3cc4], 
PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, In Quarantäne, [f30dd52b0ff1c43cfe5b67eda35f3cc4], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [43bd31cf02fef10f2e1e1609d9293fc1], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [43bd31cf02fef10f2e1e1609d9293fc1], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [43bd31cf02fef10f2e1e1609d9293fc1], 
PUP.Optional.ScanTack.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{d332cff8-358e-4c9e-8af3-a08872ef22c1}, In Quarantäne, [d82812eef50bc33dbdcfe03e6d95ce32], 
PUP.Optional.ScanTack.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{D332CFF8-358E-4C9E-8AF3-A08872EF22C1}, In Quarantäne, [d82812eef50bc33dbdcfe03e6d95ce32], 
PUP.Optional.ScanTack.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ScanTack, In Quarantäne, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.ScanTack.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}, In Quarantäne, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.ScanTack.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, In Quarantäne, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.ScanTack.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, In Quarantäne, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.ScanTack.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, In Quarantäne, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.ScanTack.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, In Quarantäne, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.ScanTack.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, In Quarantäne, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.ScanTack.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, In Quarantäne, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21636, In Quarantäne, [ce3244bc5fa1a7592c044e3154ae9e62], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\27058, In Quarantäne, [39c732ce09f7bc4470c09be49d6511ef], 
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [fa06b34dc23e20e024e1f1bde32057a9], 
PUP.Optional.MediaPlayerplus.A, HKLM\SOFTWARE\WOW6432NODE\MediaPlayerplus, In Quarantäne, [44bc7a86659bd22e4dec7b03a75bda26], 
PUP.Optional.ScanTack.A, HKLM\SOFTWARE\WOW6432NODE\ScanTack, In Quarantäne, [ab554fb18e72b050ef027f031ee4a35d], 
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\webssearchesSoftware, In Quarantäne, [d82822de4cb45ba520f12f50ae54817f], 
PUP.Optional.FirstSeenToday.A, HKLM\SOFTWARE\WOW6432NODE\FREE_SOFT_TODAY\fst_de_7, In Quarantäne, [98689d630df305fbeaeae88f15ed3fc1], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\21636, In Quarantäne, [f10f49b7ec14f70935fb8ff057ab956b], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\27058, In Quarantäne, [8d73a9570cf46d937bb5fc83649e22de], 
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [ed1352ae0cf45ca4e2232a84cc370af6], 
PUP.Optional.BlockAndSurf.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\BlockAndSurf, In Quarantäne, [17e967996799847cd5ae215c887a34cc], 
PUP.Optional.MediaPlayerplus.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\MediaPlayerplus, Löschen bei Neustart, [bc44e51b6a9614ec27147a0457ab3bc5], 
PUP.Optional.ScanTack.A, HKU\S-1-5-21-705164964-436951070-2432176924-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ScanTack, Löschen bei Neustart, [d8288080877946ba2cc4087ae2209967], 
PUP.Optional.MediaPlayerplus.A, HKU\S-1-5-21-705164964-436951070-2432176924-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\MediaPlayerplus, Löschen bei Neustart, [7b85d22e26da57a9fd3e532b37cb08f8], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-705164964-436951070-2432176924-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Löschen bei Neustart, [629efa06768a60a0888a4547f9097d83], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-705164964-436951070-2432176924-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Löschen bei Neustart, [af51d22ee51bbc44f743edb510f358a8], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-705164964-436951070-2432176924-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21636, Löschen bei Neustart, [699717e96c9459a7b27fcdb219e96f91], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-705164964-436951070-2432176924-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\27058, Löschen bei Neustart, [d32d50b0669aa15f98993748be44e41c], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-705164964-436951070-2432176924-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Freeven, Löschen bei Neustart, [c33d4fb1a7593ac68f08681a8e7447b9], 
PUP.Optional.Qone8, HKU\S-1-5-21-705164964-436951070-2432176924-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Löschen bei Neustart, [08f850b0a25e7d83de268c2238cb3ec2], 
PUP.Optional.BlockAndSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\42F1E98D-0FAF-5DB4-FEBA-534A5CE9ADE7, In Quarantäne, [39c7df21b44c8c7421e2a3ccd131f10f], 
Adware.EoRezo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\fst_de_7_is1, In Quarantäne, [31cf2ed2000010f0628876fa768ceb15], 

Registrierungswerte: 3
PUP.Optional.QuickStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|quick_start@gmail.com, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com, In Quarantäne, [39c7a65ad927c33d3c92c3bc6c96936d]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-705164964-436951070-2432176924-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 1V2X1Q1R1M1F, Löschen bei Neustart, [af51d22ee51bbc44f743edb510f358a8]
PUP.Optional.BlockAndSurf.A, HKU\S-1-5-21-705164964-436951070-2432176924-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|BlockNSurf, C:\Program Files (x86)\BlockAndSurf-soft\BlockNSurf.exe, Löschen bei Neustart, [39c7df21b44c8c7421e2a3ccd131f10f]

Registrierungsdaten: 5
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[728ebb45f20e03fd6cdcbb7dba4a18e8]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://istart.webssearches.com/web/?type=ds&ts=1398708465&from=tugs&uid=HGSTXHTS541010A9E680_JA1000102B9R5P2B9R5PX&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/web/?type=ds&ts=1398708465&from=tugs&uid=HGSTXHTS541010A9E680_JA1000102B9R5P2B9R5PX&q={searchTerms}),Ersetzt,[cd3315eb90704fb19d78ec42ba4a3cc4]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://istart.webssearches.com/?type=hp&ts=1398708465&from=tugs&uid=HGSTXHTS541010A9E680_JA1000102B9R5P2B9R5PX, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1398708465&from=tugs&uid=HGSTXHTS541010A9E680_JA1000102B9R5P2B9R5PX),Ersetzt,[db251fe19d6313ede92ac06e09fbc63a]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[5ca4aa5610f06799390f79bffc083bc5]
PUP.Optional.Conduit.A, HKU\S-1-5-21-705164964-436951070-2432176924-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://search.conduit.com/?gd=&ctid=CT3325582&octid=EB_ORIGINAL_CTID&ISID=MDBA52EED-7457-4DBD-90A1-472A2C2BE351&SearchSource=55&CUI=&UM=2&UP=SPEAFA9A0E-76D6-494C-999F-429BEF4A50E9&SSPV=, Gut: (hxxp://www.google.com), Schlecht: (hxxp://search.conduit.com/?gd=&ctid=CT3325582&octid=EB_ORIGINAL_CTID&ISID=MDBA52EED-7457-4DBD-90A1-472A2C2BE351&SearchSource=55&CUI=&UM=2&UP=SPEAFA9A0E-76D6-494C-999F-429BEF4A50E9&SSPV=),Löschen bei Neustart,[e020649c6997c63a9120ab832dd7ab55]

Ordner: 100
Adware.EoRezo, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free_soft_today, In Quarantäne, [e719966adc244cb41487b6c4c83aaf51], 
PUP.Optional.MediaPlayerplus.A, C:\Program Files (x86)\MediaPlayerplus, In Quarantäne, [f10fbe42718fe21e1d1aff7fba48f50b], 
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack, Löschen bei Neustart, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack\bin, Löschen bei Neustart, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack\bin\plugins, In Quarantäne, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack\bin\TEMP, In Quarantäne, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\content, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\content\include, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\content\include\tools, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\content\js, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\en, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\en-US, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\es, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\es-419, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\fr, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\fr-BE, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\fr-CA, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\fr-CH, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\fr-LU, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\it, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\it-CH, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\pl, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\pt-BR, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\ru, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\ru-MO, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\tr, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\vi, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\zh-CN, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\zh-TW, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\skin, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\skin\weather, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\defaults, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\defaults\preferences, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\modules, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\js, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\en, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\es, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\es_419, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\fr, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\fr-BE, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\fr-CA, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\fr-CH, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\fr-LU, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\it, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\it-CH, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\pl, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\pt, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\pt_BR, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\ru, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\ru-MO, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\tr, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\vi, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\zh_CN, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\zh_TW, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.WebsSearches.A, C:\Users\Jaspar\AppData\Roaming\webssearches, In Quarantäne, [a85814eca060857b161ffe705fa3bb45], 
PUP.Optional.WebsSearches.A, C:\Users\Jaspar\AppData\Roaming\webssearches\images, In Quarantäne, [a85814eca060857b161ffe705fa3bb45], 
PUP.Optional.WebsSearches.A, C:\Users\Jaspar\AppData\Roaming\webssearches\log, In Quarantäne, [a85814eca060857b161ffe705fa3bb45], 
PUP.Optional.CrossRider.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd, In Quarantäne, [36ca1ee2dc2406fa018492dcef1352ae], 
PUP.Optional.CrossRider.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.27_0, In Quarantäne, [36ca1ee2dc2406fa018492dcef1352ae], 
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf-soft, Löschen bei Neustart, [39c7df21b44c8c7421e2a3ccd131f10f], 
PUP.Optional.MindSpark.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\8hffxtbr@Allin1Convert_8h.com, In Quarantäne, [43bda15f19e7956b93440e6224dec838], 
PUP.Optional.MindSpark.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\8hffxtbr@Allin1Convert_8h.com\chrome, In Quarantäne, [43bda15f19e7956b93440e6224dec838], 
PUP.Optional.MindSpark.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\8hffxtbr@Allin1Convert_8h.com\META-INF, In Quarantäne, [43bda15f19e7956b93440e6224dec838], 
PUP.Optional.MindSpark.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\8hffxtbr@Allin1Convert_8h.com\plugins, In Quarantäne, [43bda15f19e7956b93440e6224dec838], 
Adware.EoRezo, C:\Users\Jaspar\AppData\Local\fst_de_7, In Quarantäne, [17e97987a15f5fa16e798ee25da5b050], 
Adware.EoRezo, C:\Users\Jaspar\AppData\Local\fst_de_7\Download, In Quarantäne, [17e97987a15f5fa16e798ee25da5b050], 
Adware.EoRezo, C:\Program Files (x86)\fst_de_7, In Quarantäne, [31cf2ed2000010f0628876fa768ceb15], 
PUP.Optional.MindSpark.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\Allin1Convert_8h, Löschen bei Neustart, [d12fc73911efdd23d24c244d39c9dc24], 

