| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: über 1000 Funde mit MalewarebytesWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
25.05.2014, 14:47
| #1 |
 |  über 1000 Funde mit Malewarebytes Hallo Ihr! Ich habe ein Netbook geerbt, was total verseucht ist. Man kann eigentlich kaum etwas damit machen, da es sich ständig aufhängt und andauernd bei Mausbewegungen Umleitungen auf andere Seiten stattfinden. Alles dauert Stunden und ständig sollen seltsame Updates gemacht werden. Es sind auch mehrer Registry Cleaner drauf die immerzu irgendwas machen wollen. Den Beitrag hier schreibe ich von meinem anderen Lappi, weil es mit dem nicht geht ohne stundenlanges Gewarte. Ich habe Malewarebytes laufen lassen und das hat über 1000 Sachen gefunden. Ich hoffe ihr könnt mir damit weiterhelfen. Den Log muss ich teilen, da er hierfür zu groß ist. Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 24.05.2014 Scan Time: 20:10:46 Logfile: logmwb.txt Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.05.24.05 Rootkit Database: v2014.05.21.01 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x86 File System: NTFS User: Jutta Scan Type: Threat Scan Result: Completed Objects Scanned: 243127 Time Elapsed: 22 min, 18 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 13 PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\PluginService.exe, 1376, , [c2735ff682f98aac5584f75fdc258d73] PUP.Optional.WpManager, C:\ProgramData\WPM\wprotectmanager.exe, 1416, , [d16442135229f93dd0681c45758c5fa1] PUP.Optional.Iminent, C:\Program Files\Common Files\Umbrella\umbrella.exe, 2088, , [ac8902538eed66d0d46f4eba60a122de] PUP.Optional.Storimbo.A, C:\Program Files\Storimbo\updateStorimbo.exe, 2148, , [78bd5bfad2a9c96da6a688ccf60bd12f] PUP.Optional.Storimbo.A, C:\Program Files\Storimbo\bin\utilStorimbo.exe, 2236, , [3ff65cf9611ad0661c3061f3b54c629e] PUP.Optional.OptimizerPro, C:\Program Files\Optimizer Pro\OptProSmartScan.exe, 4568, , [161f0f46cfac54e2a9cb4bdd4bb6c33d] PUP.Optional.OptimizerPro, C:\Program Files\Optimizer Pro\OptProReminder.exe, 4600, , [78bd78ddd8a3c76f353d190f19e839c7] PUP.Optional.Iminent.A, C:\Program Files\Iminent\Iminent.exe, 248, , [ff369abb572461d544b35f59f013c23e] PUP.Optional.Iminent.A, C:\Program Files\Iminent\Iminent.Messengers.exe, 2744, , [ff369abb572461d544b35f59f013c23e] PUP.Optional.MindSpark, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hSrchMn.exe, 3688, , [7db8cb8a0a7156e05e52517759aad828] PUP.Optional.MindSpark, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hbrmon.exe, 3104, , [1c199cb9daa1e056dbd417b1ea19ba46] PUP.Optional.LyricsContainer.A, C:\Program Files\LyricsContainer\LookForWord157.exe, 296, , [20157dd8b0cbdc5a12fb027520e226da] PUP.Optional.LyricsContainer.A, C:\Program Files\LyricsContainer\LookForWord_wd.exe, 3864, , [20157dd8b0cbdc5a12fb027520e226da] Modules: 18 PUP.Optional.Iminent.A, C:\Program Files\Iminent\f_in_box.dll, , [ff369abb572461d544b35f59f013c23e], PUP.Optional.Iminent.A, C:\Program Files\Iminent\System.Data.SQLite.dll, , [ff369abb572461d544b35f59f013c23e], PUP.Optional.Iminent.A, C:\Program Files\Iminent\Iminent.WinCore.dll, , [ff369abb572461d544b35f59f013c23e], PUP.Optional.Iminent.A, C:\Program Files\Iminent\Iminent.WinCore.dll, , [ff369abb572461d544b35f59f013c23e], PUP.Optional.Iminent.A, C:\Program Files\Iminent\Iminent.WinCore.dll, , [ff369abb572461d544b35f59f013c23e], PUP.Optional.Iminent.A, C:\Program Files\Iminent\Iminent.WinCore.dll, , [ff369abb572461d544b35f59f013c23e], PUP.Optional.BabSolution.A, C:\Users\Jutta\AppData\Roaming\BabSolution\Shared\enhancedNT.dll, , [36ff3322295250e69368b800669d9769], PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hbrstub.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hbrstub.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hbrstub.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hbrstub.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hhkstub.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hhkstub.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hhkstub.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hhkstub.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hhkstub.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hhkstub.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hhkstub.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6], Registry Keys: 332 PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginService, , [c2735ff682f98aac5584f75fdc258d73], PUP.Optional.WpManager, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Wpm, , [d16442135229f93dd0681c45758c5fa1], PUP.Optional.AudioToAudioToolBar.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Allin1Convert_8hService, , [999c66ef90eb77bf318177beca36b44c], PUP.Optional.Iminent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SProtection, , [ac8902538eed66d0d46f4eba60a122de], PUP.Optional.Storimbo.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update Storimbo, , [78bd5bfad2a9c96da6a688ccf60bd12f], PUP.Optional.Storimbo.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Util Storimbo, , [3ff65cf9611ad0661c3061f3b54c629e], PUP.Optional.Feven.A, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110311851132}, , [ed48460fff7cdb5ba630e069ad54a957], PUP.Optional.Feven.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440344854432}, , [ed48460fff7cdb5ba630e069ad54a957], PUP.Optional.Feven.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550355855532}, , [ed48460fff7cdb5ba630e069ad54a957], PUP.Optional.Feven.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660366856632}, , [ed48460fff7cdb5ba630e069ad54a957], PUP.Optional.Feven.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0038532.BHO.1, , [ed48460fff7cdb5ba630e069ad54a957], PUP.Optional.Feven.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110311851132}, , [ed48460fff7cdb5ba630e069ad54a957], PUP.Optional.Feven.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0038532.BHO, , [ed48460fff7cdb5ba630e069ad54a957], PUP.Optional.Feven.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{11111111-1111-1111-1111-110311851132}, , [ed48460fff7cdb5ba630e069ad54a957], PUP.Optional.Feven.A, HKLM\SOFTWARE\CLASSES\CLSID\{22222222-2222-2222-2222-220322852232}, , [ed48460fff7cdb5ba630e069ad54a957], PUP.Optional.Feven.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0038532.Sandbox.1, , [ed48460fff7cdb5ba630e069ad54a957], PUP.Optional.Feven.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0038532.Sandbox, , [ed48460fff7cdb5ba630e069ad54a957], PUP.Optional.Feven.A, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110311851132}\INPROCSERVER32, , [ed48460fff7cdb5ba630e069ad54a957], PUP.Optional.Delta, HKLM\SOFTWARE\CLASSES\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}, , [3500bb9a42399e984c35e32614ed8b75], PUP.Optional.Delta, HKLM\SOFTWARE\CLASSES\escort.escortIEPane.1, , [3500bb9a42399e984c35e32614ed8b75], PUP.Optional.Delta, HKLM\SOFTWARE\CLASSES\escort.escortIEPane, , [3500bb9a42399e984c35e32614ed8b75], PUP.Optional.Delta, HKLM\SOFTWARE\CLASSES\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}, , [3500bb9a42399e984c35e32614ed8b75], PUP.Optional.Delta, HKLM\SOFTWARE\CLASSES\delta.deltaHlpr.1, , [3500bb9a42399e984c35e32614ed8b75], PUP.Optional.Delta, HKLM\SOFTWARE\CLASSES\delta.deltaHlpr, , [3500bb9a42399e984c35e32614ed8b75], PUP.Optional.Delta, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}, , [3500bb9a42399e984c35e32614ed8b75], PUP.Optional.Delta, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}, , [3500bb9a42399e984c35e32614ed8b75], PUP.Optional.Delta, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}, , [3500bb9a42399e984c35e32614ed8b75], PUP.Optional.Delta, HKLM\SOFTWARE\CLASSES\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}\INPROCSERVER32, , [3500bb9a42399e984c35e32614ed8b75], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{2E54D284-9B19-8632-AFBD-A707C7F76CCB}, , [c3727bdadba0eb4bedd0b4965fa28c74], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{2E54D284-9B19-8632-AFBD-A707C7F76CCB}, , [c3727bdadba0eb4bedd0b4965fa28c74], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\dOwnloAAdittkeeep.dOwnloAAdittkeeep, , [c3727bdadba0eb4bedd0b4965fa28c74], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\dOwnloAAdittkeeep.dOwnloAAdittkeeep.6.1, , [c3727bdadba0eb4bedd0b4965fa28c74], PUP.Optional.MultiPlug.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{2E54D284-9B19-8632-AFBD-A707C7F76CCB}, , [c3727bdadba0eb4bedd0b4965fa28c74], PUP.Optional.MultiPlug.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{2E54D284-9B19-8632-AFBD-A707C7F76CCB}, , [c3727bdadba0eb4bedd0b4965fa28c74], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{2E54D284-9B19-8632-AFBD-A707C7F76CCB}, , [c3727bdadba0eb4bedd0b4965fa28c74], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{2E54D284-9B19-8632-AFBD-A707C7F76CCB}\INPROCSERVER32, , [c3727bdadba0eb4bedd0b4965fa28c74], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{33965D2C-C14C-6468-CDA3-ED01C96E80A1}, , [7abb3c19176412244677a4a66f92e719], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{33965D2C-C14C-6468-CDA3-ED01C96E80A1}, , [7abb3c19176412244677a4a66f92e719], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\PPT2PNG.PPT2PNG, , [7abb3c19176412244677a4a66f92e719], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\PPT2PNG.PPT2PNG.1.7, , [7abb3c19176412244677a4a66f92e719], PUP.Optional.MultiPlug.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{33965D2C-C14C-6468-CDA3-ED01C96E80A1}, , [7abb3c19176412244677a4a66f92e719], PUP.Optional.MultiPlug.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{33965D2C-C14C-6468-CDA3-ED01C96E80A1}, , [7abb3c19176412244677a4a66f92e719], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{33965D2C-C14C-6468-CDA3-ED01C96E80A1}, , [7abb3c19176412244677a4a66f92e719], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{33965D2C-C14C-6468-CDA3-ED01C96E80A1}\INPROCSERVER32, , [7abb3c19176412244677a4a66f92e719], PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [36ff1f361566e84edf6c04310ff1f808], PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, , [36ff1f361566e84edf6c04310ff1f808], PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, , [36ff1f361566e84edf6c04310ff1f808], PUP.Optional.SupTab.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [36ff1f361566e84edf6c04310ff1f808], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [36ff1f361566e84edf6c04310ff1f808], PUP.Optional.SupTab.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [36ff1f361566e84edf6c04310ff1f808], PUP.Optional.SupTab.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [36ff1f361566e84edf6c04310ff1f808], PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}\INPROCSERVER32, , [36ff1f361566e84edf6c04310ff1f808], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{96FDDBA8-0738-2840-4FD3-DCB923AA8DBD}, , [4aeb0352e29952e411ac1931748d1ee2], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{96FDDBA8-0738-2840-4FD3-DCB923AA8DBD}, , [4aeb0352e29952e411ac1931748d1ee2], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\APupTooU.APupTooU, , [4aeb0352e29952e411ac1931748d1ee2], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\APupTooU.APupTooU.4.61, , [4aeb0352e29952e411ac1931748d1ee2], PUP.Optional.MultiPlug.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{96FDDBA8-0738-2840-4FD3-DCB923AA8DBD}, , [4aeb0352e29952e411ac1931748d1ee2], PUP.Optional.MultiPlug.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{96FDDBA8-0738-2840-4FD3-DCB923AA8DBD}, , [4aeb0352e29952e411ac1931748d1ee2], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{96FDDBA8-0738-2840-4FD3-DCB923AA8DBD}, , [4aeb0352e29952e411ac1931748d1ee2], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{96FDDBA8-0738-2840-4FD3-DCB923AA8DBD}\INPROCSERVER32, , [4aeb0352e29952e411ac1931748d1ee2], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{B6726536-347F-2DAD-ED1F-536A9836082F}, , [161fff56007b9c9a00bdee5ca160d42c], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{B6726536-347F-2DAD-ED1F-536A9836082F}, , [161fff56007b9c9a00bdee5ca160d42c], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\suurefkeepiit.suurefkeepiit, , [161fff56007b9c9a00bdee5ca160d42c], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\suurefkeepiit.suurefkeepiit.8.1, , [161fff56007b9c9a00bdee5ca160d42c], PUP.Optional.MultiPlug.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{B6726536-347F-2DAD-ED1F-536A9836082F}, , [161fff56007b9c9a00bdee5ca160d42c], PUP.Optional.MultiPlug.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{B6726536-347F-2DAD-ED1F-536A9836082F}, , [161fff56007b9c9a00bdee5ca160d42c], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{B6726536-347F-2DAD-ED1F-536A9836082F}, , [161fff56007b9c9a00bdee5ca160d42c], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\CLSID\{B6726536-347F-2DAD-ED1F-536A9836082F}\INPROCSERVER32, , [161fff56007b9c9a00bdee5ca160d42c], PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, , [0d287dd80e6df73f31edf2712ad85ea2], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\CLSID\{01A602A0-D0B9-445B-8081-719E4177C4A7}, , [4ce99bbae299d363db67a2c10ff37987], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.ShowControlCenterCommand, , [4ce99bbae299d363db67a2c10ff37987], PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}, , [b77e262f99e2e452f672c66a6c968e72], PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{39CB8175-E224-4446-8746-00566302DF8D}, , [b77e262f99e2e452f672c66a6c968e72], PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\esrv.deltaESrvc.1, , [b77e262f99e2e452f672c66a6c968e72], PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\esrv.deltaESrvc, , [b77e262f99e2e452f672c66a6c968e72], PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\CLASSES\CLSID\{33119133-0854-469d-807A-171568457991}, , [c66f5cf9ff7c84b243324b193ac8bd43], PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\CLASSES\CLSID\{13119113-0854-469d-807A-171568457991}, , [c66f5cf9ff7c84b243324b193ac8bd43], PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.SkinLauncher.1, , [c66f5cf9ff7c84b243324b193ac8bd43], PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.SkinLauncher, , [c66f5cf9ff7c84b243324b193ac8bd43], PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{03119103-0854-469d-807A-171568457991}, , [c66f5cf9ff7c84b243324b193ac8bd43], PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{23119123-0854-469D-807A-171568457991}, , [c66f5cf9ff7c84b243324b193ac8bd43], PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.SkinLauncherSettings.1, , [c66f5cf9ff7c84b243324b193ac8bd43], PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.SkinLauncherSettings, , [c66f5cf9ff7c84b243324b193ac8bd43], PUP.Optional.BrowseFox.A, HKLM\SOFTWARE\CLASSES\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}, , [79bc5df81a616dc964da352eb052d12f], PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}, , [9d98cb8a3f3cbd79d94578ea788a23dd], PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\delta.deltadskBnd.1, , [9d98cb8a3f3cbd79d94578ea788a23dd], PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\delta.deltadskBnd, , [9d98cb8a3f3cbd79d94578ea788a23dd], PUP.Optional.Delta.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{82E1477C-B154-48D3-9891-33D83C26BCD3}, , [9d98cb8a3f3cbd79d94578ea788a23dd], PUP.Optional.Delta.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{82E1477C-B154-48D3-9891-33D83C26BCD3}, , [9d98cb8a3f3cbd79d94578ea788a23dd], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, , [1e17da7b99e2bf77dbb0154d43bf946c], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}, , [1e17da7b99e2bf77dbb0154d43bf946c], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{A9CAF365-EA35-45DA-BD8B-2EFA09D374AC}, , [1e17da7b99e2bf77dbb0154d43bf946c], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C58D664A-3DBC-4925-AE74-0382007DF113}, , [1e17da7b99e2bf77dbb0154d43bf946c], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}, , [1e17da7b99e2bf77dbb0154d43bf946c], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.ScriptExtender.1, , [1e17da7b99e2bf77dbb0154d43bf946c], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.ScriptExtender, , [1e17da7b99e2bf77dbb0154d43bf946c], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}\INPROCSERVER32, , [1e17da7b99e2bf77dbb0154d43bf946c], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.BrowserHelperObject.1, , [1e17da7b99e2bf77dbb0154d43bf946c], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\IminentWebBooster.BrowserHelperObject, , [1e17da7b99e2bf77dbb0154d43bf946c], PUP.Optional.Iminent.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, , [1e17da7b99e2bf77dbb0154d43bf946c], PUP.Optional.Iminent.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, , [1e17da7b99e2bf77dbb0154d43bf946c], PUP.Optional.Iminent.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}, , [1e17da7b99e2bf77dbb0154d43bf946c], PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{4599D05A-D545-4069-BB42-5895B4EAE05B}, , [3104ef664d2ecc6ab16c3231f111f30d], PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1231839B-064E-4788-B865-465A1B5266FD}, , [3104ef664d2ecc6ab16c3231f111f30d], PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{2DAC2231-CC35-482B-97C5-CED1D4185080}, , [3104ef664d2ecc6ab16c3231f111f30d], PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}, , [3104ef664d2ecc6ab16c3231f111f30d], PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}, , [3104ef664d2ecc6ab16c3231f111f30d], PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}, , [3104ef664d2ecc6ab16c3231f111f30d], PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{57C91446-8D81-4156-A70E-624551442DE9}, , [3104ef664d2ecc6ab16c3231f111f30d], PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}, , [3104ef664d2ecc6ab16c3231f111f30d], PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}, , [3104ef664d2ecc6ab16c3231f111f30d], PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{97DD820D-2E20-40AD-B01E-6730B2FCE630}, , [3104ef664d2ecc6ab16c3231f111f30d], PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B177446D-54A4-4869-BABC-8566110B4BE0}, , [3104ef664d2ecc6ab16c3231f111f30d], PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}, , [3104ef664d2ecc6ab16c3231f111f30d], PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}, , [3104ef664d2ecc6ab16c3231f111f30d], PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F05B12E1-ADE8-4485-B45B-898748B53C37}, , [3104ef664d2ecc6ab16c3231f111f30d], PUP.OPtional.LyricsAd, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{DA3D98A6-868D-4E1B-BB78-0887230DA405}, , [82b33c19c6b53cfadec1bea443bff60a], PUP.Optional.Iminent.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{0af350d9-3916-454b-ac53-0b0b65f41301}, , [ce6750051962df57cf9472f142c0926e], PUP.Optional.Delta.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}, , [fb3ad4812d4eda5cb161362dc73bbd43], PUP.Optional.Iminent.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, , [4aeb6beac2b9fa3c3a2a0d5600027d83], PUP.Optional.Iminent.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, , [e5509fb6b8c3bc7a164fe87b45bde51b], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{01B91C29-337A-1FFD-7CFC-473451D2F861}, , [3ef73b1afe7d7eb817a61c2e16eb916f], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{9BC500CF-4965-341C-26BD-321A1C30BDD8}, , [ff362c29f289a690734a5eecf60bd52b], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{594FD08C-0622-F9B8-CB02-7C1355D33CB8}, , [e84df3624e2d270f784554f6768b5da3], PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{1C52B8B6-FFA2-12F6-0A5A-E8301F96A568}, , [e550d38257245dd9ceef0644d42d1be5], PUP.Optional.SupTab.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\SupTab, , [ac8956ff730860d63c1e6b3733cff60a], PUP.Optional.Iminent.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\IMBoosterARP, , [ff369abb572461d544b35f59f013c23e], PUP.Optional.RegCleanPro.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\RegClean Pro_is1, , [cb6a59fc3447e25450f13a80ac57b050], PUP.Optional.Storimbo.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Storimbo, , [35006ce97ffc37ff08c9b416689b619f], PUP.Optional.Storimbo.A, HKLM\SOFTWARE\CLASSES\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}, , [35006ce97ffc37ff08c9b416689b619f], PUP.Optional.Storimbo.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}, , [35006ce97ffc37ff08c9b416689b619f], PUP.Optional.Storimbo.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}, , [35006ce97ffc37ff08c9b416689b619f], PUP.Optional.Storimbo.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}, , [35006ce97ffc37ff08c9b416689b619f], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\Allin1Convert_8h, , [76bf2431fa813afc39b619bde91aea16], PUP.Optional.Babylon.A, HKLM\SOFTWARE\babylontoolbar, , [fd380c49a0db2a0cd76110ad9e65b34d], PUP.Optional.Feven.A, HKLM\SOFTWARE\Feven 1.5, , [c86d04517605c175e114e1e8897a22de], PUP.Optional.Iminent.A, HKLM\SOFTWARE\Iminent, , [56dfa8ad413ae452d1be0d99c33f11ef], PUP.Optional.NationZoom.A, HKLM\SOFTWARE\nationzoomSoftware, , [df563c19671460d6a6427952b251b44c], PUP.Optional.Storimbo.A, HKLM\SOFTWARE\Storimbo, , [2f06c88d037860d670627555679c5ba5], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\iminent, , [db5a2f2686f52c0aa62f8f417b88fc04], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Business.Tinyfying.DownloadArgs, , [53e264f12a510b2baff904b8c43f33cd], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Business.Tinyfying.LinkToPromoteArgs, , [63d25ff698e3d264dfc903b924df956b], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Business.Tinyfying.RawDataArgs, , [fc39fd58c4b7ed493b6dba02669df40c], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Business.Tinyfying.TinyUrlArgs, , [1a1bde77a5d6d363edbb813bec17a759], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Business.Tinyfying.ViralLinkArgs, , [6bcaa3b2cab165d15850e7d5e320e41c], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.ClientCallback, , [57de4015631870c6be485d5c3bc89868], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.ContractBase, , [5bda62f35b206dc955b153664bb821df], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.AddToUserContentCommand, , [8ea7074ee497eb4b0600269325deba46], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.CheckLoginStatusCommand, , [ba7b89cc98e3ad890df96c4d07fc23dd], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.CleanCacheCommand, , [db5a65f0087378be1beb18a15aa907f9], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.GameOverCallback, , [9e9796bfea91ac8a808619a0b35034cc], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetCreditCommand, , [9e97381d2d4ea690a6605069d82b9967], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetInstallationContextCommand, , [c96cafa64e2daf87778fcfea6c97c739], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetLoginStatusCommand, , [161f3c191467aa8ca85e3f7a09fadf21], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetLoginStatusResult, , [74c15cf90f6cd66086800faa3dc6659b], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetVariableCommand, , [5adba9ac0e6d64d2ea1c00b935ce55ab], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.GetVariableResult, , [260f361f8af11521b155358426ddca36], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.InstallationContextResult, , [f63f183df18a12244db93e7b7e85857b], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.LoadContentCommand, , [082d96bf91ea7fb78f77b108a55e966a], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.LoadContentCommandResult, , [999cf95c700baf873bcbc7f28a792dd3], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.LoginCommand, , [6ec794c14c2f6cca09fd6d4c40c32cd4], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.LoginStatusChangedCallback, , [72c30e47ed8e0f27be48695048bbfb05], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.LogoutCommand, , [6bca60f5e695b1859c6a9524ed1605fb], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.MergeIdentityCommand, , [c4715005d7a4ae88fd09eecbc340956b], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.MyAccountCommand, , [3ef75cf93447fa3c9b6bdfda986b60a0], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.PlayContentCommand, , [39fc91c4ef8c023430d63e7bb2510ef2], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.PostContentCallback, , [b87d95c06714ba7c9d69dfda956ea759], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.RecycleViewsCommand, , [49ec4c09bdbe80b67b8ba9107d868977], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.SetVariableCommand, , [95a09eb7d8a3ce6847bf5b5ead56c13f], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.ShowBrowserWindowCommand, , [62d300557b00a39316f0bffa21e2817f], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.ShowPluginWindowCommand, , [2b0aa3b2ea910630b353348527dc34cc], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.TestContentCommand, , [d75e42136a11c373877f08b130d3ab55], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.UserContentChangedCallback, , [bb7a01542952b97dbd49b801f90a37c9], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.VariableChangedCallback, , [c66fdb7a4a311c1a8482c2f71ee58f71], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.WarmUpCommand, , [ab8ac4915d1ed95d6d99a6137b8808f8], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.DataContracts.WelcomeCommand, , [c96c1b3a0c6f191dba4cc5f4b54e738d], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.ServerCommand, , [9c998dc8f18a360061a512a763a043bd], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.Communication.ServerResult, , [5bdad184750633030afc76439d6634cc], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.LightContent, , [2f0693c291ea6fc7fe081e9b4bb83bc5], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.LightUri, , [171e1a3bee8d47ef66a038818182ae52], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\Iminent.Mediator.MediatorServiceProxy, , [4ee7e47197e4fb3bd036b5042bd8a15f], PUP.Optional.Iminent.A, HKLM\SOFTWARE\CLASSES\APPID\Iminent.WebBooster.InternetExplorer.DLL, , [330260f51269f93d3a65d1f3a75cbe42], PUP.Optional.Delta.A, HKLM\SOFTWARE\DELTA\DELTA\Instl, , [72c3d085c5b63ef85b717050cc37e917], PUP.Optional.Delta.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\eooncjejnppfjjklapaamhcdmjbilmde, , [ac897adb90eb5bdba405685342c1cb35], PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [c3725cf9fc7f191dec7b80478e7538c8], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\MOZILLAPLUGINS\@Allin1Convert_8h.com/Plugin, , [8aab035290eb1b1b204c256b9f6323dd], PUP.Optional.Umbrella.A, HKLM\SOFTWARE\UMBRELLA, , [de57520346353ef8c7776b5257ac8878], PUP.Optional.Feven.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Feven 1.5, , [270e32239cdf48ee9362831d79894ab6], PUP.Optional.AdvancedSystemProtector.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\Advanced System Protector, , [a491aea7f18a3cfac793625f7d86ef11], PUP.Optional.DataMngr.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr, , [a095540192e9fb3beb966e4d55aebe42], PUP.Optional.DataMngr.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar, , [a98c0055eb90cb6b27597f3c7d86e31d], PUP.Optional.Delta.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\delta LTD, , [ce671e37710aad890336467758abce32], PUP.Optional.Iminent.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Iminent, , [270e4e076a11b2848907941240c2af51], PUP.Optional.Storimbo.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Storimbo, , [290cb5a0bebd0b2baa29a22828dba060], PUP.Optional.MindSpark.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Allin1Convert_8h, , [5cd96aeb6f0c46f04922c8c12fd3827e], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [d95cf75ea4d71026da48616ff80bdb25], PUP.Optional.Feven.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Feven 1.5, , [a194b89d1b6059dd6d88e7b943bfc33d], PUP.Optional.PriceGong.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, , [cc6959fca8d3270f36c91a85f50db050], PUP.Optional.Babylon.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BABSOLUTION\Redir, , [092c15408eedb87e4d39c4f8d62dea16], PUP.Optional.Babylon.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BABSOLUTION\Updater, , [0332f164fc7f05319fe8576541c236ca], PUP.Optional.Delta.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DELTA\DELTA, , [3005c68f5b2044f2e7376456dc2710f0], PUP.Optional.Feven.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Feven, , [1c19520359225adcc72d3990ce35d12f], PUP.Optional.Iminent.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\Iminent, , [af86cf865b20a78fa6024c4452b049b7], PUP.Optional.Qone8, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [cb6a4c099fdcd0662244a12629daa25e], PUP.Optional.BProtector.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\bProtectSettings, , [f2438acb4d2e84b2ddfca9154cb7c43c], PUP.Optional.AdvancedSystemProtector.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\Advanced System Protector, , [d362de7712692e081d3d269b28db39c7], PUP.Optional.RegCleanerPro.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\RegClean Pro, , [65d05104ef8ce55136262a975aa9d42c], PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}, , [9a9baaab0e6d95a1f9ee43324ab88080], PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\delta.deltaappCore.1, , [9a9baaab0e6d95a1f9ee43324ab88080], PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\delta.deltaappCore, , [9a9baaab0e6d95a1f9ee43324ab88080], PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}, , [9a9baaab0e6d95a1f9ee43324ab88080], PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\d, , [9a9baaab0e6d95a1f9ee43324ab88080], PUP.Optional.Delta.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\delta, , [9a9baaab0e6d95a1f9ee43324ab88080], PUP.Optional.LyricsContainer.A, HKLM\SOFTWARE\CLASSES\CLSID\{343747d8-3926-4e3e-aefd-5887b5d15cbe}, , [20157dd8b0cbdc5a12fb027520e226da], PUP.Optional.LyricsContainer.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{c52af864-f943-4e5f-9b88-cf0999feabad}, , [20157dd8b0cbdc5a12fb027520e226da], PUP.Optional.LyricsContainer.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1ea14d9e-397a-428e-9e9d-347847152688}, , [20157dd8b0cbdc5a12fb027520e226da], PUP.Optional.LyricsContainer.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{343747D8-3926-4E3E-AEFD-5887B5D15CBE}, , [20157dd8b0cbdc5a12fb027520e226da], PUP.Optional.LyricsContainer.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{343747D8-3926-4E3E-AEFD-5887B5D15CBE}, , [20157dd8b0cbdc5a12fb027520e226da], PUP.Optional.LyricsContainer.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{343747D8-3926-4E3E-AEFD-5887B5D15CBE}, , [20157dd8b0cbdc5a12fb027520e226da], PUP.Optional.LyricsContainer.A, HKLM\SOFTWARE\CLASSES\CLSID\{343747D8-3926-4E3E-AEFD-5887B5D15CBE}\INPROCSERVER32, , [20157dd8b0cbdc5a12fb027520e226da], PUP.Optional.LyricsContainer.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\LookForWord, , [20157dd8b0cbdc5a12fb027520e226da], PUP.Optional.LyricsContainer.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\e6e9646e-a590-49bf-a51e-dd98751ac4e2, , [20157dd8b0cbdc5a12fb027520e226da], PUP.Optional.Feven.