| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: C:\windows\scorl.trojan.general.exeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
05.10.2014, 15:12
| #1 |
 |  C:\windows\scorl.trojan.general.exe Das was im Titel steht wurde mir mal als ich meinen Computer hochgefahren hab angezeigt. Als ich dann in meinen brower Oper wollte stand dort eine Meldung das das Internet nicht geht obwohl ich WLAN habe was funktionstüchtig ist und bei anderen Computern geht. Es geht sogar bei Origin.Dann bin ich in meinen anderen browser gegangen und zwar Chrome, dort stand nur die Seite konnte nicht geladen werden. Mehr hab nicht zu melden.Ich schreib hier auch gerade mit dem Smartphone habe also Einschränkungen. Danke im Voraus |
|
05.10.2014, 16:25
| #2 |
| /// the machine /// TB-Ausbilder    |  C:\windows\scorl.trojan.general.exe hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
14.10.2014, 15:41
| #3 | |
| | C:\windows\scorl.trojan.general.exeZitat:
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2014
Ran by Pascal at 2014-10-06 13:48:21
Running from C:\Users\Pascal\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Computer Schutz (Enabled - Up to date) {15414183-282E-D62C-CA37-EF24860A2F17}
AS: Computer Schutz (Enabled - Up to date) {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32239 - BitTorrent Inc.)
aartemis Browser Protecter (HKLM-x32\...\aartemis Browser Protecter) (Version: - aartemis) <==== ATTENTION
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.4.1.351 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.5) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.5 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
ALDI SÜD Mah Jong (HKLM-x32\...\ALDI SÜD Mah Jong) (Version: - )
Amazon MP3-Downloader 1.0.9 (HKLM-x32\...\Amazon MP3-Downloader) (Version: - )
Ashampoo Burning Studio (HKLM-x32\...\Ashampoo Burning Studio_is1) (Version: 10.0.10 - Ashampoo GmbH & Co. KG)
Ashampoo DE Toolbar (HKLM-x32\...\Ashampoo_DE Toolbar) (Version: 6.9.0.16 - Ashampoo DE) <==== ATTENTION
Ashampoo Photo Commander (HKLM-x32\...\Ashampoo Photo Commander_is1) (Version: 9.2.0 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Optimizer (HKLM-x32\...\Ashampoo Photo Optimizer_is1) (Version: 4.0.0 - Ashampoo GmbH & Co. KG)
Ask Toolbar Updater (HKCU\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.4.36191 - Ask.com) <==== ATTENTION
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield Play4Free (HKLM-x32\...\{87686C21-8A15-4b4d-A3F1-11141D9BE094}) (Version: - EA Digital illusions)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.5.1 - EA Digital Illusions CE AB)
Bejeweled® 3 (HKLM-x32\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.)
BetterAds (HKLM-x32\...\BetterAds) (Version: 2.1 - BetterAds.org)
BlueStacks Notification Center (HKLM-x32\...\{FE5ABB0E-EDEA-4023-B0FB-9DEA39A98D76}) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)
Bridge! (HKLM-x32\...\{22EDD164-65D5-41DD-961E-08C7CDA4D471}) (Version: 1.16 - aerosoft)
BrowseToSave (HKLM\...\{6AC05D09-0A51-4D64-AF8F-4273B1237FFF}) (Version: 1.0 - ) <==== ATTENTION
Bus Driver Gold 1.1 (HKLM-x32\...\Bus Driver Gold) (Version: 1.1 - Halycon Media)
Bus-Simulator 2012 (HKLM-x32\...\Bus-Simulator 2012_is1) (Version: - astragon)
CamStudio version 2.7 (HKLM-x32\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7 - CamStudio Open Source)
Camtasia Studio 8 (HKLM-x32\...\{F5C9BE9A-04C3-4A72-8CD0-BB67C722D608}) (Version: 8.1.2.1344 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 4.11 - Piriform)
Codec Pack Packages (HKCU\...\Codec Pack Packages) (Version: - ) <==== ATTENTION
CodeTwo QR Code Desktop Reader (HKLM-x32\...\{8E03824D-0FCC-4AAE-BBE3-3B544BE3876F}) (Version: 1.0.0 - CodeTwo)
Computer Security 12.83.104.0 (release) (x32 Version: 12.83.104.0 - F-Secure Corporation) Hidden
Corel Graphics - Windows Shell Extension (HKLM-x32\...\_{B6BFCD02-BA0E-41A9-9C9C-6624C4BB475F}) (Version: 15.2.0.686 - Corel Corporation)
Corel Graphics - Windows Shell Extension (x32 Version: 15.2.686 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 64 Bit (Version: 15.2.686 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Common (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Connect (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Custom Data (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - DE (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Draw (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - EN (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - ES (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Extra Content (HKLM-x32\...\_{5A10CFDA-FA2B-453C-B561-AE864E62EAC8}) (Version: - Corel Corporation)
CorelDRAW Essentials X5 - Extra Content (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Filters (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - FR (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IPM (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - IT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - PHOTO-PAINT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Redist (x32 Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - Setup Files (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 - WT (x32 Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Essentials X5 (HKLM-x32\...\_{EDBEBF07-F880-48FB-9AA5-0E8E71E02D83}) (Version: 15.2.0.686 - Corel Corporation)
CorelDRAW Essentials X5 (x32 Version: 15.3 - Corel Corporation) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3624 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3624 - CyberLink Corp.) Hidden
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1817_38674 - CyberLink Corp.)
CyberLink MediaEspresso (x32 Version: 6.5.1817_38674 - CyberLink Corp.) Hidden
CyberLink PhotoDirector 2011 (HKLM-x32\...\InstallShield_{4862344A-A39C-4897-ACD4-A1BED5163C5A}) (Version: 2.0.2430 - CyberLink Corp.)
CyberLink PhotoDirector 2011 (x32 Version: 2.0.2430 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 7.0.0.1327 - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 7.0.0.1327 - CyberLink Corp.) Hidden
CyberLink PowerDVD Copy (HKLM-x32\...\InstallShield_{E3D04529-6EDB-11D8-A372-0050BAE317E1}) (Version: 1.5.2408 - CyberLink Corp.)
CyberLink PowerDVD Copy (x32 Version: 1.5.2408 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.4125 - CyberLink Corp.)
CyberLink PowerRecover (x32 Version: 5.5.4125 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dachser Global Player (HKLM-x32\...\Dachser Global Player) (Version: - )
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.5.0.0388 - Disc Soft Ltd)
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version: - )
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{650DE870-ECA3-4E63-8D77-778512BE5D4C}) (Version: - Microsoft)
Delta toolbar (HKLM-x32\...\delta) (Version: 1.8.21.5 - Delta) <==== ATTENTION
DesktopWeatherAlerts (HKCU\...\DesktopWeatherAlerts) (Version: 1.0.29.0 - Local Weather LLC) <==== ATTENTION
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.57.62 - Electronic Arts)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.0.732.20 - Electronic Arts Inc.)
Dieselpreisupdater Version 5.0.3.0 (HKLM-x32\...\{51AC56BF-FBA6-4F8F-A111-B43370F736DD}_is1) (Version: 5.0.3.0 - Life! Software)
DirectVobSub 2.40.4209 (HKLM-x32\...\vsfilter_is1) (Version: 2.40.4209 - MPC-HC Team)
DiskAid 5.46 (HKLM-x32\...\DiskAid_is1) (Version: 5.46 - DigiDNA)
DMUninstaller (HKLM-x32\...\DMUninstaller) (Version: - ) <==== ATTENTION
Driver Genius (HKLM-x32\...\Driver Genius_is1) (Version: 14.0 - Driver-Soft Inc.)
English G 21 e-Workbook A2 (HKLM-x32\...\{22FB3F97-8FEA-4383-B5EF-D707EEE97FFC}) (Version: 1.00.0000 - Cornelsen Verlag GmbH)
Euro Truck Simulator 2 (HKLM-x32\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.1.1 - SCS Software)
f.lux (HKCU\...\Flux) (Version: - )
F1 2011 (x32 Version: 1.0.0002.129 - Codemasters) Hidden
FBDownloader (HKCU\...\fbDownloader) (Version: 1.0 - HTTO Group Ltd)
ffdshow v1.1.4399 [2012-03-22] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.4399.0 - )
FIFA 13 (HKLM-x32\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.0.0.0 - Electronic Arts)
FIFA 14 (HKLM-x32\...\{AA7A2800-1E75-4240-855B-03AFF8E5171E}) (Version: 1.0.0.7 - Electronic Arts)
FilesFrog Update Checker (HKLM-x32\...\FilesFrog Update Checker) (Version: - ) <==== ATTENTION
FileZilla Client 3.6.0.2 (HKLM-x32\...\FileZilla Client) (Version: 3.6.0.2 - FileZilla Project)
Flash Chess 3 (HKLM-x32\...\{70983EE0-5FA9-47A3-8BAB-FD8686E10469}_is1) (Version: - ePlaybus.com)
FLV Player (HKCU\...\FLV Player) (Version: 1.0 - Somoto Ltd.) <==== ATTENTION
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free Ride Games Player (HKLM-x32\...\{2B7BDADB-EC8C-4C54-B5DD-CE45A016D3A7}) (Version: - Exent Technologies Ltd) <==== ATTENTION
Free Screen To Video V 2.0 (HKLM-x32\...\Free Screen To Video_is1) (Version: 2.0.0.0 - Koyote Soft)
Free Sound Recorder v9.6.1 (HKLM-x32\...\Free Sound Recorder_is1) (Version: - Copyright(C) 2005-2013 FreeSoundRecorder Technologies, Inc.)
Free Studio version 5.9.0.1212 (HKLM-x32\...\Free Studio_is1) (Version: 5.9.0.1212 - DVDVideoSoft Ltd.)
Freemake Video Converter Version 4.0.0 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.0.0 - Ellora Assets Corporation)
F-Secure CCF Reputation (x32 Version: 1.0.25.1877 - F-Secure) Hidden
F-Secure CCF Scanning 1.43.102.193 (release) (x32 Version: 1.43.102.193 - F-Secure Corporation) Hidden
F-Secure Network CCF 1.02.128 (x32 Version: 1.02.128.1 - F-Secure Corporation) Hidden
FSX_Screensaver (HKLM-x32\...\FSX_Screensaver) (Version: - )
FTDownloader (HKLM-x32\...\1ClickDownload) (Version: 2.1 Build 26473 - FTDownloader.com) <==== ATTENTION
FVPN Connect (HKLM-x32\...\FVPN Connect) (Version: 1.8.0.0 - FVPN)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Gameforge Live 2.0.3 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.3 - Gameforge)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
GoforFiles (HKCU\...\GoforFiles) (Version: 1.8.1 - hxxp://www.goforfiles.com/) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
HD-Quality-v3V30.09 (HKLM-x32\...\HD-Quality-v3V30.09) (Version: 1.35.9.29 - HD-Quality-v3V30.09)
holasearch toolbar (HKLM-x32\...\holasearch) (Version: 1.8.16.16 - holasearch) <==== ATTENTION
HQCinema1.9V01.10 (HKLM-x32\...\HQCinema1.9V01.10) (Version: 1.35.9.29 - HQCinemaV01.10)
iMesh (x32 Version: 11.0.0.129514 - iMesh Inc.) Hidden <==== ATTENTION
Incredibar Toolbar on IE (HKLM-x32\...\incredibar) (Version: - ) <==== ATTENTION
InetStat (HKCU\...\InetStat) (Version: 0.5b - InetStat)
Installer (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
Internet Explorer (Enable DEP) (HKLM\...\{a9264802-8a7a-40fe-a135-5c6d204aed7a}.sdb) (Version: - )
InterVideo DeviceService (HKLM-x32\...\{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}) (Version: 1.0.0 - InterVideo)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Kabel BW Programme (HKLM-x32\...\F-Secure ServiceEnabler 47731) (Version: 1.83.311.0 - F-Secure Corporation)
Kabel BW Programme (x32 Version: 1.83.311.0 - F-Secure Corporation) Hidden
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version: - Squad)
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Landwirtschafts Simulator 2013 (HKLM-x32\...\FarmingSimulator2013DE_is1) (Version: 1.0 - GIANTS Software)
LEGO Insel 2 (HKLM-x32\...\{85967580-EBC2-11D4-AEA3-0050046A88ED}) (Version: - )
ManiaPlanet (HKLM-x32\...\ManiaPlanet_is1) (Version: - Nadeo)
maxdome - Online Videothek (HKLM\...\maxdome - Online Videothek) (Version: 1.0 - maxdome GmbH und Co. KG)
Media Buzz (HKLM-x32\...\MediaBuzzV1mode6846) (Version: 1.1 - Media Buzz) <==== ATTENTION
Media Player Classic - Home Cinema v1.5.2.3456 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.5.2.3456 - MPC-HC Team)
Medion Home Cinema (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.3216 - CyberLink Corp.)
Medion Home Cinema (x32 Version: 8.0.3216 - CyberLink Corp.) Hidden
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7943 - Memeo Inc.)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Flight (HKLM-x32\...\GFWL_{4D5308D2-DC8E-4658-A37C-351000048100}) (Version: 1.0.0004.129 - Microsoft Studios)
Microsoft Flight (HKLM-x32\...\GFWL_{4D5308D2-DC8E-4658-A37C-351000058100}) (Version: 1.0.0005.129 - Microsoft Studios)
Microsoft Flight (x32 Version: 1.0.0004.129 - Microsoft Studios) Hidden
Microsoft Flight (x32 Version: 1.0.0005.129 - Microsoft Studios) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Access MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0406-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0408-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-040C-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-040E-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0410-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0413-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0415-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-041F-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0424-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0C0A-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 15.0.4649.1003 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{9B3F0A88-790D-3AD9-9F96-B19CF2746452}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft_VC100_CRT_SP1_x64 (Version: 10.0.40219.1 - Nokia) Hidden
Microsoft_VC100_CRT_SP1_x86 (x32 Version: 10.0.40219.1 - Nokia) Hidden
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.3.188.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.3.188.0 - Microsoft Corporation) Hidden
Moorhuhn Remake (HKLM-x32\...\{52210D57-0B1F-4681-90DD-8659DF4BCC40}) (Version: 1.00.0000 - )
Moorhuhn Total 4 (HKLM-x32\...\{227B798F-4300-4727-A3F1-2B8F2727BE06}) (Version: 1.00.0000 - )
MouseServer Version 1.2.0 (HKLM-x32\...\{E13018F5-FFC7-4729-9C1B-1A85807D03E6}_is1) (Version: 1.2.0 - Necta Co.)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 25.0 - Mozilla)
Mozilla Thunderbird 17.0.8 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.8 (x86 de)) (Version: 17.0.8 - Mozilla)
MSVC80_x64_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC80_x86_v2 (x32 Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden
MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MyBestOffersToday 014.111 (HKLM-x32\...\mbot_de_111_is1) (Version: - MYBESTOFFERSTODAY) <==== ATTENTION
MyPC Backup (HKLM\...\MyPC Backup) (Version: - JDi Backup Ltd) <==== ATTENTION
MySafeProxy for Internet Explorer (HKLM-x32\...\{2535ED3F-5ADD-4A65-B07F-82F04C7358E7}) (Version: 1.0.6 - XTRM Group Ltd.)
Need for Speed™ Most Wanted (HKLM-x32\...\{FB0127F3-985B-44CE-AE29-378CAF60B361}) (Version: 1.5.0.0 - Electronic Arts)
Need for Speed™ Undercover (HKLM-x32\...\{E6D22FE1-AB5F-42CA-9480-6F70B96DDD88}) (Version: 1.0.1.0 - Electronic Arts)
Need For Speed™ World (HKLM-x32\...\{3AF1B16A-7DC9-4C80-BAEC-70B088A7C5B8}) (Version: 1.0.0.0 - Electronic Arts)
Nokia Connectivity Cable Driver (HKLM-x32\...\{29373274-977E-413C-A4DE-DC0F8E80C429}) (Version: 7.1.172.0 - Nokia)
Nokia Suite (HKLM-x32\...\Nokia Suite) (Version: 3.8.48.0 - Nokia)
Nokia Suite (x32 Version: 3.8.48.0 - Nokia) Hidden
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.4.2 - Notepad++ Team)
n-tv plus (HKLM-x32\...\{FC1B9FBC-5550-433F-AFEC-2EC930C14EBB}) (Version: 7.4.3.0 - n-tv Nachrichtenfernsehen GmbH)
NVIDIA 3D Vision Controller-Treiber 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
OffersWizard Network System Driver (HKLM-x32\...\inethnfd) (Version: 1.0.0.3001 - ) <==== ATTENTION
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4649.1003 - Microsoft Corporation) Hidden
Online Safety 2.83.1346.10 (x32 Version: 2.83.1346.10 - F-Secure Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice 4.1.0 (HKLM-x32\...\{E19483E2-6C18-494D-A307-D4498BCFD2C7}) (Version: 4.10.9764 - Apache Software Foundation)
OpenSource Flash Video Splitter 1.0.0.5 (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: 1.0.0.5 - )
OpenTTD 1.4.2 (HKLM-x32\...\OpenTTD) (Version: 1.4.2 - OpenTTD)
Opera Stable 24.0.1558.64 (HKLM-x32\...\Opera 24.0.1558.64) (Version: 24.0.1558.64 - Opera Software ASA)
Origin (HKLM-x32\...\Origin) (Version: 9.3.11.2762 - Electronic Arts, Inc.)
PC Connectivity Solution (HKLM-x32\...\{6D01D1B1-17BD-4F10-BB11-F08F0C47D42B}) (Version: 12.0.109.0 - Nokia)
PDF-Viewer (HKLM\...\{A278382D-4F1B-4D47-9885-8523F7261E8D}_is1) (Version: 2.5.208.0 - Tracker Software Products Ltd)
Pflanzen gegen Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Effects Studio 3.15 (HKLM-x32\...\{A97C9A80-DD35-48DF-8D57-308B2DE116E2}_is1) (Version: - AMS Software)
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Plus-HD-2.6 (HKLM-x32\...\Plus-HD-2.6) (Version: 1.28.153.1 - Plus HD) <==== ATTENTION
Poczta usługi Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Prince of Persia The Sands of Time (HKLM-x32\...\{8C453F13-6877-4D34-8816-009ABDE306DB}) (Version: 1.00.181 - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\QuickTime) (Version: - )
Raccolta foto (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Rapture3D 2.4.9 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
RegistryBooster (HKLM-x32\...\{E55B3271-7CA8-4D0C-AE06-69A24856E997}_is1) (Version: 6.1.2.1 - Uniblue Systems Limited)
Roll (HKLM-x32\...\RollerCoaster Tycoon Setup) (Version: - )
RollerCoaster Tycoon 3 (HKLM-x32\...\{907B4640-266B-4A21-92FB-CD1A86CD0F63}) (Version: 1.00.000 - )
Schatzjäger 3 (HKLM-x32\...\{CDABABCC-3341-444A-A0A9-9F0F9890C75F}) (Version: 1.00.0000 - )
Scratch (HKLM-x32\...\Scratch) (Version: 1.4.0.0 - MIT Media Lab Lifelong Kindergarten Group)
Search Assistant WebSearch 1.74 (HKLM-x32\...\SP_4e24eecb) (Version: - ) <==== ATTENTION
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.16.20.149 - Client Connect LTD) <==== ATTENTION
SearchCore for Browsers (HKLM-x32\...\SearchCore for Browsers) (Version: 3.0.0.115676 - Bandoo Media Inc) <==== ATTENTION
SecondLifeViewer (remove only) (HKLM-x32\...\SecondLifeViewer) (Version: - )
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Sierra Utilities (HKLM-x32\...\Sierra Utilities) (Version: - )
SimCity 3000 (HKLM-x32\...\SimCity 3000) (Version: - )
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Softonic toolbar on IE and Chrome (HKLM-x32\...\Softonic) (Version: 1.8.16.10 - Softonic) <==== ATTENTION
SoftwareUpdater (HKLM-x32\...\SoftwareUpdater) (Version: - )
Spelling Dictionaries Support For Adobe Reader X (HKLM-x32\...\{AC76BA86-7AD7-5464-3428-A00000000004}) (Version: 10.0.0 - Adobe Systems Incorporated)
Spelunky HD 1.0 (HKLM-x32\...\Spelunky HD 1.0) (Version: 1.0 - Cat-A-Cat)
SPORE™ (HKLM-x32\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1026 - SUPERAntiSpyware.com)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Terraria (HKLM-x32\...\Steam App 105600) (Version: - Re-Logic)
Thrustmaster Force Feedback Driver (HKLM-x32\...\{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}) (Version: 1.FFD.2009 - Thrustmaster)
Tivola Maus 3 (HKLM-x32\...\Tivola Maus 3) (Version: - )
Trials Fusion (HKLM-x32\...\Uplay Install 297) (Version: - Ubisoft)
Tropix Deluxe (remove only) (HKLM-x32\...\Tropix Deluxe) (Version: - )
TuneUp Utilities Language Pack (de-DE) (x32 Version: 13.0.3000.132 - TuneUp Software) Hidden
TV Wizard (HKLM-x32\...\TVWizard) (Version: 2.7.39 - Small Island Development) <==== ATTENTION
Ulead VideoStudio 11 (HKLM-x32\...\InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}) (Version: 11.0.0.0000 - InterVideo Digital Technology Corporation)
Uncompressor Packages (HKCU\...\Uncompressor Packages) (Version: - ) <==== ATTENTION
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for Codec Pack (HKCU\...\DigitalSite) (Version: - ) <==== ATTENTION
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Excel 2010 (KB2889836) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9179FC17-97A8-4D98-9E09-05720AF5D44E}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version: - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)
VideoPlayer v2.0.6 (HKLM-x32\...\VideoPlayer) (Version: v2.0.6 - TUGUU SL) <==== ATTENTION
VideoStudio (x32 Version: 11.0.0.0000 - InterVideo Digital Technology Corporation) Hidden
Virtual Router v0.9 Beta (HKLM-x32\...\{8DB05F7E-1F7A-4CC0-882F-375B97F04CD4}) (Version: 0.9.0 - Chris Pietschmann)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WAS IST WAS - Das Wissens-Quiz (HKLM-x32\...\WAS IST WAS - Das Wissens-Quiz) (Version: - )
WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
WATCH_DOGS Hotfix (HKLM-x32\...\V0FUQ0hfRE9HUw==_is1) (Version: 1 - )
Web Assistant 2.0.0.604 (HKLM\...\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1) (Version: 2.0.0.604 - IncrediBar) <==== ATTENTION
Web Protect for Windows (HKLM-x32\...\wp-dcollect-tgu) (Version: 10.0.0 - PC Publishing) <==== ATTENTION
WEB.DE MailCheck für Mozilla Firefox (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar FF) (Version: 2.1.4.1420 - 1&1 Mail & Media GmbH)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Temel Parçalar (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Media Center Add-in for Silverlight (HKLM-x32\...\{0EDBEB2B-7C8D-42E6-8312-0F84394A3223}) (Version: 4.7.3.0 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Product Key Finder Pro® 2.3 (HKLM-x32\...\Windows Product Key Finder Pro®_is1) (Version: - )
Windows Searchqu Toolbar (HKLM-x32\...\Searchqu 417 MediaBar) (Version: 3.0.0.115676 - Bandoo Media Inc) <==== ATTENTION
Windows-Treiberpaket - Nokia pccsmcfd LegacyDriver (05/31/2012 7.1.2.0) (HKLM\...\62BBD193ADFDBB228C7E1ADB56463F5732FF7F6F) (Version: 05/31/2012 7.1.2.0 - Nokia)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Wondershare MobileGo for Android ( Version 4.4.0 ) (HKLM-x32\...\{1E04C795-7359-4E05-8A0E-5644F777AA08}_is1) (Version: 4.4.0 - Wondershare)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
Yontoo 1.10.03 (HKLM-x32\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.03 - Yontoo LLC) <==== ATTENTION
ZDFmediathek Version 2.1.6 (HKLM\...\ZDFmediathek_is1) (Version: - ZDF)
Συλλογή φωτογραφιών (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3934173735-3769707255-3857861622-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3934173735-3769707255-3857861622-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3934173735-3769707255-3857861622-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3934173735-3769707255-3857861622-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3934173735-3769707255-3857861622-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Pascal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3934173735-3769707255-3857861622-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3934173735-3769707255-3857861622-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Pascal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3934173735-3769707255-3857861622-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)
CustomCLSID: HKU\S-1-5-21-3934173735-3769707255-3857861622-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Pascal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3934173735-3769707255-3857861622-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Pascal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
24-09-2014 18:16:02 Windows Update
30-09-2014 12:44:23 Windows Update
01-10-2014 19:15:25 Windows Update
02-10-2014 17:51:49 DirectX wurde installiert
04-10-2014 04:54:03 DirectX wurde installiert
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0404C01A-11DE-4222-8F3B-2763CD869A63} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {05786AC0-114D-44F0-8E2C-62F31090FDD2} - System32\Tasks\Software Updater => C:\Program Files (x86)\SelfUpdater\SoftwareUpdater.Bootstrapper.exe
Task: {1342FA41-A9F0-40E0-93EC-C39A906CBCC4} - System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-11 => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-11.exe
Task: {2C2A736D-44FE-4715-BABF-F8AFDD84F2CA} - System32\Tasks\Plus-HD-2.6-chromeinstaller => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-chromeinstaller.exe
Task: {2EBDB300-9426-4366-8158-CDF989D41923} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-03] (Google Inc.)