Dateien: 243
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack\updateScanTack.exe, Löschen bei Neustart, [8d73b050ea163dc3e374ed732dd4fc04], 
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack\bin\utilScanTack.exe, Löschen bei Neustart, [20e0827ed52b7f814c0b86dae918c838], 
PUP.Optional.MediaPlayerplus.A, C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bho64.dll, In Quarantäne, [bb45c739ea16ac546f0e6602e21f2bd5], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SupTab.dll, In Quarantäne, [43bd31cf02fef10f2e1e1609d9293fc1], 
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack\ScanTackBHO.dll, In Quarantäne, [d82812eef50bc33dbdcfe03e6d95ce32], 
PUP.Optional.SupTab.A, C:\Users\Jaspar\AppData\Roaming\SupTab\SupTab.dll, In Quarantäne, [c04013edb947fc04e26b260f32ceda26], 
PUP.Optional.BundleInstaller.A, C:\Users\Jaspar\Downloads\Player_Setup.exe, In Quarantäne, [4eb2e51b6799d927d9c1ac96956c9070], 
PUP.Optional.RegCleanPro, C:\Users\Jaspar\Downloads\regclean_my40945.exe, In Quarantäne, [d22ed62a669a8e7293f993a1b749847c], 
Adware.EoRezo, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free_soft_today\Freesofttoday.lnk, In Quarantäne, [e719966adc244cb41487b6c4c83aaf51], 
PUP.Optional.BlockAndSurf.A, C:\Windows\Tasks\BlockAndSurf Update.job, In Quarantäne, [bb4537c9ed13ce326d14cbb20ef41be5], 
PUP.Optional.BlockAndSurf.A, C:\Windows\Tasks\BlockAndSurf_wd.job, In Quarantäne, [5ba509f736caf907057cdf9ee41e6997], 
PUP.Optional.CrossRider.A, C:\Windows\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-1.job, In Quarantäne, [23dd45bb3dc37b852b80730af80a5fa1], 
PUP.Optional.CrossRider.A, C:\Windows\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-2.job, In Quarantäne, [0ff1e818ee12000092194538d62c17e9], 
PUP.Optional.CrossRider.A, C:\Windows\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-3.job, In Quarantäne, [0ff11be5df216f91a9023c41f111ec14], 
PUP.Optional.CrossRider.A, C:\Windows\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-4.job, In Quarantäne, [2fd1f40c3cc46a962487295426dc728e], 
PUP.Optional.CrossRider.A, C:\Windows\Tasks\6e36e8b7-5a33-405b-889f-ed80ffb3f521-5.job, In Quarantäne, [dc24738d748c39c7a60546378a78a65a], 
PUP.Optional.CrossRider.A, C:\Windows\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-1.job, In Quarantäne, [b14ff30dd12fbc44c2e9e29b0bf743bd], 
PUP.Optional.CrossRider.A, C:\Windows\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-2.job, In Quarantäne, [fa062fd1a15f2ad647640d70db27619f], 
PUP.Optional.CrossRider.A, C:\Windows\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-3.job, In Quarantäne, [ff014ab6f20ecd33e0cb6914798942be], 
PUP.Optional.CrossRider.A, C:\Windows\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-4.job, In Quarantäne, [f10f6a9603fd50b00aa13c417f83dc24], 
PUP.Optional.CrossRider.A, C:\Windows\Tasks\923e656c-7931-4c44-9b19-6d3c00ebfbd9-5.job, In Quarantäne, [fe02de226f91a15feebd493441c1b34d], 
PUP.Optional.MediaPlayerplus.A, C:\Program Files (x86)\MediaPlayerplus\background.html, In Quarantäne, [f10fbe42718fe21e1d1aff7fba48f50b], 
PUP.Optional.MediaPlayerplus.A, C:\Program Files (x86)\MediaPlayerplus\54246.crx, In Quarantäne, [f10fbe42718fe21e1d1aff7fba48f50b], 
PUP.Optional.MediaPlayerplus.A, C:\Program Files (x86)\MediaPlayerplus\54246.xpi, In Quarantäne, [f10fbe42718fe21e1d1aff7fba48f50b], 
PUP.Optional.MediaPlayerplus.A, C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus.ico, In Quarantäne, [f10fbe42718fe21e1d1aff7fba48f50b], 
PUP.Optional.MediaPlayerplus.A, C:\Program Files (x86)\MediaPlayerplus\Uninstall.exe, In Quarantäne, [f10fbe42718fe21e1d1aff7fba48f50b], 
PUP.Optional.MediaPlayerplus.A, C:\Program Files (x86)\MediaPlayerplus\utils.exe, In Quarantäne, [f10fbe42718fe21e1d1aff7fba48f50b], 
PUP.Optional.WebsSearches.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\webssearches.xml, In Quarantäne, [68985ea2768ad22e4fc47e019d653ac6], 
PUP.Optional.Conduit.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\searchplugins\conduit-search.xml, In Quarantäne, [d82852ae748c936d72773749c33fbe42], 
PUP.Optional.ScanTack.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\{9acd1534-e8f8-40cb-b5ac-4996fe01175b}.xpi, In Quarantäne, [28d849b7c04046ba3958ceb306fc8878], 
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack\ScanTack.ico, In Quarantäne, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack\0, In Quarantäne, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack\7za.exe, In Quarantäne, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack\ScanTackUninstall.exe, In Quarantäne, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack\updateScanTack.InstallState, In Quarantäne, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack\bin\7za.exe, In Quarantäne, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack\bin\BrowserAdapterS.7z, In Quarantäne, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack\bin\ScanTack.BrowserAdapter.exe, Löschen bei Neustart, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack\bin\ScanTack.PurBrowse64.exe, Löschen bei Neustart, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack\bin\ScanTack.PurBrowseG.zip, In Quarantäne, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack\bin\ScanTackBAApp.dll, In Quarantäne, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack\bin\sqlite3.dll, In Quarantäne, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack\bin\utilScanTack.InstallState, In Quarantäne, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack\bin\{9acd1534-e8f8-40cb-b5ac-4996fe01175b}.dll, Löschen bei Neustart, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack\bin\plugins\ScanTack.Bromon.dll, In Quarantäne, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack\bin\plugins\ScanTack.BrowserAdapterS.dll, In Quarantäne, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack\bin\plugins\ScanTack.CompatibilityChecker.dll, In Quarantäne, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack\bin\plugins\ScanTack.FFUpdate.dll, In Quarantäne, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack\bin\plugins\ScanTack.IEUpdate.dll, In Quarantäne, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.ScanTack.A, C:\Program Files (x86)\ScanTack\bin\plugins\ScanTack.PurBrowseG.dll, In Quarantäne, [b64a629e738d44bc638c1d6557abc53b], 
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, In Quarantäne, [2dd3a858946c17e95a73b8cdbe44e719], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\install.data, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\DpInterface32.dll, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\DpInterface64.dll, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\DpInterfacef32.dll, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\ient.json, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\RSHP.exe, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SearchProtect32.dll, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SearchProtect64.dll, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SpAPPSv32.dll, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SpAPPSv64.dll, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\uninstall.exe, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WebDataJs, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\data.html, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE.html, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE8.html, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\main.css, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\ver.txt, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\arrow.png, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_add_logo.png, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_add_logo_hover.png, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_logo.png, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\googlelogo.png, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\googlelogo2.png, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\google_trends.png, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon128.png, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon16.png, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon48.png, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\loading.gif, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\logo32.ico, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\0.png, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\common.js, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ga.js, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ie8.js, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery-1.11.0.min.js, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\js.js, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\library.js, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\xagainit.js, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt\messages.json, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json, In Quarantäne, [18e86e92946c679938912c5caa58f010], 
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfKF161.exe, Löschen bei Neustart, [17e967996799847cd5ae215c887a34cc], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome.manifest, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\install.rdf, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\content\index.html, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\content\quick_start.js, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\content\quick_start.xul, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\content\include\speed_dial.js, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\content\include\tools\about_blank_hook.js, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\content\include\tools\misc.js, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\content\include\tools\popup_image_helper.js, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\content\include\tools\urlrequestor.js, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\content\js\common.js, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\content\js\doT.min.js, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\content\js\ga.js, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\content\js\jquery-2.1.0.min.js, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\content\js\jquery.autocomplete.js, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\content\js\js.js, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\content\js\xagainit.js, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\en\locale.properties, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\en-US\locale.properties, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\es\locale.properties, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\es-419\locale.properties, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\fr\locale.properties, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\fr-BE\locale.properties, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\fr-CA\locale.properties, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\fr-CH\locale.properties, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\fr-LU\locale.properties, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\it\locale.properties, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\it-CH\locale.properties, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\pl\locale.properties, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\pt-BR\locale.properties, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\ru\locale.properties, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\ru-MO\locale.properties, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\tr\locale.properties, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\vi\locale.properties, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\zh-CN\locale.properties, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\locale\zh-TW\locale.properties, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\skin\arrow.png, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\skin\default_add_logo.png, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\skin\default_add_logo_hover.png, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\skin\default_logo.png, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\skin\googlelogo.png, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\skin\googlelogo2.png, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\skin\google_trends.png, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\skin\icon.png, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\skin\loading.gif, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\skin\logo.ico, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\skin\logo.png, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\skin\logo32.ico, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\skin\style.css, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\chrome\skin\weather\0.png, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\defaults\preferences\fvd.js, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\modules\addonmanager.js, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\modules\aes.js, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\modules\config.js, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\modules\dialogs.js, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\modules\last_tab.js, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\modules\misc.js, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\modules\properties.js, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\modules\remoterequest.js, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\modules\restoreprefs.js, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\quick_start@gmail.com\modules\settings.js, In Quarantäne, [af5157a99f6126da7c57de8f33cf966a], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\background.html, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\index.html, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\manifest.json, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\style.css, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img\default_logo.png, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img\icon128.png, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img\icon16.png, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img\icon48.png, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img\loading.gif, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img\search.png, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img\weather.eot, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img\weather.svg, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img\weather.ttf, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\img\weather.woff, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\js\background.js, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\js\ga.js, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\js\inject.js, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\js\jquery-base.js, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\js\jquery.autocomplete.js, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\js\js.js, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\js\xagainit.js, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\en\messages.json, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\es\messages.json, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\es_419\messages.json, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\fr\messages.json, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\fr-BE\messages.json, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\fr-CA\messages.json, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\fr-CH\messages.json, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\fr-LU\messages.json, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\it\messages.json, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\it-CH\messages.json, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\pl\messages.json, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\pt\messages.json, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\pt_BR\messages.json, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\ru\messages.json, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\ru-MO\messages.json, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\tr\messages.json, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\vi\messages.json, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\zh_CN\messages.json, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.QuickStart.A, C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\3.2.3_0\_locales\zh_TW\messages.json, In Quarantäne, [b94746ba54ac946c755f1b52da2823dd], 
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf-soft\161.crx, In Quarantäne, [39c7df21b44c8c7421e2a3ccd131f10f], 
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf-soft\161.dat, In Quarantäne, [39c7df21b44c8c7421e2a3ccd131f10f], 
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf-soft\161.xpi, In Quarantäne, [39c7df21b44c8c7421e2a3ccd131f10f], 
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf-soft\a.db, In Quarantäne, [39c7df21b44c8c7421e2a3ccd131f10f], 
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf-soft\b.db, In Quarantäne, [39c7df21b44c8c7421e2a3ccd131f10f], 
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfKF161.bin, In Quarantäne, [39c7df21b44c8c7421e2a3ccd131f10f], 
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfKF161.dll, Löschen bei Neustart, [39c7df21b44c8c7421e2a3ccd131f10f], 
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfKF161.ini, In Quarantäne, [39c7df21b44c8c7421e2a3ccd131f10f], 
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf-soft\BlockAndSurfp72.exe, In Quarantäne, [39c7df21b44c8c7421e2a3ccd131f10f], 
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf-soft\BlockNSurf.exe, Löschen bei Neustart, [39c7df21b44c8c7421e2a3ccd131f10f], 
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf-soft\Sqlite3.dll, In Quarantäne, [39c7df21b44c8c7421e2a3ccd131f10f], 
PUP.Optional.BlockAndSurf.A, C:\Program Files (x86)\BlockAndSurf-soft\Uninstall.exe, In Quarantäne, [39c7df21b44c8c7421e2a3ccd131f10f], 
PUP.Optional.MindSpark.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\8hffxtbr@Allin1Convert_8h.com\bootstrap.js, In Quarantäne, [43bda15f19e7956b93440e6224dec838], 
PUP.Optional.MindSpark.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\8hffxtbr@Allin1Convert_8h.com\chrome.manifest, In Quarantäne, [43bda15f19e7956b93440e6224dec838], 
PUP.Optional.MindSpark.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\8hffxtbr@Allin1Convert_8h.com\install.rdf, In Quarantäne, [43bda15f19e7956b93440e6224dec838], 
PUP.Optional.MindSpark.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\8hffxtbr@Allin1Convert_8h.com\install_old.rdf, In Quarantäne, [43bda15f19e7956b93440e6224dec838], 
PUP.Optional.MindSpark.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\8hffxtbr@Allin1Convert_8h.com\chrome\8hffxtbr.jar, In Quarantäne, [43bda15f19e7956b93440e6224dec838], 
PUP.Optional.MindSpark.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\8hffxtbr@Allin1Convert_8h.com\META-INF\manifest.mf, In Quarantäne, [43bda15f19e7956b93440e6224dec838], 
PUP.Optional.MindSpark.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\8hffxtbr@Allin1Convert_8h.com\META-INF\zigbert.rsa, In Quarantäne, [43bda15f19e7956b93440e6224dec838], 
PUP.Optional.MindSpark.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\8hffxtbr@Allin1Convert_8h.com\META-INF\zigbert.sf, In Quarantäne, [43bda15f19e7956b93440e6224dec838], 
PUP.Optional.MindSpark.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\extensions\8hffxtbr@Allin1Convert_8h.com\plugins\FF-NativeMessagingDispatcher.dll, In Quarantäne, [43bda15f19e7956b93440e6224dec838], 
Adware.EoRezo, C:\Users\Jaspar\AppData\Local\fst_de_7\upfst_de_7.cyp, In Quarantäne, [17e97987a15f5fa16e798ee25da5b050], 
Adware.EoRezo, C:\Users\Jaspar\AppData\Local\fst_de_7\user_profil.cyp, In Quarantäne, [17e97987a15f5fa16e798ee25da5b050], 
Adware.EoRezo, C:\Users\Jaspar\AppData\Local\fst_de_7\Download\majfst.exe, In Quarantäne, [17e97987a15f5fa16e798ee25da5b050], 
Adware.EoRezo, C:\Program Files (x86)\fst_de_7\freeSoftToday_widget.exe, In Quarantäne, [31cf2ed2000010f0628876fa768ceb15], 
Adware.EoRezo, C:\Program Files (x86)\fst_de_7\predm.exe, In Quarantäne, [31cf2ed2000010f0628876fa768ceb15], 
Adware.EoRezo, C:\Program Files (x86)\fst_de_7\unins000.dat, In Quarantäne, [31cf2ed2000010f0628876fa768ceb15], 
Adware.EoRezo, C:\Program Files (x86)\fst_de_7\unins000.exe, In Quarantäne, [31cf2ed2000010f0628876fa768ceb15], 
Adware.EoRezo, C:\Program Files (x86)\fst_de_7\unins000.msg, In Quarantäne, [31cf2ed2000010f0628876fa768ceb15], 
PUP.Optional.MindSpark.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\Allin1Convert_8h\A110357B-3321-456A-8A1B-86E34FBB8771.sqlite, Löschen bei Neustart, [d12fc73911efdd23d24c244d39c9dc24], 
PUP.Optional.CrossRider.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.crossrider.bic", "145a986b98ca277a42669bea3153346a");), Ersetzt,[cb35f60a956ba15f648af17255af9b65]
PUP.Optional.ASK.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.toolbar.mindspark._8hMembers_.browser.startup.homepage.tb", "hxxp://home.tb.ask.com/index.jhtml?ptb=A110357B-3321-456A-8A1B-86E34FBB8771&n=780bd9f3&p2=^AYY^xdm070^YYA^de&si=flvrunner");), Ersetzt,[738d21dfb34dd32d5b866301c440dd23]
PUP.Optional.ASK.A, C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\prefs.js, Gut: (), Schlecht: (user_pref("keyword.URL", "hxxp://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=A110357B-3321-456A-8A1B-86E34FBB8771&n=780bd9f3&ind=2014042611&p2=^AYY^xdm070^YYA^de&si=flvrunner&searchfor=");), Ersetzt,[669acb3536ca0bf5dc06a6be29db60a0]