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Feven 1.5, , [83b230257605d75f354e7205ac56748c], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\CLSID\{7caefafc-9a1e-4bcc-94dd-bc7d8d52717a}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{b48ac2cd-9662-47e0-a3c0-3b01bb3f463e}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1B520A16-E83A-48F9-8802-8F485F24A452}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1E6170F4-3856-40E4-A2EB-2D8FB46574A4}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{5E58CDA9-3B21-4611-A859-26EE28950E61}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{628BA19D-7BED-4C54-8210-AFE66BB15D06}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{6C5561B6-3DD2-46B5-83BE-EAE744366046}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{8077E854-138D-4396-ABB8-44C39E621705}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.SettingsPlugin.1, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.SettingsPlugin, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{7CAEFAFC-9A1E-4BCC-94DD-BC7D8D52717A}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\CLSID\{cd1a63ba-a08c-431b-9a34-f240aadc728d}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{CD1A63BA-A08C-431B-9A34-F240AADC728D}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{CD1A63BA-A08C-431B-9A34-F240AADC728D}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\CLSID\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{FBCBC43A-DCA9-4192-A4C8-B57FD0F77D4D}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{FBCBC43A-DCA9-4192-A4C8-B57FD0F77D4D}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{FBCBC43A-DCA9-4192-A4C8-B57FD0F77D4D}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Allin1Convert_8hbar Uninstall Firefox, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Allin1Convert_8hbar Uninstall Internet Explorer, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\CLSID\{FBCBC43A-DCA9-4192-A4C8-B57FD0F77D4D}\INPROCSERVER32, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\CLSID\{889f49d2-6cea-40be-be5f-7217485f9745}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{2561fd25-fe31-4e56-a120-af7feaae3124}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4CE34BDA-95CD-431D-AA32-0FF7589C0376}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{4E089F3E-F5E1-4759-AF16-E7EBE24CAA9C}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{BB644C1C-BDFC-4390-8BCF-8E864D1859E6}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.ToolbarProtector.1, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.ToolbarProtector, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\CLSID\{39d4f1a1-a94d-4b7d-bf1d-7446308800ed}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{507c73bb-fc69-425e-8a49-9204f886b328}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1CE5ABBD-42D7-4EEE-BBD6-33E76D912ECD}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{21B4FA2D-3459-44D1-A855-D8BC0378E9D2}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{5D5D5550-534F-4854-B461-3B40D759EA72}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\CLSID\{de0f6787-9d1c-42b7-a0b9-eac630f87902}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{be698e51-830b-447a-954d-901d6e05dde2}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{289211A5-2A74-454B-9F1F-FA9A8D9CD6D8}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\CLSID\{1604fc43-3a1e-4c6b-850d-70c8a858c61a}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.DynamicBarButton.1, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.DynamicBarButton, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\CLSID\{8f83d657-5993-4ffa-9aee-da0b20d828a7}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{d617cf84-b0bc-441f-9984-b676afba1e8d}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{2CFC7EED-36BA-4374-8D29-92895D942F6C}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{DC86010C-7F30-485D-85D4-0957ECA323DD}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.FeedManager.1, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.FeedManager, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\CLSID\{7EB7381C-FB01-47FC-9C42-ED64122C1B92}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.HTMLMenu.1, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.HTMLMenu, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{7EB7381C-FB01-47FC-9C42-ED64122C1B92}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\CLSID\{443321f7-e46c-42f8-812b-f35e98cbb44f}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{6ec57031-1740-4151-93c5-c465d6063dd2}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{5D076356-28C1-43B2-B29B-1AAE8D518E83}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{EA3743AC-948C-4E65-A61F-10EDA13D79CA}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\CLSID\{ef3f28c8-0330-4d18-b901-d24cb83e5aa1}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.MultipleButton.1, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.MultipleButton, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\CLSID\{af60f89a-4645-4381-8c7f-b8feab385445}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{d09139ab-0acb-4f22-b9ae-816e6838a814}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{53F6A516-3DCC-48F4-835C-6C670CB39CEA}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{5E59E7F3-87E7-4E0E-8B62-7DE9EA685511}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{7DBE2E95-6739-4DC4-8BD0-687B5F5A856D}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.XMLSessionPlugin.1, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.XMLSessionPlugin, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{AF60F89A-4645-4381-8C7F-B8FEAB385445}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\CLSID\{5cde4714-32dc-473c-8194-0645e62c2e96}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{16976e15-10ea-44fd-804a-6ecbc9ebbfc7}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{9B79844F-F67F-4024-B41A-633E0D36B60B}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.RadioSettings.1, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.RadioSettings, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\CLSID\{c8ef8f70-3807-424a-83f7-da06fd4dacf9}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.Radio.1, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.Radio, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\CLSID\{ef5db804-585b-472e-b415-bc63f8f01bf6}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.ScriptButton.1, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.ScriptButton, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\CLSID\{248b3e95-17a4-482d-a8a8-6b3df4d05c35}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{4bd0fcff-ad64-4315-9f2c-960ef3c21623}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{43E76D04-EB5C-4D74-A11D-7403BAFE540B}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{45A28B99-6C20-441D-9D4D-F7EC7C701F6C}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{774BFD7A-2CE7-4785-8957-2D62F7F4A83C}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B1339BE3-9E4D-49D4-97F2-E4220530F65C}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{248B3E95-17A4-482D-A8A8-6B3DF4D05C35}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\CLSID\{27f49273-de3a-4111-90f9-6c474c37aefb}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.PseudoTransparentPlugin.1, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.PseudoTransparentPlugin, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{27F49273-DE3A-4111-90F9-6C474C37AEFB}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\CLSID\{f2c368c5-9f44-4d43-89f3-a1cc87f1da96}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\CLSID\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A4C2FB10-84C3-44EB-9F9E-860FA1D9A797}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A4C2FB10-84C3-44EB-9F9E-860FA1D9A797}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A4C2FB10-84C3-44EB-9F9E-860FA1D9A797}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\CLSID\{A4C2FB10-84C3-44EB-9F9E-860FA1D9A797}\INPROCSERVER32, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\CLSID\{f99ddd9a-07d0-47ab-86f1-193533dd2c60}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{9d217b94-6fc9-44fe-94b1-30c711871266}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{13B534D0-49F9-48A9-A006-B2F92E1D01CB}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{164993F7-4D6D-40A5-8FA1-37A8F96B4700}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.ThirdPartyInstaller.1, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.ThirdPartyInstaller, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{F99DDD9A-07D0-47AB-86F1-193533DD2C60}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\CLSID\{250b71cd-97ca-40a5-834f-265719a62caf}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.UrlAlertButton.1, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.UrlAlertButton, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\CLSID\{e4ef697f-434b-4dc7-a464-4412462206db}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{bfcf748f-a56e-451f-aa45-0d7eb699e416}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B0602473-26E3-425F-A819-D8651D6D83A8}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{B992BF10-B9DF-413D-BFBE-0DAED5BF0ABC}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.HTMLPanel.1, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\Allin1Convert_8h.HTMLPanel, , [171e9eb71d5e7cbaf67f7e0139c95aa6], PUP.Optional.MindSpark.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{E4EF697F-434B-4DC7-A464-4412462206DB}, , [171e9eb71d5e7cbaf67f7e0139c95aa6], Registry Values: 18 PUP.Optional.Delta.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{82E1477C-B154-48D3-9891-33D83C26BCD3}, Delta Toolbar, , [9d98cb8a3f3cbd79d94578ea788a23dd] PUP.Optional.Delta.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{82E1477C-B154-48D3-9891-33D83C26BCD3}, , [41f43e17c2b95cda2df1045eaf536a96], PUP.Optional.Iminent.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|IminentMessenger, C:\Program Files\Iminent\Iminent.Messengers.exe, , [ff369abb572461d544b35f59f013c23e] PUP.Optional.MindSpark, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Allin1Convert Search Scope Monitor, "C:\PROGRA~1\ALLIN1~2\bar\1.bin\8hsrchmn.exe" /m=2 /w /h, , [7db8cb8a0a7156e05e52517759aad828] PUP.Optional.MindSpark, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Allin1Convert_8h Browser Plugin Loader, C:\PROGRA~1\ALLIN1~2\bar\1.bin\8hbrmon.exe, , [1c199cb9daa1e056dbd417b1ea19ba46] PUP.Optional.Iminent.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Iminent, C:\Program Files\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C", , [cb6ab99ccab10333b4419c1caa598977] PUP.Optional.MindSpark.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|8hffxtbr@Allin1Convert_8h.com, C:\Program Files\Allin1Convert_8h\bar\1.bin, , [a590db7a780389ad4e39c7cdab57b24e] PUP.Optional.QuickStart.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|quick_start@gmail.com, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com, , [9c9983d2c2b986b0287eb6e3b15159a7] PUP.Optional.Umbrella.A, HKLM\SOFTWARE\UMBRELLA|MUpdBlock, { |
|
25.05.2014, 14:50
| #2 |
| | über 1000 Funde mit Malewarebytes 2. teil:
__________________Code:
ATTFilter "MASSUPDATE" : {
"CHROME_MBAR" : {
"Checked" : 1,
"RetryIdx" : 0,
"Version" : 1
},
"FIREFOX_MBAR" : {
"Checked" : 1,
"RetryIdx" : 0,
"Version" : 1
},
"IEXPLORE_BHO" : {
"Checked" : 1,
"RetryIdx" : 0,
"Version" : 4
}
}
}
, , [de57520346353ef8c7776b5257ac8878]
PUP.Optional.Iminent.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SPROTECTION|ImagePath, C:\Program Files\Common Files\Umbrella\umbrella.exe, , [4ce9fa5b79023df9ac48d2e6fd0641bf]
PUP.Optional.WpManager.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WPM|ImagePath, C:\ProgramData\WPM\wprotectmanager.exe -service, , [4de8e96c95e60135d76d973512f19f61]
PUP.Optional.Delta.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DELTA\DELTA|tlbrSrchUrl, , [3005c68f5b2044f2e7376456dc2710f0],
PUP.Optional.Delta.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DELTA\DELTA|lastB, hxxp://home.tb.ask.com/index.jhtml?n=77DE8857&p2=^AYY^xdm070^YYA^de&ptb=4ABCF663-EFD5-484D-8B4D-0BCEE769D1A3&si=flvrunner, , [5cd92e27d4a7bc7a325e685a3dc6bb45]
PUP.BProtector, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|bProtector Start Page, hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=023508EDB9350DF0&affID=119556&tl=gkn724183&tsp=4957, , [42f30f460b7052e43250d2e9c2410ef2]
PUP.BProtector, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|bProtectorDefaultScope, {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, , [86af6aeb017aa690abd8714a73905ca4]
PUM.Bad.Proxy, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|ProxyServer, http=127.0.0.1:13828, , [c07589cc661584b27af6ede7748f9070]
PUP.Optional.BabSolution.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|NTRedirect, C:\Windows\system32\rundll32.exe "C:\Users\Jutta\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run, , [36ff3322295250e69368b800669d9769]
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{CD1A63BA-A08C-431B-9A34-F240AADC728D}, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
Registry Data: 9
PUP.Optional.NationZoom.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, "C:\Program Files\Mozilla Firefox\firefox.exe" hxxp://www.nationzoom.com/?type=sc&ts=1387655434&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WX81C226516265162, Good: (firefox.exe), Bad: ("C:\Program Files\Mozilla Firefox\firefox.exe" hxxp://www.nationzoom.com/?type=sc&ts=1387655434&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WX81C226516265162),,[f0457adb9dde4aec84712b211be9ee12]
PUP.Optional.NationZoom.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1387655434&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WX81C226516265162, Good: (iexplore.exe), Bad: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.nationzoom.com/?type=sc&ts=1387655434&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WX81C226516265162),,[bc7987cea1da3df97680212bd3312fd1]
PUP.Optional.NationZoom.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.nationzoom.com/web/?type=ds&ts=1387655434&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WX81C226516265162&q={searchTerms}, Good: (hxxp://www.google.com), Bad: (hxxp://www.nationzoom.com/web/?type=ds&ts=1387655434&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WX81C226516265162&q={searchTerms}),,[8ca9e07591ea6ccaa8503f0dc73d2bd5]
PUP.Optional.NationZoom.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.nationzoom.com/?type=hp&ts=1387655434&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WX81C226516265162, Good: (hxxp://www.google.com), Bad: (hxxp://www.nationzoom.com/?type=hp&ts=1387655434&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WX81C226516265162),,[ee47173e017ad4620dea222a6c980bf5]
PUP.Optional.NationZoom.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.nationzoom.com/?type=hp&ts=1387655434&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WX81C226516265162, Good: (hxxp://www.google.com), Bad: (hxxp://www.nationzoom.com/?type=hp&ts=1387655434&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WX81C226516265162),,[c5703223601bbf772acf0b41867e05fb]
PUP.Optional.NationZoom, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.nationzoom.com/web/?type=ds&ts=1387655434&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WX81C226516265162&q={searchTerms}, Good: (hxxp://www.google.com), Bad: (hxxp://www.nationzoom.com/web/?type=ds&ts=1387655434&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WX81C226516265162&q={searchTerms}),,[d164dd78b4c791a51acd0d49d034cc34]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[3302b5a082f940f6d6c867ef0afad42c]
PUP.Optional.AskWebSearch, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://home.tb.ask.com/index.jhtml?n=77DE8857&p2=^AYY^xdm070^YYA^de&ptb=4ABCF663-EFD5-484D-8B4D-0BCEE769D1A3&si=flvrunner, Good: (hxxp://www.google.com), Bad: (hxxp://home.tb.ask.com/index.jhtml?n=77DE8857&p2=^AYY^xdm070^YYA^de&ptb=4ABCF663-EFD5-484D-8B4D-0BCEE769D1A3&si=flvrunner),,[7cb960f5b8c3f24436cd6bebfd07b050]
PUP.Optional.NationZoom.A, HKU\S-1-5-21-3008509189-370871999-48178643-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.nationzoom.com/?type=hp&ts=1387655434&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WX81C226516265162, Good: (hxxp://www.google.com), Bad: (hxxp://www.nationzoom.com/?type=hp&ts=1387655434&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WX81C226516265162),,[57deaea7d0ab01352dc679d3dc28817f]
Folders: 133
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro, , [55e09eb72d4ead8900af276512f0de22],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector, , [9c990352d2a986b0119f99f326dc51af],
PUP.Optional.SupTab.A, C:\Program Files\SupTab, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\en-US, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\es-419, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\es-ES, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-BE, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-CA, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-CH, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-FR, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-LU, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\it-CH, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\it-IT, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\pl, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\pt, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\pt-BR, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\ru, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\ru-MO, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\tr-TR, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\vi-VI, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\zh-CN, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\zh-TW, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.Iminent.A, C:\Program Files\Iminent, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\de, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\en, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\es, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\fr, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\inst, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\inst\Bootstrapper, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\it, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\ro, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\tr, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.Iminent.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent, , [d4618dc8502b290dd474d1ea828104fc],
PUP.Optional.Storimbo.A, C:\Program Files\Storimbo, , [35006ce97ffc37ff08c9b416689b619f],
PUP.Optional.Storimbo.A, C:\Program Files\Storimbo\bin, , [35006ce97ffc37ff08c9b416689b619f],
PUP.Optional.Storimbo.A, C:\Program Files\Storimbo\bin\plugins, , [35006ce97ffc37ff08c9b416689b619f],
PUP.Optional.Storimbo.A, C:\Program Files\Storimbo\bin\TEMP, , [35006ce97ffc37ff08c9b416689b619f],
PUP.Optional.Iminent.A, C:\ProgramData\Iminent\Mediator, , [2510e76e2358b581be28db9a29d91be5],
PUP.Optional.Iminent.A, C:\ProgramData\Iminent\Mediator\Datas, , [2510e76e2358b581be28db9a29d91be5],
PUP.Optional.Iminent.A, C:\ProgramData\Iminent\Mediator\Datas\Cache, , [2510e76e2358b581be28db9a29d91be5],
PUP.Optional.Iminent.A, C:\ProgramData\Iminent\Mediator\Datas\Cache\apix.iminent.com, , [2510e76e2358b581be28db9a29d91be5],
PUP.Optional.Iminent.A, C:\Users\Jutta\AppData\Roaming\Iminent\Mediator, , [64d15bfaf78479bd6a7ca4d12cd656aa],
PUP.Optional.Iminent.A, C:\Users\Jutta\AppData\Roaming\Iminent\Mediator\Datas, , [64d15bfaf78479bd6a7ca4d12cd656aa],
PUP.Optional.Delta.A, C:\Program Files\Delta\delta\1.8.22.0, , [9a9baaab0e6d95a1f9ee43324ab88080],
PUP.Optional.Delta.A, C:\Program Files\Delta\delta\1.8.22.0\bh, , [9a9baaab0e6d95a1f9ee43324ab88080],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\2.1.1000.10905, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\signatures, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Default\AppData\Roaming\Systweak\Advanced System Protector, , [8ea7b4a12556ba7cb64287ee9b6757a9],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Default\AppData\Roaming\Systweak\Advanced System Protector\2.1.1000.10905, , [8ea7b4a12556ba7cb64287ee9b6757a9],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Jutta\AppData\Roaming\Systweak\Advanced System Protector, , [fc393f167308ab8b4cac6411966c5fa1],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Jutta\AppData\Roaming\Systweak\Advanced System Protector\2.1.1000.10905, , [fc393f167308ab8b4cac6411966c5fa1],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Jutta\AppData\Roaming\Systweak\Advanced System Protector\Logs, , [fc393f167308ab8b4cac6411966c5fa1],
PUP.Optional.RegCleanerPro.A, C:\Users\Jutta\AppData\Roaming\Systweak\RegClean Pro, , [f93c95c0abd0a88e9cfca8ce70927e82],
PUP.Optional.RegCleanerPro.A, C:\Users\Jutta\AppData\Roaming\Systweak\RegClean Pro\Version 6.1, , [f93c95c0abd0a88e9cfca8ce70927e82],
PUP.Optional.RegCleanerPro.A, C:\Users\Jutta\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\voice, , [f93c95c0abd0a88e9cfca8ce70927e82],
PUP.Optional.RegCleanerPro.A, C:\Users\Jutta\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\voice\de, , [f93c95c0abd0a88e9cfca8ce70927e82],
PUP.Optional.LyricsContainer.A, C:\Program Files\LyricsContainer, , [20157dd8b0cbdc5a12fb027520e226da],
PUP.Optional.Feven.A, C:\Program Files\Feven 1.5, , [83b230257605d75f354e7205ac56748c],
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService, , [71c40b4a205b7bbb21b9fd7b6a9833cd],
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\update, , [71c40b4a205b7bbb21b9fd7b6a9833cd],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\defaults, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\defaults\preferences, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\userCode, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\locale, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\locale\en-US, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\components, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\flgs, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\content, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\content\include, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\content\include\tools, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\content\js, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\en, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\en-US, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\es, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\es-419, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\fr, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\fr-BE, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\fr-CA, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\fr-CH, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\fr-LU, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\it, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\it-CH, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\pl, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\pt-BR, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\ru, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\ru-MO, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\tr, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\vi, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\zh-CN, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\zh-TW, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\defaults, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\defaults\preferences, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\modules, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\chrome, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\gen1, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\IE9Mesg, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\Message, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\Settings, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Users\Jutta\AppData\Local\Allin1Convert_8h, , [41f4f75ef38831050b6b4837ea1813ed],
PUP.Optional.MindSpark.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\myfacjqi.default\extensions\8hffxtbr@Allin1Convert_8h.com, , [c66fe86d4a3179bd81f6a2ddb949b749],
PUP.Optional.MindSpark.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\myfacjqi.default\extensions\8hffxtbr@Allin1Convert_8h.com\chrome, , [c66fe86d4a3179bd81f6a2ddb949b749],
PUP.Optional.MindSpark.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\8hffxtbr@Allin1Convert_8h.com, , [c96c60f51b602016c3b4453a42c07d83],
PUP.Optional.MindSpark.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\8hffxtbr@Allin1Convert_8h.com\chrome, , [c96c60f51b602016c3b4453a42c07d83],
PUP.Optional.MindSpark.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\8hffxtbr@Allin1Convert_8h.com\META-INF, , [c96c60f51b602016c3b4453a42c07d83],
PUP.Optional.MindSpark.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\8hffxtbr@Allin1Convert_8h.com\plugins, , [c96c60f51b602016c3b4453a42c07d83],
PUP.Optional.MindSpark.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\Allin1Convert_8h, , [64d13e1738433204fbc390efbe44f808],
Files: 790
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\PluginService.exe, , [c2735ff682f98aac5584f75fdc258d73],
PUP.Optional.WpManager, C:\ProgramData\WPM\wprotectmanager.exe, , [d16442135229f93dd0681c45758c5fa1],
PUP.Optional.AudioToAudioToolBar.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hbarsvc.exe, , [999c66ef90eb77bf318177beca36b44c],
PUP.Optional.Iminent, C:\Program Files\Common Files\Umbrella\umbrella.exe, , [ac8902538eed66d0d46f4eba60a122de],
PUP.Optional.Storimbo.A, C:\Program Files\Storimbo\updateStorimbo.exe, , [78bd5bfad2a9c96da6a688ccf60bd12f],
PUP.Optional.Storimbo.A, C:\Program Files\Storimbo\bin\utilStorimbo.exe, , [3ff65cf9611ad0661c3061f3b54c629e],
PUP.Optional.OptimizerPro, C:\Program Files\Optimizer Pro\OptProSmartScan.exe, , [161f0f46cfac54e2a9cb4bdd4bb6c33d],
PUP.Optional.OptimizerPro, C:\Program Files\Optimizer Pro\OptProReminder.exe, , [78bd78ddd8a3c76f353d190f19e839c7],
PUP.Optional.Feven.A, C:\Program Files\Feven 1.5\Feven 1.5-bho.dll, , [ed48460fff7cdb5ba630e069ad54a957],
PUP.Optional.Delta, C:\Program Files\Delta\delta\1.8.22.0\bh\delta.dll, , [3500bb9a42399e984c35e32614ed8b75],
PUP.Optional.MultiPlug.A, C:\ProgramData\downloaddiitkeep\mKyVWic.dll, , [c3727bdadba0eb4bedd0b4965fa28c74],
PUP.Optional.MultiPlug.A, C:\ProgramData\PPPT2PNGG\_j7.dll, , [7abb3c19176412244677a4a66f92e719],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\SupTab.dll, , [36ff1f361566e84edf6c04310ff1f808],
PUP.Optional.MultiPlug.A, C:\ProgramData\APPPtoU\vW_32b.dll, , [4aeb0352e29952e411ac1931748d1ee2],
PUP.Optional.MultiPlug.A, C:\ProgramData\suurfkeepIt\wLUHuyaj.dll, , [161fff56007b9c9a00bdee5ca160d42c],
PUP.Optional.Delta.A, C:\Program Files\Delta\delta\1.8.22.0\deltasrv.exe, , [b77e262f99e2e452f672c66a6c968e72],
PUP.Optional.FunWebProducts.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hsknlcr.dll, , [c66f5cf9ff7c84b243324b193ac8bd43],
PUP.Optional.Delta.A, C:\Program Files\Delta\delta\1.8.22.0\deltaTlbr.dll, , [9d98cb8a3f3cbd79d94578ea788a23dd],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\Minibar.InternetExplorer.BHOx86.dll, , [1e17da7b99e2bf77dbb0154d43bf946c],
PUP.Optional.MultiPlug.A, C:\ProgramData\APPPtoU\vW_32b.exe, , [3ef73b1afe7d7eb817a61c2e16eb916f],
PUP.Optional.MultiPlug.A, C:\ProgramData\PPPT2PNGG\_j7.exe, , [ff362c29f289a690734a5eecf60bd52b],
PUP.Optional.MultiPlug.A, C:\ProgramData\suurfkeepIt\wLUHuyaj.exe, , [e84df3624e2d270f784554f6768b5da3],
PUP.Optional.MultiPlug.A, C:\ProgramData\downloaddiitkeep\mKyVWic.exe, , [e550d38257245dd9ceef0644d42d1be5],
PUP.Optional.SupTab.A, C:\Users\Jutta\AppData\Roaming\SupTab\SupTab.dll, , [e74eaea79be0181ed17a75c0f0106c94],
PUP.Optional.FileScout.A, C:\Users\Jutta\AppData\Local\Temp\setup_fsu_cid.exe, , [191c3b1a53286acc1f387e8a936e0bf5],
PUP.Optional.Bundler, C:\Users\Jutta\AppData\Local\Temp\LyricsContainertmp.exe, , [db5ac98cbebd1b1ba8f1afaa45bc827e],
PUP.Optional.CRX.A, C:\Users\Jutta\AppData\Local\Temp\busF787\CrxUpdater_d.exe, , [280de37236453cfa28c1e837cb395fa1],
PUP.Optional.BundleInstaller.A, C:\Users\Jutta\AppData\Local\Temp\dddslgczsldg\xtjbsatzvegxca.exe, , [48edec694833c37363717fb0f20e956b],
Trojan.RotBrowse, C:\Users\Jutta\AppData\Local\Temp\E947C1B6-BAB0-7891-B052-4EE68D3211BF\Latest\ccp.exe, , [8fa6134273088caa9ce33712f1134db3],
PUP.Optional.Babylon.A, C:\Users\Jutta\AppData\Local\Temp\E947C1B6-BAB0-7891-B052-4EE68D3211BF\Latest\CrxInstaller.dll, , [310459fc8fec063031623fdac041c937],
PUP.Optional.Babylon.A, C:\Users\Jutta\AppData\Local\Temp\E947C1B6-BAB0-7891-B052-4EE68D3211BF\Latest\MntrDLLInstall.dll, , [af86e76efe7d54e2940043d605fc8b75],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Local\Temp\E947C1B6-BAB0-7891-B052-4EE68D3211BF\Latest\MyDeltaTB.exe, , [6dc872e380fb71c51d445d136d947c84],
PUP.Optional.Babylon.A, C:\Users\Jutta\AppData\Local\Temp\E947C1B6-BAB0-7891-B052-4EE68D3211BF\Latest\Setup.exe, , [42f31045d2a9cb6bc76167b7946c24dc],
PUP.Optional.NationZoom.A, C:\Users\Jutta\AppData\Local\Temp\fullpackage_temp1387655422\Baofeng.exe, , [6fc6a7ae4338b6803932101d728e2ad6],
PUP.Optional.WpManager, C:\Users\Jutta\AppData\Local\Temp\fullpackage_temp1387655422\tmp\NewGdp.exe, , [5bda59fc5229162089af8ed3ec15ad53],
PUP.Optional.OpenCandy, C:\Users\Jutta\AppData\Local\Temp\is-B3E0H.tmp\OCSetupHlp.dll, , [1421371e25560a2c582a0b6fed179868],
PUP.Optional.OpenCandy, C:\Users\Jutta\AppData\Local\Temp\is-U24TC.tmp\OCSetupHlp.dll, , [3401e2733645b383087ac2b824e07b85],
PUP.Optional.CRX.A, C:\Users\Jutta\AppData\Local\Temp\bus3A61\CrxUpdater_d.exe, , [062f59fce398f64058918d92aa5aba46],
PUP.Optional.BabSolution.A, C:\Users\Jutta\AppData\Local\Temp\bus6BDC\BUSolution.dll, , [1322d18489f295a1e9f695772cd56d93],
PUP.Optional.CRX.A, C:\Users\Jutta\AppData\Local\Temp\bus963\CrxUpdater_d.exe, , [4ce978dde5960e285d8c57c80103cc34],
PUP.Optional.CRX.A, C:\Users\Jutta\AppData\Local\Temp\busA64C\CrxUpdater_d.exe, , [94a11a3b463557dfd118dd42e51f0000],
PUP.Optional.CRX.A, C:\Users\Jutta\AppData\Local\Temp\busBE01\CrxUpdater_d.exe, , [a491d87dd4a7c07617d2b46b20e419e7],
PUP.Optional.CRX.A, C:\Users\Jutta\AppData\Local\Temp\busCED2\CrxUpdater_d.exe, , [ed48a7ae5e1d3ff7d51447d8cf3543bd],
PUP.Optional.ScramblePacker.A, C:\Users\Jutta\AppData\Local\Temp\pgbxyarggttyhb\software\feven-1-5.exe, , [f93cc293d1aa54e2041a5b21e918b64a],
PUP.Optional.Storimbo.A, C:\Users\Jutta\AppData\Local\Temp\pgbxyarggttyhb\software\StorimboSetup.exe, , [70c54411adcee0562463a04153b046ba],
PUP.Optional.SkyTech.A, C:\Users\Jutta\AppData\Local\Temp\pgbxyarggttyhb\software\tugs_nationzoom.exe, , [d85dfb5a4e2dad893d7d81d56998ef11],
PUP.Optional.BundleInstaller.A, C:\Users\Jutta\Downloads\Java (1).exe, , [ca6b4c0917642e0811705ee7b74a59a7],
PUP.Optional.BundleInstaller.A, C:\Users\Jutta\Downloads\Java.exe, , [0c2980d50b70ab8b28aa77cbc14040c0],
PUP.Optional.RegCleanerPro, C:\Users\Jutta\Downloads\sysrc_trial_25044.exe, , [b0852d28bebd77bf48220efdc140b050],
PUP.Optional.Iminent.A, C:\Windows\Installer\2f126.msi, , [e3520c4985f6122443da65c948b9c040],
PUP.Optional.MindSpark.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\searchplugins\ask-web-search.xml, , [e84db99c3b4069cd61187e0ab0523cc4],
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\Register RegClean Pro.lnk, , [55e09eb72d4ead8900af276512f0de22],
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\RegClean Pro entfernen.lnk, , [55e09eb72d4ead8900af276512f0de22],
PUP.Optional.RegCleanPro.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro\RegClean Pro.lnk, , [55e09eb72d4ead8900af276512f0de22],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector\Register Advanced System Protector.lnk, , [9c990352d2a986b0119f99f326dc51af],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector\Advanced System Protector entfernen.lnk, , [9c990352d2a986b0119f99f326dc51af],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector\Advanced System Protector Trouble Shooter.lnk, , [9c990352d2a986b0119f99f326dc51af],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector\Advanced System Protector.lnk, , [9c990352d2a986b0119f99f326dc51af],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\BabSolution\CR\Delta.crx, , [db5a81d491ea0432b23fbdd4679be41c],
PUP.Optional.Babylon.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\searchplugins\babylon.xml, , [c66fe86d97e4dd59e7a50a906f932dd3],
PUP.Optional.BProtector.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\bProtector_extensions.sqlite, , [72c33124e299c274edadcad05da5a858],
PUP.Optional.BProtector.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\bprotector_prefs.js, , [13224c099cdf3ff7ddbeb5e58181857b],