Task: {31984779-AAE2-499E-ADF1-61CC2C5DDB3F} - System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-5 => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-5.exe [2014-10-01] (HQCinemaV01.10)
Task: {3AC3580C-B73B-4968-AB31-F17B84D1A5B9} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {3E7402E9-EE80-4B26-A9A1-585817228AD4} - System32\Tasks\{78820E6C-3A90-41A3-A2BE-50AE404C44A4} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-07-24] (Skype Technologies S.A.)
Task: {41374B15-E0FE-4410-B550-F34E7F170322} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-23] (Microsoft Corporation)
Task: {417285EF-F22E-4514-9A50-DC45D1D23EBD} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe [2014-09-10] (MyPCBackup.com) <==== ATTENTION
Task: {43CF7539-AD05-4BB5-9FA8-DCD3F52B7F09} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe [2014-09-10] (MyPC Backup) <==== ATTENTION
Task: {43DCE29F-4DEC-4759-B40B-3C46355679D8} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-08-23] (Microsoft Corporation)
Task: {4B110536-0164-41A2-B705-F552EA88B8B5} - System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-1 => C:\Program Files (x86)\HD-Quality-v3V30.09\HD-Quality-v3V30.09-codedownloader.exe [2014-10-01] (HD-Quality-v3V30.09)
Task: {5502C6AD-7B71-443A-B898-491AB7581E5F} - System32\Tasks\RegistryBooster Maintenance => C:\Program Files (x86)\Uniblue\RegistryBooster\registrybooster.exe [2013-11-11] (Uniblue Systems Limited)
Task: {589524FE-8CB9-408E-83E0-7C5C3961EE5E} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-10-01] (globalUpdate) <==== ATTENTION
Task: {5F0A8EFA-4B49-4EBB-B69C-BCF3357C0855} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe
Task: {69FBF8DE-7E14-4E49-A7A5-D35AA363428A} - System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-5 => C:\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-5.exe [2014-10-01] (HD-Quality-v3V30.09)
Task: {7693F95F-CA03-45DD-9861-0AF83B80D458} - System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-2 => C:\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-2.exe [2014-10-01] (HD-Quality-v3V30.09)
Task: {76FD3B02-58C4-43E6-81D9-F64678074602} - System32\Tasks\Plus-HD-2.6-firefoxinstaller => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-firefoxinstaller.exe
Task: {7DD1EE1A-5832-47ED-912C-40A0EBDB616C} - System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-7 => C:\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-7.exe [2014-10-01] (HD-Quality-v3V30.09)
Task: {87428237-7453-4673-AC20-9575E76BC132} - System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-5_user => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-5.exe [2014-10-01] (HQCinemaV01.10)
Task: {87C30292-5223-4AF9-8406-57DBCF0A6243} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2014-03-19] (Microsoft Corporation)
Task: {88D300BA-5CC7-4F8B-95C2-C4661AF5C9BD} - System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-2 => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-2.exe [2014-10-01] (HQCinemaV01.10)
Task: {94DA8EDD-67C4-457E-A9F1-0CC29BDD9DD8} - System32\Tasks\Digital Sites => C:\Users\Pascal\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {962F376C-0C9F-4070-880B-CE56C2E02DBC} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-10-01] (globalUpdate) <==== ATTENTION
Task: {97E7FCF4-E158-4591-A738-DCCD9C33ED59} - System32\Tasks\Plus-HD-2.6-codedownloader => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-codedownloader.exe
Task: {9BAEE684-837B-4429-AD18-FAD1972757F6} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SelfUpdater\SoftwareUpdater.Ui.exe
Task: {A1F715B3-43C0-4565-A823-6E2565F6EF7A} - System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-6 => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-6.exe [2014-10-01] (HQCinemaV01.10)
Task: {A2E221B2-A913-43AE-BAE8-200AFC57BD66} - System32\Tasks\Opera scheduled Autoupdate 1389385127 => C:\Program Files (x86)\Opera\launcher.exe [2014-09-25] (Opera Software)
Task: {A3B4B872-4216-4912-A1D4-E6E03B8F3286} - System32\Tasks\DigitalSite => C:\Users\Pascal\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {A94D95F8-F16C-4D21-BEDA-D1E7AE38C161} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25] (Oracle Corporation)
Task: {AD0E039C-AEBF-497B-9438-5F432CFA6274} - System32\Tasks\Plus-HD-2.6-enabler => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-enabler.exe
Task: {ADD32BCA-85B6-4FFD-B4F3-1EDB629AFCC5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-03] (Google Inc.)
Task: {B1ECC03B-359D-451B-B6E2-0BC374B67181} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-02-20] (Piriform Ltd)
Task: {BFBC6E98-AFD7-4B4F-AF7E-76278BF8504A} - System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-3 => C:\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-3.exe
Task: {BFFD6786-9C3E-4833-A179-6BEDB7433276} - System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-6 => C:\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-6.exe [2014-10-01] (HD-Quality-v3V30.09)
Task: {C4496CAE-63F0-447C-B3F7-861465191B80} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {C700E5A5-2379-4A6E-B8B8-65F116341A18} - System32\Tasks\EPUpdater => C:\Users\Pascal\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-08-04] () <==== ATTENTION
Task: {C9DDF911-A07A-444E-9F0C-861CD54BC1D9} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe [2013-04-19] (hxxp://www.goforfiles.com/) <==== ATTENTION
Task: {D046C31F-A232-442A-B5D6-B63FF3F224F2} - System32\Tasks\Scheduled scanning task => C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\fsav.exe [2013-08-14] (F-Secure Corporation)
Task: {D1A89B92-A5AB-4362-845F-92A4E0469735} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-12] (Microsoft Corporation)
Task: {D55979DC-62C8-4519-9B73-A2F0E551BBEA} - System32\Tasks\1242f82e-6c0d-47d3-a2c9-9feb3999108a => C:\Program Files (x86)\HQCinema1.9V01.10\1242f82e-6c0d-47d3-a2c9-9feb3999108a.exe [2014-10-01] (HQCinemaV01.10)
Task: {D5D5BBDE-5701-43E1-BDC8-9126524D8334} - System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-3 => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-3.exe
Task: {D786D54F-71D1-4639-B2FA-DD700043E4CF} - \DealPlyUpdate No Task File <==== ATTENTION
Task: {DB22AB67-10C2-439C-A978-72E1D4678E6F} - System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-7 => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-7.exe [2014-10-01] (HQCinemaV01.10)
Task: {E35AF2E9-1DBB-4BC5-858F-B603852AE2E2} - System32\Tasks\Funmoods => C:\Users\Pascal\AppData\Roaming\Funmoods\UpdateProc\UpdateTask.exe <==== ATTENTION
Task: {E9915F7A-21B4-4CBB-8C6B-92DCDDFE07C6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {ED4B16E7-A5F7-4100-8F5F-729B6156C3F6} - System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-1 => C:\Program Files (x86)\HQCinema1.9V01.10\HQCinema1.9V01.10-codedownloader.exe [2014-10-01] (HQCinemaV01.10)
Task: {EDDA7E8E-146D-4A08-97A1-0C444A89EB2D} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2014-03-19] (Microsoft Corporation)
Task: {EE1AF0CA-E770-4B64-A7E4-D65B84DE28E0} - System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-4 => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-4.exe
Task: {F17B35A7-386A-4B14-BBAD-FDB0F134DDA1} - System32\Tasks\c6ac72ed-56b8-40ca-9074-9efe04ef1716 => C:\Program Files (x86)\HD-Quality-v3V30.09\c6ac72ed-56b8-40ca-9074-9efe04ef1716.exe [2014-10-01] (HD-Quality-v3V30.09)
Task: {F1F485A8-D28B-43EA-9917-536630CCBA01} - System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-11 => C:\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-11.exe
Task: {F49FBE32-7014-40F0-9556-141FD559D261} - System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-4 => C:\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-4.exe [2014-10-01] (HD-Quality-v3V30.09)
Task: {F4DCFBA9-B4AB-407D-9B56-FF7265A34598} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2014-03-19] (Microsoft)
Task: C:\Windows\Tasks\1242f82e-6c0d-47d3-a2c9-9feb3999108a.job => C:\Program Files (x86)\HQCinema1.9V01.10\1242f82e-6c0d-47d3-a2c9-9feb3999108a.exe
Task: C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-1.job => C:\Program Files (x86)\HD-Quality-v3V30.09\HD-Quality-v3V30.09-codedownloader.exe
Task: C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-11.job => C:\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-11.exe
Task: C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-2.job => C:\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-2.exe
Task: C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-3.job => C:\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-3.exe
Task: C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-4.job => C:\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-4.exe
Task: C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-5.job => C:\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-5.exe
Task: C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-5_user.job => C:\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-5.exe
Task: C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-6.job => C:\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-6.exe
Task: C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-7.job => C:\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-7.exe
Task: C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-1.job => C:\Program Files (x86)\HQCinema1.9V01.10\HQCinema1.9V01.10-codedownloader.exe
Task: C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-11.job => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-11.exe
Task: C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-2.job => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-2.exe
Task: C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-3.job => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-3.exe
Task: C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-4.job => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-4.exe
Task: C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-5.job => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-5.exe
Task: C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-5_user.job => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-5.exe
Task: C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-6.job => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-6.exe
Task: C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-7.job => C:\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-7.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\c6ac72ed-56b8-40ca-9074-9efe04ef1716.job => C:\Program Files (x86)\HD-Quality-v3V30.09\c6ac72ed-56b8-40ca-9074-9efe04ef1716.exe
Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\Pascal\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe <==== ATTENTION
Task: C:\Windows\Tasks\DigitalSite.job => C:\Users\Pascal\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Plus-HD-2.6-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.6-codedownloader.job => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.6-enabler.job => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Plus-HD-2.6-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegistryBooster Maintenance.job => C:\Program Files (x86)\Uniblue\RegistryBooster\registrybooster.exe
Task: C:\Windows\Tasks\Scheduled scanning task.job => C:\PROGRA~2\Kabel BW\apps\ComputerSecurity\Anti-Virus\fsav.exe
Task: C:\Windows\Tasks\SUU.job => C:\Users\Pascal\AppData\Roaming\SUU.exe
==================== Loaded Modules (whitelisted) =============
2012-01-24 01:22 - 2014-07-02 20:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-11 04:21 - 2014-02-11 04:21 - 00644464 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-02 16:42 - 2010-01-02 16:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-03-19 14:38 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-12-15 14:58 - 2014-09-17 14:31 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-09-02 21:55 - 2014-09-02 21:55 - 00487483 _____ () C:\monitor.exe
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:373E1720
AlternateDataStreams: C:\ProgramData\Temp:D1B5B4F1
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MyOSProtect => ""="service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: bonanzadealslivem => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LMIGuardianSvc => 2
MSCONFIG\Services: PSI_SVC_2 => 2
MSCONFIG\Services: SafetyNutManager => 2
MSCONFIG\Services: ServiceLayer => 3
MSCONFIG\Services: SrvUpdater => 2
MSCONFIG\Services: TeamViewer8 => 2
MSCONFIG\Services: WajamUpdater => 2
MSCONFIG\Services: Web Assistant Updater => 2
MSCONFIG\Services: WebClient => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^MobileGo Service.lnk => C:\Windows\pss\MobileGo Service.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Virtual Router Manager.lnk => C:\Windows\pss\Virtual Router Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Pascal^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^DesktopWeatherAlerts.lnk => C:\Windows\pss\DesktopWeatherAlerts.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Pascal^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MyPC Backup.lnk => C:\Windows\pss\MyPC Backup.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Pascal^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk => C:\Windows\pss\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Pascal^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Ubisoft register.lnk => C:\Windows\pss\Ubisoft register.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Pascal^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Weather Alerts.lnk => C:\Windows\pss\Weather Alerts.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Creative Cloud => "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: ApnUpdater => "C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: BloatFish => C:\Program Files (x86)\Freetec\BloatFish\BloatFish.Ui.exe
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: Browser Infrastructure Helper => C:\Users\Pascal\AppData\Local\Smartbar\Application\QuickShare.exe startup
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: DataMgr => "C:\Users\Pascal\AppData\Roaming\DataMgr\DataMgr.exe"
MSCONFIG\startupreg: DATAMNGR => C:\PROGRA~2\SearchCore for Browsers\SearchCore for Browsers\datamngrUI.exe
MSCONFIG\startupreg: DriverTurbo => C:\Program Files (x86)\DriverTurbo\DriverTurbo.exe
MSCONFIG\startupreg: FLV Player => C:\Users\Pascal\AppData\Local\WebPlayer\FLV Player\WebPlayer.exe
MSCONFIG\startupreg: GoogleChromeAutoLaunch_1BB0B968DB2E1DD5640AAF2B69FD58ED => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: InetStat => C:\Users\Pascal\AppData\Roaming\InetStat\inetstat.exe
MSCONFIG\startupreg: Intermediate => "C:\Users\Pascal\AppData\Roaming\Intermediate\Intermediate.exe"
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: mbot_de_111 => "C:\Program Files (x86)\mbot_de_111\mbot_de_111.exe"
MSCONFIG\startupreg: mobilegeni daemon => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NokiaSuite.exe => C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray
MSCONFIG\startupreg: NTRedirect => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Pascal\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run
MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
MSCONFIG\startupreg: OMESupervisor => C:\Users\Pascal\AppData\Local\omesuperv.exe
MSCONFIG\startupreg: Optimizer Pro => C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
MSCONFIG\startupreg: PrivitizeVPN => C:\Program Files (x86)\PrivitizeVPN\PrivitizeVPN.exe /autorun
MSCONFIG\startupreg: RGSC => C:\Program Files (x86)\Rockstar Games\Rockstar Games Social Club\RGSCLauncher.exe /silent
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SCheck => "C:\Users\Pascal\AppData\Roaming\SCheck\SCheck.exe" check
MSCONFIG\startupreg: SDP => C:\Users\Pascal\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto
MSCONFIG\startupreg: SearchEngineProtection => C:\Program Files (x86)\GamesBar\update\SearchEngineProtection.exe
MSCONFIG\startupreg: SearchProtectAll => C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
MSCONFIG\startupreg: SiteRanker => "C:\Program Files (x86)\SiteRanker\SiteRankTray.exe"
MSCONFIG\startupreg: Smart File Advisor => "C:\Program Files (x86)\Smart File Advisor\sfa.exe" /checkassoc
MSCONFIG\startupreg: Snoozer => "C:\Users\Pascal\AppData\Roaming\Snz\Snz.exe"
MSCONFIG\startupreg: SSync => "C:\Users\Pascal\AppData\Roaming\SSync\SSync.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: Wondershare Helper Compact => "C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
MSCONFIG\startupreg: Xvid => C:\Program Files (x86)\Xvid\CheckUpdate.exe
========================= Accounts: ==========================
Administrator (S-1-5-21-3934173735-3769707255-3857861622-500 - Administrator - Disabled)
Gast (S-1-5-21-3934173735-3769707255-3857861622-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-3934173735-3769707255-3857861622-1007 - Limited - Enabled)
Pascal (S-1-5-21-3934173735-3769707255-3857861622-1001 - Administrator - Enabled) => C:\Users\Pascal
Susu (S-1-5-21-3934173735-3769707255-3857861622-1010 - Limited - Enabled) => C:\Users\Susu
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: nethfdrv
Description: nethfdrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: nethfdrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/06/2014 01:48:31 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 3 2014-10-06 13:48:31+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\windows\mod_frst.exe
File hash: 4bb423ae4bf7b46ba1cd43c521cf9314c03cf8c4
Error: (10/06/2014 01:44:00 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 2 2014-10-06 13:44:00+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\program files (x86)\hd-quality-v3v30.09\56c2d237-88f9-437d-be8e-58367541cdc2-6.exe
File hash: ecc329d37f6197b2aa59a824c35b4dc2140fdc02
Error: (10/06/2014 01:43:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MySafeProxyMonitor.exe, Version: 1.0.10.0, Zeitstempel: 0x54296dcc
Name des fehlerhaften Moduls: MySafeProxyMonitor.exe, Version: 1.0.10.0, Zeitstempel: 0x54296dcc
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00050c50
ID des fehlerhaften Prozesses: 0xfe0
Startzeit der fehlerhaften Anwendung: 0xMySafeProxyMonitor.exe0
Pfad der fehlerhaften Anwendung: MySafeProxyMonitor.exe1
Pfad des fehlerhaften Moduls: MySafeProxyMonitor.exe2
Berichtskennung: MySafeProxyMonitor.exe3
Error: (10/06/2014 01:40:00 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 1 2014-10-06 13:40:00+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\program files (x86)\hqcinema1.9v01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-6.exe
File hash: a18c0c54cdd97a25d85c53ef1f55a7b039587779
Error: (10/06/2014 01:33:26 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (10/05/2014 07:44:00 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 32 2014-10-05 19:44:00+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\program files (x86)\hd-quality-v3v30.09\56c2d237-88f9-437d-be8e-58367541cdc2-6.exe
File hash: ecc329d37f6197b2aa59a824c35b4dc2140fdc02
Error: (10/05/2014 07:40:00 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 31 2014-10-05 19:40:00+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\program files (x86)\hqcinema1.9v01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-6.exe
File hash: a18c0c54cdd97a25d85c53ef1f55a7b039587779
Error: (10/05/2014 06:45:00 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 30 2014-10-05 18:45:00+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\program files (x86)\hd-quality-v3v30.09\56c2d237-88f9-437d-be8e-58367541cdc2-5.exe
File hash: 064fc06a2eefdc56bead8407259c52ef7081e72d
Error: (10/05/2014 06:44:00 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 29 2014-10-05 18:44:00+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\program files (x86)\hd-quality-v3v30.09\hd-quality-v3v30.09-codedownloader.exe
File hash: 9e52c47fc494aff0440088e483b18d7011fb946c
Error: (10/05/2014 06:44:00 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 28 2014-10-05 18:44:00+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\program files (x86)\hd-quality-v3v30.09\56c2d237-88f9-437d-be8e-58367541cdc2-4.exe
File hash: 93a8eaa8b380efdb76dcf80f24da42f8efaf94b4
System errors:
=============
Error: (10/06/2014 01:43:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "MySafeProxy Monitor" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 900000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/06/2014 01:38:37 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR7 gefunden.
Error: (10/06/2014 01:38:37 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR7 gefunden.
Error: (10/06/2014 01:38:36 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR7 gefunden.
Error: (10/06/2014 01:38:35 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk5\DR7 gefunden.
Error: (10/06/2014 01:33:48 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
nethfdrv
Error: (10/06/2014 01:33:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Protect Monitor" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (10/06/2014 01:33:25 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Protect Monitor erreicht.
Error: (10/06/2014 01:32:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Computer Backup (MyPC Backup)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
Error: (10/06/2014 01:32:58 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Computer Backup (MyPC Backup) erreicht.
Microsoft Office Sessions:
=========================
Error: (10/06/2014 01:48:31 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 3 2014-10-06 13:48:31+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\windows\mod_frst.exe
File hash: 4bb423ae4bf7b46ba1cd43c521cf9314c03cf8c4
Error: (10/06/2014 01:44:00 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 2 2014-10-06 13:44:00+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\program files (x86)\hd-quality-v3v30.09\56c2d237-88f9-437d-be8e-58367541cdc2-6.exe
File hash: ecc329d37f6197b2aa59a824c35b4dc2140fdc02
Error: (10/06/2014 01:43:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: MySafeProxyMonitor.exe1.0.10.054296dccMySafeProxyMonitor.exe1.0.10.054296dccc000000500050c50fe001cfe1595562fdd2C:\Program Files (x86)\XTRM Group\MySafeProxy\Bin\MySafeProxyMonitor.exeC:\Program Files (x86)\XTRM Group\MySafeProxy\Bin\MySafeProxyMonitor.exe03b8ea43-4d4e-11e4-a3ab-8c89a5a480ca
Error: (10/06/2014 01:40:00 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 1 2014-10-06 13:40:00+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\program files (x86)\hqcinema1.9v01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-6.exe
File hash: a18c0c54cdd97a25d85c53ef1f55a7b039587779
Error: (10/06/2014 01:33:26 PM) (Source: MemeoBackgroundService) (EventID: 0) (User: )
Description: Problem starting Memeo Background Service :Ausnahmefehler "System.Reflection.TargetInvocationException: Ein Aufrufziel hat einen Ausnahmefehler verursacht. ---> System.Security.Principal.IdentityNotMappedException: Manche oder alle Identitätsverweise konnten nicht übersetzt werden.