Physische Sektoren: 0
(No malicious items detected)


(end)

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org


Protection, 02.05.2014 19:50:26, SYSTEM, LAPPI, Protection, Malware Protection, Starting, 
Protection, 02.05.2014 19:50:26, SYSTEM, LAPPI, Protection, Malware Protection, Started, 
Protection, 02.05.2014 19:50:26, SYSTEM, LAPPI, Protection, Malicious Website Protection, Starting, 
Protection, 02.05.2014 19:50:27, SYSTEM, LAPPI, Protection, Malicious Website Protection, Started, 
Update, 02.05.2014 19:50:32, SYSTEM, LAPPI, Manual, Rootkit Database, 2014.2.20.1, 2014.3.27.1, 
Update, 02.05.2014 19:50:58, SYSTEM, LAPPI, Manual, Malware Database, 2014.3.4.9, 2014.5.2.10, 
Protection, 02.05.2014 19:50:59, SYSTEM, LAPPI, Protection, Refresh, Starting, 
Protection, 02.05.2014 19:50:59, SYSTEM, LAPPI, Protection, Malicious Website Protection, Stopping, 
Protection, 02.05.2014 19:51:00, SYSTEM, LAPPI, Protection, Malicious Website Protection, Stopped, 
Protection, 02.05.2014 19:51:06, SYSTEM, LAPPI, Protection, Refresh, Success, 
Protection, 02.05.2014 19:51:06, SYSTEM, LAPPI, Protection, Malicious Website Protection, Starting, 
Protection, 02.05.2014 19:51:07, SYSTEM, LAPPI, Protection, Malicious Website Protection, Started, 
Protection, 02.05.2014 20:24:17, SYSTEM, LAPPI, Protection, Malware Protection, Starting, 
Protection, 02.05.2014 20:24:17, SYSTEM, LAPPI, Protection, Malware Protection, Started, 
Protection, 02.05.2014 20:24:17, SYSTEM, LAPPI, Protection, Malicious Website Protection, Starting, 
Protection, 02.05.2014 20:25:37, SYSTEM, LAPPI, Protection, Malicious Website Protection, Started, 
Detection, 02.05.2014 20:34:59, SYSTEM, LAPPI, Protection, Malware Protection, File, PUP.Optional.CrossRider.A, C:\Program Files (x86)\HQVro-1.91\utils.exe, Quarantine, [b0f26ddfabd0c0760313c87822deed13]
Protection, 02.05.2014 20:38:50, SYSTEM, LAPPI, Protection, Malware Protection, Starting, 
Protection, 02.05.2014 20:38:50, SYSTEM, LAPPI, Protection, Malware Protection, Started, 
Protection, 02.05.2014 20:38:50, SYSTEM, LAPPI, Protection, Malicious Website Protection, Starting, 
Protection, 02.05.2014 20:40:11, SYSTEM, LAPPI, Protection, Malicious Website Protection, Started, 

(end)

Nach dem Neustart war es nicht möglich über den Proxy-Server auf das Internet zuzugeifen. Unter Firefox musste ich die Einstellung "Kein Proxy" wählen.

Ergebnisse von adwcleaner:

Code:
ATTFilter
# AdwCleaner v3.205 - Bericht erstellt am 02/05/2014 um 21:15:10
# Aktualisiert 28/04/2014 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : Jaspar - LAPPI
# Gestartet von : C:\Users\Jaspar\Desktop\adwcleaner.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Users\Jaspar\AppData\Roaming\aps.uninstall.scan.results
Datei Gefunden : C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\searchplugins\ask-web-search.xml
Datei Gefunden : C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\user.js
Datei Gefunden : C:\Windows\System32\Tasks\Advanced System Protector
Ordner Gefunden : C:\Program Files (x86)\Advanced System Protector
Ordner Gefunden : C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Ordner Gefunden : C:\Users\Jaspar\AppData\Roaming\Activeris
Ordner Gefunden : C:\Users\Jaspar\AppData\Roaming\Advanced System Protector
Ordner Gefunden : C:\Users\Jaspar\AppData\Roaming\SupTab
Ordner Gefunden : C:\Users\Jaspar\AppData\Roaming\Systweak
Ordner Gefunden : C:\Windows\SysWOW64\AI_RecycleBin

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\blockAndSurf
Schlüssel Gefunden : HKCU\Software\Ciuvo
Schlüssel Gefunden : HKCU\Software\FreeSoftToday
Schlüssel Gefunden : HKCU\Software\installedbrowserextensions
Schlüssel Gefunden : HKCU\Software\systweak
Schlüssel Gefunden : HKCU\Software\Tutorials
Schlüssel Gefunden : HKCU\Software\TutoTag
Schlüssel Gefunden : [x64] HKCU\Software\Ciuvo
Schlüssel Gefunden : [x64] HKCU\Software\FreeSoftToday
Schlüssel Gefunden : [x64] HKCU\Software\installedbrowserextensions
Schlüssel Gefunden : [x64] HKCU\Software\systweak
Schlüssel Gefunden : [x64] HKCU\Software\Tutorials
Schlüssel Gefunden : [x64] HKCU\Software\TutoTag
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522312272}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555315572}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566316672}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gefunden : HKLM\Software\InstallCore
Schlüssel Gefunden : HKLM\Software\installedbrowserextensions
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gefunden : HKLM\Software\supTab
Schlüssel Gefunden : HKLM\Software\supWPM
Schlüssel Gefunden : HKLM\Software\systweak
Schlüssel Gefunden : HKLM\Software\Tutorials
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522312272}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555315572}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566316672}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\installedbrowserextensions

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16537

Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://istart.webssearches.com/web/?type=ds&ts=1398708465&from=tugs&uid=HGSTXHTS541010A9E680_JA1000102B9R5P2B9R5PX&q={searchTerms}

-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\prefs.js ]

Zeile gefunden : user_pref("extensions.crossrider.bic", "145a986b98ca277a42669bea3153346a");
Zeile gefunden : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.BUTTON_STRUCTURE", "[{\"b\":221360012,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":221360013,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.search.defaultenginename.savedPrev", "true");
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.search.defaultenginename.tb", "Ask Web Search");
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.search.selectedEngine.savedPrev", "true");
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.search.selectedEngine.tb", "Ask Web Search");
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.startup.homepage.savedPrev", "true");
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.startup.homepage.tb", "hxxp://home.tb.ask.com/index.jhtml?ptb=A110357B-3321-456A-8A1B-86E34FBB8771&n=780bd9f3&p2=^AYY^xdm070^YYA^de&si=flvru[...]
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.startup.page.savedPrev", 1);
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.startup.page.tb", 1);
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.firstKnownVersion", "6.33.3.42841");
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=A110357B-3321-456A-8A1B-86E34FBB8771&n=780bd9f3&p2=^AYY^xdm070^YYA^de&si=flvrunner");
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.hp.enabled", false);
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.hp.lastGuardTime", -1292075171);
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.hp.numGuards", 1);
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.hp.user.defined", true);
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.initialized", true);
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.installKeysSource", "LocalStorage");
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.installType", "XPI");
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.contextKey", "");
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.installDate", "2014042611");
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.partnerId", "^AYY^xdm070^YYA^de");
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.partnerSubId", "flvrunner");
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.pixelUrl", "hxxp://allin1convert.dl.tb.ask.com/install_pixels.jhtml?partner=^AYY^xdm070^YYA^de&coId=e9142386e1c24128acbcdfddbeb679ff&ca[...]
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.success", true);
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.toolbarId", "A110357B-3321-456A-8A1B-86E34FBB8771");
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.isCompliantUninstallImplementation", true);
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.lastActivePing", "1399040229558");
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.lastKnownVersion", "6.33.3.42841");
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.options.defaultSearch", true);
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.options.homePageEnabled", true);
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.options.keywordEnabled", true);
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.options.tabEnabled", true);
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.partnerPixelFired", true);
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.successUrl", "hxxp://flvrunner.com/thankyou.php");
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.toolbarCollapsed", true);
Zeile gefunden : user_pref("extensions.toolbar.mindspark._8hMembers_.weather.location", "10001");
Zeile gefunden : user_pref("extensions.toolbar.mindspark.hp.enabled", false);
Zeile gefunden : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "");
Zeile gefunden : user_pref("extensions.toolbar.mindspark.lastInstalled", "allin1convert@mindspark.com");

-\\ Google Chrome v34.0.1847.131

[ Datei : C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gefunden [Extension] : bopakagnckmlgajfccecajhnimjiiedh

*************************

AdwCleaner[R0].txt - [9034 octets] - [02/05/2014 21:15:10]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [9094 octets] ##########

Code:
ATTFilter
# AdwCleaner v3.205 - Bericht erstellt am 02/05/2014 um 21:16:34
# Aktualisiert 28/04/2014 von Xplode
# Betriebssystem : Windows 8  (64 bits)
# Benutzername : Jaspar - LAPPI
# Gestartet von : C:\Users\Jaspar\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files (x86)\Advanced System Protector
Ordner Gelöscht : C:\Windows\SysWOW64\AI_RecycleBin
Ordner Gelöscht : C:\Users\Jaspar\AppData\Roaming\Activeris
Ordner Gelöscht : C:\Users\Jaspar\AppData\Roaming\Advanced System Protector
Ordner Gelöscht : C:\Users\Jaspar\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\Jaspar\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Datei Gelöscht : C:\Users\Jaspar\AppData\Roaming\aps.uninstall.scan.results
Datei Gelöscht : C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\searchplugins\ask-web-search.xml
Datei Gelöscht : C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\user.js
Datei Gelöscht : C:\Windows\System32\Tasks\Advanced System Protector

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522312272}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555315572}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566316672}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220522312272}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555315572}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566316672}
Schlüssel Gelöscht : HKCU\Software\Ciuvo
Schlüssel Gelöscht : HKCU\Software\FreeSoftToday
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\Tutorials
Schlüssel Gelöscht : HKCU\Software\TutoTag
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\blockAndSurf
Schlüssel Gelöscht : HKLM\Software\InstallCore
Schlüssel Gelöscht : HKLM\Software\installedbrowserextensions
Schlüssel Gelöscht : HKLM\Software\supTab
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\Tutorials
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\installedbrowserextensions

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16537

Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\prefs.js ]