PUP.Optional.Iminent.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\webbooster@iminent.com.xpi, , [f73e64f1f289bb7b28cec3d762a04db3],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\install.data, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\uninstall.exe, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\WebDataJs, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\data.html, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\indexIE.html, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\indexIE8.html, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\main.css, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\style.css, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\ver.txt, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\arrow.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\default_add_logo.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\default_add_logo_hover.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\default_logo.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\googlelogo.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\googlelogo2.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\google_trends.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\icon128.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\icon16.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\icon48.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\loading.gif, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\logo32.ico, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\27.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\0.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\1.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\10.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\11.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\12.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\13.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\14.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\15.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\16.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\17.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\18.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\19.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\2.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\20.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\21.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\22.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\23.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\24.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\25.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\26.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\28.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\29.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\3.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\30.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\31.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\32.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\33.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\34.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\35.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\36.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\37.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\38.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\39.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\4.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\40.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\41.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\42.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\43.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\44.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\45.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\46.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\47.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\5.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\6.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\7.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\8.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\9.png, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\background.js, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\common.js, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\ga.js, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\ie8.js, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\jquery-1.11.0.min.js, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\jquery-base.js, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\jquery.autocomplete.js, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\js.js, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\library.js, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\xagainit.js, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\en-US\messages.json, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\es-419\messages.json, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\es-ES\messages.json, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-BE\messages.json, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-CA\messages.json, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-CH\messages.json, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-FR\messages.json, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-LU\messages.json, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\it-CH\messages.json, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\it-IT\messages.json, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\pl\messages.json, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\pt\messages.json, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\pt-BR\messages.json, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\ru\messages.json, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\ru-MO\messages.json, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\tr-TR\messages.json, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\vi-VI\messages.json, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\zh-CN\messages.json, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\zh-TW\messages.json, , [ac8956ff730860d63c1e6b3733cff60a],
PUP.Optional.RegCleanerPro.J, C:\Windows\Tasks\RegClean Pro_UPDATES.job, , [b97c73e2e596cf6740b2f9ae4fb3817f],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\SearchTheWeb.xml, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\Iminent.Mediator.ActivePlayers.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\f_in_box.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\Iminent.AxImp.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\Iminent.Booster.UI.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\Iminent.Business.Connect.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\Iminent.Business.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\Iminent.Business.tlb, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\Iminent.Entity.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\Iminent.exe, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\Iminent.exe.config, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\Iminent.InstallLog, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\Iminent.InstallState, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\Microsoft.DirectX.AudioVideoPlayback.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\Microsoft.Expression.Interactions.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\StartWeb.xml, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\System.Data.SQLite.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\System.Data.SQLite.xml, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\System.Windows.Interactivity.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\System.Windows.Interactivity.xml, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\USearch.xml, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\WPFLocalizeExtension.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\WPFLocalizeExtension.xml, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\Iminent.Mediator.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\Iminent.Mediator.tlb, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\Iminent.Messengers.exe, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\Iminent.Messengers.exe.config, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\Iminent.Services.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\Iminent.WinCore.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\Iminent.WinCore.WLM.WinEvents.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\Iminent.WinCore.WLM15.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\Iminent.WinCore.Yahoo.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\Iminent.Windows.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\Iminent.Workflow.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\de\Iminent.Booster.UI.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\de\Iminent.Business.Connect.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\de\Iminent.Messengers.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\de\Iminent.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\de\Iminent.Services.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\de\Microsoft.Expression.Interactions.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\de\System.Windows.Interactivity.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\en\Iminent.Booster.UI.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\en\Iminent.Business.Connect.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\en\Iminent.Messengers.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\en\Iminent.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\en\Iminent.Services.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\en\Microsoft.Expression.Interactions.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\en\System.Windows.Interactivity.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\es\Iminent.Booster.UI.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\es\Iminent.Business.Connect.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\es\Iminent.Messengers.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\es\Iminent.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\es\Iminent.Services.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\es\Microsoft.Expression.Interactions.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\es\System.Windows.Interactivity.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\fr\Iminent.Booster.UI.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\fr\Iminent.Business.Connect.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\fr\Iminent.Messengers.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\fr\Iminent.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\fr\Iminent.Services.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\fr\Microsoft.Expression.Interactions.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\fr\System.Windows.Interactivity.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\inst\main.ico, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\inst\msacm32.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\inst\SearchTheWeb.ico, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\inst\Universely.ico, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\inst\Bootstrapper\Bootstrapper.exe, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\it\Iminent.Booster.UI.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\it\Iminent.Business.Connect.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\it\Iminent.Messengers.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\it\Iminent.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\it\Iminent.Services.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\it\Microsoft.Expression.Interactions.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\it\System.Windows.Interactivity.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\ro\Iminent.Booster.UI.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\ro\Iminent.Messengers.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\ro\Iminent.Services.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\tr\Iminent.Booster.UI.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\tr\Iminent.Business.Connect.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\tr\Iminent.Messengers.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\tr\Iminent.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Iminent\tr\Iminent.Services.resources.dll, , [ff369abb572461d544b35f59f013c23e],
PUP.Optional.Iminent.A, C:\Program Files\Mozilla Firefox\defaults\pref\all-iminent.js, , [3ff6e4718fecc571669f229720e3a55b],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro\TraditionalCn_rcp_zh-tw.ini, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro\German_rcp.ini, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro\Chinese_rcp.ini, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro\CleanSchedule.exe, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro\Cloud_Backup_Setup.exe, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro\Cloud_Backup_Setup_Intl.exe, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro\Danish_rcp.ini, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro\Dutch_rcp.ini, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro\eng_rcp.ini, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro\Finnish_rcp_fi.ini, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro\French_rcp.ini, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro\greek_rcp_el.ini, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro\isxdl.dll, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro\Italian_rcp.ini, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro\Japanese_rcp.ini, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro\korean_rcp_ko.ini, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro\Norwegian_rcp.ini, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro\polish_rcp_pl.ini, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro\portugese_rcp_pt.ini, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro\Portuguese_rcp.ini, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro\RCPUninstall.exe, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro\RegCleanPro.dll, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro\RegCleanPro.exe, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro\russian_rcp_ru.ini, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro\Spanish_rcp.ini, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro\SSDPTstub.exe, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro\Swedish_rcp.ini, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro\systweakasp.exe, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro\turkish_rcp_tr.ini, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro\unins000.exe, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.RegCleanPro.A, C:\Program Files\RegClean Pro\xmllite.dll, , [cb6a59fc3447e25450f13a80ac57b050],
PUP.Optional.RegCleanPro.A, C:\Windows\Tasks\RegClean Pro_DEFAULT.job, , [79bc2332accf2511af9364561ce7c040],
PUP.Optional.Iminent.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\SearchTheWeb.lnk, , [d4618dc8502b290dd474d1ea828104fc],
PUP.Optional.Iminent.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\Blog.lnk, , [d4618dc8502b290dd474d1ea828104fc],
PUP.Optional.Iminent.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\FAQ.lnk, , [d4618dc8502b290dd474d1ea828104fc],
PUP.Optional.Iminent.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\Help.lnk, , [d4618dc8502b290dd474d1ea828104fc],
PUP.Optional.Iminent.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent\Iminent.lnk, , [d4618dc8502b290dd474d1ea828104fc],
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot.exe, , [78bdbb9a9be0e650eeb012aada29a060],
PUP.Optional.Feven.A, C:\Windows\Tasks\Feven 1.5-chromeinstaller.job, , [1a1bbc999dde86b0678b24a5659e23dd],
PUP.Optional.Feven.A, C:\Windows\Tasks\Feven 1.5-codedownloader.job, , [1025411474075adc60927d4c699a857b],
PUP.Optional.Feven.A, C:\Windows\Tasks\Feven 1.5-enabler.job, , [a09501542952c373638f9a2f778c3ac6],
PUP.Optional.Feven.A, C:\Windows\Tasks\Feven 1.5-firefoxinstaller.job, , [c174213487f42511f9f9fccdf70c3ac6],
PUP.Optional.Feven.A, C:\Windows\Tasks\Feven 1.5-updater.job, , [4bead1849ae1c5713bb7b514768d42be],
PUP.Optional.Storimbo.A, C:\Program Files\Storimbo\Storimbo.ico, , [35006ce97ffc37ff08c9b416689b619f],
PUP.Optional.Storimbo.A, C:\Program Files\Storimbo\StorimboUninstall.exe, , [35006ce97ffc37ff08c9b416689b619f],
PUP.Optional.Storimbo.A, C:\Program Files\Storimbo\updateStorimbo.InstallState, , [35006ce97ffc37ff08c9b416689b619f],
PUP.Optional.Storimbo.A, C:\Program Files\Storimbo\bin\7za.exe, , [35006ce97ffc37ff08c9b416689b619f],
PUP.Optional.Storimbo.A, C:\Program Files\Storimbo\bin\BrowserAdapterS.7z, , [35006ce97ffc37ff08c9b416689b619f],
PUP.Optional.Storimbo.A, C:\Program Files\Storimbo\bin\sqlite3.dll, , [35006ce97ffc37ff08c9b416689b619f],
PUP.Optional.Storimbo.A, C:\Program Files\Storimbo\bin\Storimbo.BrowserAdapter.exe, , [35006ce97ffc37ff08c9b416689b619f],
PUP.Optional.Storimbo.A, C:\Program Files\Storimbo\bin\Storimbo.BrowserFilter.Helper.dll, , [35006ce97ffc37ff08c9b416689b619f],
PUP.Optional.Storimbo.A, C:\Program Files\Storimbo\bin\Storimbo.BrowserFilter.Helper.dll.old.f481dbd9-7a38-48a7-a7cd-434608ba6afd, , [35006ce97ffc37ff08c9b416689b619f],
PUP.Optional.Storimbo.A, C:\Program Files\Storimbo\bin\Storimbo.PurBrowse.exe, , [35006ce97ffc37ff08c9b416689b619f],
PUP.Optional.Storimbo.A, C:\Program Files\Storimbo\bin\Storimbo.PurBrowse.zip, , [35006ce97ffc37ff08c9b416689b619f],
PUP.Optional.Storimbo.A, C:\Program Files\Storimbo\bin\StorimboBA.dll, , [35006ce97ffc37ff08c9b416689b619f],
PUP.Optional.Storimbo.A, C:\Program Files\Storimbo\bin\StorimboBAApp.dll, , [35006ce97ffc37ff08c9b416689b619f],
PUP.Optional.Storimbo.A, C:\Program Files\Storimbo\bin\StorimboBrowserFilter.exe, , [35006ce97ffc37ff08c9b416689b619f],
PUP.Optional.Storimbo.A, C:\Program Files\Storimbo\bin\utilStorimbo.InstallState, , [35006ce97ffc37ff08c9b416689b619f],
PUP.Optional.Storimbo.A, C:\Program Files\Storimbo\bin\plugins\Storimbo.Bromon.dll, , [35006ce97ffc37ff08c9b416689b619f],
PUP.Optional.Storimbo.A, C:\Program Files\Storimbo\bin\plugins\Storimbo.BrowserAdapterS.dll, , [35006ce97ffc37ff08c9b416689b619f],
PUP.Optional.Storimbo.A, C:\Program Files\Storimbo\bin\plugins\Storimbo.BrowserFilter.dll, , [35006ce97ffc37ff08c9b416689b619f],
PUP.Optional.Storimbo.A, C:\Program Files\Storimbo\bin\plugins\Storimbo.CompatibilityChecker.dll, , [35006ce97ffc37ff08c9b416689b619f],
PUP.Optional.Storimbo.A, C:\Program Files\Storimbo\bin\plugins\Storimbo.FFUpdate.dll, , [35006ce97ffc37ff08c9b416689b619f],
PUP.Optional.Storimbo.A, C:\Program Files\Storimbo\bin\plugins\Storimbo.GCUpdate.dll, , [35006ce97ffc37ff08c9b416689b619f],
PUP.Optional.Storimbo.A, C:\Program Files\Storimbo\bin\plugins\Storimbo.IEUpdate.dll, , [35006ce97ffc37ff08c9b416689b619f],
PUP.Optional.Storimbo.A, C:\Program Files\Storimbo\bin\plugins\Storimbo.PurBrowse.dll, , [35006ce97ffc37ff08c9b416689b619f],
PUP.Optional.MindSpark, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hSrchMn.exe, , [7db8cb8a0a7156e05e52517759aad828],
PUP.Optional.MindSpark, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hbrmon.exe, , [1c199cb9daa1e056dbd417b1ea19ba46],
PUP.Optional.BabSolution.A, C:\Users\Jutta\AppData\Roaming\BabSolution\Shared\enhancedNT.dll, , [36ff3322295250e69368b800669d9769],
PUP.Optional.Iminent.A, C:\ProgramData\Iminent\Mediator\Datas\Cache\apix.iminent.com\1033.11575f00-7bdc-4181-ba0a-b298aeab228c.dat, , [2510e76e2358b581be28db9a29d91be5],
PUP.Optional.Iminent.A, C:\Users\Jutta\AppData\Roaming\Iminent\Mediator\Datas\globalcache.dat, , [64d15bfaf78479bd6a7ca4d12cd656aa],
PUP.Optional.Iminent.A, C:\Users\Jutta\AppData\Roaming\Iminent\Mediator\Datas\user.dat, , [64d15bfaf78479bd6a7ca4d12cd656aa],
PUP.Optional.Delta.A, C:\Program Files\Delta\delta\1.8.22.0\deltaApp.dll, , [9a9baaab0e6d95a1f9ee43324ab88080],
PUP.Optional.Delta.A, C:\Program Files\Delta\delta\1.8.22.0\deltaEng.dll, , [9a9baaab0e6d95a1f9ee43324ab88080],
PUP.Optional.Delta.A, C:\Program Files\Delta\delta\1.8.22.0\GUninstaller.exe, , [9a9baaab0e6d95a1f9ee43324ab88080],
PUP.Optional.Delta.A, C:\Program Files\Delta\delta\1.8.22.0\uninstall.exe, , [9a9baaab0e6d95a1f9ee43324ab88080],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\signatures\completedatabase.db, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\signatures\Cookies.bin, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\signatures\DigSign.bin, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\signatures\FilePaths.bin, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\signatures\FileSignature.bin, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\signatures\Folders.bin, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\signatures\Md5.bin, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\signatures\Registry.bin, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\signatures\SetupSign.bin, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\signatures\StrSetupSign.bin, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1545completedatabase.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1741mupdate.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1748mupdate.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1749update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1750update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1751update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1752update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1753update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1754update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1755update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1756update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1757update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1758update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1759update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1760update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1761update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1762update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1763update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1764update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1765update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1766update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1767update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1768update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1769update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1770update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1771update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1772update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1773update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1774update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1775update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1776update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1777update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1778update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1779update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1780update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1781update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1782update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1783update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1784update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1785update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1786update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1787update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1788update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1789update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1790update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1791update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1792update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1793update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1794update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1795update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1796update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1797update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1798update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1799update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1800update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1808mupdate.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1809update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
PUP.Optional.AdvancedSystemProtector.A, C:\ProgramData\Systweak\Advanced System Protector\updates\1810update.zip, , [7bba98bd2d4e80b62bcd14616e949e62],
|
|
25.05.2014, 14:52
| #3 |
| | über 1000 Funde mit Malewarebytes 3. teil:
__________________Code:
ATTFilter PUP.Optional.AdvancedSystemProtector.A, C:\Users\Default\AppData\Roaming\Systweak\Advanced System Protector\QDetail.db, , [8ea7b4a12556ba7cb64287ee9b6757a9],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Default\AppData\Roaming\Systweak\Advanced System Protector\Settings.db, , [8ea7b4a12556ba7cb64287ee9b6757a9],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Default\AppData\Roaming\Systweak\Advanced System Protector\Update.ini, , [8ea7b4a12556ba7cb64287ee9b6757a9],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Default\AppData\Roaming\Systweak\Advanced System Protector\2.1.1000.10905\ASPLog.txt, , [8ea7b4a12556ba7cb64287ee9b6757a9],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Jutta\AppData\Roaming\Systweak\Advanced System Protector\QDetail.db, , [fc393f167308ab8b4cac6411966c5fa1],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Jutta\AppData\Roaming\Systweak\Advanced System Protector\Settings.db, , [fc393f167308ab8b4cac6411966c5fa1],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Jutta\AppData\Roaming\Systweak\Advanced System Protector\Update.ini, , [fc393f167308ab8b4cac6411966c5fa1],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Jutta\AppData\Roaming\Systweak\Advanced System Protector\2.1.1000.10905\ASPLog.txt, , [fc393f167308ab8b4cac6411966c5fa1],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Jutta\AppData\Roaming\Systweak\Advanced System Protector\Logs\log_03-04-14_02-52-23.xml, , [fc393f167308ab8b4cac6411966c5fa1],
PUP.Optional.AdvancedSystemProtector.A, C:\Users\Jutta\AppData\Roaming\Systweak\Advanced System Protector\Logs\SMLog.xml, , [fc393f167308ab8b4cac6411966c5fa1],
PUP.Optional.RegCleanerPro.A, C:\Users\Jutta\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\ExcludeList.rcp, , [f93c95c0abd0a88e9cfca8ce70927e82],
PUP.Optional.RegCleanerPro.A, C:\Users\Jutta\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\German_rcp.dat, , [f93c95c0abd0a88e9cfca8ce70927e82],
PUP.Optional.RegCleanerPro.A, C:\Users\Jutta\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\log_04-11-2014.log, , [f93c95c0abd0a88e9cfca8ce70927e82],
PUP.Optional.RegCleanerPro.A, C:\Users\Jutta\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\rcpupdate.ini, , [f93c95c0abd0a88e9cfca8ce70927e82],
PUP.Optional.RegCleanerPro.A, C:\Users\Jutta\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\results.rcp, , [f93c95c0abd0a88e9cfca8ce70927e82],
PUP.Optional.RegCleanerPro.A, C:\Users\Jutta\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\TempHLList.rcp, , [f93c95c0abd0a88e9cfca8ce70927e82],
PUP.Optional.RegCleanerPro.A, C:\Users\Jutta\AppData\Roaming\Systweak\RegClean Pro\Version 6.1\voice\de\voice.wav, , [f93c95c0abd0a88e9cfca8ce70927e82],
PUP.Optional.LyricsContainer.A, C:\Program Files\LyricsContainer\157.crx, , [20157dd8b0cbdc5a12fb027520e226da],
PUP.Optional.LyricsContainer.A, C:\Program Files\LyricsContainer\157.dat, , [20157dd8b0cbdc5a12fb027520e226da],
PUP.Optional.LyricsContainer.A, C:\Program Files\LyricsContainer\157.dll, , [20157dd8b0cbdc5a12fb027520e226da],
PUP.Optional.LyricsContainer.A, C:\Program Files\LyricsContainer\157.xpi, , [20157dd8b0cbdc5a12fb027520e226da],
PUP.Optional.LyricsContainer.A, C:\Program Files\LyricsContainer\a.db, , [20157dd8b0cbdc5a12fb027520e226da],
PUP.Optional.LyricsContainer.A, C:\Program Files\LyricsContainer\b.db, , [20157dd8b0cbdc5a12fb027520e226da],
PUP.Optional.LyricsContainer.A, C:\Program Files\LyricsContainer\LookF.exe, , [20157dd8b0cbdc5a12fb027520e226da],
PUP.Optional.LyricsContainer.A, C:\Program Files\LyricsContainer\LookForWord157.bin, , [20157dd8b0cbdc5a12fb027520e226da],
PUP.Optional.LyricsContainer.A, C:\Program Files\LyricsContainer\LookForWord157.exe, , [20157dd8b0cbdc5a12fb027520e226da],
PUP.Optional.LyricsContainer.A, C:\Program Files\LyricsContainer\LookForWord157.ini, , [20157dd8b0cbdc5a12fb027520e226da],
PUP.Optional.LyricsContainer.A, C:\Program Files\LyricsContainer\LookForWord_wd.exe, , [20157dd8b0cbdc5a12fb027520e226da],
PUP.Optional.LyricsContainer.A, C:\Program Files\LyricsContainer\Sqlite3.dll, , [20157dd8b0cbdc5a12fb027520e226da],
PUP.Optional.LyricsContainer.A, C:\Program Files\LyricsContainer\Uninstall.exe, , [20157dd8b0cbdc5a12fb027520e226da],
PUP.Optional.Feven.A, C:\Program Files\Feven 1.5\38532.crx, , [83b230257605d75f354e7205ac56748c],
PUP.Optional.Feven.A, C:\Program Files\Feven 1.5\38532.xpi, , [83b230257605d75f354e7205ac56748c],
PUP.Optional.Feven.A, C:\Program Files\Feven 1.5\background.html, , [83b230257605d75f354e7205ac56748c],
PUP.Optional.Feven.A, C:\Program Files\Feven 1.5\Feven 1.5-bg.exe, , [83b230257605d75f354e7205ac56748c],
PUP.Optional.Feven.A, C:\Program Files\Feven 1.5\Feven 1.5-buttonutil.dll, , [83b230257605d75f354e7205ac56748c],
PUP.Optional.Feven.A, C:\Program Files\Feven 1.5\Feven 1.5-buttonutil.exe, , [83b230257605d75f354e7205ac56748c],
PUP.Optional.Feven.A, C:\Program Files\Feven 1.5\Feven 1.5-chromeinstaller.exe, , [83b230257605d75f354e7205ac56748c],
PUP.Optional.Feven.A, C:\Program Files\Feven 1.5\Feven 1.5-codedownloader.exe, , [83b230257605d75f354e7205ac56748c],
PUP.Optional.Feven.A, C:\Program Files\Feven 1.5\Feven 1.5-enabler.exe, , [83b230257605d75f354e7205ac56748c],
PUP.Optional.Feven.A, C:\Program Files\Feven 1.5\Feven 1.5-firefoxinstaller.exe, , [83b230257605d75f354e7205ac56748c],
PUP.Optional.Feven.A, C:\Program Files\Feven 1.5\Feven 1.5-helper.exe, , [83b230257605d75f354e7205ac56748c],
PUP.Optional.Feven.A, C:\Program Files\Feven 1.5\Feven 1.5-updater.exe, , [83b230257605d75f354e7205ac56748c],
PUP.Optional.Feven.A, C:\Program Files\Feven 1.5\Feven 1.5.ico, , [83b230257605d75f354e7205ac56748c],
PUP.Optional.Feven.A, C:\Program Files\Feven 1.5\Installer.log, , [83b230257605d75f354e7205ac56748c],
PUP.Optional.Feven.A, C:\Program Files\Feven 1.5\Uninstall.exe, , [83b230257605d75f354e7205ac56748c],
PUP.Optional.Feven.A, C:\Program Files\Feven 1.5\utils.exe, , [83b230257605d75f354e7205ac56748c],