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel.StartListening(Object data)
bei System.Runtime.Remoting.Channels.Ipc.IpcServerChannel..ctor(IDictionary properties, IServerChannelSinkProvider sinkProvider, CommonSecurityDescriptor securityDescriptor)
bei System.Runtime.Remoting.Channels.Ipc.IpcChannel..ctor(IDictionary properties, IClientChannelSinkProvider clientSinkProvider, IServerChannelSinkProvider serverSinkProvider)
--- Ende der internen Ausnahmestapelüberwachung ---
bei System.RuntimeMethodHandle._InvokeConstructor(Object[] args, SignatureStruct& signature, IntPtr declaringType)
bei System.Reflection.RuntimeConstructorInfo.Invoke(BindingFlags invokeAttr, Binder binder, Object[] parameters, CultureInfo culture)
bei System.RuntimeType.CreateInstanceImpl(BindingFlags bindingAttr, Binder binder, Object[] args, CultureInfo culture, Object[] activationAttributes)
bei System.Runtime.Remoting.RemotingConfigHandler.CreateChannelFromConfigEntry(ChannelEntry entry)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureChannels(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)" bei der Remotekonfiguration. bei System.Runtime.Remoting.RemotingConfigHandler.ConfigureRemoting(RemotingXmlConfigFileData configData, Boolean ensureSecurity)
bei System.Runtime.Remoting.RemotingConfiguration.Configure(String filename, Boolean ensureSecurity)
bei RemoteServerService.MemeoBackgroundService.OnStart(String[] args)
Error: (10/05/2014 07:44:00 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 32 2014-10-05 19:44:00+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\program files (x86)\hd-quality-v3v30.09\56c2d237-88f9-437d-be8e-58367541cdc2-6.exe
File hash: ecc329d37f6197b2aa59a824c35b4dc2140fdc02
Error: (10/05/2014 07:40:00 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 31 2014-10-05 19:40:00+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\program files (x86)\hqcinema1.9v01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-6.exe
File hash: a18c0c54cdd97a25d85c53ef1f55a7b039587779
Error: (10/05/2014 06:45:00 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 30 2014-10-05 18:45:00+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\program files (x86)\hd-quality-v3v30.09\56c2d237-88f9-437d-be8e-58367541cdc2-5.exe
File hash: 064fc06a2eefdc56bead8407259c52ef7081e72d
Error: (10/05/2014 06:44:00 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 29 2014-10-05 18:44:00+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\program files (x86)\hd-quality-v3v30.09\hd-quality-v3v30.09-codedownloader.exe
File hash: 9e52c47fc494aff0440088e483b18d7011fb946c
Error: (10/05/2014 06:44:00 PM) (Source: FSecure-FSecure-F-Secure DeepGuard) (EventID: 103) (User: )
Description: 28 2014-10-05 18:44:00+02:00 PASCAL-PC SYSTEM F-Secure DeepGuard
Application was blocked. This was determined to be a high-risk application by system control heuristics.
Application path: \\?\c:\program files (x86)\hd-quality-v3v30.09\56c2d237-88f9-437d-be8e-58367541cdc2-4.exe
File hash: 93a8eaa8b380efdb76dcf80f24da42f8efaf94b4
CodeIntegrity Errors:
===================================
Date: 2014-01-24 18:15:38.748
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Pascal\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-01-24 18:15:38.694
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Users\Pascal\AppData\Local\Temp\EverestDriver.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-01-24 18:15:38.189
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-01-24 18:15:38.134
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Lavalys\EVEREST Home Edition\kerneld.amd64" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-25 09:57:59.870
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-25 09:57:59.824
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-24 16:18:50.356
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-24 16:18:50.309
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-24 06:30:21.449
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2013-11-24 06:30:21.402
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\fses.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Percentage of memory in use: 46%
Total physical RAM: 4077.64 MB
Available physical RAM: 2194.8 MB
Total Pagefile: 8153.46 MB
Available Pagefile: 5385.27 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (Boot) (Fixed) (Total:880.41 GB) (Free:537.12 GB) NTFS
Drive d: (Recover) (Fixed) (Total:50 GB) (Free:27.05 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 58F6BA5B)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=880.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=50 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1 GB) - (Type=12)
==================== End Of Log ============================
Das was ich vorhin gesendet habe ist die Addition |
|
14.10.2014, 15:44
| #4 |
| | So jetzt die frstFRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014
Ran by Pascal (administrator) on PASCAL-PC on 06-10-2014 13:46:29
Running from C:\Users\Pascal\Desktop
Loaded Profile: Pascal (Available profiles: Pascal & Susu & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(HQCinemaV01.10) C:\Program Files (x86)\HQCinema1.9V01.10\1242f82e-6c0d-47d3-a2c9-9feb3999108a.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(hxxp://www.goforfiles.com/) C:\Program Files (x86)\GoforFiles\GFFUpdater.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Flux Software LLC) C:\Users\Pascal\AppData\Local\FluxSoftware\Flux\flux.exe
(wifimouse@necta.us) C:\Program Files (x86)\MouseServer\MouseServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSM32.EXE
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\fshoster32.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(InterVideo Inc.) C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\CCF_Reputation\fsorsp.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\monitor.exe
(Chris Pietschmann (hxxp://pietschsoft.com)) C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Client Connect LTD) C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe
(Small Island Development) C:\ProgramData\HAunCmYKI\tCJlXj.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSMA32.EXE
(MyOSCompany) C:\Program Files (x86)\PCTRunner\MyOSProtect.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSHDLL64.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSM32.EXE [310208 2013-08-14] (F-Secure Corporation)
HKLM-x32\...\Run: [F-Secure Hoster (47731)] => C:\Program Files (x86)\Kabel BW\fshoster32.exe [191424 2013-05-15] (F-Secure Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-3934173735-3769707255-3857861622-1001\...\Run: [f.lux] => C:\Users\Pascal\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-3934173735-3769707255-3857861622-1001\...\Run: [] => [X]
HKU\S-1-5-21-3934173735-3769707255-3857861622-1001\...\Run: [MouseServer] => C:\Program Files (x86)\MouseServer\MouseServer.exe [122880 2012-03-21] (wifimouse@necta.us)
HKU\S-1-5-21-3934173735-3769707255-3857861622-1001\...\Policies\Explorer: [NoInstrumentation] 1
HKU\S-1-5-21-3934173735-3769707255-3857861622-1001\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-18\...\Run: [Exetender] => C:\Program Files (x86)\Free Ride Games\GPlayer.exe [4862384 2012-03-21] (Exent Technologies Ltd.)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.conduit.com/?gd=&ctid=CT3314932&octid=EB_ORIGINAL_CTID&ISID=MF70BB4B3-B174-4BAF-A6B9-7309BCFE9943&SearchSource=55&CUI=&UM=5&UP=SPFEAC19B6-4958-4E5B-8531-48F001259B10&SSPV=
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://aartemis.com/?type=hp&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.aartemis.com/web/?type=ds&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://aartemis.com/?type=hp&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://aartemis.com/?type=hp&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.aartemis.com/web/?type=ds&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
URLSearchHook: HKLM-x32 - Ashampoo DE Toolbar - {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://aartemis.com/?type=sc&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1Qzuzz0Czzzy0AyD0AyEzztD0C0AtA0C0CtDtN0D0Tzu0CtByEzztN1L2XzutBtFtCtFtCtFtAtCtB&cr=1824825983
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=20&systemid=2&apn_dtid=IME002&apn_ptnrs=AG2&o=APN10641&apn_uid=0193640988514575&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=484&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2417} URL = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=417&sr=0&q={searchTerms}
SearchScopes: HKLM - {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub12&ir=ironpub12&cd=2XzuyEtN2Y1L1Qzuzz0Czzzy0AyD0AyEzztD0C0AtA0C0CtDtN0D0Tzu0CtAyDyEtN1L2XzutBtFtBtFtCtFyEtDyB&cr=208974077
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.aartemis.com/web/?type=ds&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX&q={searchTerms}
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.aartemis.com/web/?type=ds&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX&q={searchTerms}
SearchScopes: HKLM-x32 - {3D5C0BD6-7735-62F6-6F8F-521BDAFB66B2} URL = hxxp://search.chatzum.com/?q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1Qzuzz0Czzzy0AyD0AyEzztD0C0AtA0C0CtDtN0D0Tzu0CtByEzztN1L2XzutBtFtCtFtCtFtAtCtB&cr=1824825983
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD22} URL = hxxp://dts.search-results.com/sr?src=ieb&gct=ds&appid=20&systemid=2&apn_dtid=IME002&apn_ptnrs=AG2&o=APN10641&apn_uid=0193640988514575&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=484&systemid=406&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2417} URL = hxxp://www.searchqu.com/web?src=ieb&appid=0&systemid=417&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 - {B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} URL = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=ironpub12&ir=ironpub12&cd=2XzuyEtN2Y1L1Qzuzz0Czzzy0AyD0AyEzztD0C0AtA0C0CtDtN0D0Tzu0CtAyDyEtN1L2XzutBtFtBtFtCtFyEtDyB&cr=208974077
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL =
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&ISID=M5EC8FA62-325C-43FC-A49B-88BDB1143B2B&SearchSource=58&CUI=&UM=6&UP=SPFEAC19B6-4958-4E5B-8531-48F001259B10&q={searchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&ISID=M5EC8FA62-325C-43FC-A49B-88BDB1143B2B&SearchSource=58&CUI=&UM=6&UP=SPFEAC19B6-4958-4E5B-8531-48F001259B10&q={searchTerms}&SSPV=
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Plus-HD-2.6 -> {11111111-1111-1111-1111-110311341140} -> C:\Program Files (x86)\Plus-HD-2.6\Plus-HD-2.6-bho64.dll (Plus HD)
BHO: HD-Quality-v3V30.09 -> {11111111-1111-1111-1111-110611171162} -> C:\Program Files (x86)\HD-Quality-v3V30.09\HD-Quality-v3V30.09-bho64.dll (HD-Quality-v3V30.09)
BHO: HQCinema1.9V01.10 -> {11111111-1111-1111-1111-110611381131} -> C:\Program Files (x86)\HQCinema1.9V01.10\HQCinema1.9V01.10-bho64.dll (HQCinemaV01.10)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Web Assistant -> {336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\Program Files\Web Assistant\Extension64.dll ()
BHO: MySafeProxy -> {51420F88-4D4A-4042-9509-8D4E1307910E} -> C:\Program Files (x86)\XTRM Group\MySafeProxy\Bin\MySafeProxy64.dll (XTRM Group Ltd.)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: DataMngr -> {9D717F81-9148-4f12-8568-69135F087DB0} -> C:\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\BrowserConnection.dll (Bandoo Media, inc)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: I Want This -> {11111111-1111-1111-1111-110011221158} -> No File
BHO-x32: Plus-HD-2.6 -> {11111111-1111-1111-1111-110311341140} -> No File
BHO-x32: HD-Quality-v3V30.09 -> {11111111-1111-1111-1111-110611171162} -> C:\Program Files (x86)\HD-Quality-v3V30.09\HD-Quality-v3V30.09-bho.dll (HD-Quality-v3V30.09)
BHO-x32: HQCinema1.9V01.10 -> {11111111-1111-1111-1111-110611381131} -> C:\Program Files (x86)\HQCinema1.9V01.10\HQCinema1.9V01.10-bho.dll (HQCinemaV01.10)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Web Assistant -> {336D0C35-8A85-403a-B9D2-65C292C39087} -> C:\Program Files\Web Assistant\Extension32.dll ()
BHO-x32: MySafeProxy -> {51420F88-4D4A-4042-9509-8D4E1307910E} -> C:\Program Files (x86)\XTRM Group\MySafeProxy\Bin\MySafeProxy32.dll (XTRM Group Ltd.)
BHO-x32: Ashampoo DE Toolbar -> {5786d022-540e-4699-b350-b4be0ae94b79} -> C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
BHO-x32: PlayBryte BHO -> {61e0ef7a-9bc0-45ea-9b2f-f3e9f02692bd} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: Incredibar.com Helper Object -> {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} -> C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll (Montera Technologeis LTD)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Funmoods Helper Object -> {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Searchqu Toolbar -> {99079a25-328f-4bd4-be04-00955acaa0a7} -> C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
BHO-x32: DataMngr -> {9D717F81-9148-4f12-8568-69135F087DB0} -> C:\Program Files (x86)\Searchqu Toolbar\Datamngr\BrowserConnection.dll (Bandoo Media, inc)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: BetterAds -> {BA56787C-729F-4715-8F11-EB2A16908B91} -> C:\Program Files (x86)\BetterAds\ScriptHost.dll ()
BHO-x32: delta Helper Object -> {C1AF5FA5-852C-4C90-812E-A7F75E011D87} -> No File
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: FreeWorkz Games -> {D1ECD019-8423-43de-98D1-7892AF2DA309} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Webexp Enhanced -> {dc26eb86-ac6f-4093-918d-3e36cd607f01} -> No File
BHO-x32: holasearch Helper Object -> {DFF9B2DA-EF99-4B26-83CB-7058299999D8} -> C:\Program Files (x86)\holasearch\holasearch\1.8.16.16\bh\holasearch.dll (holasearch.com)
BHO-x32: Softonic Helper Object -> {E87806B5-E908-45FD-AF5E-957D83E58E68} -> C:\Program Files (x86)\Softonic\Softonic\1.8.16.10\bh\Softonic.dll (Softonic.com)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - No Name - {28387537-e3f9-4ed7-860c-11e69af4a8a0} - No File
Toolbar: HKLM-x32 - Ashampoo DE Toolbar - {5786d022-540e-4699-b350-b4be0ae94b79} - C:\Program Files (x86)\Ashampoo_DE\prxtbAsha.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll (Montera Technologeis LTD)
Toolbar: HKLM-x32 - No Name - {b278d9f8-0fa9-465e-9938-0c392605d8e3} - No File
Toolbar: HKLM-x32 - No Name - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - No File
Toolbar: HKLM-x32 - No Name - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.8.16.10\SoftonicTlbr.dll (Softonic.com)
Toolbar: HKLM-x32 - Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\Program Files (x86)\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll ()
Toolbar: HKLM-x32 - Holasearch Toolbar - {C510DFFB-0AFE-484C-BA40-CED5B74C4EEF} - C:\Program Files (x86)\holasearch\holasearch\1.8.16.16\holasearchTlbr.dll (holasearch.com)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {5786D022-540E-4699-B350-B4BE0AE94B79} - No File
Toolbar: HKCU - No Name - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
DPF: HKLM-x32 {6A060448-60F9-11D5-A6CD-0002B31F7455}
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)
Winsock: Catalog9 02 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)
Winsock: Catalog9 03 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)
Winsock: Catalog9 04 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)
Winsock: Catalog9 15 C:\Windows\SysWOW64\MyOSProtect.dll [304776] (MyOSCompany)
Winsock: Catalog9-x64 01 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)
Winsock: Catalog9-x64 02 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)
Winsock: Catalog9-x64 03 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)
Winsock: Catalog9-x64 04 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)
Winsock: Catalog9-x64 15 C:\Windows\system32\MyOSProtect64.dll [350768] (MyOSCompany)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default
FF SearchEngineOrder.1: Delta Search
FF Homepage: hxxp://search.fbdownloader.com/?channel=sfde203fbdgy21
FF SelectedSearchEngine: FBDownloader Search
FF DefaultSearchEngine: FBDownloader Search
FF Keyword.URL: hxxp://search.fbdownloader.com/search.php?channel=sfde203fbdgy21&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @exent.com/npExentCtl,version=7.0.0.0 -> C:\Program Files (x86)\Free Ride Games\npExentCtl.dll (Exent Technologies Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Pascal\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF user.js: detected! => C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\user.js
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\fbdownloader_search.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\fileconverter-13-customized-web-search.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\freemake.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\google-chile.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\holasearch.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\search.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\SearchResults.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\softonic.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\WebSearch.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\SearchResults.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\SearchTheWeb.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Yahooober4451956.xml
FF Extension: HD-Quality-v3V30.09 - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com [2014-10-01]
FF Extension: HQCinema1.9V01.10 - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com [2014-10-01]
FF Extension: Feven 1.5 - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com [2013-11-21]
FF Extension: Plus-HD-2.6 - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com [2013-10-11]
FF Extension: Amazon-Icon - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\amazon-icon@giga.de [2014-01-20]
FF Extension: DoNotTrackMe - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\donottrackplus@abine.com [2013-07-14]
FF Extension: Delta Toolbar - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\ffxtlbr@delta.com [2013-03-26]
FF Extension: HolaSearch - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\ffxtlbr@holasearch.com [2013-08-30]
FF Extension: softonic.com - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\ffxtlbra@softonic.com [2013-03-28]
FF Extension: YouTube Unblocker - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\youtubeunblocker@unblocker.yt [2013-10-11]
FF Extension: FileConverter 1.3 - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{78e516ef-11de-47a1-8364-a99b917ec5ee} [2013-10-23]
FF Extension: Searchqu Toolbar - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{99079a25-328f-4bd4-be04-00955acaa0a7} [2013-06-06]
FF Extension: WOT - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-10-19]
FF Extension: uTorrentBar_DE - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2} [2013-09-16]
FF Extension: BetterAds - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\betterads@BetterAds.org.xpi [2013-06-08]
FF Extension: GoPhotoIt - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\gophoto@gophoto.it.xpi [2012-07-31]
FF Extension: Javascript View - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\jid1-u9RbFp9JcoEGGw@jetpack.xpi [2013-09-24]
FF Extension: JS Deminifier - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\jsdeminifier@murphy.ben.name.xpi [2013-09-24]
FF Extension: JavaScript Deobfuscator - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\jsdeobfuscator@adblockplus.org.xpi [2013-09-24]
FF Extension: Movie2kDownloader - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\movie2kdownloader@movie2kdownloader.com.xpi [2012-12-13]
FF Extension: OfferMosquito - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\om@offermosquito.com.xpi [2013-10-04]
FF Extension: Personas Plus - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\personas@christopher.beard.xpi [2013-02-19]
FF Extension: Cool Smiley Bar for Facebook - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\pluswinks@PlusWinks.xpi [2013-06-08]
FF Extension: ScrewAds Plus for YouTube - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\screwads@airtint.com.xpi [2013-02-19]
FF Extension: Feedback - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\testpilot@labs.mozilla.com.xpi [2013-03-30]
FF Extension: YesScript - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\yesscript@userstyles.org.xpi [2013-09-26]
FF Extension: Quick Translator - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2013-02-19]
FF Extension: Adblock Plus - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-08]
FF Extension: JavaScript Debugger - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi [2013-09-24]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com [2013-10-27]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@holasearch.com [2013-10-27]
FF Extension: Iminent WebBooster - C:\Program Files (x86)\Mozilla Firefox\extensions\webbooster@iminent.com [2013-10-27]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} [2013-10-27]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF Extension: Web Assistant - C:\Program Files\Web Assistant\Firefox [2012-09-04]
FF HKLM\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-01-13]
FF HKLM-x32\...\Firefox\Extensions: [speedanalysis@SpeedAnalysis.com] - C:\Users\Pascal\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com
FF Extension: SpeedAnalysis.com - C:\Users\Pascal\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com [2013-03-26]
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2013-04-02]
FF HKLM-x32\...\Firefox\Extensions: [{8E9E3331-D360-4f87-8803-52DE43566502}] - C:\Program Files\Web Assistant\Firefox
FF HKLM-x32\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files (x86)\BetterSurf\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@bettersurfplus.com] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha691.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha691\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaPlayerV1alpha418.net] - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha418\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaBuzzV1mode6846.net] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6846\ff
FF HKCU\...\Firefox\Extensions: [speedanalysis@SpeedAnalysis.com] - C:\Users\Pascal\AppData\Roaming\Mozilla\Extensions\speedanalysis@SpeedAnalysis.com
FF Extension: No Name - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [Not Found]
FF Extension: No Name - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\SeeSimilar@SeeSimilar.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha418\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6846\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [Not Found]
FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha691\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR DefaultSuggestURL: Default -> hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
CHR Profile: C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-03]
CHR Extension: (Google Drive) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-03]
CHR Extension: (TV) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-03-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (YouTube) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-03]
CHR Extension: (Google-Suche) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-03]
CHR Extension: (Short It!) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpfeggemggokijeahnacacopejaabljl [2014-03-03]
CHR Extension: (Battlefield Play4Free) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2014-03-03]
CHR Extension: (Google Mail) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-03]
CHR HKLM\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Pascal\AppData\Local\funmoods.crx [2012-09-04]
CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Pascal\AppData\Local\funmoods-speeddial_sf.crx [2012-12-19]
CHR HKLM\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-09-04]
CHR HKCU\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Pascal\AppData\Local\funmoods.crx [2012-09-04]
CHR HKCU\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Pascal\AppData\Local\funmoods-speeddial_sf.crx [2012-12-19]
CHR HKCU\...\Chrome\Extension: [engeblojhfeingnjnfpiceofljnjpldp] - C:\Users\Pascal\AppData\Local\CRE\engeblojhfeingnjnfpiceofljnjpldp.crx [2012-09-20]
CHR HKCU\...\Chrome\Extension: [fkjoiggkbepedjmjjbhhecjiimlckcga] - C:\Users\Pascal\AppData\Local\CRE\fkjoiggkbepedjmjjbhhecjiimlckcga.crx [2012-07-22]
CHR HKCU\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx [2012-10-21]
CHR HKCU\...\Chrome\Extension: [kfkcangbigakljkjeglcofaomihpejif] - C:\Users\Pascal\AppData\Local\CRE\kfkcangbigakljkjeglcofaomihpejif.crx [2012-12-26]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-01-13]
CHR HKCU\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - C:\Program Files (x86)\Amazon\ABB\AmazonChrome-bds-amzn.crx [2013-07-18]
CHR HKLM-x32\...\Chrome\Extension: [aocimlpakaebbmfhjgajelcdbejhgehe] - C:\Users\Pascal\AppData\LocalLow\Playbryte\Chrome.crx [2012-09-04]
CHR HKLM-x32\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Pascal\AppData\Local\funmoods.crx [2012-09-04]
CHR HKLM-x32\...\Chrome\Extension: [blaofbhgbmeikidhlkmjhbkbfohpgekf] - C:\Program Files (x86)\Movie2KDownloader.com\Movie2KDownloader10.crx [2012-12-13]
CHR HKLM-x32\...\Chrome\Extension: [cfcbmgbfdbijmjgjihagbomfbjfjmgon] - C:\Users\Pascal\AppData\Roaming\SpeedanAlysis\speedanalysis.crx [2013-02-14]
CHR HKLM-x32\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Pascal\AppData\Local\funmoods-speeddial_sf.crx [2012-12-19]
CHR HKLM-x32\...\Chrome\Extension: [dedmngkbaffkenlfdcbganndoghblmap] - C:\Program Files (x86)\BetterSurf\ch\Chrome.crx [2012-12-19]
CHR HKLM-x32\...\Chrome\Extension: [dlnembnfbcpjnepmfjmngjenhhajpdfd] - C:\Program Files\Web Assistant\source.crx [2012-09-04]
CHR HKLM-x32\...\Chrome\Extension: [elchiiiejkobdbblfejjkbphbddgmljf] - C:\Program Files (x86)\Softonic\Softonic\1.8.16.10\Softonic.crx [2013-03-03]
CHR HKLM-x32\...\Chrome\Extension: [engeblojhfeingnjnfpiceofljnjpldp] - C:\Users\Pascal\AppData\Local\CRE\engeblojhfeingnjnfpiceofljnjpldp.crx [2012-09-20]
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Pascal\AppData\Roaming\BabSolution\CR\delta1.crx [2013-04-16]
CHR HKLM-x32\...\Chrome\Extension: [fdloijijlkoblmigdofommgnheckmaki] - C:\Program Files (x86)\Funmoods\funmoods\1.5.11.16\funmoodsOEM.crx [2013-04-16]
CHR HKLM-x32\...\Chrome\Extension: [fkjoiggkbepedjmjjbhhecjiimlckcga] - C:\Users\Pascal\AppData\Local\CRE\fkjoiggkbepedjmjjbhhecjiimlckcga.crx [2012-07-22]
CHR HKLM-x32\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx [2012-10-21]
CHR HKLM-x32\...\Chrome\Extension: [gkipfehgopcajnafpdjajagbjllcobjj] - C:\ProgramData\Browse2save\gkipfehgopcajnafpdjajagbjllcobjj.crx [2012-10-21]
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx [2012-10-21]
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx [2013-04-02]
CHR HKLM-x32\...\Chrome\Extension: [jifflliplgeajjdhmkcfnngfpgbjonjg] - C:\Program Files (x86)\Perion\NewTab\newTab.crx [2012-09-04]
CHR HKLM-x32\...\Chrome\Extension: [jplinpmadfkdgipabgcdchbdikologlh] - C:\Program Files (x86)\1ClickDownload\1click12.crx [2012-09-04]
CHR HKLM-x32\...\Chrome\Extension: [kfkcangbigakljkjeglcofaomihpejif] - C:\Users\Pascal\AppData\Local\CRE\kfkcangbigakljkjeglcofaomihpejif.crx [2012-12-26]
CHR HKLM-x32\...\Chrome\Extension: [lemilgpbnfoecfjhpfchannnnkeefjmj] - C:\Users\Pascal\AppData\Local\CRE\lemilgpbnfoecfjhpfchannnnkeefjmj.crx [2012-12-26]
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Pascal\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2014-01-20]
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx [2014-01-20]
CHR HKLM-x32\...\Chrome\Extension: [mocblcnaofikinigmceddfghppkkjbog] - C:\Users\Pascal\AppData\Roaming\PlusWinks\pluswinks.crx [2013-03-20]
CHR HKLM-x32\...\Chrome\Extension: [mpihchkdinijmdhepcmpbgelkaaoiaek] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6846\ch\MediaBuzzV1mode6846.crx [2013-03-20]
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files (x86)\Yontoo\YontooLayers.crx [2013-03-20]
CHR HKLM-x32\...\Chrome\Extension: [ohpbokjkbkmdoidlodcdhdhhienlenkl] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha691\ch\WebexpEnhancedV1alpha691.crx [2013-03-20]
CHR HKLM-x32\...\Chrome\Extension: [pfmopbbadnfoelckkcmjjeaaegjpjjbk] - C:\Program Files (x86)\Gophoto.it\gophotoit14.crx [2012-07-31]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-11] (SUPERAntiSpyware.com)
S2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36936 2014-09-10] (Just Develop It) <==== ATTENTION
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-13] (BlueStack Systems, Inc.)