Zeile gelöscht : user_pref("extensions.crossrider.bic", "145a986b98ca277a42669bea3153346a");
Zeile gelöscht : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.BUTTON_STRUCTURE", "[{\"b\":221360012,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":221360013,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.search.defaultenginename.savedPrev", "true");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.search.defaultenginename.tb", "Ask Web Search");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.search.selectedEngine.savedPrev", "true");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.search.selectedEngine.tb", "Ask Web Search");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.startup.homepage.savedPrev", "true");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.startup.homepage.tb", "hxxp://home.tb.ask.com/index.jhtml?ptb=A110357B-3321-456A-8A1B-86E34FBB8771&n=780bd9f3&p2=^AYY^xdm070^YYA^de&si=flvru[...]
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.startup.page.savedPrev", 1);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.startup.page.tb", 1);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.firstKnownVersion", "6.33.3.42841");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=A110357B-3321-456A-8A1B-86E34FBB8771&n=780bd9f3&p2=^AYY^xdm070^YYA^de&si=flvrunner");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.hp.enabled", false);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.hp.lastGuardTime", -1292075171);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.hp.numGuards", 1);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.hp.user.defined", true);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.initialized", true);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.installKeysSource", "LocalStorage");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.installType", "XPI");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.contextKey", "");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.installDate", "2014042611");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.partnerId", "^AYY^xdm070^YYA^de");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.partnerSubId", "flvrunner");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.pixelUrl", "hxxp://allin1convert.dl.tb.ask.com/install_pixels.jhtml?partner=^AYY^xdm070^YYA^de&coId=e9142386e1c24128acbcdfddbeb679ff&ca[...]
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.success", true);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.toolbarId", "A110357B-3321-456A-8A1B-86E34FBB8771");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.isCompliantUninstallImplementation", true);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.lastActivePing", "1399040229558");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.lastKnownVersion", "6.33.3.42841");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.options.defaultSearch", true);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.options.homePageEnabled", true);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.options.keywordEnabled", true);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.options.tabEnabled", true);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.partnerPixelFired", true);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.successUrl", "hxxp://flvrunner.com/thankyou.php");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.toolbarCollapsed", true);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.weather.location", "10001");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark.hp.enabled", false);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark.lastInstalled", "allin1convert@mindspark.com");

-\\ Google Chrome v34.0.1847.131

[ Datei : C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Extension] : bopakagnckmlgajfccecajhnimjiiedh

*************************

AdwCleaner[R0].txt - [9218 octets] - [02/05/2014 21:15:10]
AdwCleaner[S0].txt - [8669 octets] - [02/05/2014 21:16:34]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8729 octets] ##########

JRT hat dann die Schwierigkeiten mit dem Proxy beseitigen können:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8 x64
Ran by Jaspar on 02.05.2014 at 21:30:08,94
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Users\Jaspar\AppData\Roaming\mozilla\firefox\profiles\7gzgvd2b.default\prefs.js

user_pref("keyword.URL", "hxxp://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=A110357B-3321-456A-8A1B-86E34FBB8771&n=780bd9f3&ind=2014042611&p2=^AYY^xdm070^YYA^de&si=flvru
Emptied folder: C:\Users\Jaspar\AppData\Roaming\mozilla\firefox\profiles\7gzgvd2b.default\minidumps [5 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 02.05.2014 at 21:37:45,10
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Ungewöhnliche (mir unbekannte) Anwendungen scheinen sich trotzdem immer noch auf dem PC zu befinden. Beispiel:

KBfiltr.exe

Andere Anwendungen scheinen - nach Netz-Überprüfung -sich legitimerweise auf dem PC zu befinden (ASUS-Prozesse, Intel usw.)

Gruß

Alt 04.05.2014, 07:20   #8
schrauber
/// the machine
/// TB-Ausbilder
 
Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira - Standard

Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira


Zitat:
Nach dem Neustart war es nicht möglich über den Proxy-Server auf das Internet zuzugeifen.
Du nutzt also mit Absicht einen Proxy?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 04.05.2014, 15:53   #9
Damiani
 
Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira - Standard

Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira


Geflissentlich - denke ich nicht. Es war die Standardeinstellung über Firefox gewesen, sofern solch' eine existiert. An den Einstellungen habe ich bisher noch nie gespielt gehabt, bis ich dann auf den Hinweis von Mozilla stoß und in den Konfigurationen daraufhin - damit ich eine Möglichkeit besaß Sie zu kontaktieren - "kein Proxy" wählte.

Alt 05.05.2014, 11:57   #10
schrauber
/// the machine
/// TB-Ausbilder
 
Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira - Standard

Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira


Ah ok


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 05.05.2014, 19:22   #11
Damiani
 
Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira - Standard

Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira


ESET fragt mich nach einem Proxy oder Ähnlichem. Wie sich so etwas einrichten lässt, ist mir fremd.

Doch hier zu SecurityCheck:

Code:
ATTFilter
 Results of screen317's Security Check version 0.99.82  
   x64 (UAC is enabled)  
 Internet Explorer 10 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop      
Windows Defender   
 Antivirus out of date! (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Adobe Flash Player 	13.0.0.206  
 Mozilla Firefox (28.0) 
 Google Chrome 34.0.1847.131  
````````Process Check: objlist.exe by Laurent````````  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log``````````````````````

Alt 06.05.2014, 16:23   #12
schrauber
/// the machine
/// TB-Ausbilder
 
Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira - Standard

Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira


Mach bitte mal einen Vollscan mit deinem Antivirus Programm. Ebenso bitte noch das frische FRST log posten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.05.2014, 18:16   #13
Damiani
 
Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira - Standard

Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira


Avira fand nichts, fand aber auch bevor ich mich gemeldet habe nichts.
FRST:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 29-04-2014 (ATTENTION: ====> FRST version is 8 days old and could be outdated)
Ran by Jaspar (administrator) on LAPPI on 07-05-2014 19:13:45
Running from C:\Users\Jaspar\Downloads
Windows 8 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnSrv.exe
() C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Windows\SysWOW64\PnkBstrB.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\LogonUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Splendid\ColorUService.exe
(ASUS) C:\Program Files\ASUS\P4G\BatteryLife.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files\ASUS\P4G\InsOnWMI.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Activeris) C:\Program Files (x86)\Activeris AntiMalware\ActiverisAntiMalware.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\APRP\aprp.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Intel Corporation) C:\Windows\system32\igfxpers.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13263072 2012-12-12] (Realtek Semiconductor)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe [35736 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [932288 2010-11-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ASUSPRP] => C:\Program Files (x86)\ASUS\APRP\APRP.EXE [3187360 2013-04-26] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ASUSWebStorage] => C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe [3576784 2012-12-19] (ASUS Cloud Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-02-14] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [245872 2013-05-24] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-05-24] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13878
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://speedial.com/?f=1&a=spd_cmi_14_18_ff&cd=2XzuyEtN2Y1L1Qzu0B0C0E0EyB0B0CtDyEyDyBzz0A0EyDtDtN0D0Tzu0SzzyDtBtN1L2XzutBtFtBtDtFyCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StC0B0CyDyB0FyEzytGyE0DzytBtGyDzzyCtDtG0ByCzztDtGtDzz0C0FtByC0B0FyD0CtDyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0D0D0AyByC0ByCtGyEzzyD0CtGtCtC0C0DtG0AtAtBtDtGyEzzyByE0CyB0D0BzzzzyBtB2Q&cr=219129652&ir=
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://speedial.com/?f=1&a=spd_cmi_14_18_ff&cd=2XzuyEtN2Y1L1Qzu0B0C0E0EyB0B0CtDyEyDyBzz0A0EyDtDtN0D0Tzu0SzzyDtBtN1L2XzutBtFtBtDtFyCtFtDtN1L1CzutCyEtDtAtDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StC0B0CyDyB0FyEzytGyE0DzytBtGyDzzyCtDtG0ByCzztDtGtDzz0C0FtByC0B0FyD0CtDyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC0D0D0AyByC0ByCtGyEzzyD0CtGtCtC0C0DtG0AtAtBtDtGyEzzyByE0CyB0D0BzzzzyBtB2Q&cr=219129652&ir=
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&amp;form=IE10TR&amp;src=IE10TR&amp;pc=ASU2JS
SearchScopes: HKLM - {31090377-0740-419E-BEFC-A56E50500D5B} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1398708465&from=tugs&uid=HGSTXHTS541010A9E680_JA1000102B9R5P2B9R5PX&q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {31090377-0740-419E-BEFC-A56E50500D5B} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1398708465&from=tugs&uid=HGSTXHTS541010A9E680_JA1000102B9R5P2B9R5PX&q={searchTerms}
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

FireFox:
========
FF ProfilePath: C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default
FF NewTab: chrome://quick_start/content/index.html
FF Homepage: about:home
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_206.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Jaspar\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\searchplugins\Speedial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Speedial - C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\Extensions\{fa95f577-07cb-4470-ac90-e843f5f83c52} [2014-05-01]
FF Extension: Adblock Plus - C:\Users\Jaspar\AppData\Roaming\Mozilla\Firefox\Profiles\7gzgvd2b.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-05-01]
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
FF HKCU\...\Firefox\Extensions: [{8E3C10E3-9B89-B515-883F-0A45FF62B29F}] - C:\Program Files (x86)\BlockAndSurf-soft\161.xpi

Chrome: 
=======
CHR HomePage: 
CHR DefaultSearchKeyword: webssearches
CHR DefaultSearchProvider: webssearches
CHR DefaultSearchURL: hxxp://istart.webssearches.com/web/?type=dspp&ts=1398964571&from=tugs&uid=HGSTXHTS541010A9E680_JA1000102B9R5P2B9R5PX&q={searchTerms}
CHR DefaultNewTabURL: 
CHR Extension: (Google Docs) - C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-27]
CHR Extension: (Google Drive) - C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-27]
CHR Extension: (Speedial) - C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\bakijjialdiiboeaknfpmflphhmljfkd [2014-05-02]
CHR Extension: (YouTube) - C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-27]
CHR Extension: (No Name) - C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh [2014-04-27]
CHR Extension: (Google-Suche) - C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-27]
CHR Extension: (Google Wallet) - C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-27]
CHR Extension: (Google Mail) - C:\Users\Jaspar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-27]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-14] (Avira Operations GmbH & Co. KG)
R2 ASUS InstantOn; C:\Program Files\ASUS\P4G\InsOnSrv.exe [277120 2013-06-19] (ASUS)
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [72192 2012-12-19] ()
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75064 2014-01-23] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-01-23] ()
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16048 2013-10-25] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2013-04-26] (Microsoft Corporation)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [65784 2013-04-29] (ASUS Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131576 2014-02-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2014-02-14] (Avira Operations GmbH & Co. KG)
R3 kbfiltr; C:\Windows\System32\drivers\kbfiltr.sys [14992 2012-08-02] ( )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-05-05] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R1 {9acd1534-e8f8-40cb-b5ac-4996fe01175b}Gw64; C:\Windows\System32\drivers\{9acd1534-e8f8-40cb-b5ac-4996fe01175b}Gw64.sys [61112 2014-04-29] (StdLib)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U0 msahci; 

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-06 18:16 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-05-06 18:16 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-05-06 18:16 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-06 18:16 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-05-06 18:16 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-05-05 20:19 - 2014-05-05 20:19 - 00855379 _____ () C:\Users\Jaspar\Desktop\SecurityCheck.exe
2014-05-05 19:56 - 2014-05-05 19:56 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-05 19:55 - 2014-05-05 19:55 - 02347384 _____ (ESET) C:\Users\Jaspar\Downloads\esetsmartinstaller_deu.exe
2014-05-05 19:50 - 2014-05-05 19:50 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-02 21:37 - 2014-05-02 21:37 - 00001048 _____ () C:\Users\Jaspar\Desktop\JRT.txt
2014-05-02 21:30 - 2014-05-02 21:30 - 00000000 ____D () C:\Windows\ERUNT
2014-05-02 21:27 - 2014-05-02 21:16 - 00008829 _____ () C:\Users\Jaspar\Desktop\AdwCleaner[S0].txt
2014-05-02 21:27 - 2014-05-02 21:15 - 00009218 _____ () C:\Users\Jaspar\Desktop\AdwCleaner[R0].txt
2014-05-02 21:20 - 2014-05-02 21:20 - 00000000 ____D () C:\Users\Jaspar\AppData\Roaming\Activeris
2014-05-02 21:15 - 2014-05-02 21:16 - 00000000 ____D () C:\AdwCleaner
2014-05-02 21:12 - 2014-05-02 21:12 - 01310621 _____ () C:\Users\Jaspar\Desktop\adwcleaner.exe
2014-05-02 21:12 - 2014-05-02 21:12 - 01016261 _____ (Thisisu) C:\Users\Jaspar\Desktop\JRT.exe
2014-05-02 21:10 - 2014-05-02 21:10 - 00071972 _____ () C:\Users\Jaspar\Desktop\mbam_suchlauf.txt
2014-05-02 21:10 - 2014-05-02 21:10 - 00002185 _____ () C:\Users\Jaspar\Desktop\mbam_schutz.txt
2014-05-02 19:50 - 2014-05-05 19:50 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-02 19:50 - 2014-05-02 19:50 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-02 19:50 - 2014-05-02 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-02 19:50 - 2014-05-02 19:50 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-02 19:50 - 2014-05-02 19:50 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-02 19:50 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-02 19:50 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-02 19:50 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-02 19:48 - 2014-05-02 19:49 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Jaspar\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-02 09:29 - 2014-04-29 16:14 - 19275264 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-02 09:29 - 2014-04-29 14:47 - 14357504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-02 09:29 - 2014-04-29 14:36 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-02 09:29 - 2014-04-29 14:25 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-01 19:48 - 2014-05-01 19:48 - 00088630 _____ () C:\ComboFix.txt
2014-05-01 19:38 - 2014-05-01 19:48 - 00000000 ____D () C:\Qoobox
2014-05-01 19:38 - 2014-05-01 19:48 - 00000000 ____D () C:\ComboFix
2014-05-01 19:38 - 2014-05-01 19:47 - 00000000 ____D () C:\Windows\erdnt
2014-05-01 19:38 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-05-01 19:38 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-05-01 19:38 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-05-01 19:38 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-05-01 19:38 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-05-01 19:38 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2014-05-01 19:38 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-05-01 19:38 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-05-01 19:38 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-05-01 19:26 - 2014-05-01 19:26 - 05197895 ____R (Swearware) C:\Users\Jaspar\Desktop\ComboFix.exe
2014-05-01 19:16 - 2014-05-01 19:16 - 00000000 ____D () C:\Users\Jaspar\AppData\Roaming\Speedial