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\update\conf, , [71c40b4a205b7bbb21b9fd7b6a9833cd],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome.manifest, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\install.rdf, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\background.html, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\baseObject.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\browser.xul, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\dialog.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\main.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\options.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\options.xul, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\search_dialog.xul, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\asyncDB.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\background.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\browserAction.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\contextMenu.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\dbManager.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\dom_bg.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\fileManager.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\firefox.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\firefoxNotifications.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\firefoxOmnibox.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\message.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\pageAction.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\request.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\tabs.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\webRequest.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\console.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\consts.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\delegate.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\extensionDataStore.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\folderIOWrapper.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\httpObserver.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\IDBWrapper.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\installer.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\logFile.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\prefs.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\progressListenerObserver.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\registry.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\reloadObserver.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\reports.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\requestObject.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\searchSettings.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\uninstallObserver.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\updateManager.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\utils.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\xhr.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\defaults\preferences\prefs.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\manifest.xml, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins.json, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\102_dealply_m.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\103_intext_5_m.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\120_luck_m.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\126_revizer_ws_m.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\13_CrossriderAppUtils.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\14_CrossriderUtils.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\16_FFAppAPIWrapper.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\177_crossriderDashboard.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\17_jQuery.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\180_bpo_serp_m.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\182_openUrl.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\183_tabsWrapper.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\191_ciuvo_m.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\193_revizer_p_dynamic_b2b_m.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\1_base.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\21_debug.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\22_resources.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\28_initializer.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\47_resources_background.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\4_jquery_1_7_1.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\64_appApiMessage.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\72_appApiValidation.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\78_CrossriderInfo.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\91_monetizationLoader.js.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\93_superfish_no_coupons_m.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\98_omniCommands.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\userCode\background.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\userCode\extension.js, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\locale\en-US\translations.dtd, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\button1.png, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\button2.png, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\button3.png, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\button4.png, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\button5.png, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\crossrider_statusbar.png, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\icon128.png, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\icon16.png, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\icon24.png, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\icon48.png, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\panelarrow-up.png, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\popup.html, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\skin.css, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\update.css, , [e84d57fe512aed493a7a7ffcca38837d],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\chrome.manifest, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\install.rdf, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\uninstall.exe, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\components\FFDisp.dll, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\delta.css, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\delta.xul, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\dpk.htm, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\hlprs.js, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\loader.xul, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\mtstart.js, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\serp.js, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\tmplt.js, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\arwDwn.gif, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\closeo.png, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\help_16.gif, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\home.gif, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\icon_seperator.png, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\logo.PNG, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\privecy_16_hot.gif, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\sign.jpg, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\specialoffer.gif, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\tellafriend.gif, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\uninstall.gif, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\ae.png, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\bg.png, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\ch.png, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\cn.png, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\cz.png, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\de.png, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\eg.png, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\en.png, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\es.png, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\fr.png, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\gr.png, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\he.png, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\il.png, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\it.png, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\ja.png, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\jp.png, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\nl.png, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\no.png, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\pl.png, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\pt.png, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\ro.png, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\ru.png, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\sa.png, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\se.png, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\sv.png, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\tr.png, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\ua.png, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\us.png, , [36ff470e304b9b9b468397e46999b44c],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome.manifest, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\install.rdf, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\content\index.html, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\content\quick_start.js, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\content\quick_start.xul, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\content\include\speed_dial.js, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\content\include\tools\about_blank_hook.js, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\content\include\tools\misc.js, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\content\include\tools\popup_image_helper.js, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\content\include\tools\urlrequestor.js, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\content\js\common.js, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\content\js\ga.js, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\content\js\jquery.autocomplete.js, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\content\js\js.js, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\content\js\library.js, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\content\js\xagainit.js, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\en\locale.properties, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\en-US\locale.properties, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\es\locale.properties, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\es-419\locale.properties, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\fr\locale.properties, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\fr-BE\locale.properties, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\fr-CA\locale.properties, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\fr-CH\locale.properties, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\fr-LU\locale.properties, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\it\locale.properties, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\it-CH\locale.properties, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\pl\locale.properties, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\pt-BR\locale.properties, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\ru\locale.properties, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\ru-MO\locale.properties, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\tr\locale.properties, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\vi\locale.properties, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\zh-CN\locale.properties, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\locale\zh-TW\locale.properties, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\default_add_logo.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\default_add_logo_hover.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\default_logo.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\google_trends.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\icon.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\icon128.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\icon16.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\icon48.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\iconsmall.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\loading.gif, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\logo.ico, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\logo.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\logo32.ico, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\search.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\style.css, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\27.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\0.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\1.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\10.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\11.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\12.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\13.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\14.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\15.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\16.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\17.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\18.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\19.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\2.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\20.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\21.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\22.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\23.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\24.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\25.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\26.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\28.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\29.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\3.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\30.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\31.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\32.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\33.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\34.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\35.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\36.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\37.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\38.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\39.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\4.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\40.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\41.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\42.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\43.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\44.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\45.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\46.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\47.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\5.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\6.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\7.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\8.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\chrome\skin\weather\9.png, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\defaults\preferences\fvd.js, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\modules\addonmanager.js, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\modules\aes.js, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\modules\config.js, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\modules\dialogs.js, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\modules\last_tab.js, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\modules\misc.js, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\modules\properties.js, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\modules\remoterequest.js, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\modules\restoreprefs.js, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.QuickStart.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\quick_start@gmail.com\modules\settings.js, , [ed48074e47343501c7b75923e31f629e],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hauxstb.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hbar.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hbprtct.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hbrstub.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hdatact.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hdlghk.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hdyn.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hfeedmg.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hhighin.exe, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hhkstub.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hhtmlmu.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hhttpct.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hidle.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hieovr.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8himpipe.exe, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hmedint.exe, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hmlbtn.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hmsg.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hPlugin.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hradio.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hregfft.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hreghk.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hregiet.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hscript.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hskin.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hskplay.exe, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8htpinst.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\8huabtn.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\AppIntegrator64.exe, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\AppIntegratorStub64.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\BOOTSTRAP.JS, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\CHROME.MANIFEST, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\CREXT.DLL, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\CrExtP8h.exe, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\DPNMNGR.DLL, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\EXEMANAGER.DLL, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\Hpg64.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\INSTALL.RDF, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\installKeys.js, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\LOGO.BMP, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\NP8hStub.dll, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\T8EXTEX.DLL, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\T8EXTPEX.DLL, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\T8HTML.DLL, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\T8RES.DLL, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\T8TICKER.DLL, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\VERIFY.DLL, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\1.bin\chrome\8hffxtbr.jar, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\gen1\COMMON.T8S, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\IE9Mesg\COMMON.T8S, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\Message\COMMON.T8S, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Program Files\Allin1Convert_8h\bar\Settings\s_pid.dat, , [171e9eb71d5e7cbaf67f7e0139c95aa6],
PUP.Optional.MindSpark.A, C:\Users\Jutta\AppData\Local\Allin1Convert_8h\4ABCF663-EFD5-484D-8B4D-0BCEE769D1A3.sqlite, , [41f4f75ef38831050b6b4837ea1813ed],
PUP.Optional.MindSpark.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\myfacjqi.default\extensions\8hffxtbr@Allin1Convert_8h.com\bootstrap.js, , [c66fe86d4a3179bd81f6a2ddb949b749],
PUP.Optional.MindSpark.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\myfacjqi.default\extensions\8hffxtbr@Allin1Convert_8h.com\chrome.manifest, , [c66fe86d4a3179bd81f6a2ddb949b749],
PUP.Optional.MindSpark.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\myfacjqi.default\extensions\8hffxtbr@Allin1Convert_8h.com\install.rdf, , [c66fe86d4a3179bd81f6a2ddb949b749],
PUP.Optional.MindSpark.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\myfacjqi.default\extensions\8hffxtbr@Allin1Convert_8h.com\installKeys.js, , [c66fe86d4a3179bd81f6a2ddb949b749],
PUP.Optional.MindSpark.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\myfacjqi.default\extensions\8hffxtbr@Allin1Convert_8h.com\chrome\8hffxtbr.jar, , [c66fe86d4a3179bd81f6a2ddb949b749],
PUP.Optional.MindSpark.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\8hffxtbr@Allin1Convert_8h.com\bootstrap.js, , [c96c60f51b602016c3b4453a42c07d83],
PUP.Optional.MindSpark.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\8hffxtbr@Allin1Convert_8h.com\chrome.manifest, , [c96c60f51b602016c3b4453a42c07d83],
PUP.Optional.MindSpark.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\8hffxtbr@Allin1Convert_8h.com\install.rdf, , [c96c60f51b602016c3b4453a42c07d83],
PUP.Optional.MindSpark.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\8hffxtbr@Allin1Convert_8h.com\install_no_bootstrap.rdf, , [c96c60f51b602016c3b4453a42c07d83],
PUP.Optional.MindSpark.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\8hffxtbr@Allin1Convert_8h.com\chrome\8hffxtbr.jar, , [c96c60f51b602016c3b4453a42c07d83],
PUP.Optional.MindSpark.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\8hffxtbr@Allin1Convert_8h.com\META-INF\manifest.mf, , [c96c60f51b602016c3b4453a42c07d83],
PUP.Optional.MindSpark.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\8hffxtbr@Allin1Convert_8h.com\META-INF\zigbert.rsa, , [c96c60f51b602016c3b4453a42c07d83],
PUP.Optional.MindSpark.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\8hffxtbr@Allin1Convert_8h.com\META-INF\zigbert.sf, , [c96c60f51b602016c3b4453a42c07d83],
PUP.Optional.MindSpark.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\extensions\8hffxtbr@Allin1Convert_8h.com\plugins\FF-NativeMessagingDispatcher.dll, , [c96c60f51b602016c3b4453a42c07d83],
PUP.Optional.MindSpark.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\Allin1Convert_8h\4ABCF663-EFD5-484D-8B4D-0BCEE769D1A3.sqlite, , [64d13e1738433204fbc390efbe44f808],
PUP.Optional.CrossRider.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("extensions.crossrider.bic", "14316b70ff047a28a855ee61bab7654b");), ,[4beae372bebd290d173aa2e181833ec2]
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.admin", false);), ,[0b2a5203a2d98da9c7a1ff8451b38977]
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.aflt", "babsst");), ,[989d084d8dee3ff791d792f114f0c739]
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");), ,[ed482a2bb6c530061c4c493aa75d0df3]
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.autoRvrt", "false");), ,[6dc8d87d0e6df04690d899ea02026997]
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.bbDpng", "24");), ,[4de85302e19a82b478f0661d47bd3cc4]
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.cntry", "DE");), ,[1223e76ef2896ec8cc9c0380699be51b]
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.dfltLng", "de");), ,[cf661441d2a964d2d098592a4aba19e7]
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.excTlbr", false);), ,[221350059ae1c3733236d7acdc28c937]
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.ffxUnstlRst", true);), ,[ec49e86d4338ce68aebab5cec53ff010]
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.hdrMd5", "D6C47E282793FAC7FC37B44AAE79504E");), ,[a19474e1b0cb5ed8b3b5a5de17ed827e]
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.id", "0235e99c00000000000008edb9350df0");), ,[2d088bcaff7c62d42a3eb6cd6e961fe1]
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.instlDay", "15914");), ,[bc79a9ac98e394a2c8a0a3e026de639d]
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.instlRef", "sst");), ,[90a525300d6e5bdb0b5db5cece36926e]
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.lastVrsnTs", "1.8.22.022:21:39");), ,[8ca990c53546a59178f0731043c120e0]
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.newTab", false);), ,[f04542139eddbf77d890fc876c98a15f]
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.prdct", "delta");), ,[75c0da7b90ebc274dd8bee959e66af51]
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.prtnrId", "delta");), ,[69cc3a1b7506290d6efa7211bc4836ca]
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.rvrt", "false");), ,[161fafa61863fd395810473ce420bd43]
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.sg", "azb");), ,[37fe35205c1f65d15117542ff21252ae]
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.smplGrp", "azb");), ,[d065ea6b314a6fc75b0de3a0cd37a858]
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.tlbrId", "base");), ,[54e14114b6c58da903655e25e3211de3]
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.tlbrSrchUrl", "");), ,[f045dc796c0fe94d3731830024e04eb2]
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.vrsn", "1.8.22.0");), ,[2e07193ce695bf77f870e0a36e960ff1]
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.vrsnTs", "1.8.22.022:21:39");), ,[1d1865f06f0c9e989eca731059aba45c]
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta.vrsni", "1.8.22.0");), ,[3104e1747902c76fb5b36e153dc77f81]
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta_i.babExt", "");), ,[f93cc1946417f640e880dfa40df7ae52]
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta_i.babTrack", "affID=119556&tl=gkn724183&tsp=4957");), ,[b4819db8e19a52e4115789fa857f5da3]
PUP.Optional.Delta.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("extensions.delta_i.srcExt", "ss");), ,[4aeb0451a8d3e254c6a29de6f01455ab]
PUP.Optional.NationZoom.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("extensions.toolbar.mindspark._8hMembers_.browser.startup.homepage.prev", "hxxp://www.nationzoom.com/?type=hp&ts=1387655434&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WX81C226516265162");), ,[0c29cc89d1aaba7c90005b28d4303bc5]
PUP.Optional.ASK.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("browser.startup.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=4ABCF663-EFD5-484D-8B4D-0BCEE769D1A3&n=77fd06ab&p2=^AYY^xdm070^YYA^de&si=flvrunner");), ,[8ca94213700b63d33113dea6b351d828]
PUP.Optional.ASK.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("extensions.toolbar.mindspark._8hMembers_.browser.startup.homepage.tb", "hxxp://home.tb.ask.com/index.jhtml?ptb=4ABCF663-EFD5-484D-8B4D-0BCEE769D1A3&n=77fd06ab&p2=^AYY^xdm070^YYA^de&si=flvrunner");), ,[2114c491671460d6c0843b4932d233cd]
PUP.Optional.ASK.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Good: (), Bad: (user_pref("keyword.URL", "hxxp://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=4ABCF663-EFD5-484D-8B4D-0BCEE769D1A3&n=77fd06ab&ind=2013071019&p2=^AYY^xdm070^YYA^de&si=flvrunner&searchfor=");), ,[7cb9d28395e62214df663e461be9c23e]
Physical Sectors: 0
(No malicious items detected)
(end)
Liebe Grüße turtle |
|
27.05.2014, 11:01
| #4 |
| /// Winkelfunktion /// TB-Süch-Tiger™   | über 1000 Funde mit Malewarebytes Hi, das ist Werbung (Adware/Junkware) Scan mit Farbar's Recovery Scan Tool (FRST) Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
27.05.2014, 11:38
| #5 |
| | über 1000 Funde mit Malewarebytes Wahnsinn, wie doll sowas vermeintlich harmloses einen Rechner beeinflussen kann. Der hier ist dadurch kaum noch zu benutzen. Ich fliege hier ständig raus mittem Wort leitet es auf andere Seiten um. Aber der Scan is geschafft: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-05-2014 02
Ran by Jutta (administrator) on 1SCHNUCKELCHEN on 27-05-2014 12:21:53
Running from C:\Users\Jutta\Downloads
Platform: Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Just Develop It) C:\Program Files\MyPC Backup\BackupStack.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Registration\GREGsvc.exe
(Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccsvchst.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(AVM Berlin) C:\Program Files\avmwlanstick\FRITZWLANMini.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LMworker.exe
(MyPCBackup.com) C:\Program Files\MyPC Backup\MyPC Backup.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Symantec Corporation) C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [GfxServiceInstall] => C:\Windows\system32\GfxCUIServiceInstall.vbs [131 2012-02-26] ()
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1934632 2010-10-08] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10959464 2012-01-10] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [714120 2012-02-07] (Acer Incorporated)
HKLM\...\Run: [AVMWlanClient] => C:\Program Files\avmwlanstick\FRITZWLANMini.exe [283136 2007-02-02] (AVM Berlin)
HKLM\...\Run: [ROC_roc_ssl_v12] => "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
HKLM\...\Run: [MRT] => C:\Windows\system32\MRT.exe [90547776 2014-05-18] (Microsoft Corporation)
HKU\S-1-5-21-3008509189-370871999-48178643-1000\...\Run: [Optimizer Pro] => C:\Program Files\Optimizer Pro\OptProLauncher.exe [134648 2013-10-28] ()
HKU\S-1-5-21-3008509189-370871999-48178643-1000\...\MountPoints2: {1999427a-1397-11e2-a141-08edb9350df0} - D:\pushinst.exe
AppInit_DLLs: c:\progra~1\optimi~1\optpro~1.dll => C:\Program Files\Optimizer Pro\OptProCrash.dll [4145992 2013-10-29] ()
Startup: C:\Users\Jutta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
ShortcutTarget: MyPC Backup.lnk -> C:\Program Files\MyPC Backup\MyPC Backup.exe (MyPCBackup.com)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
URLSearchHook: HKLM - FileConverter 1.3 Toolbar - {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files\FileConverter_1.3\prxtbFil0.dll (Conduit Ltd.)
URLSearchHook: HKCU - FileConverter 1.3 Toolbar - {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files\FileConverter_1.3\prxtbFil0.dll (Conduit Ltd.)
URLSearchHook: HKCU - (No Name) - {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} - C:\Program Files\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKCU - DefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss_Btisdt7&mntrId=023508EDB9350DF0&affID=119556&tl=gkn724183&tsp=4957
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss_Btisdt7&mntrId=023508EDB9350DF0&affID=119556&tl=gkn724183&tsp=4957
SearchScopes: HKCU - {FA1DF410-F896-4FFB-A01D-DF87FE75C99E} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3241949
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: FileConverter 1.3 Toolbar - {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files\FileConverter_1.3\prxtbFil0.dll (Conduit Ltd.)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - FileConverter 1.3 Toolbar - {78e516ef-11de-47a1-8364-a99b917ec5ee} - C:\Program Files\FileConverter_1.3\prxtbFil0.dll (Conduit Ltd.)
Toolbar: HKCU - FileConverter 1.3 Toolbar - {78E516EF-11DE-47A1-8364-A99B917EC5EE} - C:\Program Files\FileConverter_1.3\prxtbFil0.dll (Conduit Ltd.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: nationzoom
FF SearchEngineOrder.1: Delta Search
FF SelectedSearchEngine: nationzoom
FF Homepage: hxxp://home.tb.ask.com/index.jhtml?ptb=4ABCF663-EFD5-484D-8B4D-0BCEE769D1A3&n=77fd06ab&p2=^AYY^xdm070^YYA^de&si=flvrunner
FF Keyword.URL: hxxp://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=4ABCF663-EFD5-484D-8B4D-0BCEE769D1A3&n=77fd06ab&ind=2013071019&p2=^AYY^xdm070^YYA^de&si=flvrunner&searchfor=
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\user.js
FF SearchPlugin: C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\avg-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\nationzoom.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: LyricsContainer - C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\Extensions\130 [2013-08-26]
FF Extension: LyricsContainer - C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\Extensions\133 [2013-09-11]
FF Extension: suurfkeepIt - C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\Extensions\ai4cch@laqbjq.com [2014-02-01]
FF Extension: APPPtoU - C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\Extensions\uing-0em@ievqgtchsaoe.com [2014-02-01]
FF Extension: PPPT2PNGG - C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\Extensions\xjulx0_ak@uoeumdrf-rj.edu [2014-03-01]
FF Extension: downloaddiitkeep - C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\Extensions\z.fox0@oaidraaaukqi.co.uk [2014-03-01]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2013-12-13]
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFFPlgn\
FF Extension: No Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFFPlgn\ []
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\
FF Extension: No Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\ []
FF HKCU\...\Firefox\Extensions: [{d49d2752-93ae-4630-b849-87ab7b01b61c}] - C:\Program Files\LyricsContainer\157.xpi
FF StartMenuInternet: FIREFOX.EXE - firefox.exe
========================== Services (Whitelisted) =================
R2 BackupStack; C:\Program Files\MyPC Backup\BackupStack.exe [38440 2013-09-20] (Just Develop It)
R2 ca82e1a5; C:\Program Files\Optimizer Pro\OptProCrashSvc.dll [191128 2013-12-21] ()
R2 GREGService; C:\Program Files\Packard Bell\Registration\GREGsvc.exe [28264 2012-02-29] (Acer Incorporated)
R2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1755136 2011-03-07] (Realsil Microelectronics Inc.)