R2 Capture Device Service; C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2983896 2014-07-29] (Client Connect LTD)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-03-27] (Freemake) [File not signed]
R2 fshoster; C:\Program Files (x86)\Kabel BW\fshoster32.exe [191424 2013-05-15] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSMA32.EXE [216000 2013-08-14] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\Kabel BW\apps\CCF_Reputation\fsorsp.exe [61176 2012-08-06] (F-Secure Corporation)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-01] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-10-01] (globalUpdate) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R3 MyOSProtect; C:\Program Files (x86)\PCTRunner\MyOSProtect.exe [1317096 2014-09-01] (MyOSCompany) [File not signed]
S2 MySafeProxyMonitor; C:\Program Files (x86)\XTRM Group\MySafeProxy\Bin\MySafeProxyMonitor.exe [1311736 2014-10-01] (XTRM Group Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-09-17] ()
S2 ProtectMonitor; C:\monitorsvc.exe [34244 2014-09-02] () [File not signed] <==== ATTENTION
S4 SrvUpdater; C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe [31744 2013-04-12] () [File not signed]
R2 tCJlXj; C:\ProgramData\HAunCmYKI\tCJlXj.exe [2319728 2014-10-01] (Small Island Development)
R2 Virtual Router; C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe [12288 2009-11-18] (Chris Pietschmann (hxxp://pietschsoft.com)) [File not signed]
S4 Web Assistant Updater; C:\Program Files\Web Assistant\ExtensionUpdaterService.exe [188760 2013-06-30] () [File not signed]
S3 SystemExplorerHelpService; No ImagePath
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ALSysIO; No ImagePath
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-13] (BlueStack Systems)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-13] (Disc Soft Ltd)
S3 esgiguard; No ImagePath
R3 F-Secure Gatekeeper; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [203304 2014-06-09] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\HIPS\drivers\fshs.sys [69960 2014-06-23] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2013-11-25] ()
R3 fsni; C:\Program Files (x86)\Kabel BW\apps\CCF_Scanning\fsni64.sys [86056 2014-06-19] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13248 2013-08-14] ()
S3 IntcAzAudAddService; No ImagePath
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 WinRing0_1_2_0; No ImagePath
R2 X5XSEx; C:\Program Files (x86)\Free Ride Games\X5XSEx.Sys [55400 2010-11-22] (Exent Technologies Ltd.)
S3 xhunter1; No ImagePath
S1 nethfdrv; \??\C:\Windows\system32\drivers\nethfdrv.sys [X]
R3 SPPD; \??\C:\Windows\system32\drivers\SPPD.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-06 13:46 - 2014-10-06 13:47 - 00050543 _____ () C:\Users\Pascal\Desktop\FRST.txt
2014-10-06 13:39 - 2014-10-06 13:46 - 00000000 ____D () C:\FRST
2014-10-06 13:39 - 2014-10-06 13:31 - 02109952 _____ (Farbar) C:\Users\Pascal\Desktop\FRST64.exe
2014-10-04 11:58 - 2014-10-04 11:58 - 00000000 ___SD () C:\32788R22FWJFW
2014-10-04 11:58 - 2014-10-04 11:58 - 00000000 ____D () C:\Windows\erdnt
2014-10-04 11:58 - 2014-10-04 11:58 - 00000000 ____D () C:\Qoobox
2014-10-04 07:03 - 2014-10-04 07:03 - 00000000 ____D () C:\Users\Pascal\Documents\Criterion Games
2014-10-04 06:55 - 2014-10-04 06:55 - 00001331 _____ () C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
2014-10-04 06:55 - 2014-10-04 06:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed™ Most Wanted
2014-10-02 20:01 - 2014-10-02 20:01 - 00000000 ____D () C:\Users\Pascal\AppData\Local\PopCap Games
2014-10-01 21:15 - 2014-10-01 21:15 - 00000000 ____D () C:\NVIDIA Corporation
2014-10-01 19:54 - 2014-10-01 19:54 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat
2014-10-01 19:54 - 2014-10-01 19:54 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\InetStat
2014-10-01 19:54 - 2014-10-01 19:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat
2014-10-01 18:49 - 2014-10-01 18:49 - 00000000 ____D () C:\ProgramData\374311380
2014-10-01 18:45 - 2014-10-06 13:32 - 00002444 _____ () C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-5.job
2014-10-01 18:45 - 2014-10-01 18:45 - 00005474 _____ () C:\Windows\System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-5
2014-10-01 18:45 - 2014-10-01 18:45 - 00002444 _____ () C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-5_user.job
2014-10-01 18:44 - 2014-10-06 13:44 - 00003468 _____ () C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-6.job
2014-10-01 18:44 - 2014-10-06 13:32 - 00003812 _____ () C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-4.job
2014-10-01 18:44 - 2014-10-06 13:32 - 00003132 _____ () C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-7.job
2014-10-01 18:44 - 2014-10-06 13:32 - 00002780 _____ () C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-1.job
2014-10-01 18:44 - 2014-10-06 13:32 - 00002108 _____ () C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-2.job
2014-10-01 18:44 - 2014-10-06 13:32 - 00001440 _____ () C:\Windows\Tasks\c6ac72ed-56b8-40ca-9074-9efe04ef1716.job
2014-10-01 18:44 - 2014-10-01 18:45 - 00004470 _____ () C:\Windows\System32\Tasks\c6ac72ed-56b8-40ca-9074-9efe04ef1716
2014-10-01 18:44 - 2014-10-01 18:44 - 01522584 _____ (HD-Quality-v3V30.09) C:\Users\Pascal\AppData\Roaming\SUU.exe
2014-10-01 18:44 - 2014-10-01 18:44 - 00006842 _____ () C:\Windows\System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-4
2014-10-01 18:44 - 2014-10-01 18:44 - 00006496 _____ () C:\Windows\System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-6
2014-10-01 18:44 - 2014-10-01 18:44 - 00006162 _____ () C:\Windows\System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-7
2014-10-01 18:44 - 2014-10-01 18:44 - 00005810 _____ () C:\Windows\System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-1
2014-10-01 18:44 - 2014-10-01 18:44 - 00005138 _____ () C:\Windows\System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-2
2014-10-01 18:44 - 2014-10-01 18:44 - 00001336 _____ () C:\Windows\Tasks\SUU.job
2014-10-01 18:43 - 2014-10-06 13:32 - 00004494 _____ () C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-11.job
2014-10-01 18:43 - 2014-10-06 13:32 - 00003812 _____ () C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-3.job
2014-10-01 18:43 - 2014-10-01 18:45 - 00000000 ____D () C:\Program Files (x86)\HD-Quality-v3V30.09
2014-10-01 18:43 - 2014-10-01 18:44 - 00007524 _____ () C:\Windows\System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-11
2014-10-01 18:43 - 2014-10-01 18:43 - 00006842 _____ () C:\Windows\System32\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-3
2014-10-01 16:45 - 2014-10-01 16:45 - 00004400 _____ () C:\Windows\SysWOW64\MyOSProtect.ini
2014-10-01 16:45 - 2014-10-01 16:45 - 00002344 _____ () C:\Windows\SysWOW64\MyOSProtectOff.ini
2014-10-01 16:45 - 2014-10-01 16:45 - 00002344 _____ () C:\Windows\system32\MyOSProtectOff.ini
2014-10-01 16:44 - 2014-10-01 16:44 - 00000000 ____D () C:\Users\Pascal\AppData\Local\com
2014-10-01 16:44 - 2014-09-01 20:28 - 00350768 _____ (MyOSCompany) C:\Windows\system32\MyOSProtect64.dll
2014-10-01 16:44 - 2014-09-01 20:28 - 00304776 _____ (MyOSCompany) C:\Windows\SysWOW64\MyOSProtect.dll
2014-10-01 16:43 - 2014-10-06 13:32 - 00002440 _____ () C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-5_user.job
2014-10-01 16:43 - 2014-10-06 13:32 - 00002440 _____ () C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-5.job
2014-10-01 16:43 - 2014-10-01 16:44 - 02269863 _____ () C:\Users\Pascal\Downloads\forge-1.6.4-9.11.1.965-installer (2).jar
2014-10-01 16:43 - 2014-10-01 16:43 - 00005470 _____ () C:\Windows\System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-5
2014-10-01 16:43 - 2014-10-01 16:43 - 00004462 _____ () C:\Windows\System32\Tasks\1242f82e-6c0d-47d3-a2c9-9feb3999108a
2014-10-01 16:43 - 2014-10-01 16:43 - 00000000 ____D () C:\Windows\Sun
2014-10-01 16:42 - 2014-10-06 13:32 - 00003452 _____ () C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-1.job
2014-10-01 16:42 - 2014-10-06 13:32 - 00002104 _____ () C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-2.job
2014-10-01 16:42 - 2014-10-06 13:32 - 00001432 _____ () C:\Windows\Tasks\1242f82e-6c0d-47d3-a2c9-9feb3999108a.job
2014-10-01 16:42 - 2014-10-01 16:42 - 00006482 _____ () C:\Windows\System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-1
2014-10-01 16:42 - 2014-10-01 16:42 - 00005134 _____ () C:\Windows\System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-2
2014-10-01 16:41 - 2014-10-06 13:32 - 00004488 _____ () C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-4.job
2014-10-01 16:41 - 2014-10-01 16:41 - 00007518 _____ () C:\Windows\System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-4
2014-10-01 16:40 - 2014-10-06 13:40 - 00004152 _____ () C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-6.job
2014-10-01 16:40 - 2014-10-06 13:32 - 00003808 _____ () C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-7.job
2014-10-01 16:40 - 2014-10-01 16:40 - 00007180 _____ () C:\Windows\System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-6
2014-10-01 16:40 - 2014-10-01 16:40 - 00006838 _____ () C:\Windows\System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-7
2014-10-01 16:39 - 2014-10-01 18:43 - 00003986 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2014-10-01 16:39 - 2014-10-01 16:41 - 00000000 ____D () C:\Users\Pascal\AppData\Local\TVWizard
2014-10-01 16:39 - 2014-10-01 16:39 - 00004030 _____ () C:\Windows\System32\Tasks\LaunchSignup
2014-10-01 16:38 - 2014-10-06 13:32 - 00005178 _____ () C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-11.job
2014-10-01 16:38 - 2014-10-06 13:32 - 00000984 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-10-01 16:38 - 2014-10-05 18:48 - 00000988 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-10-01 16:38 - 2014-10-01 19:54 - 00000000 ___HD () C:\Users\Public\Temp
2014-10-01 16:38 - 2014-10-01 18:43 - 00003732 _____ () C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2014-10-01 16:38 - 2014-10-01 16:39 - 00008208 _____ () C:\Windows\System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-11
2014-10-01 16:38 - 2014-10-01 16:38 - 00006838 _____ () C:\Windows\System32\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-3
2014-10-01 16:38 - 2014-10-01 16:38 - 00000000 ____D () C:\ProgramData\HAunCmYKI
2014-10-01 16:37 - 2014-10-06 13:32 - 00003808 _____ () C:\Windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-3.job
2014-10-01 16:37 - 2014-10-01 16:43 - 00000000 ____D () C:\Program Files (x86)\HQCinema1.9V01.10
2014-10-01 16:37 - 2014-10-01 16:37 - 00000000 ____D () C:\Users\Pascal\AppData\Local\globalUpdate
2014-10-01 16:37 - 2014-10-01 16:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MYBESTOFFERSTODAY
2014-10-01 16:37 - 2014-10-01 16:37 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-10-01 16:36 - 2014-10-03 15:11 - 00000000 ____D () C:\Users\Pascal\AppData\Local\mbot_de_111
2014-10-01 16:36 - 2014-10-01 16:46 - 00000000 ____D () C:\Program Files (x86)\PepperZip
2014-10-01 16:36 - 2014-10-01 16:38 - 00000000 ____D () C:\ProgramData\TVWizard
2014-10-01 16:36 - 2014-10-01 16:37 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-10-01 16:36 - 2014-10-01 16:37 - 00000000 ____D () C:\Program Files (x86)\mbot_de_111
2014-10-01 16:36 - 2014-10-01 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
2014-10-01 16:36 - 2014-10-01 16:36 - 00000000 ____D () C:\Program Files (x86)\XTRM Group
2014-10-01 16:35 - 2014-10-04 15:08 - 00000000 ____D () C:\Program Files (x86)\ver4NewPlayer
2014-10-01 16:35 - 2014-10-01 16:45 - 00000000 ____D () C:\Program Files (x86)\PCTRunner
2014-10-01 16:33 - 2014-10-01 16:33 - 02269863 _____ () C:\Users\Pascal\Downloads\forge-1.6.4-9.11.1.965-installer (1).jar
2014-10-01 16:23 - 2014-10-01 16:23 - 14338316 _____ () C:\Users\Pascal\Downloads\BetterDungeons1-6-4_2091.zip
2014-10-01 13:37 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 13:37 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-27 19:26 - 2014-09-27 19:26 - 00367440 _____ () C:\Users\Pascal\Downloads\SoftonicDownloader_for_open-hexagon.exe
2014-09-27 19:25 - 2014-09-27 19:25 - 22561679 _____ () C:\Users\Pascal\Downloads\open-hexagon-1-91-en-win (2).7z
2014-09-27 19:23 - 2014-09-27 19:24 - 22561679 _____ () C:\Users\Pascal\Downloads\open-hexagon-1-91-en-win (1).7z
2014-09-27 19:21 - 2014-09-27 19:22 - 22561679 _____ () C:\Users\Pascal\Downloads\open-hexagon-1-91-en-win.7z
2014-09-24 15:47 - 2014-09-24 15:47 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Cornelsen
2014-09-24 15:36 - 2014-09-24 15:36 - 00002344 _____ () C:\Users\Public\Desktop\English G 21 e-Workbook A2.lnk
2014-09-24 15:36 - 2014-09-24 15:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cornelsen
2014-09-24 13:26 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 13:26 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-20 17:34 - 2014-09-20 17:39 - 00000000 ____D () C:\ProgramData\DriverGenius
2014-09-20 17:32 - 2014-09-20 17:32 - 00001225 _____ () C:\Users\Pascal\Desktop\Driver Genius.lnk
2014-09-20 17:32 - 2014-09-20 17:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Genius
2014-09-20 17:31 - 2014-09-20 17:31 - 00000000 ____D () C:\Program Files (x86)\Driver-Soft
2014-09-20 17:30 - 2014-09-20 17:31 - 08719056 _____ (Driver-Soft Inc. ) C:\Users\Pascal\Downloads\Driver_Genius_14de.exe
2014-09-20 17:30 - 2014-09-20 17:31 - 08719056 _____ (Driver-Soft Inc. ) C:\Users\Pascal\Downloads\Driver_Genius_14de (1).exe
2014-09-17 18:45 - 2014-09-17 18:45 - 00000000 ____D () C:\Users\Pascal\Documents\Scratch Projects
2014-09-17 14:23 - 2014-09-17 14:23 - 01402920 _____ () C:\Users\Pascal\Downloads\battlelog-web-plugins_2.5.1_149.exe
2014-09-16 21:12 - 2014-09-16 21:12 - 00001079 _____ () C:\Users\Susu\Desktop\Scratch.lnk
2014-09-16 21:12 - 2014-09-16 21:12 - 00001079 _____ () C:\Users\Pascal\Desktop\Scratch.lnk
2014-09-16 21:12 - 2014-09-16 21:12 - 00001079 _____ () C:\Users\Gast\Desktop\Scratch.lnk
2014-09-16 21:11 - 2014-09-16 21:11 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Scratch
2014-09-16 21:11 - 2014-09-16 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scratch
2014-09-16 21:10 - 2014-09-16 21:11 - 00000000 ____D () C:\Program Files (x86)\Scratch
2014-09-16 21:06 - 2014-09-16 21:09 - 34637975 _____ (MIT Media Lab Lifelong Kindergarten Group) C:\Users\Pascal\Downloads\ScratchInstaller1.4.exe
2014-09-16 21:06 - 2014-09-16 21:09 - 34485667 _____ () C:\Users\Pascal\Downloads\Scratch1.4.msi.installer.zip
2014-09-16 21:05 - 2014-09-16 21:05 - 01101648 _____ () C:\Users\Pascal\Downloads\Sketch - CHIP-Installer.exe
2014-09-11 22:29 - 2014-09-14 12:13 - 00000000 ____D () C:\Users\Pascal\Documents\OpenTTD
2014-09-11 22:28 - 2014-09-11 22:28 - 00000800 _____ () C:\Users\Public\Desktop\OpenTTD.lnk
2014-09-11 22:28 - 2014-09-11 22:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenTTD
2014-09-11 22:28 - 2014-09-11 22:28 - 00000000 ____D () C:\Program Files\OpenTTD
2014-09-11 22:27 - 2014-09-11 22:28 - 07780242 _____ (OpenTTD Developers) C:\Users\Pascal\Downloads\openttd-1.4.2-windows-win64 (1).exe
2014-09-11 22:26 - 2014-09-11 22:26 - 07780242 _____ (OpenTTD Developers) C:\Users\Pascal\Downloads\openttd-1.4.2-windows-win64.exe
2014-09-11 21:03 - 2014-09-11 21:12 - 00250880 _____ () C:\Users\Pascal\Mamas Geburtstagskarte (47).pub
2014-09-11 03:53 - 2014-08-17 06:00 - 02239488 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 03:53 - 2014-08-17 06:00 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 03:53 - 2014-08-17 05:59 - 19280384 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 03:53 - 2014-08-17 05:59 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 03:53 - 2014-08-17 05:59 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 03:53 - 2014-08-17 05:59 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 03:53 - 2014-08-17 05:59 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 15399424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 03:53 - 2014-08-17 05:58 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 03:53 - 2014-08-17 05:58 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 14369280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 13757440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 03:53 - 2014-08-17 05:57 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 03:53 - 2014-08-17 05:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 03:53 - 2014-08-16 09:25 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 03:53 - 2014-08-16 08:43 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 03:53 - 2014-08-16 08:34 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-09-11 03:53 - 2014-08-16 07:53 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-09-11 03:03 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 03:03 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 20:13 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 20:13 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 20:12 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 20:12 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-10 20:11 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 20:11 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 20:11 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 20:11 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 20:11 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 20:11 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 20:11 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-06 22:44 - 2014-09-06 22:44 - 04188089 _____ () C:\Users\Pascal\Downloads\Piston House Waschmaschine.zip
2014-09-06 17:07 - 2014-10-02 17:21 - 00001348 _____ () C:\Users\Public\Desktop\Die Sims 4.lnk
2014-09-06 17:07 - 2014-09-06 17:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Die Sims 4
2014-09-06 17:04 - 2014-09-06 17:06 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-06 12:01 - 2014-09-06 12:01 - 07433355 _____ () C:\Users\Pascal\Downloads\FR_hi_res_pack_01.zip
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-06 13:42 - 2009-07-14 06:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-06 13:42 - 2009-07-14 06:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-06 13:40 - 2011-05-16 16:04 - 00707400 _____ () C:\Windows\system32\perfh007.dat
2014-10-06 13:40 - 2011-05-16 16:04 - 00153334 _____ () C:\Windows\system32\perfc007.dat
2014-10-06 13:40 - 2009-07-14 07:13 - 01644624 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-06 13:38 - 2012-04-16 12:02 - 01795311 _____ () C:\Windows\WindowsUpdate.log
2014-10-06 13:34 - 2014-06-11 10:27 - 00003310 _____ () C:\Windows\System32\Tasks\Scheduled scanning task
2014-10-06 13:34 - 2014-06-11 10:27 - 00000678 _____ () C:\Windows\Tasks\Scheduled scanning task.job
2014-10-06 13:33 - 2014-03-29 07:22 - 00082852 _____ () C:\Windows\setupact.log
2014-10-06 13:33 - 2014-03-03 20:00 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-06 13:33 - 2013-01-25 15:21 - 00000437 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-10-06 13:32 - 2013-10-11 16:41 - 00001196 _____ () C:\Windows\Tasks\Plus-HD-2.6-codedownloader.job
2014-10-06 13:32 - 2013-10-11 16:41 - 00001096 _____ () C:\Windows\Tasks\Plus-HD-2.6-enabler.job
2014-10-06 13:32 - 2013-10-11 16:40 - 00001904 _____ () C:\Windows\Tasks\Plus-HD-2.6-chromeinstaller.job
2014-10-06 13:32 - 2013-10-11 16:40 - 00001828 _____ () C:\Windows\Tasks\Plus-HD-2.6-firefoxinstaller.job
2014-10-06 13:32 - 2012-01-24 01:22 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-06 13:32 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-05 19:32 - 2014-02-06 15:32 - 00000312 _____ () C:\Windows\Tasks\Digital Sites.job
2014-10-05 19:32 - 2013-10-30 14:32 - 00000310 _____ () C:\Windows\Tasks\DigitalSite.job
2014-10-05 19:22 - 2014-03-03 20:00 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-05 19:18 - 2012-12-23 17:51 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-05 19:00 - 2013-11-26 11:36 - 00000296 _____ () C:\Windows\Tasks\RegistryBooster Maintenance.job
2014-10-05 16:03 - 2013-04-14 09:37 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\.minecraft
2014-10-05 15:33 - 2012-04-16 13:39 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-10-05 08:37 - 2013-10-30 15:32 - 00000096 _____ () C:\Users\Pascal\AppData\Roaming\WB.CFG
2014-10-04 15:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-04 12:22 - 2012-04-16 13:40 - 00000000 ____D () C:\ProgramData\Origin
2014-10-04 12:21 - 2014-01-22 15:55 - 00000000 ____D () C:\Users\Pascal\Documents\FIFA 14
2014-10-04 06:55 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-04 06:23 - 2012-09-27 19:33 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-10-03 15:05 - 2013-02-08 19:41 - 00000000 ____D () C:\Windows\pss
2014-10-03 10:41 - 2013-07-11 15:07 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-03 08:45 - 2013-11-20 17:09 - 00000000 ____D () C:\Users\Pascal\AppData\Local\CrashDumps
2014-10-02 20:36 - 2014-03-31 14:14 - 00178980 _____ () C:\Windows\PFRO.log
2014-10-02 19:53 - 2014-05-14 16:36 - 00074044 _____ () C:\Windows\DirectX.log
2014-10-02 15:58 - 2013-10-30 14:34 - 00000000 ____D () C:\Program Files (x86)\MyPC Backup
2014-09-26 18:38 - 2014-03-03 20:30 - 00348928 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-09-26 18:38 - 2013-12-15 14:58 - 00348928 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-09-26 18:33 - 2013-12-15 14:58 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-09-26 14:41 - 2014-06-03 14:57 - 00003854 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1389385127
2014-09-26 14:41 - 2014-01-10 22:18 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-09-25 20:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-24 19:18 - 2012-12-23 17:51 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-24 19:18 - 2012-10-28 15:54 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 19:18 - 2011-12-01 23:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 15:38 - 2012-04-16 19:41 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Skype
2014-09-24 15:35 - 2012-07-15 12:13 - 00000000 ____D () C:\Program Files (x86)\Cornelsen
2014-09-23 15:07 - 2012-04-17 21:19 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-23 15:05 - 2013-04-21 14:29 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-20 17:49 - 2012-12-03 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2014-09-18 15:55 - 2014-06-04 14:39 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-09-17 14:31 - 2013-12-15 14:58 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-09-15 09:06 - 2010-11-21 05:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-13 14:02 - 2013-03-24 17:31 - 00000000 ____D () C:\tmp