2014-05-01 19:16 - 2014-05-01 19:16 - 00000000 ____D () C:\Program Files (x86)\Speedial
2014-05-01 19:02 - 2014-05-01 19:02 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Jaspar\Downloads\revosetup95.exe
2014-05-01 19:02 - 2014-05-01 19:02 - 00001266 _____ () C:\Users\Jaspar\Desktop\Revo Uninstaller.lnk
2014-05-01 19:02 - 2014-05-01 19:02 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-30 17:33 - 2014-04-29 16:18 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{9acd1534-e8f8-40cb-b5ac-4996fe01175b}Gw64.sys
2014-04-29 21:15 - 2014-05-07 19:13 - 00015793 _____ () C:\Users\Jaspar\Downloads\FRST.txt
2014-04-29 21:15 - 2014-05-07 19:13 - 00000000 ____D () C:\FRST
2014-04-29 21:15 - 2014-04-29 21:17 - 00036840 _____ () C:\Users\Jaspar\Downloads\Addition.txt
2014-04-29 21:14 - 2014-04-29 21:14 - 02061824 _____ (Farbar) C:\Users\Jaspar\Downloads\FRST64.exe
2014-04-29 20:24 - 2014-04-29 20:24 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jaspar\Downloads\HiJackThis204.exe
2014-04-29 20:24 - 2014-04-29 20:24 - 00010828 _____ () C:\Users\Jaspar\Downloads\hijackthis.log
2014-04-28 20:38 - 2014-04-28 20:38 - 00000000 ____D () C:\Users\Jaspar\AppData\Roaming\rightbackup
2014-04-28 20:24 - 2014-05-07 18:50 - 00003106 _____ () C:\Windows\System32\Tasks\Activeris AntiMalware_startup
2014-04-28 20:18 - 2014-04-28 20:18 - 00000000 ____D () C:\Users\Jaspar\AppData\Local\com
2014-04-28 20:15 - 2014-04-28 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-04-28 20:08 - 2014-04-28 20:08 - 00001160 _____ () C:\Users\Public\Desktop\Activeris AntiMalware.lnk
2014-04-28 20:08 - 2014-04-28 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activeris AntiMalware
2014-04-28 20:08 - 2014-04-28 20:08 - 00000000 ____D () C:\ProgramData\Activeris
2014-04-28 20:08 - 2014-04-28 20:08 - 00000000 ____D () C:\Program Files (x86)\Activeris AntiMalware
2014-04-28 20:08 - 2012-09-26 19:03 - 00020480 _____ () C:\Windows\system32\acrisnative64.exe
2014-04-28 20:07 - 2014-05-02 20:34 - 00000000 ____D () C:\Program Files (x86)\HQVro-1.91
2014-04-28 20:07 - 2014-05-01 19:16 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-04-27 00:17 - 2014-04-27 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-27 00:16 - 2014-05-07 18:49 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-27 00:16 - 2014-05-06 23:22 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-27 00:16 - 2014-04-27 00:17 - 00000000 ____D () C:\Users\Jaspar\AppData\Local\Google
2014-04-27 00:16 - 2014-04-27 00:17 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-27 00:16 - 2014-04-27 00:16 - 00884720 _____ (Google Inc.) C:\Users\Jaspar\Downloads\ChromeSetup.exe
2014-04-27 00:16 - 2014-04-27 00:16 - 00004094 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-27 00:16 - 2014-04-27 00:16 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-12 12:14 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-12 12:14 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-12 12:14 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSDApi.dll
2014-04-12 12:14 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-12 12:14 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\WSDApi.dll
2014-04-12 12:14 - 2014-01-27 05:42 - 02232664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-04-12 12:14 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-12 12:14 - 2014-01-27 02:52 - 17561088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-04-12 12:14 - 2014-01-27 02:31 - 19752448 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-04-12 12:14 - 2014-01-27 01:17 - 00386722 _____ () C:\Windows\system32\ApnDatabase.xml
2014-04-12 12:14 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2014-04-12 12:14 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-04-12 12:14 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-04-12 12:14 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-04-12 12:14 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-04-12 12:13 - 2014-03-07 02:48 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-04-12 12:13 - 2014-03-07 02:48 - 01140736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-04-12 12:13 - 2014-03-07 02:47 - 13760512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-04-12 12:13 - 2014-03-07 02:47 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-04-12 12:13 - 2014-03-07 02:47 - 02049536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-04-12 12:13 - 2014-03-07 02:47 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-04-12 12:13 - 2014-03-07 02:47 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-04-12 12:13 - 2014-03-07 02:47 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-04-12 12:13 - 2014-03-07 02:08 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-12 12:13 - 2014-03-07 02:08 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-12 12:13 - 2014-03-07 02:08 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-12 12:13 - 2014-03-07 02:08 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-12 12:13 - 2014-03-07 02:08 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-04-12 12:13 - 2014-03-07 02:08 - 00915968 _____ (Microsoft Corporation) C:\Windows\system32\uxtheme.dll
2014-04-12 12:13 - 2014-03-07 02:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-04-12 12:13 - 2014-03-07 02:08 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-12 12:13 - 2014-03-07 02:08 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-12 12:13 - 2013-05-16 00:37 - 00044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UXInit.dll
2014-04-12 12:13 - 2013-05-16 00:35 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\UXInit.dll
2014-04-12 12:13 - 2013-02-21 12:29 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-04-12 12:13 - 2013-02-21 12:29 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-04-12 12:13 - 2013-02-21 12:29 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-04-12 12:13 - 2013-02-21 12:29 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-04-12 12:13 - 2013-02-21 12:14 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-04-12 12:13 - 2013-02-21 12:14 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-12 12:13 - 2013-02-19 11:53 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\uxtheme.dll
2014-04-12 12:13 - 2012-11-08 06:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-12 12:13 - 2012-11-08 06:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-12 12:13 - 2012-07-26 05:06 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-09 14:32 - 2014-02-06 01:41 - 01257984 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-09 14:32 - 2014-02-06 01:41 - 00978432 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-04-09 14:32 - 2014-02-06 01:26 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-04-09 14:32 - 2014-02-06 01:19 - 00974848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

==================== One Month Modified Files and Folders =======

2014-05-07 19:13 - 2014-04-29 21:15 - 00015793 _____ () C:\Users\Jaspar\Downloads\FRST.txt
2014-05-07 19:13 - 2014-04-29 21:15 - 00000000 ____D () C:\FRST
2014-05-07 18:55 - 2014-02-28 20:48 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-07 18:50 - 2014-04-28 20:24 - 00003106 _____ () C:\Windows\System32\Tasks\Activeris AntiMalware_startup
2014-05-07 18:50 - 2014-01-22 02:44 - 00000062 _____ () C:\Users\Jaspar\AppData\Roaming\sp_data.sys
2014-05-07 18:49 - 2014-04-27 00:16 - 00001118 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-05-07 18:49 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-05-07 16:44 - 2014-02-20 18:51 - 00000000 ____D () C:\Users\Jaspar\AppData\Local\PMB Files
2014-05-07 16:38 - 2013-12-09 22:47 - 00003474 _____ () C:\Windows\System32\Tasks\ASUS Live Update1
2014-05-07 16:38 - 2013-12-09 22:47 - 00003464 _____ () C:\Windows\System32\Tasks\ASUS Live Update2
2014-05-06 23:22 - 2014-04-27 00:16 - 00001122 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-05-06 23:21 - 2013-12-09 22:30 - 01246956 _____ () C:\Windows\WindowsUpdate.log
2014-05-06 22:41 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\rescache
2014-05-06 22:24 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\WinStore
2014-05-06 22:15 - 2014-03-26 20:10 - 00000944 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-705164964-436951070-2432176924-1002UA.job
2014-05-06 19:15 - 2014-03-26 20:10 - 00000922 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-705164964-436951070-2432176924-1002Core.job
2014-05-05 20:59 - 2014-02-20 18:51 - 00000000 ____D () C:\ProgramData\PMB Files
2014-05-05 20:19 - 2014-05-05 20:19 - 00855379 _____ () C:\Users\Jaspar\Desktop\SecurityCheck.exe
2014-05-05 19:56 - 2014-05-05 19:56 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-05-05 19:55 - 2014-05-05 19:55 - 02347384 _____ (ESET) C:\Users\Jaspar\Downloads\esetsmartinstaller_deu.exe
2014-05-05 19:50 - 2014-05-05 19:50 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys
2014-05-05 19:50 - 2014-05-02 19:50 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-02 21:39 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-02 21:38 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-05-02 21:37 - 2014-05-02 21:37 - 00001048 _____ () C:\Users\Jaspar\Desktop\JRT.txt
2014-05-02 21:30 - 2014-05-02 21:30 - 00000000 ____D () C:\Windows\ERUNT
2014-05-02 21:20 - 2014-05-02 21:20 - 00000000 ____D () C:\Users\Jaspar\AppData\Roaming\Activeris
2014-05-02 21:18 - 2012-08-02 15:24 - 00329256 _____ () C:\Windows\PFRO.log
2014-05-02 21:16 - 2014-05-02 21:27 - 00008829 _____ () C:\Users\Jaspar\Desktop\AdwCleaner[S0].txt
2014-05-02 21:16 - 2014-05-02 21:15 - 00000000 ____D () C:\AdwCleaner
2014-05-02 21:15 - 2014-05-02 21:27 - 00009218 _____ () C:\Users\Jaspar\Desktop\AdwCleaner[R0].txt
2014-05-02 21:12 - 2014-05-02 21:12 - 01310621 _____ () C:\Users\Jaspar\Desktop\adwcleaner.exe
2014-05-02 21:12 - 2014-05-02 21:12 - 01016261 _____ (Thisisu) C:\Users\Jaspar\Desktop\JRT.exe
2014-05-02 21:10 - 2014-05-02 21:10 - 00071972 _____ () C:\Users\Jaspar\Desktop\mbam_suchlauf.txt
2014-05-02 21:10 - 2014-05-02 21:10 - 00002185 _____ () C:\Users\Jaspar\Desktop\mbam_schutz.txt
2014-05-02 20:50 - 2014-01-22 02:51 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-705164964-436951070-2432176924-1002
2014-05-02 20:34 - 2014-04-28 20:07 - 00000000 ____D () C:\Program Files (x86)\HQVro-1.91
2014-05-02 20:23 - 2013-12-09 22:24 - 00000000 ____D () C:\Windows\Options
2014-05-02 20:22 - 2012-07-26 07:26 - 00000226 _____ () C:\Windows\win.ini
2014-05-02 19:50 - 2014-05-02 19:50 - 00001104 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-02 19:50 - 2014-05-02 19:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-05-02 19:50 - 2014-05-02 19:50 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-02 19:50 - 2014-05-02 19:50 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-02 19:49 - 2014-05-02 19:48 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Jaspar\Desktop\mbam-setup-2.0.1.1004.exe
2014-05-02 17:13 - 2014-02-21 19:18 - 00000000 ____D () C:\Users\Jaspar\AppData\Roaming\TS3Client
2014-05-01 19:48 - 2014-05-01 19:48 - 00088630 _____ () C:\ComboFix.txt