R2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [255376 2012-02-07] (Acer Incorporated)
R2 NIS; C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
R2 NOBU; C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe [3236224 2013-04-29] (Symantec Corporation)
==================== Drivers (Whitelisted) ====================
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2007-01-26] (AVM Berlin)
S1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20121106.001\BHDrvx86.sys [995488 2012-10-24] (Symantec Corporation)
S1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1309000.009\ccSetx86.sys [132768 2012-06-07] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376480 2012-11-13] (Symantec Corporation)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [265088 2007-01-26] (AVM GmbH)
R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20121129.001\IDSvix86.sys [386720 2012-11-10] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20121129.023\NAVENG.SYS [92704 2012-11-13] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20121129.023\NAVEX15.SYS [1601184 2012-11-13] (Symantec Corporation)
R3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [254056 2011-05-30] (Realtek Semiconductor Corp.)
S3 SRTSP; C:\Windows\System32\Drivers\NIS\1309000.009\SRTSP.SYS [574112 2012-07-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1309000.009\SRTSPX.SYS [32928 2012-07-06] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NIS\1309000.009\SYMDS.SYS [340088 2011-08-16] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1309000.009\SYMEFA.SYS [924320 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [141944 2012-03-20] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NIS\1309000.009\Ironx86.SYS [149624 2012-04-18] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NIS\1309000.009\SYMNETS.SYS [318584 2012-04-18] (Symantec Corporation)
R1 {fe0d951b-f1e9-4cbc-8054-78c95ed14cc5}w; C:\Windows\System32\drivers\{fe0d951b-f1e9-4cbc-8054-78c95ed14cc5}w.sys [52920 2014-04-24] (StdLib)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-27 12:21 - 2014-05-27 12:24 - 00014945 _____ () C:\Users\Jutta\Downloads\FRST.txt
2014-05-27 12:21 - 2014-05-27 12:21 - 00000000 ____D () C:\FRST
2014-05-27 12:14 - 2014-05-27 12:15 - 01056256 _____ (Farbar) C:\Users\Jutta\Downloads\FRST.exe
2014-05-24 19:44 - 2014-05-24 20:10 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-24 19:41 - 2014-05-24 19:41 - 00001068 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-24 19:41 - 2014-05-24 19:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-05-24 19:40 - 2014-05-24 19:41 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-05-24 19:40 - 2014-05-24 19:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-24 19:40 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-24 19:40 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-24 19:40 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-24 19:28 - 2014-05-24 19:34 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Jutta\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-18 19:40 - 2014-05-09 09:06 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-18 19:40 - 2014-05-09 09:04 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-18 19:40 - 2014-04-12 04:11 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-18 19:40 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-05-18 19:40 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-18 19:40 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-18 19:40 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-18 19:40 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-18 19:40 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-18 19:39 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-18 19:39 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-18 19:39 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-18 19:39 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-18 19:39 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-18 19:39 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-18 19:39 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-18 19:39 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-18 19:39 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-18 19:39 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-18 19:39 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-18 19:39 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-18 19:39 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-18 19:39 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-18 19:39 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-18 19:39 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-18 19:39 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-18 19:25 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-18 19:22 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-18 19:22 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-18 19:22 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-07 09:17 - 2014-05-24 20:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 21:49 - 2014-04-24 12:21 - 00052920 _____ (StdLib) C:\Windows\system32\Drivers\{fe0d951b-f1e9-4cbc-8054-78c95ed14cc5}w.sys
2014-05-06 21:28 - 2014-05-06 21:28 - 00000000 __SHD () C:\Users\Jutta\AppData\Local\EmieUserList
2014-05-06 21:28 - 2014-05-06 21:28 - 00000000 __SHD () C:\Users\Jutta\AppData\Local\EmieSiteList
2014-04-30 19:08 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-30 19:08 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-30 19:07 - 2014-03-06 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-30 19:07 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-30 19:07 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-30 19:07 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-30 19:07 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-30 19:07 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-30 19:07 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-30 19:07 - 2014-03-06 09:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-30 19:07 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-30 19:07 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-30 19:07 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-30 19:07 - 2014-03-06 09:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-30 19:07 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-30 19:07 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-30 19:07 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-30 19:07 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-30 19:07 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-30 19:06 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-30 19:06 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-30 19:06 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-30 19:06 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-30 19:06 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
==================== One Month Modified Files and Folders =======
2014-05-27 12:24 - 2014-05-27 12:21 - 00014945 _____ () C:\Users\Jutta\Downloads\FRST.txt
2014-05-27 12:21 - 2014-05-27 12:21 - 00000000 ____D () C:\FRST
2014-05-27 12:16 - 2009-07-14 06:34 - 00016480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-27 12:16 - 2009-07-14 06:34 - 00016480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-27 12:15 - 2014-05-27 12:14 - 01056256 _____ (Farbar) C:\Users\Jutta\Downloads\FRST.exe
2014-05-27 12:14 - 2012-04-18 09:53 - 01762624 _____ () C:\Windows\WindowsUpdate.log
2014-05-27 12:08 - 2012-12-18 06:31 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-05-27 12:06 - 2014-03-05 00:08 - 00000374 _____ () C:\Windows\Tasks\LookForWord_wd.job
2014-05-27 12:06 - 2014-03-05 00:08 - 00000372 _____ () C:\Windows\Tasks\LookForWord Update.job
2014-05-27 12:06 - 2013-06-10 20:00 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-05-27 12:05 - 2010-11-20 23:48 - 00416970 _____ () C:\Windows\PFRO.log
2014-05-27 12:05 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-27 12:05 - 2009-07-14 06:39 - 00059169 _____ () C:\Windows\setupact.log
2014-05-25 13:53 - 2014-04-03 14:31 - 00000000 ____D () C:\ProgramData\Systweak
2014-05-25 13:53 - 2013-07-10 19:49 - 00000000 ____D () C:\Users\Jutta\AppData\Roaming\Systweak
2014-05-25 13:52 - 2013-12-21 21:50 - 00000000 ____D () C:\ProgramData\WPM
2014-05-25 13:52 - 2013-12-21 21:50 - 00000000 ____D () C:\Program Files\Optimizer Pro
2014-05-25 13:52 - 2013-07-28 22:22 - 00000000 ____D () C:\Users\Jutta\AppData\Roaming\Iminent
2014-05-25 13:52 - 2013-07-28 22:21 - 00000000 ____D () C:\Program Files\Common Files\Umbrella
2014-05-25 13:52 - 2012-03-20 10:57 - 00000000 ____D () C:\Windows\fi
2014-05-25 00:08 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-05-24 23:51 - 2012-03-20 11:09 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-24 23:33 - 2012-10-28 16:37 - 00000000 ____D () C:\Users\Jutta\AppData\Local\CrashDumps
2014-05-24 20:41 - 2009-07-14 04:04 - 00000505 _____ () C:\Windows\win.ini
2014-05-24 20:40 - 2014-03-25 17:34 - 00000000 ____D () C:\Users\Jutta\AppData\Roaming\SupTab
2014-05-24 20:40 - 2014-02-22 14:06 - 00000000 ____D () C:\ProgramData\PPPT2PNGG
2014-05-24 20:40 - 2014-02-22 14:06 - 00000000 ____D () C:\ProgramData\downloaddiitkeep
2014-05-24 20:40 - 2014-01-27 22:00 - 00000000 ____D () C:\ProgramData\suurfkeepIt
2014-05-24 20:40 - 2014-01-27 22:00 - 00000000 ____D () C:\ProgramData\APPPtoU
2014-05-24 20:40 - 2013-11-15 18:08 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Systweak
2014-05-24 20:40 - 2013-11-15 18:08 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Systweak
2014-05-24 20:40 - 2013-07-28 22:22 - 00000000 ____D () C:\ProgramData\Iminent
2014-05-24 20:10 - 2014-05-24 19:44 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-24 20:02 - 2014-05-07 09:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-24 20:02 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-05-24 19:53 - 2012-03-20 11:09 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-24 19:53 - 2012-03-20 11:09 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-24 19:41 - 2014-05-24 19:41 - 00001068 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-24 19:41 - 2014-05-24 19:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-05-24 19:41 - 2014-05-24 19:40 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-05-24 19:40 - 2014-05-24 19:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-24 19:34 - 2014-05-24 19:28 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Jutta\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-24 19:21 - 2013-12-13 10:42 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-24 19:06 - 2009-07-14 06:53 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-18 19:29 - 2013-08-15 23:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-18 19:29 - 2012-11-04 16:08 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-18 19:28 - 2012-10-02 20:38 - 00000000 ____D () C:\Users\Jutta\AppData\Roaming\Skype
2014-05-18 19:19 - 2013-07-20 10:13 - 00001414 _____ () C:\Users\Jutta\Desktop\Registry kostenlos entrümpeln!.lnk
2014-05-18 19:19 - 2010-11-20 23:01 - 01620776 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-12 07:26 - 2014-05-24 19:40 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-24 19:40 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:25 - 2014-05-24 19:40 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-09 09:06 - 2014-05-18 19:40 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 09:04 - 2014-05-18 19:40 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-06 21:28 - 2014-05-06 21:28 - 00000000 __SHD () C:\Users\Jutta\AppData\Local\EmieUserList
2014-05-06 21:28 - 2014-05-06 21:28 - 00000000 __SHD () C:\Users\Jutta\AppData\Local\EmieSiteList
2014-05-06 05:25 - 2014-05-18 19:22 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 05:07 - 2014-05-18 19:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 04:10 - 2014-05-18 19:22 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
Some content of TEMP:
====================
C:\Users\Jutta\AppData\Local\Temp\BackupSetup.exe
C:\Users\Jutta\AppData\Local\Temp\FreemakeVideoDownloader_3.2.0.1.exe
C:\Users\Jutta\AppData\Local\Temp\oi_{611CB83B-F70D-4893-A1EB-ED600A2792D7}.exe
C:\Users\Jutta\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jutta\AppData\Local\Temp\tbedrs.dll
C:\Users\Jutta\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Jutta\AppData\Local\Temp\_LrcsCtrUpdr.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe
[2014-05-18 19:40] - [2014-03-04 11:17] - 0304128 ____A (Microsoft Corporation) 998507B046BA314CE8245364C686FA67
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-01 13:39
==================== End Of Log ============================
und addition.txt. Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version:25-05-2014 02
Ran by Jutta at 2014-05-27 12:25:15
Running from C:\Users\Jutta\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
337 GAMES (HKCU\...\337Games) (Version: 1.1.1.0 - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe AIR (Version: 2.6.0.19120 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
Advanced Driver Updater (HKLM\...\Advanced Driver Updater_is1) (Version: 2.1.1086.14630 - Systweak Inc)
Advanced File Optimizer (HKLM\...\Advanced File Optimizer_is1) (Version: 2.1.1000.10518 - Systweak Software)
Advanced System Protector (HKLM\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1) (Version: 2.1.1000.10905 - Systweak Software) <==== ATTENTION
Akhra: The Treasures (Version: 2.2.0.98 - WildTangent) Hidden
Alice's Magical Mahjong (Version: 2.2.0.98 - WildTangent) Hidden
Bejeweled 3 (Version: 2.2.0.98 - WildTangent) Hidden
Bing Bar (HKLM\...\{C28D96C0-6A90-459E-A077-A6706F4EC0FC}) (Version: 7.0.765.0 - Microsoft Corporation)
CasinoClub (HKLM\...\CasinoClub ) (Version: - Boss Media AB)
Chuzzle Deluxe (Version: 2.2.0.95 - WildTangent) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Delta Chrome Toolbar (HKLM\...\Delta Chrome Toolbar) (Version: - Visual Tools) <==== ATTENTION
Diego's Ultimate Rescue (Version: 2.2.0.95 - WildTangent) Hidden
eBay Worldwide (HKLM\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM)
Evernote v. 4.5.2 (HKLM\...\{F77EF646-19EB-11E1-9A9E-984BE15F174E}) (Version: 4.5.2.5866 - Evernote Corp.)
FileConverter 1.3 Toolbar (HKLM\...\FileConverter_1.3 Toolbar) (Version: 6.9.0.16 - FileConverter 1.3)
Final Drive: Nitro (Version: 2.2.0.95 - WildTangent) Hidden
Fooz Kids (HKLM\...\FoozKids) (Version: 3.1.2 - FUHU, Inc.)
Fooz Kids (Version: 3.1.2 - FUHU, Inc.) Hidden
Fooz Kids Platform (HKLM\...\{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}) (Version: 2.1 - FUHU, Inc.)
Fotogalerija Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Freemake Video Downloader (HKLM\...\Freemake Video Downloader_is1) (Version: 3.2.0 - Ellora Assets Corporation)
Galeria de Fotografias do Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Identity Card (HKLM\...\Identity Card) (Version: 1.00.3501 - Packard Bell)
Iminent (Version: 6.27.21.0 - Iminent) Hidden <==== ATTENTION
Insaniquarium Deluxe (Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.14.8.1075 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM\...\LManager) (Version: 5.1.7 - Packard Bell)
LibreOffice 3.6 (HKLM\...\{1E85458A-9B00-443F-A187-2E06DBB15E43}) (Version: 3.6.2.2 - The Document Foundation)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Mozilla Firefox 25.0 (x86 de) (HKLM\...\Mozilla Firefox 25.0 (x86 de)) (Version: 25.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 25.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
My Farm Life (Version: 2.2.0.97 - WildTangent) Hidden
My Kingdom for the Princess 3 (Version: 2.2.0.98 - WildTangent) Hidden
MyPC Backup (HKLM\...\MyPC Backup) (Version: - MyPC Backup) <==== ATTENTION
Norton Internet Security (HKLM\...\NIS) (Version: 19.9.0.9 - Symantec Corporation)
Norton Online Backup (HKLM\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.7.2.25 - Symantec Corporation)
Optimizer Pro v3.2 (HKLM\...\Optimizer Pro_is1) (Version: - PC Utilities Software Limited) <==== ATTENTION
Packard Bell Games (HKLM\...\WildTangent packardbell Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Packard Bell Power Management (HKLM\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3010 - Packard Bell)
Packard Bell Recovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3507 - Packard Bell)
Packard Bell Registration (HKLM\...\Packard Bell Registration) (Version: 1.04.3506 - Packard Bell)
Packard Bell ScreenSaver (HKLM\...\Packard Bell Screensaver) (Version: 1.1.0124.2011 - Packard Bell )
Packard Bell Social Networks (HKLM\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.)
Packard Bell Social Networks (Version: 3.0.3106 - CyberLink Corp.) Hidden
Packard Bell Updater (HKLM\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3501 - Packard Bell)
PhotoScape (HKLM\...\PhotoScape) (Version: - )
Poczta usługi Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6549 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.83 - Realtek Semiconductor Corp.)
Running Sheep (Version: 2.2.0.98 - WildTangent) Hidden
Skip-Bo - Castaway Caper (Version: 2.2.0.95 - WildTangent) Hidden
Skype™ 5.5 (HKLM\...\{AA59DDE4-B672-4621-A016-4C248204957A}) (Version: 5.5.117 - Skype Technologies S.A.)
Slingo Deluxe (Version: 2.2.0.95 - WildTangent) Hidden
Super Granny 6 (Version: 2.2.0.97 - WildTangent) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.18.0 - Synaptics Incorporated)
Update Installer for WildTangent Games App (Version: - WildTangent) Hidden
Video Web Camera (HKLM\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2624.00 - CyberLink Corp.)
Video Web Camera (Version: 1.5.2624.00 - CyberLink Corp.) Hidden
Wedding Dash (Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM\...\Packard Bell Welcome Center) (Version: 1.02.3507 - Packard Bell)
WildTangent Games App (Version: 4.0.10.2 - WildTangent) Hidden
Windows Live Argazki Galeria (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Συλλογή φωτογραφιών του Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Restore Points =========================
27-01-2014 19:50:24 Windows Update
08-02-2014 20:41:01 Geplanter Prüfpunkt
12-02-2014 15:39:43 Windows Update
01-03-2014 09:55:10 Windows Update
04-03-2014 22:13:41 Windows Update
25-03-2014 15:42:44 Windows Update
11-04-2014 12:03:35 Windows Update
17-04-2014 19:40:48 Windows Update
18-04-2014 10:22:28 Windows Update
23-04-2014 19:48:32 Windows Update
25-04-2014 10:42:25 Windows Update
25-04-2014 10:55:28 Windows Update
30-04-2014 17:03:06 Windows Update
07-05-2014 07:12:37 Windows Update
18-05-2014 17:21:06 Windows Update
24-05-2014 17:11:25 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0ADFB07D-E6B0-46A8-AC43-3CBAE1A22050} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files\Norton Internet Security\Engine\19.9.0.9\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {0B56A14E-7EC4-4029-9827-1EF5F328BF0E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-24] (Adobe Systems Incorporated)
Task: {1518AE10-721D-4721-B402-2918CB329826} - System32\Tasks\{24B7CD0E-B186-48B8-A9C8-4D7CA800FB66} => C:\Program Files\Microsoft Office\Options14\MSOO.EXE [2010-02-28] (Microsoft Corporation)
Task: {2E17B5C3-CD99-4571-8240-44CD40E26547} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files\Norton Internet Security\Engine\19.9.0.9\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {31EC83C5-B494-4A9F-904B-9266D5141236} - System32\Tasks\LookForWord_wd => C:\Program Files\LyricsContainer\LookForWord_wd.exe <==== ATTENTION
Task: {3636B378-C0D4-4DB3-AC53-34C9FEE9F635} - System32\Tasks\LookForWord Update => C:\Program Files\LyricsContainer\LookF.exe <==== ATTENTION
Task: {6B77E85A-458D-45D2-B24D-3986EBA39893} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\19.9.0.9\WSCStub.exe [2012-09-26] (Symantec Corporation)
Task: {72353609-3155-44E9-9983-76C8A294CD76} - System32\Tasks\{39E03F6F-1894-426C-ACD1-ED2C1F4F0BCF} => C:\Program Files\Microsoft Office\Options14\MSOO.EXE [2010-02-28] (Microsoft Corporation)
Task: {93095034-9A0F-4DF8-9FDE-EFB5C8B58E25} - System32\Tasks\AdvancedDriverUpdaterRunAtStartup => C:\Program Files\Advanced Driver Updater\adu.exe [2012-11-22] (Systweak Inc)
Task: {9EF58C15-1204-43B3-AFB4-F1D46746FFCD} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{4BD8451C-F6FB-4FDD-AB92-94020634B34F}.exe
Task: {D56D5587-0F25-497D-9581-103850B21A60} - System32\Tasks\AdvancedDriverUpdater_UPDATES => C:\Program Files\Advanced Driver Updater\adu.exe [2012-11-22] (Systweak Inc)
Task: {D9F53AC2-E77E-4464-9403-5B11871FC54D} - System32\Tasks\EPUpdater => C:\Users\Jutta\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-06-06] () <==== ATTENTION
Task: {DF33D065-D85E-4412-897C-232EC9050EEF} - System32\Tasks\RegClean Pro => C:\Program Files\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: {F7FD7C8A-12FD-4807-A5FD-5243ACB59BF5} - System32\Tasks\UALU notificatin => C:\Program Files\Packard Bell\Packard Bell Updater\UALU.exe [2012-02-07] (Acer Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AdvancedDriverUpdater_UPDATES.job => C:\Program Files\Advanced Driver Updater\adu.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{4BD8451C-F6FB-4FDD-AB92-94020634B34F}.exe
Task: C:\Windows\Tasks\LookForWord Update.job => C:\Program Files\LyricsContainer\LookF.exe <==== ATTENTION
Task: C:\Windows\Tasks\LookForWord_wd.job => C:\Program Files\LyricsContainer\LookForWord_wd.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2013-09-20 00:32 - 2013-09-20 00:32 - 00904704 _____ () C:\Program Files\MyPC Backup\x86\System.Data.SQLite.dll
2013-12-21 21:51 - 2013-10-29 15:08 - 04145992 _____ () C:\Program Files\Optimizer Pro\OptProCrash.dll
2013-12-21 21:51 - 2013-12-21 21:51 - 00191128 _____ () C:\Program Files\Optimizer Pro\OptProCrashSvc.dll
2013-09-20 00:37 - 2013-09-20 00:37 - 00012288 _____ () C:\Program Files\MyPC Backup\GetText.dll
2013-12-13 10:42 - 2013-12-13 10:42 - 03368048 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-04-03 14:49 - 2014-04-03 14:49 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\0a0467413a424068d1471448ff6ca6cc\IsdiInterop.ni.dll
2012-03-20 10:32 - 2010-11-06 09:50 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Symantec Iron Driver
Description: Symantec Iron Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SymIRON
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: BHDrvx86
Description: BHDrvx86
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BHDrvx86
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Norton Internet Security Settings Manager
Description: Norton Internet Security Settings Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ccSet_NIS
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (05/27/2014 00:06:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/25/2014 01:53:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/25/2014 00:10:09 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm firefox.exe, Version 25.0.0.5046 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 141c
Startzeit: 01cf7780081c290c
Endzeit: 374
Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe
Berichts-ID: f9f5631a-e38f-11e3-97fd-047d7b83bbaa
Error: (05/24/2014 11:32:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea91c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0002a202
ID des fehlerhaften Prozesses: 0xee4
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3
Error: (05/24/2014 08:06:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/24/2014 07:07:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/24/2014 07:06:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: svchost.exe_LanmanServer, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc100
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0xc000000d
ID des fehlerhaften Prozesses: 0x3d4
Startzeit der fehlerhaften Anwendung: 0xsvchost.exe_LanmanServer0
Pfad der fehlerhaften Anwendung: svchost.exe_LanmanServer1
Pfad des fehlerhaften Moduls: svchost.exe_LanmanServer2
Berichtskennung: svchost.exe_LanmanServer3
Error: (05/24/2014 07:06:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/18/2014 07:45:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LookForWord157.exe, Version: 1.157.0.0, Zeitstempel: 0x531592c5
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb10c6
Ausnahmecode: 0xe06d7363
Fehleroffset: 0x0000812f
ID des fehlerhaften Prozesses: 0x4d8
Startzeit der fehlerhaften Anwendung: 0xLookForWord157.exe0
Pfad der fehlerhaften Anwendung: LookForWord157.exe1
Pfad des fehlerhaften Moduls: LookForWord157.exe2
Berichtskennung: LookForWord157.exe3
Error: (05/18/2014 07:16:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (05/27/2014 00:06:00 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
BHDrvx86
ccSet_NIS
cdrom
SymIRON
Error: (05/25/2014 01:52:56 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
BHDrvx86
ccSet_NIS
cdrom
SymIRON
Error: (05/24/2014 08:55:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update Storimbo" wurde aufgrund folgenden Fehlers nicht gestartet:
%%3
Error: (05/24/2014 08:06:44 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
BHDrvx86
ccSet_NIS
cdrom
SymIRON
Error: (05/24/2014 08:06:32 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (05/24/2014 08:06:32 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.