2014-09-11 21:12 - 2012-04-16 12:09 - 00000000 ____D () C:\Users\Pascal
2014-09-11 19:06 - 2014-06-06 21:46 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\TS3Client
2014-09-11 03:50 - 2012-04-21 11:21 - 01617968 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-11 03:49 - 2013-07-28 21:34 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 03:04 - 2011-07-18 22:31 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-11 03:03 - 2014-05-06 21:47 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-06 17:09 - 2013-06-12 17:03 - 00000000 ____D () C:\Users\Pascal\Documents\Electronic Arts
2014-09-06 13:35 - 2012-04-16 19:41 - 00000000 ____D () C:\ProgramData\Skype
Files to move or delete:
====================
C:\Users\Pascal\DSETUP.dll
C:\Users\Pascal\dsetup32.dll
C:\Users\Pascal\DXSETUP.exe
C:\Users\Pascal\ManiaPlanetCanyon_Setup.exe
C:\Users\Pascal\MouseServer.exe
C:\Users\Pascal\setup.exe
C:\Users\Public\AlexaNSISPlugin.9612.dll
Some content of TEMP:
====================
C:\Users\Pascal\AppData\Local\Temp\BackupSetup.exe
C:\Users\Pascal\AppData\Local\Temp\NOSEventMessages.dll
C:\Users\Pascal\AppData\Local\Temp\ntvb2.dll
C:\Users\Pascal\AppData\Local\Temp\ntvb2.exe
C:\Users\Pascal\AppData\Local\Temp\optprosetup.exe
C:\Users\Pascal\AppData\Local\Temp\setup_337.exe
C:\Users\Pascal\AppData\Local\Temp\SpOrder.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-26 00:52
==================== End Of Log ============================
|
|
15.10.2014, 09:53
| #5 |
| /// the machine /// TB-Ausbilder | C:\windows\scorl.trojan.general.exe Eigentlich müsste man dich zur Strafe formatieren schicken...... Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
15.10.2014, 14:12
| #6 |
| | also Ich habe jetzt alles gemacht. Es ist folgendes vorgefallen, asktoolbar geht nicht weg, IMesh gibt's auf meinen Computer nicht, dieses Webassistant und Webprotect gibt's auch nicht. Den Log von Combofix schick ich gleich im Anschluss. Viele grüße Pascal (; Combofix Logfile: Code:
ATTFilter ComboFix 14-10-15.01 - Pascal 15.10.2014 14:26:34.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.4078.1983 [GMT 2:00]
ausgeführt von:: j:\download\ComboFix.exe
AV: Computer Schutz *Disabled/Updated* {15414183-282E-D62C-CA37-EF24860A2F17}
SP: Computer Schutz *Disabled/Updated* {AE20A067-0E14-D9A2-F087-D456FD8D65AA}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\program files (x86)\Common Files\Config\uninstinethnfd.exe
c:\program files (x86)\Common Files\Config\ver.xml
c:\program files (x86)\DealPly
c:\program files (x86)\DealPly\DealPly.crx
c:\program files (x86)\DealPly\DealPlyUpdate.exe
c:\program files (x86)\DealPly\DealPlyUpdate.log
c:\program files (x86)\DealPly\DealPlyUpdateRun.exe
c:\program files (x86)\DealPly\icon.ico
c:\program files (x86)\DealPly\uninst.exe
c:\program files (x86)\HD-Quality-v3V30.09\acd42e4d-df71-4a2e-beba-ac536b327013.dll
c:\program files (x86)\HD-Quality-v3V30.09\fc028392-3db8-48f4-b8b1-5b6a9f8d1dfc.dll
c:\program files (x86)\HQCinema1.9V01.10\391ad2a2-c92b-426a-ba56-7f3b29d7a757.dll
c:\program files (x86)\HQCinema1.9V01.10\3be94935-703d-4a9f-bdf8-bd3f9894f8d0.dll
c:\program files (x86)\Searchqu Toolbar\Datamngr
c:\program files (x86)\Searchqu Toolbar\Datamngr\BrowserConnection.dll
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\css\new-tab.css
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_amazon.png
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_ebay.png
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_facebook.png
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_fantastigames.png
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_ftalk.png
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\images\fav_youtube.png
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\images\IDR_WEBSTORE_ICON.png
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\images\imesh_logo_128.png
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\images\imesh_logo_128.png__
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\config\skin\new-tab.html
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\lib\analytics.js
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\lib\constant.js
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\lib\default-config - Copy.js
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\lib\default-config.js
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\lib\jquery.js
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\lib\localStorage.js
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\lib\new-tab.js
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\lib\preferences.js
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\manifest.json
c:\program files (x86)\Searchqu Toolbar\Datamngr\ChromeExtension\OurLocalPage.html
c:\program files (x86)\Searchqu Toolbar\Datamngr\datamngr.dll
c:\program files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe
c:\program files (x86)\Searchqu Toolbar\Datamngr\DnsBHO.dll
c:\program files (x86)\Searchqu Toolbar\Datamngr\IEBHO.dll
c:\program files (x86)\Searchqu Toolbar\Datamngr\installhelper.dll
c:\program files (x86)\Searchqu Toolbar\Datamngr\x64\BrowserConnection.dll
c:\program files (x86)\Searchqu Toolbar\Datamngr\x64\datamngr.dll
c:\program files (x86)\Searchqu Toolbar\Datamngr\x64\datamngrUI.exe
c:\program files (x86)\Searchqu Toolbar\Datamngr\x64\DnsBHO.dll
c:\program files (x86)\Searchqu Toolbar\Datamngr\x64\IEBHO.dll
c:\program files (x86)\SoftwareUpdater\KeyGen.dll
c:\program files (x86)\Windows Searchqu Toolbar
c:\programdata\374311380
c:\programdata\374311380\BIT2809.tmp
c:\programdata\BrowserDefender
c:\programdata\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl
c:\programdata\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings
c:\programdata\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm
c:\users\Pascal\AppData\Local\lollipop
c:\users\Pascal\AppData\Local\lollipop\Lollipop.exe
c:\users\Pascal\AppData\Local\omesuperv.exe
c:\users\Pascal\AppData\Roaming\.#
c:\users\Pascal\AppData\Roaming\BabMaint.exe
c:\users\Pascal\AppData\Roaming\InetStat\inetstat.exe
c:\users\Pascal\AppData\Roaming\Microsoft\Windows\Recent\Akinator öffnen.url
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome.manifest
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\asyncDB.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\background.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\browserAction.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\contextMenu.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\dbManager.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\dom_bg.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\fileManager.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\firefox.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\firefoxNotifications.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\firefoxOmnibox.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\message.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\pageAction.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\request.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\tabs.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\api\webRequest.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\background.html
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\baseObject.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\browser.xul
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\console.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\consts.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\delegate.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\extensionDataStore.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\folderIOWrapper.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\httpObserver.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\IDBWrapper.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\installer.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\logFile.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\prefs.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\progressListenerObserver.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\registry.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\reloadObserver.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\reports.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\requestObject.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\searchSettings.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\uninstallObserver.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\updateManager.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\utils.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\core\xhr.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\dialog.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\main.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\options.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\options.xul
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\chrome\content\search_dialog.xul
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\defaults\preferences\prefs.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\manifest.xml
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins.json
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\1_base.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\101_cortica_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\102_dealply_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\103_intext_5_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\104_jollywallet_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\105_corticas_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\108_icm_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\116_ads_only_5_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\117_coupons_intext_ads_5_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\119_similar_web_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\120_luck_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\123_intext_adv_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\124_superfish_no_search_no_coupons_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\125_arcadi2_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\126_revizer_ws_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\127_revizer_p_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\128_superfish_pricora_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\129_widdit_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\135_arcadi3_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\138_getdeal_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\14_CrossriderUtils.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\141_corticas_ru_m.js.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\142_intext_fa_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\155_ibario_pops_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\158_50onred_ads_only_no_fb_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\159_cortica_rollover_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\16_FFAppAPIWrapper.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\17_jQuery.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\170_icm1_5_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\171_arcadi2_sourceID_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\175_coolmirage_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\178_revizer_ws_dynamic_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\179_revizer_p_dynamic_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\21_debug.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\22_resources.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\28_initializer.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\4_jquery_1_7_1.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\47_resources_background.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\64_appApiMessage.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\7_hooks.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\72_appApiValidation.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\78_CrossriderInfo.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\87_ginyas_wrapper.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\9_search_engine_hook.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\91_monetizationLoader.js.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\92_superfish_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\98_omniCommands.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\userCode\background.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\userCode\extension.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\install.rdf
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\locale\en-US\translations.dtd
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\button1.png
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\button2.png
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\button3.png
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\button4.png
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\button5.png
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\crossrider_statusbar.png
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\icon128.png
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\icon16.png
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\icon24.png
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\icon48.png
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\panelarrow-up.png
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\popup.html
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\skin.css
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\skin\update.css
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome.manifest
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api\asyncDB.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api\background.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api\browserAction.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api\contextMenu.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api\dbManager.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api\dom_bg.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api\fileManager.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api\firefox.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api\firefoxNotifications.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api\firefoxOmnibox.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api\message.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api\pageAction.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api\request.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api\tabs.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\api\webRequest.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\background.html
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\baseObject.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\browser.xul
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\console.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\consts.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\delegate.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\extensionDataStore.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\folderIOWrapper.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\httpObserver.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\IDBWrapper.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\installer.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\logFile.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\prefs.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\progressListenerObserver.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\registry.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\reloadObserver.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\reports.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\requestObject.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\searchSettings.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\uninstallObserver.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\updateManager.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\utils.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\core\xhr.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\dialog.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\main.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\options.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\options.xul
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\chrome\content\search_dialog.xul
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\defaults\preferences\prefs.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\manifest.xml
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins.json
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\1_base.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\101_cortica_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\102_dealply_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\103_intext_5_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\104_jollywallet_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\105_corticas_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\107_coupish_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\108_icm_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\116_ads_only_5_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\117_coupons_intext_ads_5_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\119_similar_web_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\120_luck_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\123_intext_adv_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\124_superfish_no_search_no_coupons_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\125_arcadi2_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\126_revizer_ws_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\127_revizer_p_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\128_superfish_pricora_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\129_widdit_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\135_arcadi3_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\138_getdeal_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\14_CrossriderUtils.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\141_corticas_ru_m.js.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\142_intext_fa_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\155_ibario_pops_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\158_50onred_ads_only_no_fb_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\159_cortica_rollover_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\16_FFAppAPIWrapper.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\17_jQuery.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\170_icm1_5_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\171_arcadi2_sourceID_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\175_coolmirage_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\21_debug.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\22_resources.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\28_initializer.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\4_jquery_1_7_1.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\47_resources_background.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\64_appApiMessage.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\7_hooks.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\72_appApiValidation.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\78_CrossriderInfo.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\87_ginyas_wrapper.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\9_search_engine_hook.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\91_monetizationLoader.js.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\92_superfish_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\98_omniCommands.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\userCode\background.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\userCode\extension.js
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\install.rdf
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\locale\en-US\translations.dtd
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\skin\button1.png
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\skin\button2.png
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\skin\button3.png
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\skin\button4.png
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\skin\button5.png
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\skin\crossrider_statusbar.png
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\skin\icon128.png
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\skin\icon16.png
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\skin\icon24.png
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\skin\icon48.png
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\skin\panelarrow-up.png
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\skin\popup.html
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\skin\skin.css
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\skin\update.css
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\search.xml
c:\users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\WebSearch.xml
c:\users\Public\AlexaNSISPlugin.9612.dll
c:\windows\IsUn0407.exe
c:\windows\SysWow64\tmp3BC7.tmp
c:\windows\SysWow64\tmp5244.tmp
c:\windows\SysWow64\tmp5255.tmp
c:\windows\SysWow64\tmpBBA1.tmp
c:\windows\SysWow64\tmpEC03.tmp
c:\windows\SysWow64\tmpEC14.tmp
c:\windows\SysWow64\tmpFCC.tmp
c:\windows\SysWow64\tmpFFB.tmp
c:\windows\UA000079.DLL
c:\windows\wininit.ini
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NETHFDRV
-------\Service_CltMngSvc
-------\Service_globalUpdate
-------\Service_nethfdrv
-------\Service_ProtectMonitor
-------\Service_SrvUpdater
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-09-15 bis 2014-10-15 ))))))))))))))))))))))))))))))
.
.