2014-05-01 19:48 - 2014-05-01 19:38 - 00000000 ____D () C:\Qoobox
2014-05-01 19:48 - 2014-05-01 19:38 - 00000000 ____D () C:\ComboFix
2014-05-01 19:48 - 2012-07-26 07:37 - 00000000 __RHD () C:\Users\Default
2014-05-01 19:47 - 2014-05-01 19:38 - 00000000 ____D () C:\Windows\erdnt
2014-05-01 19:44 - 2012-07-26 07:26 - 00000215 _____ () C:\Windows\system.ini
2014-05-01 19:42 - 2012-07-26 07:26 - 66060288 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-05-01 19:42 - 2012-07-26 07:26 - 13107200 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-05-01 19:42 - 2012-07-26 07:26 - 00524288 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-05-01 19:42 - 2012-07-26 07:26 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-05-01 19:42 - 2012-07-26 07:26 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-05-01 19:26 - 2014-05-01 19:26 - 05197895 ____R (Swearware) C:\Users\Jaspar\Desktop\ComboFix.exe
2014-05-01 19:17 - 2014-02-20 18:48 - 00001161 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-01 19:17 - 2014-02-20 18:48 - 00001149 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-01 19:17 - 2014-01-22 02:44 - 00001440 _____ () C:\Users\Jaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-01 19:16 - 2014-05-01 19:16 - 00000000 ____D () C:\Users\Jaspar\AppData\Roaming\Speedial
2014-05-01 19:16 - 2014-05-01 19:16 - 00000000 ____D () C:\Program Files (x86)\Speedial
2014-05-01 19:16 - 2014-04-28 20:07 - 00000306 __RSH () C:\ProgramData\ntuser.pol
2014-05-01 19:09 - 2014-02-20 17:25 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-05-01 19:02 - 2014-05-01 19:02 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Jaspar\Downloads\revosetup95.exe
2014-05-01 19:02 - 2014-05-01 19:02 - 00001266 _____ () C:\Users\Jaspar\Desktop\Revo Uninstaller.lnk
2014-05-01 19:02 - 2014-05-01 19:02 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-04-29 21:17 - 2014-04-29 21:15 - 00036840 _____ () C:\Users\Jaspar\Downloads\Addition.txt
2014-04-29 21:14 - 2014-04-29 21:14 - 02061824 _____ (Farbar) C:\Users\Jaspar\Downloads\FRST64.exe
2014-04-29 20:29 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-04-29 20:24 - 2014-04-29 20:24 - 00388608 _____ (Trend Micro Inc.) C:\Users\Jaspar\Downloads\HiJackThis204.exe
2014-04-29 20:24 - 2014-04-29 20:24 - 00010828 _____ () C:\Users\Jaspar\Downloads\hijackthis.log
2014-04-29 16:18 - 2014-04-30 17:33 - 00061112 _____ (StdLib) C:\Windows\system32\Drivers\{9acd1534-e8f8-40cb-b5ac-4996fe01175b}Gw64.sys
2014-04-29 16:14 - 2014-05-02 09:29 - 19275264 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 14:47 - 2014-05-02 09:29 - 14357504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 14:36 - 2014-05-02 09:29 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 14:25 - 2014-05-02 09:29 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-28 20:38 - 2014-04-28 20:38 - 00000000 ____D () C:\Users\Jaspar\AppData\Roaming\rightbackup
2014-04-28 20:18 - 2014-04-28 20:18 - 00000000 ____D () C:\Users\Jaspar\AppData\Local\com
2014-04-28 20:15 - 2014-04-28 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-04-28 20:15 - 2014-02-20 17:26 - 00002068 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-04-28 20:08 - 2014-04-28 20:08 - 00001160 _____ () C:\Users\Public\Desktop\Activeris AntiMalware.lnk
2014-04-28 20:08 - 2014-04-28 20:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activeris AntiMalware
2014-04-28 20:08 - 2014-04-28 20:08 - 00000000 ____D () C:\ProgramData\Activeris
2014-04-28 20:08 - 2014-04-28 20:08 - 00000000 ____D () C:\Program Files (x86)\Activeris AntiMalware
2014-04-28 20:07 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-28 20:07 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-04-28 18:58 - 2014-02-28 20:48 - 00003772 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-27 21:21 - 2012-08-03 01:02 - 00753134 _____ () C:\Windows\system32\perfh007.dat
2014-04-27 21:21 - 2012-08-03 01:02 - 00155826 _____ () C:\Windows\system32\perfc007.dat
2014-04-27 21:21 - 2012-07-26 09:28 - 01745416 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-27 13:44 - 2013-04-26 01:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-04-27 13:44 - 2013-04-26 01:16 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-04-27 13:42 - 2014-01-22 02:45 - 00000000 ___RD () C:\Users\Jaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-27 13:41 - 2013-04-26 01:15 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-04-27 00:17 - 2014-04-27 00:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-04-27 00:17 - 2014-04-27 00:16 - 00000000 ____D () C:\Users\Jaspar\AppData\Local\Google
2014-04-27 00:17 - 2014-04-27 00:16 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-27 00:16 - 2014-04-27 00:16 - 00884720 _____ (Google Inc.) C:\Users\Jaspar\Downloads\ChromeSetup.exe
2014-04-27 00:16 - 2014-04-27 00:16 - 00004094 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-04-27 00:16 - 2014-04-27 00:16 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-04-23 01:47 - 2014-02-22 11:40 - 00694232 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-23 01:47 - 2014-02-22 11:40 - 00078296 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-19 11:39 - 2014-05-06 18:16 - 00628024 _____ (Microsoft Corporation) C:\Windows\system32\NotificationUI.exe
2014-04-19 10:45 - 2014-05-06 18:16 - 00693760 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-04-19 10:45 - 2014-05-06 18:16 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-19 08:57 - 2014-05-06 18:16 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-04-19 08:57 - 2014-05-06 18:16 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-14 10:59 - 2014-01-22 02:45 - 00000000 ___RD () C:\Users\Jaspar\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-14 10:56 - 2012-07-26 10:12 - 00000000 ___RD () C:\Windows\ToastData
2014-04-09 20:53 - 2014-02-20 20:25 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-09 20:51 - 2014-02-20 20:25 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-09 14:30 - 2014-02-21 19:18 - 00000000 ____D () C:\Program Files (x86)\TeamSpeak 3 Client

Some content of TEMP:
====================
C:\Users\Jaspar\AppData\Local\temp\avgnt.exe
C:\Users\Jaspar\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-07 19:01

==================== End Of Log ============================
--- --- ---
Alt 08.05.2014, 10:46   #14
schrauber
/// the machine
/// TB-Ausbilder
 
Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira - Standard

Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira


Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
ATTFilter
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13878

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Frisches FRST Log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 08.05.2014, 17:59   #15
Damiani
 
Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira - Standard

Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira


Probleme scheint's keine mehr zu geben. Laut fixlog alles erfolgreich entfernt.

Code:
ATTFilter
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 29-04-2014
Ran by Jaspar at 2014-05-08 18:49:47 Run:1
Running from C:\Users\Jaspar\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:13878
*****************

C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Value deleted successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => Value deleted successfully.


The system needed a reboot. 

==== End of Fixlog ====

Ich hätte lediglich nur noch eine Frage: Welche Tools darf man denn als Otto-Normal-Verbraucher auf eigene Faust anwenden? Bei ComboFix weiß ich bescheid - da sind die Risiken zu hoch. JRT sollte auch - laut FilePony - nur auf Anweisung erfahrener Nutzer angewendet werden.

Antwort
Seite 1 von 2 1 2

Themen zu Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira
adware.eorezo, anwendungen, deinstallieren, kostenlose, programme, pup.optional.ask.a, pup.optional.blockandsurf.a, pup.optional.browsefox.a, pup.optional.bundleinstaller.a, pup.optional.conduit.a, pup.optional.crossrider.a, pup.optional.firstseentoday.a, pup.optional.installcore.a, pup.optional.mediaplayerplus.a, pup.optional.mindspark.a, pup.optional.pcperformer.a, pup.optional.qone8, pup.optional.quickstart.a, pup.optional.regcleanpro, pup.optional.scantack.a, pup.optional.suptab.a, pup.optional.webssearches.a, surfen, unbekannte, vollständiger


« HEUR:Trojan.Script.Generic | MegaBrowse.BrowserAdapter.exe vermehrt bei Virenscan aufgetreten: Virus? »


Ähnliche Themen: Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira


  1. suche gute kostenlose spywere und antiviren programme
    Antiviren-, Firewall- und andere Schutzprogramme - 23.01.2015 (6)
  2. Probleme mit Avira (die kostenlose Version)
    Plagegeister aller Art und deren Bekämpfung - 16.12.2014 (1)
  3. Laptop läd Programme sehr langsam, Programme-Fehlermeldung (keine Rückmeldung) & im Chrome Seiten laden nicht
    Plagegeister aller Art und deren Bekämpfung - 06.10.2014 (5)
  4. Windows 7: 30 Funde mbam, 2 Funde avira
    Log-Analyse und Auswertung - 30.08.2014 (12)
  5. Malware und unzählige neue Programme nach Java Update
    Log-Analyse und Auswertung - 25.04.2014 (3)
  6. Unter "Programme und Features" werden fast keine Programme mehr angezeigt!
    Alles rund um Windows - 22.04.2014 (19)
  7. Win XP: 166 Funde bei Avira
    Log-Analyse und Auswertung - 15.04.2014 (11)
  8. Unzählige PUP Funde bei Malwarebytes
    Plagegeister aller Art und deren Bekämpfung - 25.01.2014 (11)
  9. Youtube und Google nur Zweitweiße und zufällig verfügbar. Keine Funde mit Avira.
    Plagegeister aller Art und deren Bekämpfung - 02.12.2013 (3)
  10. Win7: Avira Fund: Java/Dldr.Obfshlp.JC, Malwarbytes Funde: Hijack.SearchPage in Quarantäne - 35 Funde insgesamt
    Log-Analyse und Auswertung - 06.10.2013 (5)
  11. Windows 7: Avira hat 172 Viren gefunden, davor mehrer Funde einzel Funde bei Malwarebytes bzw. Avira
    Log-Analyse und Auswertung - 15.09.2013 (13)
  12. 91 Funde von Avira
    Log-Analyse und Auswertung - 17.08.2013 (7)
  13. GUV Virus weiterhin auf dem Rechner? Malewarebytes = keine Funde/ Antivir = 2 Funde
    Plagegeister aller Art und deren Bekämpfung - 24.09.2012 (3)
  14. Gibt es kostenlose antiviren programme?
    Antiviren-, Firewall- und andere Schutzprogramme - 10.01.2012 (9)
  15. Virus eingefangen und nun sind Pfade durcheinander, es öffnen sich unzählige Programme nicht mehr
    Plagegeister aller Art und deren Bekämpfung - 15.07.2011 (1)
  16. keine programme mehr zu öffnen--kein inetexplorer-keine Fehlermeldung->virus
    Plagegeister aller Art und deren Bekämpfung - 18.10.2010 (4)
  17. Kann keine Dateien/Programme mehr downloaden & keine Videos abspielen
    Alles rund um Windows - 14.06.2008 (12)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira - Guten Abend, wie der Titel doch auffällig verrät, haben sich so einige Programme gegen meinen Willen auf dem Laptop installiert. Manuell zu deinstallieren habe ich sie nicht gewagt, wollte erstmal - Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira...
Archiv
Du betrachtest: Unzählige Pop-Ups, Ads und kostenlose Programme - keine Funde von Avira auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131