Error: (05/24/2014 08:00:56 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (05/24/2014 07:08:48 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows-Verwaltungsinstrumentation" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (05/24/2014 07:06:48 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
BHDrvx86
ccSet_NIS
cdrom
SymIRON
Error: (05/24/2014 07:06:48 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows-Verwaltungsinstrumentation" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Microsoft Office Sessions:
=========================
Error: (05/27/2014 00:06:11 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/25/2014 01:53:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/25/2014 00:10:09 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: firefox.exe25.0.0.5046141c01cf7780081c290c374C:\Program Files\Mozilla Firefox\firefox.exef9f5631a-e38f-11e3-97fd-047d7b83bbaa
Error: (05/24/2014 11:32:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Explorer.EXE6.1.7601.175674d6727a7ntdll.dll6.1.7601.18247521ea91cc00000050002a202ee401cf777afad3345fC:\Windows\Explorer.EXEC:\Windows\SYSTEM32\ntdll.dllf9cf118e-e38a-11e3-97fd-047d7b83bbaa
Error: (05/24/2014 08:06:37 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/24/2014 07:07:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/24/2014 07:06:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe_LanmanServer6.1.7600.163854a5bc100unknown0.0.0.000000000c0000005c000000d3d401cf777272fecf29C:\Windows\system32\svchost.exeunknownc37b7614-e365-11e3-b5ad-047d7b83bbaa
Error: (05/24/2014 07:06:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (05/18/2014 07:45:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: LookForWord157.exe1.157.0.0531592c5KERNELBASE.dll6.1.7601.1822951fb10c6e06d73630000812f4d801cf72bce54ab219C:\Program Files\LyricsContainer\LookForWord157.exeC:\Windows\system32\KERNELBASE.dll2821af47-deb4-11e3-bf0a-047d7b83bbaa
Error: (05/18/2014 07:16:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Percentage of memory in use: 81%
Total physical RAM: 1012.3 MB
Available physical RAM: 187.65 MB
Total Pagefile: 2036.3 MB
Available Pagefile: 702.29 MB
Total Virtual: 2047.88 MB
Available Virtual: 1917.04 MB
==================== Drives ================================
Drive c: (Packard Bell) (Fixed) (Total:284.99 GB) (Free:246.25 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 43338D6D)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
27.05.2014, 11:42
| #6 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | über 1000 Funde mit Malewarebytes Adware/Junkware/Toolbars entfernen 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ --> über 1000 Funde mit Malewarebytes |
|
30.05.2014, 18:51
| #7 |
| | über 1000 Funde mit Malewarebytes so, endlich hab es gechafft. hier kommen jetzt die logs: Code:
ATTFilter # AdwCleaner v3.211 - Bericht erstellt am 30/05/2014 um 18:59:12
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 7 Starter Service Pack 1 (32 bits)
# Benutzername : Jutta - 1SCHNUCKELCHEN
# Gestartet von : C:\Users\Jutta\Downloads\adwcleaner_3.211.exe
# Option : Löschen
***** [ Dienste ] *****
Dienst Gelöscht : BackupStack
Dienst Gelöscht : ca82e1a5
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\Iminent
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\Iminent
Ordner Gelöscht : C:\ProgramData\Systweak
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\ProgramData\suurfkeepIt
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\optimizer pro v3.2
Ordner Gelöscht : C:\Program Files\Advanced System Protector
Ordner Gelöscht : C:\Program Files\Ask.com
Ordner Gelöscht : C:\Program Files\Conduit
Ordner Gelöscht : C:\Program Files\Delta
Ordner Gelöscht : C:\Program Files\Inbox Toolbar
Ordner Gelöscht : C:\Program Files\MyPC Backup
Ordner Gelöscht : C:\Program Files\Optimizer Pro
Ordner Gelöscht : C:\Program Files\SiteRanker
Ordner Gelöscht : C:\Program Files\Uninstaller
Ordner Gelöscht : C:\Program Files\FileConverter_1.3
Ordner Gelöscht : C:\Program Files\Common Files\Umbrella
Ordner Gelöscht : C:\Windows\Installer\{5CDCDBCD-119A-4AE1-9C55-B816DBBE4245}
Ordner Gelöscht : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Ordner Gelöscht : C:\Windows\system32\BrowserDefender
Ordner Gelöscht : C:\Users\Jutta\AppData\Local\AskToolbar
Ordner Gelöscht : C:\Users\Jutta\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Jutta\AppData\Local\Systweak
Ordner Gelöscht : C:\Users\Jutta\AppData\LocalLow\Allin1Convert_8h
Ordner Gelöscht : C:\Users\Jutta\AppData\LocalLow\AskToolbar
Ordner Gelöscht : C:\Users\Jutta\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Jutta\AppData\LocalLow\Inbox Toolbar
Ordner Gelöscht : C:\Users\Jutta\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Jutta\AppData\LocalLow\SiteRanker
Ordner Gelöscht : C:\Users\Jutta\AppData\LocalLow\FileConverter_1.3
Ordner Gelöscht : C:\Users\Jutta\AppData\Roaming\337Games
Ordner Gelöscht : C:\Users\Jutta\AppData\Roaming\BabSolution
Ordner Gelöscht : C:\Users\Jutta\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Jutta\AppData\Roaming\Iminent
Ordner Gelöscht : C:\Users\Jutta\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\Jutta\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Jutta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\337Games
Ordner Gelöscht : C:\Users\Jutta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Ordner Gelöscht : C:\Users\Jutta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Ordner Gelöscht : C:\Users\Jutta\Documents\Optimizer Pro
Ordner Gelöscht : C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\Extensions\130
Ordner Gelöscht : C:\Program Files\Mozilla Firefox\Extensions\ffxtlbr@babylon.com
Ordner Gelöscht : C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\Extensions\ai4cch@laqbjq.com
Datei Gelöscht : C:\Users\Public\Desktop\Advanced System Protector.lnk
Datei Gelöscht : C:\Users\Public\Desktop\eBay.lnk
Datei Gelöscht : C:\Users\Public\Desktop\RegClean Pro.lnk
Datei Gelöscht : C:\Users\Jutta\AppData\Local\Temp\Uninstall.exe
Datei Gelöscht : C:\Users\Jutta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
Datei Gelöscht : C:\Users\Jutta\Desktop\MyPC Backup.lnk
Datei Gelöscht : C:\Users\Jutta\Desktop\Optimizer Pro.lnk
Datei Gelöscht : C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\searchplugins\BrowserDefender.xml
Datei Gelöscht : C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\myfacjqi.default\user.js
Datei Gelöscht : C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\user.js
Datei Gelöscht : C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\toolbar@ask.com\user.js
Datei Gelöscht : C:\Windows\System32\Tasks\EPUpdater
Datei Gelöscht : C:\Windows\System32\Tasks\RegClean Pro
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support\Contact.lnk
Verknüpfung Desinfiziert : C:\Users\Jutta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Jutta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Jutta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Jutta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Jutta\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
***** [ Registrierungsdatenbank ] *****
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D9F53AC2-E77E-4464-9403-5B11871FC54D}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D9F53AC2-E77E-4464-9403-5B11871FC54D}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{DF33D065-D85E-4412-897C-232EC9050EEF}
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DF33D065-D85E-4412-897C-232EC9050EEF}
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [Optimizer Pro]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Schlüssel Gelöscht : HKCU\Software\5b4dddce135e512
Schlüssel Gelöscht : HKLM\SOFTWARE\5b4dddce135e512
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT3241949
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02C9C7B0-C7C8-4AAC-A9E4-55295BF60F8F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0398B101-6DA7-473F-A290-17D2FBC88CC0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0CC36196-8589-4B80-A771-D659411D7F90}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{143D96F9-EB64-48B3-B192-91C2C41A1F43}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{14F7D91F-F669-45C9-9F42-BACBFDB86EAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{187A6488-6E71-4A2A-B118-7BEFBFE58257}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2D065204-A024-4C39-8A38-EE7078EC7ACF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{30F5476C-677B-4DB0-B397-51F5BFD86840}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{351798B1-C1D2-45AB-92B4-4D6C2D6AB5AF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3AEA1BEF-6195-46F4-ACA2-0ED14F7EFA1B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3D7F9AC3-BAC3-4E51-81D7-D121D79E550A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4498C5E9-93C6-4142-B6BE-F0C6DC48B77A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{479BF2D6-E362-4A99-B1AB-BC764D7B97AE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{492A108F-51D0-4BD8-899D-AD4AB2893064}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4B6D6E60-FBD2-4E79-BF4B-886BC98F1797}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{60893E02-2E5B-43F9-A93A-BAD60C2DF6EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6D39931F-451E-4BDD-BAF4-37FB96DBBA5D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{76C684D2-C35D-4284-976A-D862F53ADB81}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{796D822A-C3F9-4A97-BAAB-42FE7628EA63}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{79EF3691-EC1A-4705-A01A-D2E36EC11758}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82F41418-8E64-47EB-A7F1-4702A974D289}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{85D920CE-63A7-46DC-8992-41D1D2E07FAD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{895ED5E8-ABB4-40C3-A0CA-2571964268E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8AAC123A-1959-4A45-BFC5-E2D50783098A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A07956CD-81F8-4A03-B524-5D87E690DC83}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B5E3B26B-6E5C-4865-A63D-58D04B10E245}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B84D2DC5-42B2-4E5E-BF61-7B48152FF8EF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B89D5309-0367-4494-A92F-3D4C94F88307}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C014EBF8-8854-448B-B5A4-557C4090EDCE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C31191DB-2F64-464C-B97C-6AC81ACB7AAC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C342C7A7-F622-4EF3-8B7F-ABB9FBE73F14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C4765B07-BC2F-477B-925C-B2BF24887823}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C875C0A1-09E3-48D5-9F8E-BD337796FD14}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CD126DA6-FF5B-4181-AC13-54A62240D2FA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DD438708-AAB4-422D-A322-B619589F5680}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E812AE43-7799-4E67-8CF8-4104297A2D16}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F0BAAEC7-9AE0-49FF-9C4B-86E774FF397F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F92193FD-2243-4401-9ACC-49FF30885898}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD21B8A2-910B-45AC-9C10-45E6A8B84984}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{78E516EF-11DE-47A1-8364-A99B917EC5EE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{153D7D79-706C-443D-BA98-41CA86982C9D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{76FC1003-0825-48BD-B59B-3B7A5754972C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{78E516EF-11DE-47A1-8364-A99B917EC5EE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{78E516EF-11DE-47A1-8364-A99B917EC5EE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{153D7D79-706C-443D-BA98-41CA86982C9D}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{78E516EF-11DE-47A1-8364-A99B917EC5EE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{153D7D79-706C-443D-BA98-41CA86982C9D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{53F6A516-3DCC-48F4-835C-6C670CB39CEA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B8500604-755D-40CE-9FD4-5C750248924E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E706AFEE-1AD4-4285-B3D9-AB5B11247909}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{78E516EF-11DE-47A1-8364-A99B917EC5EE}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{78E516EF-11DE-47A1-8364-A99B917EC5EE}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{78E516EF-11DE-47A1-8364-A99B917EC5EE}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{78E516EF-11DE-47A1-8364-A99B917EC5EE}]
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\Software\IePlugin
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\Wpm
Schlüssel Gelöscht : HKLM\Software\FileConverter_1.3
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5CDCDBCD-119A-4AE1-9C55-B816DBBE4245}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\FileConverter_1.3 Toolbar
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~1\optimi~1\optpro~1.dll
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0702826FCAC36EE52AC0441EEEEE2170
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1198E28F40C3E185E9958608554D4253
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14C66209FCA938858B9729645C666684
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15A073601B9AEC3549BE4A9314794615
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F7C80F9CE5CDF44E9AADDC99402534C
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\206AF45B775E3A445B3B2273827DA85F
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\225C3CBCEB850204D860A6C7CC7724AF
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2310FC151CD4F185798FA0996B3524D7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\28572D2E2DE533256AC6B560EA573C22
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29C79786B109AC443B0DC7BFD61B1896
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2ABB56EABB920EB59B04BDDD26A62083
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2DABA02DFED47E352A2FA2EBDD6F6187
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\311567B4A9A002050BB9423FD73FB880
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\373FCED70D7F84E5FB5F3F7B76BEE024
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3BE992C130B235E53A2937391FDCA35B
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3DA5F64B3483DE549947A9164ACBAD21
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3ED93605BB9B6635E9D0D86615AF31F1
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4759B017032BA185F9BA6F7DBC95A2D4
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4A78ABCBB54E46E5482A3EE0AD66C39E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4F9E947B6B895EB5A86757FC5D3DB862
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4FEEA83BF72B97E43A2DF0EE4BE4F261
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\509EC7EFB89B7D942997574AB14037A4
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50A730A9A3A61BF5BA70CA8A3B7C133B
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\51A95A1D4CDE4F958A9451FBB39BF54A
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\536133807DE80465BA6CD0A9742B7DE5
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5E25036E68895D45B95E72D1C3C58C74
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60ECC80C54085B141A40437A96CA2618
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60FD8CD5BE007315CA3B5C7E41F24017
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\618E7D05458C4F257909ED9C8CDC0D66
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\621C21014D3C152529E2460FA6304EE3
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6241FF6F317CABD4EBBEE0DE9076BD94
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\636B9C23C79154B57AB561F39A139BFD
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\65AAF0F0CB7F0B45F900FDF19CEAAF2B
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6879A5E348601C45986308CA84958E94
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6A6F3B7A9805E1F5492A1020EEDF2341
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B1F5D204E4EEB342A5AD1D7E60D61BF
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7005A2A4DCF9DD7548137AB17E3A3AF3
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\712EAF07EE73CC65C822CC3BAE3B2483
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75FF6D97AF9FC004A9521D4B83FA6321
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7947B301B2446E752A3FE06EAD7D26B5
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7987CE52D13E16258B0E1E3DB1BB0974
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7BEED197C514FDA53901AE8DD8EF0891
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DFDCF03D46C34159BDE29FBDBF1ACF5
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\87EC9ACEAFE8ECD52A529663CD35213F
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\890F436B85B790A55A582B7307DA12CE
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8C13DA6755F685B529615C8E92B3CA39
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D07CD9CB3E6BE652872BF06A1CCA782
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\90841B1FC98200349925C88999866F17
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\94194FDD4DF523E53A888D65722A135D
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\95266D07D008D2E4E9B6F8E0DD15432A
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A4223BBC9438CAD49BBE10B4E344B1DD
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A72F23B1D745C27508518132197BC982
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A89E2B6FB14D8275DA63D075171DA184
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A9C43CD4001E9E4518B274AF9A0EFDA9
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AABA081CF7F19915FBB80B3BAF47CE63
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AC2A0FFD0A1686D53A4E24D6E96949E4
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AE5BDB2750259915D8442D4591A7717B
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B1A79C71D5DC1C150B76B6ED11195DFC
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B6D497DB33974935488761F7C4C3D755
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B752EF3300008394886C402CC27B474F
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B8C8BCC1206978D51A8B9EECBF806C53
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAD3576CEA646895B962F94754612791
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BB4091512C8F4295E99CE2D061ED2020
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEE6BBC9A31531F598794A62120B51C7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C19162788CA4D235E829F88E2F771567
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C71F07DA356B66B5484A8E7F2ADEB7DC
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C96AD15EE8E887B56BAF2136A9088503
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C9E6B66ECC49D155888399C51D05C49E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA360F24F0B214744BE40657FDA0B727
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB13D869D7D092348847B7481BB59E27
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE85F265816AE2D4E9B73C3E207E679C
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5389AEEA4A1E20428D045E86BCF643B
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5B62BB7BC607FB539585E2B7B6AFD16
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB027F01D4D53765C8E4FBE7DB77E07E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DC2EB492393411F5ABE8ED13C59FBF20
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDA2534BD056D1F44B6EC96AAA7F1F6E
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDCA763D4C48A105086B4CCCEE78043F
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DEF7558C7CD27EF46AF802AFBE402675
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E05B987540A9E2849AAF9E5B06C27DA8
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E09F4A6B9D2A08B599AE9E38BFC93CD6
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E27B6535D0D94A24E91047C7D86F27BC
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E45D171E075A5425CBACF6631A45FA39
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E513C2076D90AD04F888BD762143F191
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E8F4C985459564F5B8DCFF2B3C7EBD27
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E96E33222BAC06B57A1FA9D72951C945
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EAA46CE9007F70A5CAFA5F26E5DDEBE5
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EE43FF091A8714A599F33EF2533FB59A
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EE790015CF30DAA569960905FF1651A0
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EEB44C47185BD304D80FDF5A4BBE8F54
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F214EB834D2EC474CA76C1CDE306CF3A
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F25491036D0FA5D5FA6742F5742F151A
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F2E0D3DD9E5E4B74CA43BCE77815E287
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F4D1BA8B482D9734E943EE260A7ADEF2
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F6704141BAAF6884785EC6843143D6A7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7507D4D4C310125E9A22BD909A41FB6
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F79C21D785419125595AC59458A6142D
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA15C90F092A60F53A4E0F88CED02968
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA1CF130B3D58B553833ACB6BE8AFAD4
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB0F1A18E4F0DBD509A42F4D4C05C02A
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FD17ED194F1C2B457B4F6EF4AE8DEAF3
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17041
-\\ Mozilla Firefox v29.0.1 (de)
[ Datei : C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js ]
Zeile gelöscht : user_pref("browser.search.defaultenginename", "nationzoom");
Zeile gelöscht : user_pref("browser.search.order.1", "Delta Search");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "nationzoom");
Zeile gelöscht : user_pref("extensions.7PEpOvNUdm.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.net\")>-1||url.i[...]
Zeile gelöscht : user_pref("extensions.CShDTHk0.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.net\")>-1||url.ind[...]
Zeile gelöscht : user_pref("extensions.QHOkEw5W5.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.net\")>-1||url.in[...]
Zeile gelöscht : user_pref("extensions.crossrider.bic", "14316b70ff047a28a855ee61bab7654b");
Zeile gelöscht : user_pref("extensions.delta.admin", false);
Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst");
Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.bbDpng", "24");
Zeile gelöscht : user_pref("extensions.delta.cntry", "DE");
Zeile gelöscht : user_pref("extensions.delta.dfltLng", "de");
Zeile gelöscht : user_pref("extensions.delta.excTlbr", false);
Zeile gelöscht : user_pref("extensions.delta.ffxUnstlRst", true);
Zeile gelöscht : user_pref("extensions.delta.hdrMd5", "D6C47E282793FAC7FC37B44AAE79504E");
Zeile gelöscht : user_pref("extensions.delta.id", "0235e99c00000000000008edb9350df0");
Zeile gelöscht : user_pref("extensions.delta.instlDay", "15914");
Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst");
Zeile gelöscht : user_pref("extensions.delta.lastVrsnTs", "1.8.22.022:21:39");
Zeile gelöscht : user_pref("extensions.delta.newTab", false);
Zeile gelöscht : user_pref("extensions.delta.prdct", "delta");
Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta");
Zeile gelöscht : user_pref("extensions.delta.rvrt", "false");
Zeile gelöscht : user_pref("extensions.delta.sg", "azb");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", "");
Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.22.0");
Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.22.022:21:39");
Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.22.0");
Zeile gelöscht : user_pref("extensions.delta_i.babExt", "");
Zeile gelöscht : user_pref("extensions.delta_i.babTrack", "affID=119556&tl=gkn724183&tsp=4957");
Zeile gelöscht : user_pref("extensions.delta_i.srcExt", "ss");
Zeile gelöscht : user_pref("extensions.mywebsearch.prevDefaultEngine", "AVG Secure Search");
Zeile gelöscht : user_pref("extensions.mywebsearch.prevKwdEnabled", true);
Zeile gelöscht : user_pref("extensions.mywebsearch.prevSelectedEngine", "Google");
Zeile gelöscht : user_pref("extensions.opm_X.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumorobo.net\")>-1||url.indexO[...]
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.BUTTON_STRUCTURE", "[{\"b\":221360012,\"c\":\"mindspark.magnify\",\"p\":\"L.0\"},{\"b\":221360013,\"c\":\"mindspark.entersearchterms\",\"p\":\"L.0.0[...]
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.startup.homepage.prev", "hxxp://www.nationzoom.com/?type=hp&ts=1387655434&from=tugs&uid=WDCXWD3200BPVT-22JJ5T0_WD-WX81C226516265162");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.startup.homepage.savedPrev", "true");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.startup.homepage.tb", "hxxp://home.tb.ask.com/index.jhtml?ptb=4ABCF663-EFD5-484D-8B4D-0BCEE769D1A3&n=77fd06ab&p2=^AYY^xdm070^YYA^de&si=flvru[...]
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.startup.page.prev", 3);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.startup.page.savedPrev", 1);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.browser.startup.page.tb", 1);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.firstKnownVersion", "5.71.2.60368");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=4ABCF663-EFD5-484D-8B4D-0BCEE769D1A3&n=77fd06ab&p2=^AYY^xdm070^YYA^de&si=flvrunner");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.hp.enabled", true);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.hp.lastGuardTime", 381097342);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.hp.numGuards", 1);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.initialized", true);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.contextKey", "");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.installDate", "2013071019");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.partnerId", "^AYY^xdm070^YYA^de");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.partnerSubId", "flvrunner");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.success", true);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.installation.toolbarId", "4ABCF663-EFD5-484D-8B4D-0BCEE769D1A3");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.isCompliantUninstallImplementation", true);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.lastActivePing", "1400952228208");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.lastKnownVersion", "6.20.3.33717");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.options.defaultSearch", true);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.options.homePageEnabled", true);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.options.keywordEnabled", true);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.options.tabEnabled", true);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.toolbarCollapsed", false);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark._8hMembers_.weather.location", "10001");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark.hp.enabled", true);
Zeile gelöscht : user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "allin1convert@mindspark.com");
Zeile gelöscht : user_pref("extensions.toolbar.mindspark.lastInstalled", "allin1convert@mindspark.com");
Zeile gelöscht : user_pref("iminent.LayoutId", "1");
Zeile gelöscht : user_pref("iminent.ShowThankyouPixel", "0");
Zeile gelöscht : user_pref("iminent._oaZGabJJ8Q_", "{\"cpt\":0,\"cpr\":0.0419264860515614,\"s\":0,\"es\":3}");
Zeile gelöscht : user_pref("iminent.adapters", "{\"ask\":{\"CountryCode\":\"DE\",\"NoAds\":false,\"Status\":1,\"expireTime\":\"1387043228762259200\"},\"amazon\":{\"CountryCode\":\"DE\",\"NoAds\":false,\"Status\":1,\"e[...]
Zeile gelöscht : user_pref("iminent.displayFavLinks", "1");
Zeile gelöscht : user_pref("iminent.externalScripts", "{\"value\":[{\"addonUid\":\"10bb6277-6b2b-413e-8d82-ad9398543254\",\"name\":\"Dealply\",\"addonId\":1,\"url\":\"//i.iminentjs.info/imitin/javascript.js\",\"queryS[...]
Zeile gelöscht : user_pref("iminent.externalScripts.iRobinHood.IROBPKG", "{\"pkgid\":\"wrDCt8KwwrLCt8K2wrXCs8K1\",\"raw_pkgid\":\"161367424\"}");
Zeile gelöscht : user_pref("iminent.externalScripts.iRobinHood.irobsettings", "[{\"TM\":\"57362\",\"IA\":\"1\",\"HU\":\"hxxp://iminent.donation-tools.org/home.aspx\",\"CC\":\"Fight Cancer\",\"CI\":\"5719\",\"AU\":\"ir[...]
Zeile gelöscht : user_pref("iminent.externalScripts.iRobinHood.irobsettings2", "[{\"ID\":80,\"PROGRAM_NAME\":\"Iminent JSinject\",\"Domain\":\"iminent \",\"MERCHANTS_MARKETPLA[...]
Zeile gelöscht : user_pref("iminent.externalScripts.iRobinHood.menuURL", "hxxp://iminent.donation-tools.org/home.aspx?pkgId=wrDCt8KwwrLCt8K2wrXCs8K1");
Zeile gelöscht : user_pref("iminent.registerToolbarEvent101", "1399404692299");
Zeile gelöscht : user_pref("iminent.registerToolbarEvent102", "1400952296931");
Zeile gelöscht : user_pref("iminent.registerToolbarEvent103", "1398783757706");
Zeile gelöscht : user_pref("iminent.trackExternalScripts1", "1397816731134");
Zeile gelöscht : user_pref("iminent.trackExternalScripts2", "1397816731187");
Zeile gelöscht : user_pref("iminent.trackExternalScripts3", "1397816731200");
Zeile gelöscht : user_pref("iminent.trackExternalScripts4", "1399404812624");
Zeile gelöscht : user_pref("iminent.trackingInfo", "{\"state\":0,\"samplingRate\":0}");
Zeile gelöscht : user_pref("iminent.version", "8.14.1.1");
Zeile gelöscht : user_pref("iminent.versioning", "{\"CurrentVersion\":\"8.14.1.1\",\"InstallEventCTime\":1400956901999}");
*************************
AdwCleaner[R0].txt - [47277 octets] - [30/05/2014 18:57:19]
AdwCleaner[S0].txt - [46078 octets] - [30/05/2014 18:59:12]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [46139 octets] ##########
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:30-05-2014
Ran by Jutta (administrator) on 1SCHNUCKELCHEN on 30-05-2014 19:34:06
Running from C:\Users\Jutta\Downloads
Platform: Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Registration\GREGsvc.exe
(Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccsvchst.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(AVM Berlin) C:\Program Files\avmwlanstick\FRITZWLANMini.exe
(Microsoft Corporation) C:\Windows\System32\MRT.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LMworker.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Symantec Corporation) C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Jutta\Downloads\FRST(1).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [GfxServiceInstall] => C:\Windows\system32\GfxCUIServiceInstall.vbs [131 2012-02-26] ()
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1934632 2010-10-08] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10959464 2012-01-10] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [714120 2012-02-07] (Acer Incorporated)
HKLM\...\Run: [AVMWlanClient] => C:\Program Files\avmwlanstick\FRITZWLANMini.exe [283136 2007-02-02] (AVM Berlin)
HKLM\...\Run: [ROC_roc_ssl_v12] => "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
HKLM\...\Run: [MRT] => C:\Windows\system32\MRT.exe [90547776 2014-05-18] (Microsoft Corporation)
HKU\S-1-5-21-3008509189-370871999-48178643-1000\...\MountPoints2: {1999427a-1397-11e2-a141-08edb9350df0} - D:\pushinst.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
URLSearchHook: HKCU - (No Name) - {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} - C:\Program Files\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {FA1DF410-F896-4FFB-A01D-DF87FE75C99E} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3241949
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default
FF NewTab: chrome://quick_start/content/index.html
FF Homepage: hxxp://home.tb.ask.com/index.jhtml?ptb=4ABCF663-EFD5-484D-8B4D-0BCEE769D1A3&n=77fd06ab&p2=^AYY^xdm070^YYA^de&si=flvrunner
FF Keyword.URL: hxxp://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=4ABCF663-EFD5-484D-8B4D-0BCEE769D1A3&n=77fd06ab&ind=2013071019&p2=^AYY^xdm070^YYA^de&si=flvrunner&searchfor=
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: LyricsContainer - C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\Extensions\133 [2013-09-11]
FF Extension: APPPtoU - C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\Extensions\uing-0em@ievqgtchsaoe.com [2014-02-01]
FF Extension: PPPT2PNGG - C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\Extensions\xjulx0_ak@uoeumdrf-rj.edu [2014-03-01]
FF Extension: downloaddiitkeep - C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\Extensions\z.fox0@oaidraaaukqi.co.uk [2014-03-01]
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFFPlgn\
FF Extension: No Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFFPlgn\ []
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\
FF Extension: No Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\ []
FF HKCU\...\Firefox\Extensions: [{d49d2752-93ae-4630-b849-87ab7b01b61c}] - C:\Program Files\LyricsContainer\157.xpi
========================== Services (Whitelisted) =================
R2 GREGService; C:\Program Files\Packard Bell\Registration\GREGsvc.exe [28264 2012-02-29] (Acer Incorporated)
R2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1755136 2011-03-07] (Realsil Microelectronics Inc.)
S2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [255376 2012-02-07] (Acer Incorporated)
R2 NIS; C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
R2 NOBU; C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe [3236224 2013-04-29] (Symantec Corporation)
==================== Drivers (Whitelisted) ====================
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2007-01-26] (AVM Berlin)
S1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20121106.001\BHDrvx86.sys [995488 2012-10-24] (Symantec Corporation)
S1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1309000.009\ccSetx86.sys [132768 2012-06-07] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376480 2012-11-13] (Symantec Corporation)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [265088 2007-01-26] (AVM GmbH)
R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20121129.001\IDSvix86.sys [386720 2012-11-10] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20121129.023\NAVENG.SYS [92704 2012-11-13] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20121129.023\NAVEX15.SYS [1601184 2012-11-13] (Symantec Corporation)
R3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [254056 2011-05-30] (Realtek Semiconductor Corp.)