2014-10-15 12:38 . 2014-10-15 12:38 -------- d-----w- c:\users\Susu\AppData\Local\temp
2014-10-15 12:38 . 2014-10-15 12:38 -------- d-----w- c:\users\Gast\AppData\Local\temp
2014-10-15 12:38 . 2014-10-15 12:38 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-10-15 11:53 . 2014-10-15 11:53 -------- d-----w- c:\program files (x86)\predm
2014-10-06 11:39 . 2014-10-06 11:48 -------- d-----w- C:\FRST
2014-10-02 18:01 . 2014-10-02 18:01 -------- d-----w- c:\users\Pascal\AppData\Local\PopCap Games
2014-10-01 19:15 . 2014-10-01 19:15 -------- d-----w- C:\NVIDIA Corporation
2014-10-01 17:54 . 2014-10-15 12:37 -------- d-----w- c:\users\Pascal\AppData\Roaming\InetStat
2014-10-01 16:44 . 2014-10-01 16:44 1522584 ----a-w- c:\users\Pascal\AppData\Roaming\SUU.exe
2014-10-01 16:43 . 2014-10-15 12:37 -------- d-----w- c:\program files (x86)\HD-Quality-v3V30.09
2014-10-01 14:44 . 2014-10-01 14:44 -------- d-----w- c:\users\Pascal\AppData\Local\com
2014-10-01 14:43 . 2014-10-01 14:43 -------- d-----w- c:\windows\Sun
2014-10-01 14:39 . 2014-10-15 12:09 -------- d-----w- c:\users\Pascal\AppData\Local\TVWizard
2014-10-01 14:38 . 2014-10-01 17:54 -------- d--h--w- c:\users\Public\Temp
2014-10-01 14:38 . 2014-10-01 14:38 -------- d-----w- c:\programdata\HAunCmYKI
2014-10-01 14:37 . 2014-10-01 14:37 -------- d-----w- c:\program files (x86)\globalUpdate
2014-10-01 14:37 . 2014-10-01 14:37 -------- d-----w- c:\users\Pascal\AppData\Local\globalUpdate
2014-10-01 14:37 . 2014-10-15 12:37 -------- d-----w- c:\program files (x86)\HQCinema1.9V01.10
2014-10-01 14:36 . 2014-10-01 14:36 -------- d-----w- c:\program files (x86)\XTRM Group
2014-10-01 14:36 . 2014-10-01 14:46 -------- d-----w- c:\program files (x86)\PepperZip
2014-10-01 14:35 . 2014-10-04 13:08 -------- d-----w- c:\program files (x86)\ver4NewPlayer
2014-10-01 14:35 . 2014-10-07 14:51 -------- d-----w- c:\program files (x86)\PCTRunner
2014-10-01 11:37 . 2014-09-25 02:08 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-10-01 11:37 . 2014-09-25 01:40 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-24 13:47 . 2014-09-24 13:47 -------- d-----w- c:\users\Pascal\AppData\Roaming\Cornelsen
2014-09-24 11:26 . 2014-09-09 22:11 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-24 11:26 . 2014-09-09 21:47 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-09-20 15:34 . 2014-09-20 15:39 -------- d-----w- c:\programdata\DriverGenius
2014-09-20 15:31 . 2014-09-20 15:31 -------- d-----w- c:\program files (x86)\Driver-Soft
2014-09-16 19:10 . 2014-09-16 19:11 -------- d-----w- c:\program files (x86)\Scratch
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-15 11:30 . 2014-10-15 11:30 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2A7379EB-468D-4768-9EE8-B39973DF702E}\offreg.dll
2014-09-26 16:38 . 2014-03-03 18:30 348928 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-09-26 16:38 . 2013-12-15 12:58 348928 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-09-26 16:33 . 2013-12-15 12:58 280904 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-09-24 17:18 . 2012-10-28 13:54 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-09-24 17:18 . 2011-12-01 21:26 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-23 13:00 . 2013-04-21 12:36 590536 ----a-w- c:\programdata\Microsoft\ClickToRun\{9AC08E99-230B-47e8-9721-4577B7F124EA}\integrator.exe
2014-09-17 12:31 . 2013-12-15 12:58 76152 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-09-15 07:06 . 2010-11-21 03:27 278152 ------w- c:\windows\system32\MpSigStub.exe
2014-09-11 01:04 . 2011-07-18 20:31 101694776 ----a-w- c:\windows\system32\MRT.exe
2014-09-09 02:05 . 2014-10-07 12:09 11578928 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{2A7379EB-468D-4768-9EE8-B39973DF702E}\mpengine.dll
2014-09-05 02:10 . 2014-09-10 18:11 578048 ----a-w- c:\windows\system32\aepdu.dll
2014-09-05 02:05 . 2014-09-10 18:11 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-09-02 19:55 . 2014-09-02 19:55 487483 ----a-w- C:\monitor.exe
2014-09-02 19:55 . 2014-09-02 19:55 34244 ----a-w- C:\monitorsvc.exe
2014-08-29 06:47 . 2013-06-17 13:37 23256 ----a-w- c:\programdata\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
2014-08-23 02:07 . 2014-08-28 06:04 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-08-28 06:04 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-23 00:59 . 2014-08-28 06:04 3163648 ----a-w- c:\windows\system32\win32k.sys
2014-08-17 04:00 . 2014-09-11 01:53 51712 ----a-w- c:\windows\system32\ie4uinit.exe
2014-08-17 04:00 . 2014-09-11 01:53 2239488 ----a-w- c:\windows\system32\wininet.dll
2014-08-17 03:59 . 2014-09-11 01:53 1407488 ----a-w- c:\windows\system32\urlmon.dll
2014-08-17 03:59 . 2014-09-11 01:53 197120 ----a-w- c:\windows\system32\msrating.dll
2014-08-17 03:59 . 2014-09-11 01:53 97280 ----a-w- c:\windows\system32\mshtmled.dll
2014-08-17 03:59 . 2014-09-11 01:53 19280384 ----a-w- c:\windows\system32\mshtml.dll
2014-08-17 03:59 . 2014-09-11 01:53 603136 ----a-w- c:\windows\system32\msfeeds.dll
2014-08-17 03:58 . 2014-09-11 01:53 53248 ----a-w- c:\windows\system32\jsproxy.dll
2014-08-17 03:58 . 2014-09-11 01:53 855552 ----a-w- c:\windows\system32\jscript.dll
2014-08-17 03:58 . 2014-09-11 01:53 3959296 ----a-w- c:\windows\system32\jscript9.dll
2014-08-17 03:58 . 2014-09-11 01:53 67072 ----a-w- c:\windows\system32\iesetup.dll
2014-08-17 03:58 . 2014-09-11 01:53 526336 ----a-w- c:\windows\system32\ieui.dll
2014-08-17 03:58 . 2014-09-11 01:53 136704 ----a-w- c:\windows\system32\iesysprep.dll
2014-08-17 03:58 . 2014-09-11 01:53 2655232 ----a-w- c:\windows\system32\iertutil.dll
2014-08-17 03:58 . 2014-09-11 01:53 39936 ----a-w- c:\windows\system32\iernonce.dll
2014-08-17 03:58 . 2014-09-11 01:53 255488 ----a-w- c:\windows\system32\iedkcs32.dll
2014-08-17 03:58 . 2014-09-11 01:53 15399424 ----a-w- c:\windows\system32\ieframe.dll
2014-08-17 03:58 . 2014-09-11 01:53 451584 ----a-w- c:\windows\system32\dxtmsft.dll
2014-08-17 03:58 . 2014-09-11 01:53 281600 ----a-w- c:\windows\system32\dxtrans.dll
2014-08-17 03:58 . 2014-09-11 01:53 1508864 ----a-w- c:\windows\system32\inetcpl.cpl
2014-08-17 03:57 . 2014-09-11 01:53 1766400 ----a-w- c:\windows\SysWow64\wininet.dll
2014-08-17 03:57 . 2014-09-11 01:53 2861568 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-08-17 03:57 . 2014-09-11 01:53 61440 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-08-17 03:57 . 2014-09-11 01:53 109056 ----a-w- c:\windows\SysWow64\iesysprep.dll
2014-08-17 03:57 . 2014-09-11 01:53 1440768 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-08-16 07:25 . 2014-09-11 01:53 2706432 ----a-w- c:\windows\system32\mshtml.tlb
2014-08-16 06:43 . 2014-09-11 01:53 2706432 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-08-16 06:34 . 2014-09-11 01:53 89600 ----a-w- c:\windows\system32\RegisterIEPKEYs.exe
2014-08-16 05:53 . 2014-09-11 01:53 71680 ----a-w- c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-08-13 10:38 . 2014-08-13 10:38 687 ----a-w- C:\awh4FE3.tmp
2014-08-09 06:06 . 2014-08-09 06:06 687 ----a-w- C:\awhA0B1.tmp
2014-08-08 04:32 . 2014-08-08 04:32 687 ----a-w- C:\awh314C.tmp
2014-08-07 05:40 . 2014-08-07 05:40 687 ----a-w- C:\awh8C09.tmp
2014-08-06 06:06 . 2014-08-06 06:06 687 ----a-w- C:\awh18DC.tmp
2014-08-05 06:39 . 2014-08-05 06:39 687 ----a-w- C:\awh859.tmp
2014-08-04 12:36 . 2014-08-04 12:36 687 ----a-w- C:\awh1CD2.tmp
2014-08-04 06:58 . 2014-08-04 06:58 687 ----a-w- C:\awh925F.tmp
2014-08-03 18:17 . 2014-08-03 18:17 687 ----a-w- C:\awh80B.tmp
2014-08-03 05:21 . 2014-08-03 05:21 687 ----a-w- C:\awh1238.tmp
2014-08-02 16:53 . 2014-08-02 16:53 687 ----a-w- C:\awh95E3.tmp
2014-08-01 11:53 . 2014-09-10 18:13 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-08-01 11:35 . 2014-09-10 18:13 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-07-25 13:50 . 2014-07-30 17:24 1291280 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-07-25 13:50 . 2013-12-29 10:56 1126480 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-07-25 13:50 . 2014-07-30 17:24 1715224 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-07-25 13:50 . 2013-12-29 10:56 1283136 ----a-w- c:\windows\system32\nvspcap64.dll
2014-07-25 10:55 . 2014-08-25 08:07 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-25 00:35 . 2014-07-25 00:35 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47 . 2014-07-24 21:47 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110611171162}]
2014-10-01 16:44 605592 ----a-w- c:\program files (x86)\HD-Quality-v3V30.09\HD-Quality-v3V30.09-bho.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110611381131}]
2014-10-01 14:42 605080 ----a-w- c:\program files (x86)\HQCinema1.9V01.10\HQCinema1.9V01.10-bho.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087}]
2013-06-30 14:37 170840 ----a-w- c:\program files\Web Assistant\Extension32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{51420F88-4D4A-4042-9509-8D4E1307910E}]
2014-10-01 14:36 368120 ----a-w- c:\program files (x86)\XTRM Group\MySafeProxy\Bin\MySafeProxy32.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{61e0ef7a-9bc0-45ea-9b2f-f3e9f02692bd}]
2010-11-21 03:24 297808 ----a-w- c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{BA56787C-729F-4715-8F11-EB2A16908B91}]
2013-03-19 20:30 244736 ----a-w- c:\program files (x86)\BetterAds\ScriptHost.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-06-17 13:33 220632 ----a-w- c:\users\Pascal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-06-17 13:33 220632 ----a-w- c:\users\Pascal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-06-17 13:33 220632 ----a-w- c:\users\Pascal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-09-23 13:02 1729232 ----a-w- c:\program files\Microsoft Office 15\root\office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-09-23 13:02 1729232 ----a-w- c:\program files\Microsoft Office 15\root\office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-09-23 13:02 1729232 ----a-w- c:\program files\Microsoft Office 15\root\office15\GROOVEEX.DLL
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-21 1475584]
"f.lux"="c:\users\Pascal\AppData\Local\FluxSoftware\Flux\flux.exe" [2013-10-23 1017224]
"MouseServer"="c:\program files (x86)\MouseServer\MouseServer.exe" [2012-03-21 122880]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"F-Secure Manager"="c:\program files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSM32.EXE" [2013-08-14 310208]
"F-Secure Hoster (47731)"="c:\program files (x86)\Kabel BW\fshoster32.exe" [2013-05-15 191424]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files (x86)\QuickTime\qttask.exe" -atboottime
"UVS11 Preload"=c:\program files (x86)\Ulead Systems\Ulead VideoStudio 11\uvPL.exe
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ALSysIO;ALSysIO; [x]
R3 esgiguard;esgiguard; [x]
R3 globalUpdatem;globalUpdate Update Service (globalUpdatem);c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe;c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [x]
R3 MyOSProtect;MyOSProtect;c:\program files (x86)\PCTRunner\MyOSProtect.exe;c:\program files (x86)\PCTRunner\MyOSProtect.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
R3 SPPD;SPPD;c:\windows\system32\drivers\SPPD.sys;c:\windows\SYSNATIVE\drivers\SPPD.sys [x]
R3 SystemExplorerHelpService;System Explorer Service; [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0; [x]
R3 wsvd;wsvd;c:\windows\system32\DRIVERS\wsvd.sys;c:\windows\SYSNATIVE\DRIVERS\wsvd.sys [x]
R3 xhunter1;xhunter1; [x]
R4 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [x]
R4 Web Assistant Updater;Web Assistant Updater;c:\program files\Web Assistant\ExtensionUpdaterService.exe;c:\program files\Web Assistant\ExtensionUpdaterService.exe [x]
S0 fsbts;fsbts;c:\windows\system32\Drivers\fsbts.sys;c:\windows\SYSNATIVE\Drivers\fsbts.sys [x]
S1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files (x86)\Kabel BW\apps\ComputerSecurity\HIPS\drivers\fshs.sys;c:\program files (x86)\Kabel BW\apps\ComputerSecurity\HIPS\drivers\fshs.sys [x]
S1 fsvista;F-Secure Vista Support Driver;c:\program files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys;c:\program files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [x]
S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [x]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [x]
S2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
S2 ClickToRunSvc;Microsoft Office-Klick-und-Los-Dienst;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 Freemake Improver;Freemake Improver;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe;c:\programdata\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [x]
S2 fshoster;F-Secure Dll Hoster;c:\program files (x86)\Kabel BW\fshoster32.exe;c:\program files (x86)\Kabel BW\fshoster32.exe [x]
S2 FSORSPClient;F-Secure ORSP Client;c:\program files (x86)\Kabel BW\apps\CCF_Reputation\fsorsp.exe;c:\program files (x86)\Kabel BW\apps\CCF_Reputation\fsorsp.exe [x]
S2 MemeoBackgroundService;MemeoBackgroundService;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe;c:\program files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [x]
S2 MySafeProxyMonitor;MySafeProxy Monitor;c:\program files (x86)\XTRM Group\MySafeProxy\Bin\MySafeProxyMonitor.exe;c:\program files (x86)\XTRM Group\MySafeProxy\Bin\MySafeProxyMonitor.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 tCJlXj;tCJlXj;c:\programdata\HAunCmYKI\tCJlXj.exe;c:\programdata\HAunCmYKI\tCJlXj.exe [x]
S2 Virtual Router;VirtualRouterService;c:\program files (x86)\Virtual Router\VirtualRouterService.exe;c:\program files (x86)\Virtual Router\VirtualRouterService.exe [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys;c:\program files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [x]
S3 fsni;fsni;c:\program files (x86)\Kabel BW\apps\CCF_Scanning\fsni64.sys;c:\program files (x86)\Kabel BW\apps\CCF_Scanning\fsni64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 Point64;Microsoft Mouse and Keyboard Center Filter Driver;c:\windows\system32\DRIVERS\point64.sys;c:\windows\SYSNATIVE\DRIVERS\point64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 RTL8192su;Realtek RTL8192SU Wireless LAN 802.11n USB 2.0 Network Adapter;c:\windows\system32\DRIVERS\RTL8192su.sys;c:\windows\SYSNATIVE\DRIVERS\RTL8192su.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-25 14:23 1096520 ----a-w- c:\program files (x86)\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe
.
Inhalt des "geplante Tasks" Ordners
.
2014-10-15 c:\windows\Tasks\1242f82e-6c0d-47d3-a2c9-9feb3999108a.job
- c:\program files (x86)\HQCinema1.9V01.10\1242f82e-6c0d-47d3-a2c9-9feb3999108a.exe [2014-10-01 14:42]
.
2014-10-15 c:\windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-1.job
- c:\program files (x86)\HD-Quality-v3V30.09\HD-Quality-v3V30.09-codedownloader.exe [2014-10-01 16:44]
.
2014-10-15 c:\windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-2.job
- c:\program files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-2.exe [2014-10-01 16:44]
.
2014-10-15 c:\windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-4.job
- c:\program files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-4.exe [2014-10-01 16:44]
.
2014-10-15 c:\windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-5.job
- c:\program files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-5.exe [2014-10-01 16:45]
.
2014-10-01 c:\windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-5_user.job
- c:\program files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-5.exe [2014-10-01 16:45]
.
2014-10-15 c:\windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-6.job
- c:\program files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-6.exe [2014-10-01 16:44]
.
2014-10-15 c:\windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-7.job
- c:\program files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-7.exe [2014-10-01 16:44]
.
2014-10-15 c:\windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-1.job
- c:\program files (x86)\HQCinema1.9V01.10\HQCinema1.9V01.10-codedownloader.exe [2014-10-01 14:42]
.
2014-10-15 c:\windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-2.job
- c:\program files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-2.exe [2014-10-01 14:42]
.
2014-10-15 c:\windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-5.job
- c:\program files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-5.exe [2014-10-01 14:43]
.
2014-10-15 c:\windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-5_user.job
- c:\program files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-5.exe [2014-10-01 14:43]
.
2014-10-15 c:\windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-6.job
- c:\program files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-6.exe [2014-10-01 14:40]
.
2014-10-15 c:\windows\Tasks\815a6f6b-5b57-4751-8a99-2a2f9410b044-7.job
- c:\program files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-7.exe [2014-10-01 14:40]
.
2014-10-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-28 17:18]
.
2014-10-15 c:\windows\Tasks\c6ac72ed-56b8-40ca-9074-9efe04ef1716.job
- c:\program files (x86)\HD-Quality-v3V30.09\c6ac72ed-56b8-40ca-9074-9efe04ef1716.exe [2014-10-01 16:44]
.
2014-10-07 c:\windows\Tasks\Digital Sites.job
- c:\users\Pascal\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe [2013-04-12 14:10]
.
2014-10-15 c:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job
- c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-10-01 16:43]
.
2014-10-05 c:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job
- c:\program files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-10-01 16:43]
.
2014-10-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-03 18:00]
.
2014-10-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-03-03 18:00]
.
2014-10-06 c:\windows\Tasks\RegistryBooster Maintenance.job
- c:\program files (x86)\Uniblue\RegistryBooster\registrybooster.exe [2012-11-01 10:39]
.
2014-10-15 c:\windows\Tasks\Scheduled scanning task.job
- c:\progra~2\Kabel BW\apps\ComputerSecurity\Anti-Virus\fsav.exe [2013-11-25 12:22]
.
2014-10-01 c:\windows\Tasks\SUU.job
- c:\users\Pascal\AppData\Roaming\SUU.exe [2014-10-01 16:44]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco1]
@="{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}"
[HKEY_CLASSES_ROOT\CLSID\{AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47}]
2014-02-11 02:21 644464 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco2]
@="{853B7E05-C47D-4985-909A-D0DC5C6D7303}"
[HKEY_CLASSES_ROOT\CLSID\{853B7E05-C47D-4985-909A-D0DC5C6D7303}]
2014-02-11 02:21 644464 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ AccExtIco3]
@="{42D38F2E-98E9-4382-B546-E24E4D6D04BB}"
[HKEY_CLASSES_ROOT\CLSID\{42D38F2E-98E9-4382-B546-E24E4D6D04BB}]
2014-02-11 02:21 644464 ----a-w- c:\program files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-06-17 13:33 244696 ----a-w- c:\users\Pascal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-06-17 13:33 244696 ----a-w- c:\users\Pascal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-06-17 13:33 244696 ----a-w- c:\users\Pascal\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-09-23 13:02 2334416 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-09-23 13:02 2334416 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-09-23 13:02 2334416 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-07-25 2403104]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.conduit.com/?gd=&ctid=CT3314932&octid=EB_ORIGINAL_CTID&ISID=MF70BB4B3-B174-4BAF-A6B9-7309BCFE9943&SearchSource=55&CUI=&UM=5&UP=SPFEAC19B6-4958-4E5B-8531-48F001259B10&SSPV=
mDefault_Search_URL = hxxp://www.aartemis.com/web/?type=ds&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX&q={searchTerms}
mDefault_Page_URL = hxxp://aartemis.com/?type=hp&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX
mStart Page = hxxp://aartemis.com/?type=hp&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.aartemis.com/web/?type=ds&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX&q={searchTerms}
mSearchAssistant = hxxp://www.aartemis.com/web/?type=ds&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX&q={searchTerms}
mCustomizeSearch = hxxp://www.aartemis.com/web/?type=ds&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX&q={searchTerms}
IE: {{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} - hxxp://rover.ebay.com/rover/1/707-37276-17534-31/4
TCP: DhcpNameServer = 192.168.178.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
BHO-{11111111-1111-1111-1111-110011221158} - (no file)
BHO-{11111111-1111-1111-1111-110311341140} - (no file)
BHO-{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} - (no file)
BHO-{9D717F81-9148-4f12-8568-69135F087DB0} - c:\progra~2\SEARCH~1\Datamngr\BROWSE~1.DLL
BHO-{C1AF5FA5-852C-4C90-812E-A7F75E011D87} - (no file)
BHO-{D1ECD019-8423-43de-98D1-7892AF2DA309} - (no file)
BHO-{dc26eb86-ac6f-4093-918d-3e36cd607f01} - (no file)
Toolbar-10 - (no file)
Toolbar-{28387537-e3f9-4ed7-860c-11e69af4a8a0} - (no file)
Toolbar-{b278d9f8-0fa9-465e-9938-0c392605d8e3} - (no file)
Toolbar-{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - (no file)
Toolbar-{9E131A93-EED7-4BEB-B015-A0ADB30B5646} - (no file)
Toolbar-!{5018CFD2-804D-4C99-9F81-25EAEA2769DE} - (no file)
Toolbar-!{5786d022-540e-4699-b350-b4be0ae94b79} - (no file)
Toolbar-!{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - (no file)
Toolbar-!{F9639E4A-801B-4843-AEE3-03D9DA199E77} - (no file)
Wow6432Node-HKLM-Run-mbot_de_111 - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-10 - (no file)
Toolbar-!{5786d022-540e-4699-b350-b4be0ae94b79} - (no file)
AddRemove-ALDI SÜD Mah Jong - c:\windows\system32\Uninstall ALDI SÜD Mah Jong.exe
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-SimCity 3000 - c:\windows\IsUn0407.exe
AddRemove-InetStat - c:\users\Pascal\AppData\Roaming\InetStat\inetstat.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\fshoster]
"ImagePath"="\"c:\program files (x86)\Kabel BW\fshoster32.exe\" -hosterid:0"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3934173735-3769707255-3857861622-1001\Software\SecuROM\License information*]
"datasecu"=hex:20,e5,d5,ff,c3,8a,8f,7f,e8,dc,fb,8f,34,97,a3,fd,0e,44,fc,04,91,
a0,05,a5,80,27,a4,0b,49,e5,ba,03,3c,31,63,90,09,af,ca,e3,b4,f6,a8,bf,ad,35,\
"rkeysecu"=hex:27,55,4f,81,78,18,1b,1b,f6,05,63,55,51,15,0b,13
.
[HKEY_LOCAL_MACHINE\software\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*]
@="?????????????????? v1"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*1*\CLSID]
@="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*]
@="?????????????????? v2"
.
[HKEY_LOCAL_MACHINE\software\Classes\VideoLAN.VLCPlugin.*2*\CLSID]
@="{9BE31822-FDAD-461B-AD51-BE1D1C159921}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\F-Secure\My Services Agent\Protected]
@Denied: ) (Everyone)
"AgentIdentifier"="fab60538-dc40-4f50-80b5-c3837a4c4bd3"
"AuthorizationCode"=""
"47731_AgentIdentifier"="fab60538-dc40-4f50-80b5-c3837a4c4bd3"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
c:\program files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
c:\program files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\FSGK32.EXE
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\BlueStacks\HD-Service.exe
c:\program files (x86)\BlueStacks\HD-Network.exe
c:\program files (x86)\BlueStacks\HD-BlockDevice.exe
c:\program files (x86)\BlueStacks\HD-SharedFolder.exe
c:\program files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSMA32.EXE
c:\program files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\fssm32.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-10-15 14:52:21 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-10-15 12:52
.
Vor Suchlauf: 22 Verzeichnis(se), 578.966.585.344 Bytes frei
Nach Suchlauf: 26 Verzeichnis(se), 578.303.451.136 Bytes frei
.