S3 SRTSP; C:\Windows\System32\Drivers\NIS\1309000.009\SRTSP.SYS [574112 2012-07-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1309000.009\SRTSPX.SYS [32928 2012-07-06] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NIS\1309000.009\SYMDS.SYS [340088 2011-08-16] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1309000.009\SYMEFA.SYS [924320 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [141944 2012-03-20] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NIS\1309000.009\Ironx86.SYS [149624 2012-04-18] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NIS\1309000.009\SYMNETS.SYS [318584 2012-04-18] (Symantec Corporation)
R1 {fe0d951b-f1e9-4cbc-8054-78c95ed14cc5}w; C:\Windows\System32\drivers\{fe0d951b-f1e9-4cbc-8054-78c95ed14cc5}w.sys [52920 2014-04-24] (StdLib)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-30 19:31 - 2014-05-30 19:31 - 01056256 _____ (Farbar) C:\Users\Jutta\Downloads\FRST(1).exe
2014-05-30 19:16 - 2014-05-30 19:16 - 00000000 ____D () C:\Windows\ERUNT
2014-05-30 19:14 - 2014-05-30 19:14 - 01016261 _____ (Thisisu) C:\Users\Jutta\Downloads\JRT(1).exe
2014-05-30 19:13 - 2014-05-30 19:13 - 01016261 _____ (Thisisu) C:\Users\Jutta\Downloads\JRT.exe
2014-05-30 18:56 - 2014-05-30 18:59 - 00000000 ____D () C:\AdwCleaner
2014-05-30 18:55 - 2014-05-30 18:55 - 01327971 _____ () C:\Users\Jutta\Downloads\adwcleaner_3.211.exe
2014-05-27 12:41 - 2014-05-27 12:41 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-27 12:25 - 2014-05-27 12:27 - 00030582 _____ () C:\Users\Jutta\Downloads\Addition.txt
2014-05-27 12:21 - 2014-05-30 19:34 - 00012070 _____ () C:\Users\Jutta\Downloads\FRST.txt
2014-05-27 12:21 - 2014-05-30 19:34 - 00000000 ____D () C:\FRST
2014-05-27 12:14 - 2014-05-27 12:15 - 01056256 _____ (Farbar) C:\Users\Jutta\Downloads\FRST.exe
2014-05-24 19:44 - 2014-05-24 20:10 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-24 19:41 - 2014-05-24 19:41 - 00001068 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-24 19:41 - 2014-05-24 19:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-05-24 19:40 - 2014-05-24 19:41 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-05-24 19:40 - 2014-05-24 19:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-24 19:40 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-24 19:40 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-24 19:40 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-24 19:28 - 2014-05-24 19:34 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Jutta\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-18 19:40 - 2014-05-09 09:06 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-18 19:40 - 2014-05-09 09:04 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-18 19:40 - 2014-04-12 04:11 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-18 19:40 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-05-18 19:40 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-18 19:40 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-18 19:40 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-18 19:40 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-18 19:40 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-18 19:39 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-18 19:39 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-18 19:39 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-18 19:39 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-18 19:39 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-18 19:39 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-18 19:39 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-18 19:39 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-18 19:39 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-18 19:39 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-18 19:39 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-18 19:39 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-18 19:39 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-18 19:39 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-18 19:39 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-18 19:39 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-18 19:39 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-18 19:25 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-18 19:22 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-18 19:22 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-18 19:22 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-07 09:17 - 2014-05-24 20:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 21:49 - 2014-04-24 12:21 - 00052920 _____ (StdLib) C:\Windows\system32\Drivers\{fe0d951b-f1e9-4cbc-8054-78c95ed14cc5}w.sys
2014-05-06 21:28 - 2014-05-06 21:28 - 00000000 __SHD () C:\Users\Jutta\AppData\Local\EmieUserList
2014-05-06 21:28 - 2014-05-06 21:28 - 00000000 __SHD () C:\Users\Jutta\AppData\Local\EmieSiteList
2014-04-30 19:08 - 2014-03-06 10:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-04-30 19:08 - 2014-03-06 09:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-04-30 19:07 - 2014-03-06 10:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-04-30 19:07 - 2014-03-06 10:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-04-30 19:07 - 2014-03-06 10:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-04-30 19:07 - 2014-03-06 09:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-04-30 19:07 - 2014-03-06 09:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-04-30 19:07 - 2014-03-06 09:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-04-30 19:07 - 2014-03-06 09:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-04-30 19:07 - 2014-03-06 09:38 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-04-30 19:07 - 2014-03-06 09:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-04-30 19:07 - 2014-03-06 09:28 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-04-30 19:07 - 2014-03-06 09:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-04-30 19:07 - 2014-03-06 09:18 - 00575488 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-04-30 19:07 - 2014-03-06 09:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-04-30 19:07 - 2014-03-06 09:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-04-30 19:07 - 2014-03-06 09:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-04-30 19:07 - 2014-03-06 08:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-04-30 19:07 - 2014-03-06 07:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-04-30 19:06 - 2014-03-06 09:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-04-30 19:06 - 2014-03-06 08:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-04-30 19:06 - 2014-03-06 08:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-04-30 19:06 - 2014-03-06 07:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-04-30 19:06 - 2014-03-06 07:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
==================== One Month Modified Files and Folders =======
2014-05-30 19:35 - 2014-05-27 12:21 - 00012070 _____ () C:\Users\Jutta\Downloads\FRST.txt
2014-05-30 19:35 - 2012-10-02 20:32 - 00000000 ____D () C:\Users\Jutta\AppData\Local\Temp
2014-05-30 19:34 - 2014-05-27 12:21 - 00000000 ____D () C:\FRST
2014-05-30 19:31 - 2014-05-30 19:31 - 01056256 _____ (Farbar) C:\Users\Jutta\Downloads\FRST(1).exe
2014-05-30 19:16 - 2014-05-30 19:16 - 00000000 ____D () C:\Windows\ERUNT
2014-05-30 19:14 - 2014-05-30 19:14 - 01016261 _____ (Thisisu) C:\Users\Jutta\Downloads\JRT(1).exe
2014-05-30 19:13 - 2014-05-30 19:13 - 01016261 _____ (Thisisu) C:\Users\Jutta\Downloads\JRT.exe
2014-05-30 19:10 - 2009-07-14 06:34 - 00016480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-30 19:10 - 2009-07-14 06:34 - 00016480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-30 19:04 - 2012-12-18 06:31 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-05-30 19:02 - 2014-03-05 00:08 - 00000374 _____ () C:\Windows\Tasks\LookForWord_wd.job
2014-05-30 19:02 - 2014-03-05 00:08 - 00000372 _____ () C:\Windows\Tasks\LookForWord Update.job
2014-05-30 19:02 - 2013-06-10 20:00 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-05-30 19:01 - 2011-04-22 16:12 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-30 19:01 - 2010-11-20 23:48 - 00417280 _____ () C:\Windows\PFRO.log
2014-05-30 19:01 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-30 19:01 - 2009-07-14 06:39 - 00059281 _____ () C:\Windows\setupact.log
2014-05-30 19:00 - 2012-04-18 09:53 - 01785470 _____ () C:\Windows\WindowsUpdate.log
2014-05-30 18:59 - 2014-05-30 18:56 - 00000000 ____D () C:\AdwCleaner
2014-05-30 18:59 - 2012-10-02 20:35 - 00001156 _____ () C:\Users\Jutta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-30 18:59 - 2012-03-20 10:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support
2014-05-30 18:59 - 2011-04-22 16:12 - 00001027 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-30 18:59 - 2011-04-22 16:12 - 00001015 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-30 18:55 - 2014-05-30 18:55 - 01327971 _____ () C:\Users\Jutta\Downloads\adwcleaner_3.211.exe
2014-05-30 18:51 - 2012-03-20 11:09 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-27 12:41 - 2014-05-27 12:41 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-27 12:31 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-05-27 12:27 - 2014-05-27 12:25 - 00030582 _____ () C:\Users\Jutta\Downloads\Addition.txt
2014-05-27 12:15 - 2014-05-27 12:14 - 01056256 _____ (Farbar) C:\Users\Jutta\Downloads\FRST.exe
2014-05-25 13:52 - 2012-03-20 10:57 - 00000000 ____D () C:\Windows\fi
2014-05-24 23:33 - 2012-10-28 16:37 - 00000000 ____D () C:\Users\Jutta\AppData\Local\CrashDumps
2014-05-24 20:41 - 2009-07-14 04:04 - 00000505 _____ () C:\Windows\win.ini
2014-05-24 20:40 - 2014-02-22 14:06 - 00000000 ____D () C:\ProgramData\PPPT2PNGG
2014-05-24 20:40 - 2014-02-22 14:06 - 00000000 ____D () C:\ProgramData\downloaddiitkeep
2014-05-24 20:40 - 2014-01-27 22:00 - 00000000 ____D () C:\ProgramData\APPPtoU
2014-05-24 20:40 - 2013-11-15 18:08 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Systweak
2014-05-24 20:40 - 2013-11-15 18:08 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Systweak
2014-05-24 20:10 - 2014-05-24 19:44 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-24 20:02 - 2014-05-07 09:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-24 20:02 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-05-24 19:53 - 2012-03-20 11:09 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-24 19:53 - 2012-03-20 11:09 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-24 19:41 - 2014-05-24 19:41 - 00001068 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-24 19:41 - 2014-05-24 19:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-05-24 19:41 - 2014-05-24 19:40 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-05-24 19:40 - 2014-05-24 19:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-24 19:34 - 2014-05-24 19:28 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Jutta\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-24 19:06 - 2009-07-14 06:53 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-18 19:29 - 2013-08-15 23:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-18 19:29 - 2012-11-04 16:08 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-18 19:28 - 2012-10-02 20:38 - 00000000 ____D () C:\Users\Jutta\AppData\Roaming\Skype
2014-05-18 19:19 - 2013-07-20 10:13 - 00001414 _____ () C:\Users\Jutta\Desktop\Registry kostenlos entrümpeln!.lnk
2014-05-18 19:19 - 2010-11-20 23:01 - 01620776 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-12 07:26 - 2014-05-24 19:40 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-24 19:40 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:25 - 2014-05-24 19:40 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-09 09:06 - 2014-05-18 19:40 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 09:04 - 2014-05-18 19:40 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-06 21:28 - 2014-05-06 21:28 - 00000000 __SHD () C:\Users\Jutta\AppData\Local\EmieUserList
2014-05-06 21:28 - 2014-05-06 21:28 - 00000000 __SHD () C:\Users\Jutta\AppData\Local\EmieSiteList
2014-05-06 05:25 - 2014-05-18 19:22 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 05:07 - 2014-05-18 19:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 04:10 - 2014-05-18 19:22 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
Some content of TEMP:
====================
C:\Users\Jutta\AppData\Local\Temp\BackupSetup.exe
C:\Users\Jutta\AppData\Local\Temp\FreemakeVideoDownloader_3.2.0.1.exe
C:\Users\Jutta\AppData\Local\Temp\oi_{611CB83B-F70D-4893-A1EB-ED600A2792D7}.exe
C:\Users\Jutta\AppData\Local\Temp\Quarantine.exe
C:\Users\Jutta\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jutta\AppData\Local\Temp\tbedrs.dll
C:\Users\Jutta\AppData\Local\Temp\_LrcsCtrUpdr.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe
[2014-05-18 19:40] - [2014-03-04 11:17] - 0304128 ____A (Microsoft Corporation) 998507B046BA314CE8245364C686FA67
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-01 13:39
==================== End Of Log ============================
Mist, das dritte finde ich gerade nicht wieder. Ich schicke das erstmal ab, da mir hier dauernd alles zusammenbricht und suche gleich mal. |
|
30.05.2014, 22:53
| #8 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | über 1000 Funde mit Malewarebytes Daher kommt das: Zitat:
__________________ Logfiles bitte immer in CODE-Tags posten |
|
31.05.2014, 19:49
| #9 |
| | über 1000 Funde mit Malewarebytes Tut mir leid, ich war froh, dass das ürhaupt geklappt hat mit dem Programm. Der lässst sich doch so unglaublich scheiße bedienen im Momet und leitet mich bei jeder Mausbewegung auf andere Seiten um ud hüpft von A nach B. Ich habs nochmal gemacht: Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Starter x86
Ran by Jutta on 31.05.2014 at 20:31:45,65
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{FA1DF410-F896-4FFB-A01D-DF87FE75C99E}
~~~ Files
~~~ Folders
Failed to delete: [Folder] "C:\ProgramData\boost_interprocess"
Failed to delete: [Folder] "C:\ProgramData\application data\boost_interprocess"
~~~ FireFox
Successfully deleted: [Folder] C:\Users\Jutta\AppData\Roaming\mozilla\firefox\profiles\tf6oliqx.default\extensions\133
Successfully deleted the following from C:\Users\Jutta\AppData\Roaming\mozilla\firefox\profiles\tf6oliqx.default\prefs.js
user_pref("extensions.CShDTHk0.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"su
user_pref("extensions.QHOkEw5W5.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"s
user_pref("extensions.opm_X.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"warnalert11.com\")>-1||url.indexOf(\"sumor
user_pref("keyword.URL", "hxxp://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=4ABCF663-EFD5-484D-8B4D-0BCEE769D1A3&n=77fd06ab&ind=2013071019&p2=^AYY^xdm070^YYA^de&si=flvru
Emptied folder: C:\Users\Jutta\AppData\Roaming\mozilla\firefox\profiles\tf6oliqx.default\minidumps [1 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 31.05.2014 at 20:40:36,61
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Ich glaube fast der hat gar kein Antivirenprogramm...sehe aber hier noch nicht gaz durch. Für meinen anderen habe ich Kasperski Internet Security - ist das empfehlenswert oder gibt es aus deiner Erfahrung was besseres? Gruß turtle |
|
01.06.2014, 12:06
| #10 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | über 1000 Funde mit MalewarebytesZitat:
Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Scan klicken 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
01.06.2014, 14:14
| #11 |
| | über 1000 Funde mit Malewarebytes Ok! Super! hier die logs: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:01-06-2014
Ran by Jutta (administrator) on 1SCHNUCKELCHEN on 01-06-2014 15:05:03
Running from C:\Users\Jutta\Desktop
Platform: Microsoft Windows 7 Starter Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LMutilps32.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Registration\GREGsvc.exe
(Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccsvchst.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation) C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(AVM Berlin) C:\Program Files\avmwlanstick\FRITZWLANMini.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LMworker.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Symantec Corporation) C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe
(Farbar) C:\Users\Jutta\Desktop\FRST(2).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [GfxServiceInstall] => C:\Windows\system32\GfxCUIServiceInstall.vbs [131 2012-02-26] ()
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [1103440 2011-07-01] (Dritek System Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1934632 2010-10-08] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10959464 2012-01-10] (Realtek Semiconductor)
HKLM\...\Run: [Power Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [714120 2012-02-07] (Acer Incorporated)
HKLM\...\Run: [AVMWlanClient] => C:\Program Files\avmwlanstick\FRITZWLANMini.exe [283136 2007-02-02] (AVM Berlin)
HKLM\...\Run: [ROC_roc_ssl_v12] => "C:\Program Files\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
HKLM\...\Run: [MRT] => C:\Windows\system32\MRT.exe [90547776 2014-05-18] (Microsoft Corporation)
HKU\S-1-5-21-3008509189-370871999-48178643-1000\...\MountPoints2: {1999427a-1397-11e2-a141-08edb9350df0} - D:\pushinst.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
URLSearchHook: HKCU - (No Name) - {5bcf818d-78c8-41b8-ba89-65c5fdac4fc4} - C:\Program Files\Allin1Convert_8h\bar\1.bin\8hSrcAs.dll No File
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\19.9.0.9\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default
FF NewTab: chrome://quick_start/content/index.html
FF Homepage: hxxp://home.tb.ask.com/index.jhtml?ptb=4ABCF663-EFD5-484D-8B4D-0BCEE769D1A3&n=77fd06ab&p2=^AYY^xdm070^YYA^de&si=flvrunner
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\4.0.50401.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: APPPtoU - C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\Extensions\uing-0em@ievqgtchsaoe.com [2014-02-01]
FF Extension: PPPT2PNGG - C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\Extensions\xjulx0_ak@uoeumdrf-rj.edu [2014-03-01]
FF Extension: downloaddiitkeep - C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\Extensions\z.fox0@oaidraaaukqi.co.uk [2014-03-01]
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFFPlgn\
FF Extension: No Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\IPSFFPlgn\ []
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\
FF Extension: No Name - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\coFFPlgn\ []
FF HKCU\...\Firefox\Extensions: [{d49d2752-93ae-4630-b849-87ab7b01b61c}] - C:\Program Files\LyricsContainer\157.xpi
========================== Services (Whitelisted) =================
R2 GREGService; C:\Program Files\Packard Bell\Registration\GREGsvc.exe [28264 2012-02-29] (Acer Incorporated)
R2 IconMan_R; C:\Program Files\Realtek\Realtek PCIE Card Reader\RIconMan.exe [1755136 2011-03-07] (Realsil Microelectronics Inc.)
R2 Live Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [255376 2012-02-07] (Acer Incorporated)
R2 NIS; C:\Program Files\Norton Internet Security\Engine\19.9.0.9\ccSvcHst.exe [138272 2012-06-16] (Symantec Corporation)
R2 NOBU; C:\Program Files\Symantec\Norton Online Backup\NOBuAgent.exe [3236224 2013-04-29] (Symantec Corporation)
==================== Drivers (Whitelisted) ====================
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [4352 2007-01-26] (AVM Berlin)
S1 BHDrvx86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\BASHDefs\20121106.001\BHDrvx86.sys [995488 2012-10-24] (Symantec Corporation)
S1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1309000.009\ccSetx86.sys [132768 2012-06-07] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376480 2012-11-13] (Symantec Corporation)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [265088 2007-01-26] (AVM GmbH)
R1 IDSVix86; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\IPSDefs\20121129.001\IDSvix86.sys [386720 2012-11-10] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20121129.023\NAVENG.SYS [92704 2012-11-13] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_19.5.0.145\Definitions\VirusDefs\20121129.023\NAVEX15.SYS [1601184 2012-11-13] (Symantec Corporation)
R3 RSPCIESTOR; C:\Windows\System32\DRIVERS\RtsPStor.sys [254056 2011-05-30] (Realtek Semiconductor Corp.)
S3 SRTSP; C:\Windows\System32\Drivers\NIS\1309000.009\SRTSP.SYS [574112 2012-07-06] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1309000.009\SRTSPX.SYS [32928 2012-07-06] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NIS\1309000.009\SYMDS.SYS [340088 2011-08-16] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1309000.009\SYMEFA.SYS [924320 2012-05-22] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [141944 2012-03-20] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NIS\1309000.009\Ironx86.SYS [149624 2012-04-18] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NIS\1309000.009\SYMNETS.SYS [318584 2012-04-18] (Symantec Corporation)
R1 {fe0d951b-f1e9-4cbc-8054-78c95ed14cc5}w; C:\Windows\System32\drivers\{fe0d951b-f1e9-4cbc-8054-78c95ed14cc5}w.sys [52920 2014-04-24] (StdLib)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-01 15:05 - 2014-06-01 15:07 - 00011633 _____ () C:\Users\Jutta\Desktop\FRST.txt
2014-06-01 15:03 - 2014-06-01 15:03 - 01057792 _____ (Farbar) C:\Users\Jutta\Desktop\FRST(2).exe
2014-05-31 20:40 - 2014-05-31 20:40 - 00001998 _____ () C:\Users\Jutta\Desktop\JRT.txt
2014-05-30 19:31 - 2014-05-30 19:31 - 01056256 _____ (Farbar) C:\Users\Jutta\Downloads\FRST(1).exe
2014-05-30 19:16 - 2014-05-30 19:16 - 00000000 ____D () C:\Windows\ERUNT
2014-05-30 19:14 - 2014-05-30 19:14 - 01016261 _____ (Thisisu) C:\Users\Jutta\Downloads\JRT(1).exe
2014-05-30 19:13 - 2014-05-30 19:13 - 01016261 _____ (Thisisu) C:\Users\Jutta\Desktop\JRT.exe
2014-05-30 18:56 - 2014-05-30 18:59 - 00000000 ____D () C:\AdwCleaner
2014-05-30 18:55 - 2014-05-30 18:55 - 01327971 _____ () C:\Users\Jutta\Downloads\adwcleaner_3.211.exe
2014-05-27 12:41 - 2014-05-27 12:41 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-27 12:25 - 2014-05-27 12:27 - 00030582 _____ () C:\Users\Jutta\Downloads\Addition.txt
2014-05-27 12:21 - 2014-06-01 15:05 - 00000000 ____D () C:\FRST
2014-05-27 12:21 - 2014-05-30 19:35 - 00028288 _____ () C:\Users\Jutta\Downloads\FRST.txt
2014-05-27 12:14 - 2014-05-27 12:15 - 01056256 _____ (Farbar) C:\Users\Jutta\Downloads\FRST.exe
2014-05-24 19:44 - 2014-05-24 20:10 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-24 19:41 - 2014-05-24 19:41 - 00001068 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-24 19:41 - 2014-05-24 19:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-05-24 19:40 - 2014-05-24 19:41 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-05-24 19:40 - 2014-05-24 19:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-24 19:40 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-24 19:40 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-24 19:40 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-24 19:28 - 2014-05-24 19:34 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Jutta\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-18 19:40 - 2014-05-09 09:06 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-18 19:40 - 2014-05-09 09:04 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-18 19:40 - 2014-04-12 04:11 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-18 19:40 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-05-18 19:40 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-18 19:40 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-18 19:40 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-18 19:40 - 2014-03-04 11:17 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-18 19:40 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-18 19:39 - 2014-04-12 04:15 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-18 19:39 - 2014-04-12 04:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-18 19:39 - 2014-04-12 04:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-18 19:39 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-18 19:39 - 2014-04-12 04:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-18 19:39 - 2014-04-12 04:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-18 19:39 - 2014-03-04 11:17 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-18 19:39 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-18 19:39 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-18 19:39 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-18 19:39 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-18 19:39 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-18 19:39 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-18 19:39 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-18 19:39 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-18 19:39 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-18 19:39 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-18 19:25 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-18 19:22 - 2014-05-06 05:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-18 19:22 - 2014-05-06 05:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-18 19:22 - 2014-05-06 04:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-07 09:17 - 2014-05-24 20:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 21:49 - 2014-04-24 12:21 - 00052920 _____ (StdLib) C:\Windows\system32\Drivers\{fe0d951b-f1e9-4cbc-8054-78c95ed14cc5}w.sys
2014-05-06 21:28 - 2014-05-06 21:28 - 00000000 __SHD () C:\Users\Jutta\AppData\Local\EmieUserList
2014-05-06 21:28 - 2014-05-06 21:28 - 00000000 __SHD () C:\Users\Jutta\AppData\Local\EmieSiteList
==================== One Month Modified Files and Folders =======
2014-06-01 15:07 - 2014-06-01 15:05 - 00011633 _____ () C:\Users\Jutta\Desktop\FRST.txt
2014-06-01 15:07 - 2012-10-02 20:32 - 00000000 ____D () C:\Users\Jutta\AppData\Local\Temp
2014-06-01 15:05 - 2014-05-27 12:21 - 00000000 ____D () C:\FRST
2014-06-01 15:05 - 2009-07-14 06:34 - 00016480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-01 15:05 - 2009-07-14 06:34 - 00016480 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-01 15:03 - 2014-06-01 15:03 - 01057792 _____ (Farbar) C:\Users\Jutta\Desktop\FRST(2).exe
2014-06-01 15:03 - 2012-04-18 09:53 - 01816530 _____ () C:\Windows\WindowsUpdate.log
2014-06-01 15:00 - 2012-12-18 06:31 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-06-01 14:57 - 2014-03-05 00:08 - 00000374 _____ () C:\Windows\Tasks\LookForWord_wd.job
2014-06-01 14:57 - 2014-03-05 00:08 - 00000372 _____ () C:\Windows\Tasks\LookForWord Update.job
2014-06-01 14:57 - 2013-06-10 20:00 - 00000350 _____ () C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job
2014-06-01 14:57 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-01 14:57 - 2009-07-14 06:39 - 00059393 _____ () C:\Windows\setupact.log
2014-05-31 20:51 - 2012-03-20 11:09 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-05-31 20:40 - 2014-05-31 20:40 - 00001998 _____ () C:\Users\Jutta\Desktop\JRT.txt
2014-05-30 19:35 - 2014-05-27 12:21 - 00028288 _____ () C:\Users\Jutta\Downloads\FRST.txt
2014-05-30 19:31 - 2014-05-30 19:31 - 01056256 _____ (Farbar) C:\Users\Jutta\Downloads\FRST(1).exe
2014-05-30 19:16 - 2014-05-30 19:16 - 00000000 ____D () C:\Windows\ERUNT
2014-05-30 19:14 - 2014-05-30 19:14 - 01016261 _____ (Thisisu) C:\Users\Jutta\Downloads\JRT(1).exe
2014-05-30 19:13 - 2014-05-30 19:13 - 01016261 _____ (Thisisu) C:\Users\Jutta\Desktop\JRT.exe
2014-05-30 19:01 - 2011-04-22 16:12 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-05-30 19:01 - 2010-11-20 23:48 - 00417280 _____ () C:\Windows\PFRO.log
2014-05-30 18:59 - 2014-05-30 18:56 - 00000000 ____D () C:\AdwCleaner
2014-05-30 18:59 - 2012-10-02 20:35 - 00001156 _____ () C:\Users\Jutta\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-30 18:59 - 2012-03-20 10:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Packard Bell - Security & Support
2014-05-30 18:59 - 2011-04-22 16:12 - 00001027 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-05-30 18:59 - 2011-04-22 16:12 - 00001015 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-05-30 18:55 - 2014-05-30 18:55 - 01327971 _____ () C:\Users\Jutta\Downloads\adwcleaner_3.211.exe
2014-05-27 12:41 - 2014-05-27 12:41 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-05-27 12:31 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-05-27 12:27 - 2014-05-27 12:25 - 00030582 _____ () C:\Users\Jutta\Downloads\Addition.txt
2014-05-27 12:15 - 2014-05-27 12:14 - 01056256 _____ (Farbar) C:\Users\Jutta\Downloads\FRST.exe
2014-05-25 13:52 - 2012-03-20 10:57 - 00000000 ____D () C:\Windows\fi
2014-05-24 23:33 - 2012-10-28 16:37 - 00000000 ____D () C:\Users\Jutta\AppData\Local\CrashDumps
2014-05-24 20:41 - 2009-07-14 04:04 - 00000505 _____ () C:\Windows\win.ini
2014-05-24 20:40 - 2014-02-22 14:06 - 00000000 ____D () C:\ProgramData\PPPT2PNGG
2014-05-24 20:40 - 2014-02-22 14:06 - 00000000 ____D () C:\ProgramData\downloaddiitkeep
2014-05-24 20:40 - 2014-01-27 22:00 - 00000000 ____D () C:\ProgramData\APPPtoU
2014-05-24 20:40 - 2013-11-15 18:08 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Systweak
2014-05-24 20:40 - 2013-11-15 18:08 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Systweak
2014-05-24 20:10 - 2014-05-24 19:44 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-24 20:02 - 2014-05-07 09:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-24 20:02 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-05-24 19:53 - 2012-03-20 11:09 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-05-24 19:53 - 2012-03-20 11:09 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-05-24 19:41 - 2014-05-24 19:41 - 00001068 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-05-24 19:41 - 2014-05-24 19:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-05-24 19:41 - 2014-05-24 19:40 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware
2014-05-24 19:40 - 2014-05-24 19:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-24 19:34 - 2014-05-24 19:28 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Jutta\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-24 19:06 - 2009-07-14 06:53 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-18 19:29 - 2013-08-15 23:00 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-18 19:29 - 2012-11-04 16:08 - 90547776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-18 19:28 - 2012-10-02 20:38 - 00000000 ____D () C:\Users\Jutta\AppData\Roaming\Skype
2014-05-18 19:19 - 2013-07-20 10:13 - 00001414 _____ () C:\Users\Jutta\Desktop\Registry kostenlos entrümpeln!.lnk
2014-05-18 19:19 - 2010-11-20 23:01 - 01620776 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-12 07:26 - 2014-05-24 19:40 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-24 19:40 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:25 - 2014-05-24 19:40 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-09 09:06 - 2014-05-18 19:40 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 09:04 - 2014-05-18 19:40 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-06 21:28 - 2014-05-06 21:28 - 00000000 __SHD () C:\Users\Jutta\AppData\Local\EmieUserList
2014-05-06 21:28 - 2014-05-06 21:28 - 00000000 __SHD () C:\Users\Jutta\AppData\Local\EmieSiteList
2014-05-06 05:25 - 2014-05-18 19:22 - 17382912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-06 05:07 - 2014-05-18 19:22 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-06 04:10 - 2014-05-18 19:22 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
Some content of TEMP:
====================
C:\Users\Jutta\AppData\Local\Temp\BackupSetup.exe
C:\Users\Jutta\AppData\Local\Temp\FreemakeVideoDownloader_3.2.0.1.exe
C:\Users\Jutta\AppData\Local\Temp\oi_{611CB83B-F70D-4893-A1EB-ED600A2792D7}.exe
C:\Users\Jutta\AppData\Local\Temp\Quarantine.exe
C:\Users\Jutta\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Jutta\AppData\Local\Temp\tbedrs.dll
C:\Users\Jutta\AppData\Local\Temp\_LrcsCtrUpdr.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe
[2014-05-18 19:40] - [2014-03-04 11:17] - 0304128 ____A (Microsoft Corporation) 998507B046BA314CE8245364C686FA67
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-01 13:39
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version:01-06-2014
Ran by Jutta at 2014-06-01 15:08:05
Running from C:\Users\Jutta\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Norton Internet Security (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
==================== Installed Programs ======================
337 GAMES (HKCU\...\337Games) (Version: 1.1.1.0 - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.6.0.19120 - Adobe Systems Incorporated)
Adobe AIR (Version: 2.6.0.19120 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 13 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader X (10.1.8) MUI (HKLM\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.8 - Adobe Systems Incorporated)
Advanced Driver Updater (HKLM\...\Advanced Driver Updater_is1) (Version: 2.1.1086.14630 - Systweak Inc)
Advanced File Optimizer (HKLM\...\Advanced File Optimizer_is1) (Version: 2.1.1000.10518 - Systweak Software)
Akhra: The Treasures (Version: 2.2.0.98 - WildTangent) Hidden
Alice's Magical Mahjong (Version: 2.2.0.98 - WildTangent) Hidden
Bejeweled 3 (Version: 2.2.0.98 - WildTangent) Hidden
Bing Bar (HKLM\...\{C28D96C0-6A90-459E-A077-A6706F4EC0FC}) (Version: 7.0.765.0 - Microsoft Corporation)
CasinoClub (HKLM\...\CasinoClub ) (Version: - Boss Media AB)
Chuzzle Deluxe (Version: 2.2.0.95 - WildTangent) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
Diego's Ultimate Rescue (Version: 2.2.0.95 - WildTangent) Hidden
eBay Worldwide (HKLM\...\{D3E5A972-9A15-427D-AE78-8181A5FD943C}) (Version: 2.2.0409 - OEM)
Evernote v. 4.5.2 (HKLM\...\{F77EF646-19EB-11E1-9A9E-984BE15F174E}) (Version: 4.5.2.5866 - Evernote Corp.)