- - End Of File - - E87444EB7508ED6F9850ECC728E73EF1
4624822E540EC83CD0819525C65846BA Hi |
|
15.10.2014, 21:00
| #7 |
| /// the machine /// TB-Ausbilder | C:\windows\scorl.trojan.general.exe Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.10.2014, 16:25
| #8 |
| | Malwarebytes Malwarebytes geht bei mir nicht. So~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.3.3 (10.14.2014:1) OS: Windows 7 Home Premium x64 Ran by Pascal on 16.10.2014 at 16:53:22,69 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby-20120809_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby-20120809_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dealcabby_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\addlyrics1020_0711-14316d0f_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\addlyrics1020_0711-14316d0f_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\softonic_chr_1-8-16-10_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\softonic_chr_1-8-16-10_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby-20120809_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby-20120809_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dealcabby_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\addlyrics1020_0711-14316d0f_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\addlyrics1020_0711-14316d0f_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\softonic_chr_1-8-16-10_RASAPI32 Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\softonic_chr_1-8-16-10_RASMANCS Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{3D5C0BD6-7735-62F6-6F8F-521BDAFB66B2} Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D1ECD019-8423-43de-98D1-7892AF2DA309} Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{D1ECD019-8423-43de-98D1-7892AF2DA309} Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dc26eb86-ac6f-4093-918d-3e36cd607f01} Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{dc26eb86-ac6f-4093-918d-3e36cd607f01} Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D1ECD019-8423-43de-98D1-7892AF2DA309} Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{D1ECD019-8423-43de-98D1-7892AF2DA309} Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dc26eb86-ac6f-4093-918d-3e36cd607f01} Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{dc26eb86-ac6f-4093-918d-3e36cd607f01} ~~~ Files Successfully deleted: [File] "C:\Users\Pascal\appdata\locallow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com" ~~~ Folders Successfully deleted: [Folder] "C:\ProgramData\drivergenius" Successfully deleted: [Folder] "C:\Users\Pascal\appdata\local\cre" Successfully deleted: [Folder] "C:\Program Files (x86)\pcpowerspeed" Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\driver genius" Successfully deleted: [Folder] "C:\Users\Pascal\music\qtrax media library" Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{00A77061-4D0E-4F0C-9557-0C5163B4570F} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{0338D6D6-119B-429C-BFBC-68E3D3682050} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{03FACA89-9C45-41ED-8A39-DB6A9C3DC284} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{08BC19BD-38D2-465F-AE53-381F671F476E} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{0A1758D6-ADA7-4055-A009-53A494896C3D} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{0CC440C5-2E01-49C1-A9C6-3B718B92A881} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{0D08DF3F-8E41-4934-8951-A27AB90E4E43} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{0D38F36B-AB51-4B33-B4A9-6B8E16D20BAC} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{1067FE1A-46B7-4890-A5BD-8319B272014E} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{11C32934-8E8B-4377-8553-5526FA8512F3} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{1336BE0B-5B3C-42A7-A0D1-12D1C6ED6D41} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{13996675-5A5B-42AD-9D5F-06A07745B40B} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{14E39688-D017-4F3F-92EA-6483471E3C50} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{18458F6D-BE51-4858-B673-2DC9B08CF56D} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{18AE005D-A3D4-4D9F-8206-100B5FFC2E24} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{197DDD4C-27C8-40AF-960B-4254B480AA48} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{20355896-245A-40D7-9C99-D792AA0E5ED0} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{224B7BE3-5B04-4B6E-8461-8B950C1E8B6F} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{22FEBED8-9EBA-4BF9-AE9D-42B57B1788DE} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{255F1625-5867-4251-B08C-ECAE6D3BCDE7} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{273C0516-8923-4FDF-94BC-0684B514DB91} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{2811AD15-0BAE-472D-9791-3971F01D02BF} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{2D23EA6A-100E-4AEF-A7E3-24EF87483747} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{30E692B9-1E3D-4C40-8F34-89C150C7162D} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{324B0D10-687D-48F8-8908-C84462F37527} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{327F2EAF-E5F5-4EA5-9C26-A207F12F3B0B} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{3375AD04-10C5-42F0-AEEA-02132856D0AF} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{34E8C86D-5DA4-4079-850C-9DB23C702421} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{36543086-CC35-40DA-8940-735FE62834C3} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{3B45BEA1-B326-42C0-BC37-356D937E2226} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{3B949C87-1EA1-41EC-8AF7-BE1FC22AE182} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{3EE6F7CF-2901-427B-8E6D-9A535A7DCBD1} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{470D4303-E045-4FD8-91AE-53322CDD8F39} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{4892A8EF-CE25-4389-AA80-5E0F818D4C3F} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{4AC26E39-29D6-4263-A8BA-EDA3AFF1B82C} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{4CD6BF6F-8E29-4F2D-BAE7-5DC010E97ABF} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{4D5807E0-1D49-4A3D-8890-FC87064A45A4} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{500F6298-61FF-4521-8C34-72819DC85AD6} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{51BF7BC1-BC74-42FF-98B4-2A2D8C15132C} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{5276D8D4-48B8-4873-9FAC-4B00811DD6ED} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{52C9D7F5-10B9-4292-BEEA-6C840AE63B4D} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{5381F0D0-24DC-4224-A016-E0167B5FA457} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{556C1EC3-6444-45D9-B828-80EDC46EF19A} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{557486F7-594B-49AF-BDD5-AAAE36C4BF54} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{5762C378-D6E8-4115-AB96-941514DD671E} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{5BF977CF-BC72-4492-9382-ED785D0802FC} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{5C09FF64-BD88-448E-8E19-B0800035C77D} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{5C837CF4-DE50-43C5-836F-6DD16D1E315A} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{6094A8EF-9297-4617-AFF3-13B03E8E08AF} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{644480B5-4338-4B4A-B444-95BBACCB7F76} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{67188828-4227-407A-AC97-46A4611DCB9A} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{70E16782-0C25-4A08-8C49-2F7D1F275CCD} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{70F60686-BBB1-4DB9-BD55-0F2B995F8DF6} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{7218ECFD-43ED-443C-99F0-C20017B9A791} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{73D6B48C-B50C-4CC0-8EEE-9E186547A42E} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{7AACC138-4870-472F-836C-A9832BD2DE91} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{7D797F87-32B5-4C3F-9A48-4E34C640062C} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{7F5FF4BE-04E6-4761-8192-A6DE51E8061F} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{7F960DED-3339-4E51-943D-690E0EB3B7F6} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{81B98077-F50F-49E7-A7B0-C6AD591A11B7} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{82D8FFF9-D961-467B-8C22-5B085E374425} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{85173C0D-0F74-49C8-B041-EEEFA67B19B6} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{896B079A-6D3C-467C-A7F9-5D1942EC2302} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{8B2E18B5-5DD6-4EF7-B748-DFBDDC0D225D} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{8E561863-480D-4D71-8032-6847C8C7F0F3} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{92D9D453-7016-4571-BE2F-EF16D3B99F6F} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{93135FAB-E361-4818-9A06-77CCB20CD864} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{93CD4687-A5FE-4678-B615-9762DC6E5AB4} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{946E05F1-07C3-4DBE-B1A7-FED543565B9F} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{9615B684-2A5E-4654-A8C7-34DA7C67E417} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{997B088B-8AE6-41FE-8F15-3F21949B640D} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{9B64E355-C2A4-4FBE-8D20-47F4C5AC61E6} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{9E4BEC8B-E7C2-4847-94E6-C0A2167E74E5} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{9FAA377C-E903-462C-9CCC-A247BA97492C} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{9FD5C60F-699C-4224-B86D-A2A97CC64C4E} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{A06E69F2-1B79-425E-BE54-A9610D0AA1B9} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{A951F389-45F9-4190-B5EA-E4415D5BAB66} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{A97416BC-2D88-44FC-A269-44A59B52961E} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{AB23FFC1-458C-4AB7-B132-9BAD8C3AC1D1} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{ABD9D429-1803-461F-B7FD-81958EB15151} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{ACB62FA3-C538-4469-9746-A3B9BA87904C} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{AD86CAB6-6F66-4D97-9B44-CF12DEC7FAE8} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{B13EF008-2AB0-4B97-8750-739681EDC14A} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{B2858977-DECD-43EF-9105-6C06437C53CC} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{B368324A-2293-4933-910A-CD07C4E02E6F} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{BB2245E0-8962-4455-80A1-304B03B78658} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{BE9F69F4-430E-47D8-A695-5697C0386E39} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{C2291464-B07C-4E39-A45C-54FE75110827} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{C33B8D31-0686-4CF6-8505-F1EF5306C030} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{C33FCEC7-E239-4CA7-8FD4-9B4F26530579} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{C5D117BC-130C-4C52-89F8-4A033A69EC5F} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{C8F3E443-832B-4D9D-9EF3-F9F24FA54620} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{CAC55528-0245-4AEB-B686-AB2F181811CC} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{CB3A95FE-314E-4628-A4E0-8EFB22FCEDEC} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{CF903EC9-F93A-4B81-A8D6-1614FC89E956} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{D0C9EE1B-6429-4C65-BDA2-E721856A47AB} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{D83C1C84-F35E-4334-950A-A56D4771D59C} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{D88E5264-3C64-41F0-8430-7C0F67943246} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{DA70339F-4C76-49FF-86DA-33CF0831E7F6} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{DB0D24CC-B897-4288-928A-5ED3EAD78DAB} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{E01BE066-6A29-47EC-93FA-124322B7D438} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{E25E3C7D-C32F-42D4-9AF8-90668814DD4B} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{E6205BDA-F662-48D2-B88B-64196ED5CCAF} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{E688DDFB-7F66-4572-BF1A-EFB19BA153F1} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{EDB4540B-B75A-41B9-B0B9-010141290289} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{EE7ECB5F-CF20-4899-A5F9-08008EAA7272} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{F2109B9B-F60E-424A-ABBA-185BFD693604} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{F6698518-DDE4-48DD-BE14-01F38E01800A} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{F68BB4EB-D942-4C4F-882C-282443A20184} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{FA538CF7-8D55-4234-92A5-29BFDAAEC314} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{FA7EC551-33DE-4EC7-94BE-168178CB4489} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{FAC4EEB8-C439-4C66-9C84-F1D3C37B0D34} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{FC0FA3DF-5647-4E41-BFBF-C483772653FB} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{FCA819C0-A429-433A-8A5B-C84679732343} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{FD074F88-8478-4392-A554-58C681772862} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{FDC971BF-AA5F-4585-8601-18196D7D2E31} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{FDF36B76-1C8D-4CFB-AD93-6F84D3BC2354} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{FE6A382A-5F9F-417E-BDF6-966CE6EBF228} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{FF30AEDB-3E1E-471E-B9B8-C113EF5963D3} Successfully deleted: [Empty Folder] C:\Users\Pascal\appdata\local\{FFB9B73F-2E40-44E1-9C9C-3755B3920043} ~~~ Chrome Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Google [Blacklisted Policy] Successfully deleted: [Folder] C:\Users\Pascal\appdata\local\Google\Chrome\User Data\Default\Extensions\mpfeggemggokijeahnacacopejaabljl ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 16.10.2014 at 16:59:44,39 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Das war die JRT So# AdwCleaner v4.000 - Bericht erstellt am 16/10/2014 um 16:42:23 # DB v2014-10-15.7 # Aktualisiert 12/10/2014 von Xplode # Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits) # Benutzername : Pascal - PASCAL-PC # Gestartet von : C:\Users\Pascal\Desktop\AdwCleaner_4.000.exe # Option : Löschen ***** [ Dienste ] ***** [#] Dienst Gelöscht : globalUpdatem [#] Dienst Gelöscht : MyOSProtect [#] Dienst Gelöscht : MySafeProxyMonitor [#] Dienst Gelöscht : SPPD [#] Dienst Gelöscht : Web Assistant Updater ***** [ Dateien / Ordner ] ***** Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z Ordner Gelöscht : C:\Program Files (x86)\1ClickDownload Ordner Gelöscht : C:\Program Files (x86)\Amazon Browser Bar Ordner Gelöscht : C:\Program Files (x86)\Amazon\ABB Ordner Gelöscht : C:\ProgramData\Ask Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\BabSolution Ordner Gelöscht : C:\Users\Pascal\AppData\LocalLow\BabylonToolbar Ordner Gelöscht : C:\Users\Pascal\AppData\LocalLow\Bandoo Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\Bandoo Ordner Gelöscht : C:\Program Files (x86)\BearShare Applications Ordner Gelöscht : C:\Program Files (x86)\BetterAds Ordner Gelöscht : C:\ProgramData\BitGuard Ordner Gelöscht : C:\Program Files (x86)\BonanzaDeals Ordner Gelöscht : C:\Program Files (x86)\BonanzaDealsLive Ordner Gelöscht : C:\ProgramData\Browse2Save Ordner Gelöscht : C:\Users\Pascal\AppData\LocalLow\Browse2Save Ordner Gelöscht : C:\ProgramData\Browser Manager Ordner Gelöscht : C:\ProgramData\BrowserProtect Ordner Gelöscht : C:\Program Files (x86)\BrowseToSave Ordner Gelöscht : C:\Program Files (x86)\ChatZum Toolbar Ordner Gelöscht : C:\Users\Pascal\AppData\LocalLow\Claro LTD Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\Common\LuaRT Ordner Gelöscht : C:\Program Files (x86)\Conduit Ordner Gelöscht : C:\Users\Pascal\AppData\Local\Conduit Ordner Gelöscht : C:\Users\Pascal\AppData\LocalLow\Conduit Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\DataMgr Ordner Gelöscht : C:\Users\Pascal\AppData\LocalLow\DataMngr Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly Ordner Gelöscht : C:\Program Files (x86)\Delta Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\digitalsite Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\DigitalSites Ordner Gelöscht : C:\Program Files (x86)\driver-soft Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\dvdvideosoftiehelpers Ordner Gelöscht : C:\ProgramData\eSafe Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\fbDownloader Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\fbDownloader Ordner Gelöscht : C:\Users\Pascal\AppData\LocalLow\Feven 1.5 Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FTDownloader.com Ordner Gelöscht : C:\Users\Gast\AppData\LocalLow\Funmoods Ordner Gelöscht : C:\Program Files (x86)\GamesBar Ordner Gelöscht : C:\Program Files (x86)\globalUpdate Ordner Gelöscht : C:\Users\Pascal\AppData\Local\globalUpdate Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\goforfiles Ordner Gelöscht : C:\Program Files (x86)\Gophoto.it Ordner Gelöscht : C:\Program Files (x86)\HDvidCodec.com Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HDvidCodec.com Ordner Gelöscht : C:\ProgramData\IBUpdaterService Ordner Gelöscht : C:\Users\Pascal\AppData\Local\Ilivid Player Ordner Gelöscht : C:\Program Files (x86)\iMesh Applications Ordner Gelöscht : C:\ProgramData\iMesh Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iMesh Ordner Gelöscht : C:\Users\Gast\AppData\Local\iMesh Ordner Gelöscht : C:\Users\Pascal\AppData\Local\iMesh Ordner Gelöscht : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\wsflpik0.default\imeshtoolbarguid Ordner Gelöscht : C:\Users\Gast\AppData\Roaming\Iminent Ordner Gelöscht : C:\Users\Pascal\AppData\LocalLow\incredibar.com Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\InetStat Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\InetStat Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\InetStat Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\Intermediate Ordner Gelöscht : C:\Users\Pascal\AppData\Local\Local_Weather_LLC Ordner Gelöscht : C:\Program Files (x86)\Mobogenie Ordner Gelöscht : C:\Users\Pascal\AppData\Local\Mobogenie Ordner Gelöscht : C:\Users\Pascal\Documents\Mobogenie Ordner Gelöscht : C:\Program Files (x86)\Movie2KDownloader.com Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movie2KDownloader.com Ordner Gelöscht : C:\ProgramData\NCH Software Ordner Gelöscht : C:\Program Files (x86)\NCH Software Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\NCH Software Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\OpenCandy Ordner Gelöscht : C:\Users\Pascal\AppData\Local\PackageAware Ordner Gelöscht : C:\ProgramData\Partner Ordner Gelöscht : C:\Program Files (x86)\PC Speed Maximizer Ordner Gelöscht : C:\Users\Pascal\Documents\PC Speed Maximizer Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\pccustubinstaller Ordner Gelöscht : C:\Program Files (x86)\PCTRunner Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip Ordner Gelöscht : C:\Program Files (x86)\PepperZip Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\PerformerSoft Ordner Gelöscht : C:\Program Files (x86)\Perion Ordner Gelöscht : C:\Program Files (x86)\Playbryte Ordner Gelöscht : C:\Users\Pascal\AppData\LocalLow\Playbryte Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\pluswinks Ordner Gelöscht : C:\Program Files (x86)\predm Ordner Gelöscht : C:\Users\Gast\AppData\LocalLow\PriceGong Ordner Gelöscht : C:\Users\Pascal\AppData\LocalLow\PriceGong Ordner Gelöscht : C:\Users\Pascal\AppData\Local\PutLockerDownloader Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\registry mechanic Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\SCheck Ordner Gelöscht : C:\Users\Pascal\AppData\Local\SearchProtect Ordner Gelöscht : C:\Users\Susu\AppData\Local\SearchProtect Ordner Gelöscht : C:\Program Files (x86)\Searchqu Toolbar Ordner Gelöscht : C:\Users\Gast\AppData\LocalLow\searchquband Ordner Gelöscht : C:\Users\Pascal\AppData\LocalLow\searchquband Ordner Gelöscht : C:\Users\Gast\AppData\LocalLow\Searchqutoolbar Ordner Gelöscht : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\wsflpik0.default\Searchqutoolbar Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Searchqutoolbar Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\SeeSimilar Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Smartbar Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\Snz Ordner Gelöscht : C:\ProgramData\SoftSafe Ordner Gelöscht : C:\Program Files (x86)\SoftwareUpdater Ordner Gelöscht : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\wsflpik0.default\somotomoviestoolbar1 Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\somotomoviestoolbar1 Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\SpeedanAlysis Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\SSync Ordner Gelöscht : C:\Users\Pascal\AppData\Local\SwvUpdater Ordner Gelöscht : C:\Users\Pascal\AppData\Local\Systweak Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\Systweak Ordner Gelöscht : C:\ProgramData\Tarma Installer Ordner Gelöscht : C:\Program Files (x86)\Common Files\Tobit Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\Tobit Ordner Gelöscht : C:\ProgramData\Trymedia Ordner Gelöscht : C:\Users\Pascal\AppData\Local\TVWizard Ordner Gelöscht : C:\Program Files (x86)\Uncompressor Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue Ordner Gelöscht : C:\Program Files (x86)\Uniblue Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\Uniblue Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Weather Alerts Ordner Gelöscht : C:\Users\Pascal\AppData\Local\WeatherAlerts Ordner Gelöscht : C:\Program Files\Web Assistant Ordner Gelöscht : C:\Users\Pascal\AppData\LocalLow\wincoreimband Ordner Gelöscht : C:\Program Files (x86)\XTRM Group Ordner Gelöscht : C:\Program Files\Enigma Software Group Ordner Gelöscht : C:\Program Files (x86)\DriverTurbo Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\DriverTurbo Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\CT3241949 Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\CT2851647 Ordner Gelöscht : C:\Program Files (x86)\HD-Quality-v3V30.09 Ordner Gelöscht : C:\Program Files (x86)\HQCinema1.9V01.10 Ordner Gelöscht : C:\Program Files (x86)\ver4NewPlayer Ordner Gelöscht : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\wsflpik0.default\Extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Ordner Gelöscht : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\wsflpik0.default\Extensions\staged\{ADFA33FD-16F5-4355-8504-DF4D664CFE83} Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2} Ordner Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} Ordner Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@babylon.com Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\ffxtlbr@delta.com Ordner Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\ffxtlbr@holasearch.com Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\ffxtlbra@softonic.com Ordner Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\webbooster@iminent.com Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{78e516ef-11de-47a1-8364-a99b917ec5ee} Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com Ordner Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com Ordner Gelöscht : C:\Users\Susu\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh Ordner Gelöscht : C:\Users\Susu\AppData\Local\Google\Chrome\User Data\Default\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf Ordner Gelöscht : C:\Users\Susu\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf Ordner Gelöscht : C:\Users\Susu\AppData\Local\Google\Chrome\User Data\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp Ordner Gelöscht : C:\Users\Susu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje Ordner Gelöscht : C:\Users\Susu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj Ordner Gelöscht : C:\Users\Susu\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg Ordner Gelöscht : C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\mpfeggemggokijeahnacacopejaabljl Ordner Gelöscht : C:\Users\Susu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk [!] Ordner Gelöscht : C:\Users\Susu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje [!] Ordner Gelöscht : C:\Users\Susu\AppData\Local\Google\Chrome\User Data\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp Ordner Gelöscht : C:\Users\Susu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga Ordner Gelöscht : C:\Users\Susu\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433} Datei Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\uqbb6zzc.default\Extensions\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi Datei Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\gophoto@gophoto.it.xpi Datei Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\movie2kdownloader@movie2kdownloader.com.xpi Datei Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\om@offermosquito.com.xpi Datei Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\uqbb6zzc.default\Extensions\OneClickDownloader@OneClickDownloader.com.xpi Datei Gelöscht : C:\Users\Pascal\AppData\Local\CRE\engeblojhfeingnjnfpiceofljnjpldp.crx Datei Gelöscht : C:\Users\Pascal\AppData\Local\CRE\fkjoiggkbepedjmjjbhhecjiimlckcga.crx Datei Gelöscht : C:\Users\Pascal\AppData\Local\CRE\kfkcangbigakljkjeglcofaomihpejif.crx Datei Gelöscht : C:\Users\Pascal\daemonprocess.txt Datei Gelöscht : C:\Users\Pascal\AppData\Local\funmoods.crx Datei Gelöscht : C:\Users\Pascal\AppData\Local\funmoods-speeddial.crx Datei Gelöscht : C:\Users\Pascal\AppData\Local\funmoods-speeddial_sf.crx Datei Gelöscht : C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\iMesh.lnk Datei Gelöscht : C:\Users\Pascal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iMesh.lnk Datei Gelöscht : C:\Users\Pascal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\iMesh.lnk Datei Gelöscht : C:\monitor.exe Datei Gelöscht : C:\monitorsvc.exe Datei Gelöscht : C:\Windows\SysWOW64\MyOSProtect.ini Datei Gelöscht : C:\Windows\SysWOW64\MyOSProtectOff.ini Datei Gelöscht : C:\Windows\System32\MyOSProtectOff.ini Datei Gelöscht : C:\Windows\System32\roboot64.exe Datei Gelöscht : C:\Users\Pascal\AppData\Roaming\speedanalysis.ico Datei Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\bprotector_extensions.sqlite Datei Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\bprotector_prefs.js Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\defaults\pref\all-iminent.js Datei Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\invalidprefs.js Datei Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\11-suche.xml Datei Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\Babylon.xml Datei Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\delta.xml Datei Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\fbdownloader_search.xml Datei Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\fileconverter-13-customized-web-search.xml Datei Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\holasearch.xml Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml Datei Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\SearchResults.xml Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\SearchResults.xml Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\searchplugins\SearchTheWeb.xml Datei Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\softonic.xml Datei Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\user.js Datei Gelöscht : C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\uqbb6zzc.default\user.js Datei Gelöscht : C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.betterdeals00.betterdeals.co_0.localstorage Datei Gelöscht : C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_static.betterdeals00.betterdeals.co_0.localstorage-journal Datei Gelöscht : C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage Datei Gelöscht : C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.softonic.de_0.localstorage-journal Datei Gelöscht : C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage Datei Gelöscht : C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal ***** [ Tasks ] ***** Task Gelöscht : DealPlyUpdate Task Gelöscht : Digital Sites Task Gelöscht : Funmoods Task Gelöscht : globalUpdateUpdateTaskMachineCore Task Gelöscht : globalUpdateUpdateTaskMachineUA Task Gelöscht : GoforFilesUpdate Task Gelöscht : LaunchApp Task Gelöscht : LaunchSignup Task Gelöscht : Software Updater Ui Task Gelöscht : Software Updater Task Gelöscht : 1242f82e-6c0d-47d3-a2c9-9feb3999108a Task Gelöscht : 56c2d237-88f9-437d-be8e-58367541cdc2-1 Task Gelöscht : 56c2d237-88f9-437d-be8e-58367541cdc2-2 Task Gelöscht : 56c2d237-88f9-437d-be8e-58367541cdc2-4 Task Gelöscht : 56c2d237-88f9-437d-be8e-58367541cdc2-5 Task Gelöscht : 56c2d237-88f9-437d-be8e-58367541cdc2-6 Task Gelöscht : 56c2d237-88f9-437d-be8e-58367541cdc2-7 Task Gelöscht : 815a6f6b-5b57-4751-8a99-2a2f9410b044-1 Task Gelöscht : 815a6f6b-5b57-4751-8a99-2a2f9410b044-2 Task Gelöscht : 815a6f6b-5b57-4751-8a99-2a2f9410b044-5 Task Gelöscht : 815a6f6b-5b57-4751-8a99-2a2f9410b044-5_user Task Gelöscht : 815a6f6b-5b57-4751-8a99-2a2f9410b044-6 Task Gelöscht : 815a6f6b-5b57-4751-8a99-2a2f9410b044-7 Task Gelöscht : c6ac72ed-56b8-40ca-9074-9efe04ef1716 ***** [ Verknüpfungen ] ***** Verknüpfung Desinfiziert : C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ***** [ Registrierungsdatenbank ] ***** Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}] Wert Gelöscht : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}] Wert Gelöscht : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{8E9E3331-D360-4f87-8803-52DE43566502}] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [ext@bettersurfplus.com] Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [speedanalysis@SpeedAnalysis.com] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [speedanalysis@SpeedAnalysis.com] Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [xz123@ya456.com] Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\blaofbhgbmeikidhlkmjhbkbfohpgekf Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\cfcbmgbfdbijmjgjihagbomfbjfjmgon Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dedmngkbaffkenlfdcbganndoghblmap Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\engeblojhfeingnjnfpiceofljnjpldp Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\engeblojhfeingnjnfpiceofljnjpldp Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mocblcnaofikinigmceddfghppkkjbog Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pfmopbbadnfoelckkcmjjeaaegjpjjbk Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\kfkcangbigakljkjeglcofaomihpejif Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\kfkcangbigakljkjeglcofaomihpejif Schlüssel Gelöscht : HKCU\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar Schlüssel Gelöscht : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Extension.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\iMesh.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\PropertySync.EXE Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\iMesh_V11_en_Setup.exe Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.BandooCore Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\f Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iMesh.AudioCD Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iMesh.Device Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iMesh.file Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Updater.AmiUpd Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1 Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ApnSetup_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\DesktopWeatherAlertsApp_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\DesktopWeatherAlertsApp_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\FTDownloader_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\FTDownloader_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsLatest_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\FunmoodsSetup_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\I Want This_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1 (1)_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1 (1)_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_V11_en_Setup_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_V11_en_Setup_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup{2_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IminentSetup{2_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Movie2KDownloader_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Movie2KDownloader_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasapi32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_1_rasmancs Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasapi32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\privitizevpn_rasmancs Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\QuickShare_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\registrybooster_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\registrybooster_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\softonic_ggl_1_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\TaskScheduler_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasapi32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajamupdater_rasmancs Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wsconduit__166_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wsconduit__166_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMPlayCDAudioOnArrival Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMRipCDAudioOnArrival Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowCDAudioOnArrival Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\IMShowVolumeOnArrival Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10 Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4 Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc Schlüssel Gelöscht : HKCU\Software\596da8ab76fbf41 Schlüssel Gelöscht : HKLM\SOFTWARE\596da8ab76fbf41 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_f2a323db Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0002258.BHO Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0033440.BHO Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0033440.Sandbox Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0033440.Sandbox.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0038532.BHO Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0038532.BHO.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0038532.Sandbox Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0038532.Sandbox.1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2481020 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_directx_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_directx_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_lost-planet-extreme-condition_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_lost-planet-extreme-condition_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_corel-videostudio-pro-x4(1)_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_corel-videostudio-pro-x4(1)_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_directx (1)_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_directx (1)_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_directx_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_directx_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_driver-turbo_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_driver-turbo_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_geosense_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_geosense_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_internettv_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_internettv_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_keylemon (1)_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_keylemon (1)_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_keylemon (2)_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_keylemon (2)_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_keylemon_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_keylemon_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft-server_RASAPI32 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft-server_RASMANCS Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1F02FB61-2BE5-4C16-8199-AEAA16EB0342} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{8D5CFE57-B0FD-4396-97A2-DFD0B7DA935B} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{059EACC2-1ABE-49E8-928D-DC8BD355B7A9} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{27F69C85-64E1-43CE-98B5-3C9F22FB408E} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{31D8407C-62E4-4125-A4A9-717EFB1A56AE} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{51420F88-4D4A-4042-9509-8D4E1307910E} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{61E0EF7A-9BC0-45EA-9B2F-F3E9F02692BD} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{69D3F709-9DE2-479F-980F-532D46895703} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7C3B01BC-53A5-48A0-A43B-0C67731134B9} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9173F089-1A84-4023-B972-55A6EE7103B0} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9D717F81-9148-4F12-8568-69135F087DB0} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A43DE495-3D00-47D4-9D2C-303115707939} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B543EF05-9758-464E-9F37-4C28525B4A4C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BA56787C-729F-4715-8F11-EB2A16908B91} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BB76A90B-2B4C-4378-8506-9A2B6E16943C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C3AB94A4-BFD0-4BBA-A331-DE504F07D2DB} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F42C7B47-5234-4BF5-8882-DAAC0D64870D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110011221158} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311341140} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611171162} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110611381131} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022222258} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322342240} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172262} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622382231} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{33333333-3333-3333-3333-330033223358} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Das war der 1. Teil des adws |