Final Drive: Nitro (Version: 2.2.0.95 - WildTangent) Hidden
Fooz Kids (HKLM\...\FoozKids) (Version: 3.1.2 - FUHU, Inc.)
Fooz Kids (Version: 3.1.2 - FUHU, Inc.) Hidden
Fooz Kids Platform (HKLM\...\{8D68CE08-9A14-4B7B-9857-3C646A2F34C7}) (Version: 2.1 - FUHU, Inc.)
Fotogalerija Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Freemake Video Downloader (HKLM\...\Freemake Video Downloader_is1) (Version: 3.2.0 - Ellora Assets Corporation)
Galeria de Fotografias do Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotogràfica del Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Identity Card (HKLM\...\Identity Card) (Version: 1.00.3501 - Packard Bell)
Insaniquarium Deluxe (Version: 2.2.0.97 - WildTangent) Hidden
Intel(R) Control Center (HKLM\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.14.8.1075 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Junk Mail filter update (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Launch Manager (HKLM\...\LManager) (Version: 5.1.7 - Packard Bell)
LibreOffice 3.6 (HKLM\...\{1E85458A-9B00-443F-A187-2E06DBB15E43}) (Version: 3.6.2.2 - The Document Foundation)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.5139.5005 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 de) (HKLM\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
My Farm Life (Version: 2.2.0.97 - WildTangent) Hidden
My Kingdom for the Princess 3 (Version: 2.2.0.98 - WildTangent) Hidden
Norton Internet Security (HKLM\...\NIS) (Version: 19.9.0.9 - Symantec Corporation)
Norton Online Backup (HKLM\...\{E625FCA0-E43E-4D3B-92FF-4851308A0366}) (Version: 2.7.2.25 - Symantec Corporation)
Packard Bell Games (HKLM\...\WildTangent packardbell Master Uninstall) (Version: 1.0.2.5 - WildTangent)
Packard Bell Power Management (HKLM\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3010 - Packard Bell)
Packard Bell Recovery Management (HKLM\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3507 - Packard Bell)
Packard Bell Registration (HKLM\...\Packard Bell Registration) (Version: 1.04.3506 - Packard Bell)
Packard Bell ScreenSaver (HKLM\...\Packard Bell Screensaver) (Version: 1.1.0124.2011 - Packard Bell )
Packard Bell Social Networks (HKLM\...\InstallShield_{64EF903E-D00A-414C-94A4-FBA368FFCDC9}) (Version: 3.0.3106 - CyberLink Corp.)
Packard Bell Social Networks (Version: 3.0.3106 - CyberLink Corp.) Hidden
Packard Bell Updater (HKLM\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3501 - Packard Bell)
PhotoScape (HKLM\...\PhotoScape) (Version: - )
Poczta usługi Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.49.927.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6549 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.83 - Realtek Semiconductor Corp.)
Running Sheep (Version: 2.2.0.98 - WildTangent) Hidden
Skip-Bo - Castaway Caper (Version: 2.2.0.95 - WildTangent) Hidden
Skype™ 5.5 (HKLM\...\{AA59DDE4-B672-4621-A016-4C248204957A}) (Version: 5.5.117 - Skype Technologies S.A.)
Slingo Deluxe (Version: 2.2.0.95 - WildTangent) Hidden
Super Granny 6 (Version: 2.2.0.97 - WildTangent) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.18.0 - Synaptics Incorporated)
Update Installer for WildTangent Games App (Version: - WildTangent) Hidden
Video Web Camera (HKLM\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.2624.00 - CyberLink Corp.)
Video Web Camera (Version: 1.5.2624.00 - CyberLink Corp.) Hidden
Wedding Dash (Version: 2.2.0.95 - WildTangent) Hidden
Welcome Center (HKLM\...\Packard Bell Welcome Center) (Version: 1.02.3507 - Packard Bell)
WildTangent Games App (Version: 4.0.10.2 - WildTangent) Hidden
Windows Live Argazki Galeria (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogaléria (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalleri (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotoğraf Galerisi (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotótár (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galeria de Fotos (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Galerija fotografija (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 影像中心 (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live 程式集 (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven asennustyökalu (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven sähköposti (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Liven valokuvavalikoima (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Συλλογή φωτογραφιών του Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Restore Points =========================
27-01-2014 19:50:24 Windows Update
08-02-2014 20:41:01 Geplanter Prüfpunkt
12-02-2014 15:39:43 Windows Update
01-03-2014 09:55:10 Windows Update
04-03-2014 22:13:41 Windows Update
25-03-2014 15:42:44 Windows Update
11-04-2014 12:03:35 Windows Update
17-04-2014 19:40:48 Windows Update
18-04-2014 10:22:28 Windows Update
23-04-2014 19:48:32 Windows Update
25-04-2014 10:42:25 Windows Update
25-04-2014 10:55:28 Windows Update
30-04-2014 17:03:06 Windows Update
07-05-2014 07:12:37 Windows Update
18-05-2014 17:21:06 Windows Update
24-05-2014 17:11:25 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {0ADFB07D-E6B0-46A8-AC43-3CBAE1A22050} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files\Norton Internet Security\Engine\19.9.0.9\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {0B56A14E-7EC4-4029-9827-1EF5F328BF0E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-24] (Adobe Systems Incorporated)
Task: {1518AE10-721D-4721-B402-2918CB329826} - System32\Tasks\{24B7CD0E-B186-48B8-A9C8-4D7CA800FB66} => C:\Program Files\Microsoft Office\Options14\MSOO.EXE [2010-02-28] (Microsoft Corporation)
Task: {2E17B5C3-CD99-4571-8240-44CD40E26547} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files\Norton Internet Security\Engine\19.9.0.9\SymErr.exe [2012-02-04] (Symantec Corporation)
Task: {31EC83C5-B494-4A9F-904B-9266D5141236} - System32\Tasks\LookForWord_wd => C:\Program Files\LyricsContainer\LookForWord_wd.exe <==== ATTENTION
Task: {3636B378-C0D4-4DB3-AC53-34C9FEE9F635} - System32\Tasks\LookForWord Update => C:\Program Files\LyricsContainer\LookF.exe <==== ATTENTION
Task: {6B77E85A-458D-45D2-B24D-3986EBA39893} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\19.9.0.9\WSCStub.exe [2012-09-26] (Symantec Corporation)
Task: {72353609-3155-44E9-9983-76C8A294CD76} - System32\Tasks\{39E03F6F-1894-426C-ACD1-ED2C1F4F0BCF} => C:\Program Files\Microsoft Office\Options14\MSOO.EXE [2010-02-28] (Microsoft Corporation)
Task: {93095034-9A0F-4DF8-9FDE-EFB5C8B58E25} - System32\Tasks\AdvancedDriverUpdaterRunAtStartup => C:\Program Files\Advanced Driver Updater\adu.exe [2012-11-22] (Systweak Inc)
Task: {9EF58C15-1204-43B3-AFB4-F1D46746FFCD} - System32\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv => C:\Windows\TEMP\{4BD8451C-F6FB-4FDD-AB92-94020634B34F}.exe
Task: {D56D5587-0F25-497D-9581-103850B21A60} - System32\Tasks\AdvancedDriverUpdater_UPDATES => C:\Program Files\Advanced Driver Updater\adu.exe [2012-11-22] (Systweak Inc)
Task: {F7FD7C8A-12FD-4807-A5FD-5243ACB59BF5} - System32\Tasks\UALU notificatin => C:\Program Files\Packard Bell\Packard Bell Updater\UALU.exe [2012-02-07] (Acer Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\AdvancedDriverUpdater_UPDATES.job => C:\Program Files\Advanced Driver Updater\adu.exe
Task: C:\Windows\Tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job => C:\Windows\TEMP\{4BD8451C-F6FB-4FDD-AB92-94020634B34F}.exe
Task: C:\Windows\Tasks\LookForWord Update.job => C:\Program Files\LyricsContainer\LookF.exe <==== ATTENTION
Task: C:\Windows\Tasks\LookForWord_wd.job => C:\Program Files\LyricsContainer\LookForWord_wd.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2014-05-27 12:41 - 2014-05-27 12:41 - 03839088 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-04-03 14:49 - 2014-04-03 14:49 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\0a0467413a424068d1471448ff6ca6cc\IsdiInterop.ni.dll
2012-03-20 10:32 - 2010-11-06 09:50 - 00058880 _____ () C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Symantec Iron Driver
Description: Symantec Iron Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SymIRON
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: BHDrvx86
Description: BHDrvx86
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: BHDrvx86
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Norton Internet Security Settings Manager
Description: Norton Internet Security Settings Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ccSet_NIS
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/01/2014 02:58:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (06/01/2014 02:57:56 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
BHDrvx86
ccSet_NIS
cdrom
SymIRON
Microsoft Office Sessions:
=========================
Error: (06/01/2014 02:58:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Percentage of memory in use: 79%
Total physical RAM: 1012.3 MB
Available physical RAM: 211.31 MB
Total Pagefile: 2036.3 MB
Available Pagefile: 926.09 MB
Total Virtual: 2047.88 MB
Available Virtual: 1941.04 MB
==================== Drives ================================
Drive c: (Packard Bell) (Fixed) (Total:284.99 GB) (Free:246.31 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 43338D6D)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
01.06.2014, 23:22
| #12 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | über 1000 Funde mit Malewarebytes Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
ProxyEnable: Internet Explorer proxy is enabled.
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
02.06.2014, 19:42
| #13 |
| | über 1000 Funde mit Malewarebytes Ich glaube diesmal wars richtig. Code:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:02-06-2014
Ran by Jutta at 2014-06-02 20:22:02 Run:1
Running from C:\Users\Jutta\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
ProxyEnable: Internet Explorer proxy is enabled.
*****************
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => Value deleted successfully.
The system needed a reboot.
==== End of Fixlog ====
Liebe Grüße turtle |
|
02.06.2014, 20:43
| #14 | ||
| /// Winkelfunktion /// TB-Süch-Tiger™ | über 1000 Funde mit MalewarebytesZitat:
Zitat:
Downloade Dir bitte  Malwarebytes Anti-Malware
ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
04.06.2014, 22:09
| #15 |
| | über 1000 Funde mit Malewarebytes So, habs endlich geschafft...hier sid die logs: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 03.06.2014 Suchlauf-Zeit: 20:16:00 Logdatei: mbamlog.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.06.03.06 Rootkit Datenbank: v2014.06.02.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x86 Dateisystem: NTFS Benutzer: Jutta Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 245645 Verstrichene Zeit: 17 Min, 20 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 0 (No malicious items detected) Registrierungswerte: 0 (No malicious items detected) Registrierungsdaten: 0 (No malicious items detected) Ordner: 0 (No malicious items detected) Dateien: 1 PUP.Optional.ASK.A, C:\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "hxxp://home.tb.ask.com/index.jhtml?ptb=4ABCF663-EFD5-484D-8B4D-0BCEE769D1A3&n=77fd06ab&p2=^AYY^xdm070^YYA^de&si=flvrunner");), Ersetzt,[fd15d0a49be00a2c6f883c592ed64db3] Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=b2a79994aa75d0459086eeb6f6514beb
# engine=18552
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-06-04 08:48:37
# local_time=2014-06-04 10:48:37 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Norton Internet Security'
# compatibility_mode=3591 16777213 100 90 48364359 100372294 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 28431619 153546108 0 0
# scanned=123931
# found=38
# cleaned=0
# scan_time=8261
sh=C52C30CF64DEE98F964B9FF3502D389115E4DCAE ft=1 fh=aefa735fcc2a5aa9 vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Advanced System Protector\AdvancedSystemProtector.exe.vir"
sh=D6E64E17033E6D5B3A39274A908500EF10133805 ft=1 fh=66a249e1dfddf75c vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Advanced System Protector\AspManager.exe.vir"
sh=65300E119D5CD84D8619E0739FCCD11AD91746F0 ft=1 fh=0d4f51f4dd946221 vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Advanced System Protector\filetypehelper.exe.vir"
sh=1C6EAEBDF66762FF9FF29EB6B282B18753F16F98 ft=1 fh=fb1fd2e408fbda99 vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Advanced System Protector\scandll.dll.vir"
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Conduit\Community Alerts\Alert.dll.vir"
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Conduit\Community Alerts\Alert0.dll.vir"
sh=E5AD99CE7C7362CA566156033ECB0F04F9437CA7 ft=1 fh=f45d83e01e1c8734 vn="Win32/Toolbar.Conduit.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\FileConverter_1.3\FileConverter_1.3ToolbarHelper.exe.vir"
sh=A1280B1F085B8284DC157EC359BD1ADA091CFE7E ft=1 fh=d8aa3384d1249a40 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\FileConverter_1.3\ldrtbFile.dll.vir"
sh=A2D929A9864513C0E8ED84AAD622EF6ADCC9B950 ft=1 fh=22c06217fc444ec5 vn="Win32/Toolbar.Conduit.O evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\FileConverter_1.3\prxtbFil0.dll.vir"
sh=A2D929A9864513C0E8ED84AAD622EF6ADCC9B950 ft=1 fh=22c06217fc444ec5 vn="Win32/Toolbar.Conduit.O evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\FileConverter_1.3\prxtbFile.dll.vir"
sh=92E84D2216A7763D580E42FA2493CCF67D0D0560 ft=1 fh=e8efc42494afd9f6 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\FileConverter_1.3\tbFile.dll.vir"
sh=E726D8BAED9714F2CCF9E8EE01DA76F32716870A ft=1 fh=3a4d9e1ea77ed494 vn="Variante von Win32/SpeedingUpMyPC Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Optimizer Pro\OptimizerPro.exe.vir"
sh=450244C202B76834D77DBD045771618BC157E09D ft=1 fh=596b207451c84add vn="Variante von Win32/SProtector.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Optimizer Pro\OptProCrash.dll.vir"
sh=FAE2CC2FC4BF831C89068E57504E71B5DC97C66C ft=1 fh=5332132de2cfc2a7 vn="Variante von Win32/SProtector.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Optimizer Pro\OptProCrashSvc.dll.vir"
sh=C5828B700B9EF61FA1534D5D18482BF12F591CBF ft=1 fh=0404da55e35b3671 vn="Variante von Win32/AdWare.SpeedingUpMyPC.D Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Optimizer Pro\OptProLauncher.exe.vir"
sh=741518CA17409E0C108EA202464829E6C664ED1E ft=1 fh=52477f93f91d8732 vn="Variante von MSIL/DomaIQ.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Uninstaller\Uninstall.exe.vir"
sh=E5AD99CE7C7362CA566156033ECB0F04F9437CA7 ft=1 fh=f45d83e01e1c8734 vn="Win32/Toolbar.Conduit.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Jutta\AppData\Local\Conduit\CT3241949\FileConverter_1.3AutoUpdateHelper.exe.vir"
sh=A1280B1F085B8284DC157EC359BD1ADA091CFE7E ft=1 fh=d8aa3384d1249a40 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Jutta\AppData\LocalLow\FileConverter_1.3\ldrtbFile.dll.vir"
sh=92E84D2216A7763D580E42FA2493CCF67D0D0560 ft=1 fh=e8efc42494afd9f6 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Jutta\AppData\LocalLow\FileConverter_1.3\tbFile.dll.vir"
sh=ABF759CA3BFB16DE62197DD7C417AC5039A43AE0 ft=1 fh=1801af74030ebca1 vn="Variante von Win32/PriceGong.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Jutta\AppData\LocalLow\FileConverter_1.3\plugins\{5E1360DC-8FA8-40df-A8CD-FC3831B3634B}\3.5.3\bin\PriceGongIE.dll.vir"
sh=E0814D0F17EE1122F6D3507DC676030F8E1CC133 ft=1 fh=0e0f46db8e6ee8c4 vn="Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Jutta\AppData\Roaming\BabSolution\Shared\BabMaint.exe.vir"
sh=C0F127D4F8A7A68E622A35401B8107A8F29D3BBF ft=1 fh=c71c0011b1f3dbd1 vn="Variante von Win32/Toolbar.Babylon.W evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Jutta\AppData\Roaming\BabSolution\Shared\NTRedirect.dll.vir"
sh=F5D1D288B07A202640489B2C8102F8C404FBC83D ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.L Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Jutta\AppData\Roaming\Mozilla\Firefox\Profiles\tf6oliqx.default\Extensions\130\chrome\content\main.js.vir"
sh=29537B5D9E0B9006067890E1D21D0CE6F22E8A99 ft=1 fh=6e7ef67f604e413f vn="Win32/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files\Advanced File Optimizer\Cloud_Backup_Setup.exe"
sh=C44FEB9DD6271C71E9D4B4899D73CAA0F5F93746 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jutta\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8OLFEB6O\monetizationLoader[1].js"
sh=DEBF208882FC35746679473CE0C804521CEC67CC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jutta\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8OLFEB6O\monetizationLoader[2].js"
sh=92E84D2216A7763D580E42FA2493CCF67D0D0560 ft=1 fh=e8efc42494afd9f6 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jutta\AppData\Local\Temp\tbedrs.dll"
sh=441065CCECAED9BCD7DB1F9FB66851D62F800FF5 ft=1 fh=d3da8ef7c9e36587 vn="Variante von Win32/AdWare.AddLyrics.AH Anwendung" ac=I fn="C:\Users\Jutta\AppData\Local\Temp\_LrcsCtrUpdr.exe"
sh=BE3A5951F9D566E9C0B10B41781E42A3A8562B12 ft=1 fh=bfe637157b287a9d vn="Variante von Win32/Toolbar.Babylon.W evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jutta\AppData\Local\Temp\busFD32\enhancedNT.dll"
sh=1B2983DD978DB886263B1740E4C7E0CA1CEF88C4 ft=1 fh=29f8994b325a4b60 vn="Variante von Win32/Toolbar.Babylon.H evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jutta\AppData\Local\Temp\E947C1B6-BAB0-7891-B052-4EE68D3211BF\Setup.exe"
sh=EE7646E9A9ECD2FA138A5EE732368D3785E060B2 ft=1 fh=a9e6d2fee3def72a vn="Variante von Win32/Toolbar.Babylon.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jutta\AppData\Local\Temp\E947C1B6-BAB0-7891-B052-4EE68D3211BF\Latest\IEHelper.dll"
sh=C0F127D4F8A7A68E622A35401B8107A8F29D3BBF ft=1 fh=c71c0011b1f3dbd1 vn="Variante von Win32/Toolbar.Babylon.W evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jutta\AppData\Local\Temp\E947C1B6-BAB0-7891-B052-4EE68D3211BF\Latest\NTRedirect.dll"
sh=CCD90EE6E9B1ADFF9657E8F2C126BC6CB5C2EB24 ft=1 fh=91473923cd86549e vn="Variante von Win32/SProtector.E evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jutta\AppData\Local\Temp\is-V6K5T.tmp\OptProCrash.dll"
sh=EABB5C1B6EB7775E74286E90746A6D7CA0137D8D ft=1 fh=422c0d3c63690f4f vn="Variante von MSIL/DomaIQ.J evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jutta\AppData\Local\Temp\pgbxyarggttyhb\urimdpsxukbcti.exe"
sh=A836A8346F791EC8A83B51BC78E84B2F6659E6DA ft=1 fh=0a2e45c370149901 vn="Win32/Wajam.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jutta\AppData\Local\Temp\pgbxyarggttyhb\wajam_validate.exe"
sh=F5F973DA9E1ACB7CA961E4DD91E98694E80F7CD6 ft=1 fh=43e54f3d5cc39dd7 vn="Variante von Win32/AdWare.SpeedingUpMyPC.E Anwendung" ac=I fn="C:\Users\Jutta\AppData\Local\Temp\pgbxyarggttyhb\software\OptimizerPro.exe"
sh=A87B7647DC34B5B6186209377786E946B677C574 ft=1 fh=c2834f18f25710d9 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Jutta\AppData\Local\Temp\{FEF32177-1C10-4C18-BD7B-FB4886AB091B}\setup.exe"
sh=BCEB518F8911E047E9DC5B0798B2C38B4260BFA3 ft=1 fh=28814f77d171d827 vn="Win32/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Jutta\Downloads\advancedfileoptimizersetup_docx_=.exe"
|
|
Linear-Darstellung