|
16.10.2014, 16:33
| #9 |
| | 2. teil des adws SoSchlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055225558} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175562} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655385531} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066226658} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176662} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666386631} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077227758} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{05E242CB-338E-4A4F-A726-80BAB386D079} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{13A9E13B-139B-48D1-B698-9C3DFF726345} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{EC96F516-51B2-4B46-8451-8665F5A6BA2B} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{F07FBD3E-2048-44A4-9065-71BF551E2672} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403A-B9D2-65C292C39087} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51420F88-4D4A-4042-9509-8D4E1307910E} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{61E0EF7A-9BC0-45EA-9B2F-F3E9F02692BD} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA56787C-729F-4715-8F11-EB2A16908B91} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011221158} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311341140} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611171162} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611381131} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6087829B-114F-42A1-A72B-B4AEDCEA4E5B} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3D233D5-9F6D-436C-B6C7-E63F77503B30} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D7E97865-918F-41E4-9CD0-25AB1C574CE8} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011221158} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311341140} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31D8407C-62E4-4125-A4A9-717EFB1A56AE} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3444C3C5-6C56-4A16-A453-832B05BF6EA4} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{51420F88-4D4A-4042-9509-8D4E1307910E} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{65BCD620-07DD-012F-819F-073CF1B8F7C6} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080} Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2417} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{28387537-E3F9-4ED7-860C-11E69AF4A8A0}] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{9E131A93-EED7-4BEB-B015-A0ADB30B5646}] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B278D9F8-0FA9-465E-9938-0C392605D8E3}] Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C510DFFB-0AFE-484C-BA40-CED5B74C4EEF}] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322342240} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622172262} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220622382231} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{69D3F709-9DE2-479F-980F-532D46895703} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6F43FA77-C18F-4D0C-9C7E-958876FE2061} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{DF948646-8BF4-450E-A059-CF8A4E0FE2BE} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E96B49B0-E11F-48FC-984A-EEC29A4F57E1} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F42C7B47-5234-4BF5-8882-DAAC0D64870D} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F7BEBBB1-7E6B-4561-9444-6F4866D60C7C} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055225558} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655175562} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550655385531} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066226658} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666176662} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660666386631} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{77777777-7777-7777-7777-770077227758} Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD21} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2417} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7971660-A1CE-4FDD-B9E0-2C37D77AFB0B} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{51420F88-4D4A-4042-9509-8D4E1307910E} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A} Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080} Schlüssel Gelöscht : HKCU\Software\BI Schlüssel Gelöscht : HKCU\Software\ChatZum Toolbar Schlüssel Gelöscht : HKCU\Software\ClickConnect Schlüssel Gelöscht : HKCU\Software\Conduit Schlüssel Gelöscht : HKCU\Software\delta LTD Schlüssel Gelöscht : HKCU\Software\distromatic Schlüssel Gelöscht : HKCU\Software\dsiteproducts Schlüssel Gelöscht : HKCU\Software\FBDownloader Schlüssel Gelöscht : HKCU\Software\filescout Schlüssel Gelöscht : HKCU\Software\GlobalUpdate Schlüssel Gelöscht : HKCU\Software\holasearch LTD Schlüssel Gelöscht : HKCU\Software\IM Schlüssel Gelöscht : HKCU\Software\Imesh Schlüssel Gelöscht : HKCU\Software\ImInstaller Schlüssel Gelöscht : HKCU\Software\InetStat Schlüssel Gelöscht : HKCU\Software\InstallCore Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions Schlüssel Gelöscht : HKCU\Software\lollipop Schlüssel Gelöscht : HKCU\Software\OCS Schlüssel Gelöscht : HKCU\Software\OfferMosquito Schlüssel Gelöscht : HKCU\Software\Optimizer Pro Schlüssel Gelöscht : HKCU\Software\PepperZip Schlüssel Gelöscht : HKCU\Software\Protector Schlüssel Gelöscht : HKCU\Software\SoftonicToolbar Schlüssel Gelöscht : HKCU\Software\StartSearch Schlüssel Gelöscht : HKCU\Software\TutoTag Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\DynConIE Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Feven 1.5 Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\mediabarim Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Plus-HD-2.6 Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\searchqutoolbar Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\HD-Quality-v3V30.09 Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\HQCinema1.9V01.10 Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F} Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} Schlüssel Gelöscht : HKLM\SOFTWARE\aartemisSoftware Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon Schlüssel Gelöscht : HKLM\SOFTWARE\BabylonToolbar Schlüssel Gelöscht : HKLM\SOFTWARE\Bandoo Schlüssel Gelöscht : HKLM\SOFTWARE\BetterSurf Schlüssel Gelöscht : HKLM\SOFTWARE\ChatZum Toolbar Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit Schlüssel Gelöscht : HKLM\SOFTWARE\DataMngr Schlüssel Gelöscht : HKLM\SOFTWARE\DealPly Schlüssel Gelöscht : HKLM\SOFTWARE\Delta Schlüssel Gelöscht : HKLM\SOFTWARE\Driver-Soft Schlüssel Gelöscht : HKLM\SOFTWARE\eSafeSecControl Schlüssel Gelöscht : HKLM\SOFTWARE\Feven 1.5 Schlüssel Gelöscht : HKLM\SOFTWARE\Freeze.com Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate Schlüssel Gelöscht : HKLM\SOFTWARE\Imesh Schlüssel Gelöscht : HKLM\SOFTWARE\Iminent Schlüssel Gelöscht : HKLM\SOFTWARE\InstallCore Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions Schlüssel Gelöscht : HKLM\SOFTWARE\MediaBuzzV1 Schlüssel Gelöscht : HKLM\SOFTWARE\MediaPlayerV1 Schlüssel Gelöscht : HKLM\SOFTWARE\MyBestOffersToday Schlüssel Gelöscht : HKLM\SOFTWARE\Playbryte Schlüssel Gelöscht : HKLM\SOFTWARE\SafetyNut Schlüssel Gelöscht : HKLM\SOFTWARE\SoftwareUpdater Schlüssel Gelöscht : HKLM\SOFTWARE\SP Global Schlüssel Gelöscht : HKLM\SOFTWARE\SProtector Schlüssel Gelöscht : HKLM\SOFTWARE\systweak Schlüssel Gelöscht : HKLM\SOFTWARE\Trymedia Systems Schlüssel Gelöscht : HKLM\SOFTWARE\Tutorials Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue Schlüssel Gelöscht : HKLM\SOFTWARE\Vittalia Schlüssel Gelöscht : HKLM\SOFTWARE\Web Assistant Schlüssel Gelöscht : HKLM\SOFTWARE\XTRM Group Ltd. Schlüssel Gelöscht : HKLM\SOFTWARE\HD-Quality-v3V30.09 Schlüssel Gelöscht : HKLM\SOFTWARE\HQCinema1.9V01.10 Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Codec Pack Packages Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DesktopWeatherAlerts Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\FBDownloader Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{8FB495A1-4A3F-4C1D-BD27-3F3AB2E66763} Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\aartemis Browser Protecter Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Driver Genius_is1 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdater Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HD-Quality-v3V30.09 Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\HQCinema1.9V01.10 Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Speedchecker Limited Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Web Assistant Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\EnigmaSoftwareGroup Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Features\1A594BF8F3A4D1C4DB72F3A32B6E7636 Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\Products\1A594BF8F3A4D1C4DB72F3A32B6E7636 Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964 Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467 Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1A594BF8F3A4D1C4DB72F3A32B6E7636 ***** [ Browser ] ***** -\\ Internet Explorer v10.0.9200.17088 Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant] Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [CustomizeSearch] -\\ Mozilla Firefox v [wsflpik0.default] - Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://www.searchnu.com/406"); [wsflpik0.default] - Zeile gelöscht : user_pref("keyword.URL", "hxxp://dts.search-results.com/sr?src=ffb&appid=161&systemid=406&sr=0&q="); [wsflpik0.default] - Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://search.chatzum.com/"); [wsflpik0.default] - Zeile gelöscht : user_pref("browser.newtab.url", "search.chatzum.com"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.1000234.TWC_TMP_city", "HEIDELBERG"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.1000234.TWC_TMP_country", "DE"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.1000234.TWC_country", "GERMANY"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.1000234.TWC_locId", "GMXX0053"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.1000234.TWC_location", "Heidelberg, Germany"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.1000234.TWC_region", "DE"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.1000234.TWC_temp_dis", "c"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.1000234.TWC_wind_dis", "kmh"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.1000234.weatherData", "{\"icon\":\"30.png\",\"temperature\":\"25°C\",\"temperatureClear\":\"25°C\",\"highTemperature\":\"25°C\",\"lowTemperature\":\"14°C\",\"feelsLike\":\" 25°C\",[...] [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.FF19Solved", "true"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.FirstTime", "true"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.FirstTimeFF3", "true"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.PG_ENABLE", "dHJ1ZQ=="); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.PG_ENABLE.enc", "dHJ1ZQ=="); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.SF_JUST_INSTALLED.enc", "RkFMU0U="); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.SF_STATUS.enc", "RU5BQkxFRA=="); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.UserID", "UN21218473905470158"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.addressBarTakeOverEnabledInHidden", "true"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.defaultSearch", "false"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.enableFix404ByUser", "FALSE"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.enableSearchFromAddressBar", "false"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.firstTimeDialogOpened", "true"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.fixPageNotFoundErrorByUser", "TRUE"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.fixPageNotFoundErrorInHidden", "true"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.fixUrls", true); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.fullUserID", "UN21218473905470158.UP.20130714074938"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.homepageuserchanged", true); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.installDate", "8/6/2013 14:18:01"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.installSessionId", "-1"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.installSp", "FALSE"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.installType", "xpe"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.installUsage", "2013-06-08T15:18:10.0644842+03:00"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.installUsageEarly", "2013-06-08T15:18:09.0816716+03:00"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.installerVersion", "1.4.2.3"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.isCheckedStartAsHidden", true); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.isFirstTimeToolbarLoading", "false"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT2851647&octid=CT2851647&CUI=UN21218473905470158&UM=1&SearchSource=15\"}"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.lastVersion", "10.20.0.513"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.mam_gk_appStateReportTime.enc", "MTM3MDcwOTIwMDQ1Ng=="); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.mam_gk_appState_CouponBuddy.enc", "b2Zm"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.mam_gk_appState_Easytobook.enc", "b2Zm"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.mam_gk_appState_Easytobook_targeted.enc", "b2Zm"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.mam_gk_appState_PriceGong.enc", "b2Zm"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.mam_gk_appState_WindowShopper.enc", "b2Zm"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsIm9wdGlvbnNEaWFsb2ciOnsiZGlzc GxheU5h[...] [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.mam_gk_appsDefaultEnabled.enc", "bnVsbA=="); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkVhc3l0b2Jvb2tfdGFyZ2V0ZWQiLCJjcml0ZXJpYXMiOlt7ImNyaXRlcmlhSWQiOiI0NzUzYjMxMy04MDk2LTQ2NTQtYWUzMy0yNzkzZTk5YjAyOWUiL CJ[...] [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.mam_gk_currentVersion.enc", "MS44LjAuNA=="); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.mam_gk_eventsCache.enc", "eyIxYzIwZTQwZS05NWFmLTQ4ZGMtYmJkNC0xMzc2ODY1NGFiN2MiOnsidG9waWMiOiJzZW5kVXNhZ2UiLCJkYXRhIjp7ImNhdGVnb3J5IjoiV2VsY29tZSIsImFjdGlvbiI6IlZpZXcifSwidW5pc XVlS[...] [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.mam_gk_first_time.enc", "MQ=="); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.mam_gk_gadgetOpen.enc", "MA=="); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.mam_gk_installer_preapproved.enc", "ZmFsc2U="); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.mam_gk_lastLoginTime.enc", "MTM3MDcwOTE5OTUyMw=="); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50LVJpY2h0bGluaWUifSwiZ2FkZ2V0RGVzY3JpcHRpb25QcmltYXJ5Ijp7IlRleHQiOiJWYWx1ZSBBcHBzIGJlcmVpY2hlcnQgS Why[...] [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ=="); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.mam_gk_settings1.8.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiMjE1Xy0xIiwiaXNUZXN0IjpmYWxzZSwiaXNXZWxjb21lRXhwZXJpZW5jZUVuYWJsZWRCeURlZ mF1b[...] [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.mam_gk_showCloseButton.enc", "dHJ1ZQ=="); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.mam_gk_showWelcomeGadget.enc", "ZmFsc2U="); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.mam_gk_userId.enc", "YWNhMDMyMWYtZjJmMy00NWZkLTg5YTgtYjM4NDllMjQ0ZWM3"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.mam_gk_user_approval_interacted.enc", "MQ=="); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.migrateAppsAndComponents", true); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.google.de%2Fintl%2Fde%2Fchrome%2Fbrowser%2Fthankyou.html%3Finstalldataindex%3Ddefau ltbro[...] [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.openThankYouPage", "true"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.openUninstallPage", "false"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.revertSettingsEnabled", "FALSE"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.scriptSource.enc", "aHR0cDovLzEyNy4wLjAuMToxMDAwMC9ndWkv"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.search.searchAppId", "129351532245275780"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.search.searchCount", "0"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.searchInNewTabEnabledByUser", "false"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.searchInNewTabEnabledInHidden", "true"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.searchRevert", "FALSE"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.searchSuggestEnabledByUser", "false"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.searchUserMode", "1"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2851647\"}"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://uTorrentBarDE.OurToolbar.com//xpi\"}"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentBar_DE \"}"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.serviceLayer_services_Configuration_lastUpdate", "1382937636896"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1370693892593"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.serviceLayer_services_appsMetadata_lastUpdate", "1370693892412"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1370693892334"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1370693891474"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1370693892548"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.serviceLayer_services_location_lastUpdate", "1370693891464"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.serviceLayer_services_login_10.14.65.43_lastUpdate", "1373743168819"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.serviceLayer_services_login_10.16.2.9_lastUpdate", "1370693892561"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.serviceLayer_services_login_10.16.4.519_lastUpdate", "1374952893929"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1370693892388"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.serviceLayer_services_searchAPI_lastUpdate", "1382937636881"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.serviceLayer_services_serviceMap_lastUpdate", "1382937635847"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.serviceLayer_services_setupAPI_lastUpdate", "1370709194908"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.serviceLayer_services_toolbarContextMenu_lastUpdate", "1370693892362"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.serviceLayer_services_toolbarSettings_lastUpdate", "1382937636792"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.serviceLayer_services_translation_lastUpdate", "1382937636829"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.settingsINI", true); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.shouldFirstTimeDialog", "false"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.showToolbarPermission", "false"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.smartbar.CTID", "CT2851647"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.smartbar.Uninstall", "0"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.smartbar.isHidden", true); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.smartbar.toolbarName", "uTorrentBar_DE "); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.startPage", "false"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.toolbarBornServerTime", "8-6-2013"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.toolbarCurrentServerTime", "27-7-2013"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.toolbarLoginClientTime", "Sat Jun 08 2013 14:18:12 GMT+0200"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647.versionFromInstaller", "10.16.2.9"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT2851647_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1382946191680,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.FirstTime", "true"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.FirstTimeFF3", "true"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.UserID", "UN44613315310696218"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.addressBarTakeOverEnabledInHidden", "true"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.browser.search.defaultthis.engineName", true); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.countryCode", "DE"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.firstTimeDialogOpened", "true"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.fixPageNotFoundErrorByUser", "TRUE"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.fixPageNotFoundErrorInHidden", "true"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.fixUrls", true); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.fullUserID", "UN44613315310696218.XX.20130724150910"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.homepageuserchanged", true); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.installType", "DirectDownload"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.isCheckedStartAsHidden", true); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.isFirstTimeToolbarLoading", "false"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3241949&octid=CT3241949&SearchSource=15&CUI=UN44613315310696218&SSPV=&Lay=1&UM=1\"}"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.lastVersion", "10.21.1.507"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.mam_gk_installer_preapproved.enc", "RkFMU0U="); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.migrateAppsAndComponents", true); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.google.de%2Fintl%2Fde%2Fchrome%2Fbrowser%2Fthankyou.html%3Finstalldataindex%3Ddefau ltbro[...] [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.originalHomepage", "hxxp://search.fbdownloader.com/?channel=sfde206"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.originalSearchEngine", "Search"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.originalSearchEngineName", "Search"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.searchInNewTabEnabledByUser", "false"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.searchInNewTabEnabledInHidden", "true"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.searchSuggestEnabledByUser", "True"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.searchUserMode", "1"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3241949\"}"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://FileConverter13.OurToolbar.com//xpi\"}"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"FileConverter 1.3 \"}"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.serviceLayer_services_Configuration_lastUpdate", "1382883126537"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.serviceLayer_services_login_10.16.70.505_lastUpdate", "1377694611021"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.serviceLayer_services_login_10.19.2.505_lastUpdate", "1378740845882"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.serviceLayer_services_login_10.20.0.513_lastUpdate", "1380541956168"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.serviceLayer_services_login_10.20.1.508_lastUpdate", "1382172988036"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.serviceLayer_services_login_10.21.1.507_lastUpdate", "1382952036393"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.serviceLayer_services_searchAPI_lastUpdate", "1382883126370"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.serviceLayer_services_serviceMap_lastUpdate", "1382883126041"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.serviceLayer_services_setupAPI_lastUpdate", "1374671471383"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.serviceLayer_services_toolbarSettings_lastUpdate", "1382953397489"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.serviceLayer_services_translation_lastUpdate", "1382883126073"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.settingsINI", true); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.showToolbarPermission", "false"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.smartbar.CTID", "CT3241949"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.smartbar.Uninstall", "0"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.smartbar.homepage", true); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.smartbar.toolbarName", "FileConverter 1.3 "); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.toolbarBornServerTime", "17-4-2013"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.toolbarCurrentServerTime", "28-10-2013"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949.toolbarLoginClientTime", "Wed Jul 24 2013 15:18:18 GMT+0200"); [2veoap2y.default] - Zeile gelöscht : user_pref("CT3241949_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1382946191845,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]"); [2veoap2y.default] - Zeile gelöscht : user_pref("aol_toolbar.default.homepage.check", false); [2veoap2y.default] - Zeile gelöscht : user_pref("aol_toolbar.default.search.check", false); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkDS", 0); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.BabylonToolbar.prtkHmpg", 0); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_meta.value", "%7B%22tmp/lightbox.css%22%3A%7B%22id%22%3A331979%2C%22ver%22%3A[...] [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_331987.value", "%22%7B%5Cr%5Cn%5C%22youtube.com%5C%22%3A%5B%5C%22com[...] [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.a7f404cccb0a94fafb3c089ceea949aeaa6724a0593804ebebe02e67e35a3402ccom33440.33440.internaldb.Resources_resource_331988.value", "%22%5B%5Cr%5Cn%5Ct%5Ct%7B%5Cr%5Cn%5Ct%5Ct%5Ct%5C%22i[...] [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.crossrider.bic", "141a7f901d210b30306fb32dc0fe0998"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.delta.admin", false); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.delta.aflt", "babsst"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.delta.autoRvrt", "false"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.delta.bbDpng", "28"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.delta.cntry", "DE"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.delta.dfltLng", "de"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.delta.excTlbr", false); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.delta.ffxUnstlRst", true); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.delta.hdrMd5", "8837C1A5D20F19C5E8D907584AA387E0"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.delta.id", "204c3cc0000000000000742f68a88315"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.delta.instlDay", "15897"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.delta.instlRef", "sst"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.delta.lastVrsnTs", "1.8.21.515:04:48"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.delta.newTab", false); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.delta.prdct", "delta"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.delta.prtnrId", "delta"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.delta.rvrt", "false"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.delta.sg", "er"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.delta.smplGrp", "er"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.delta.tlbrId", "base"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.delta.tlbrSrchUrl", ""); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.delta.vrsn", "1.8.21.5"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.delta.vrsnTs", "1.8.21.515:04:48"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.delta.vrsni", "1.8.21.5"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.delta_i.babExt", ""); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.delta_i.babTrack", "affID=119403&tt=040713_ifrmful&tsp=4940"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.delta_i.srcExt", "ss"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.enabledAddons", "%7B5C655500-E712-41e7-9349-CE462F844B19%7D:1.0,fmconverter%40gmail.com:1.0.0,betterads%40BetterAds.org:2.1,ffxtlbr%40delta.com:1.5.0,%7B5a95a9e0-59dd-4314-bd84-4[...] [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.holasearch.admin", false); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.holasearch.aflt", "babsst"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.holasearch.appId", "{8D5CFE57-B0FD-4396-97A2-DFD0B7DA935B}"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.holasearch.autoRvrt", "false"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.holasearch.bbDpng", "28"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.holasearch.cntry", "DE"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.holasearch.dfltLng", "de"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.holasearch.excTlbr", false); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.holasearch.ffxUnstlRst", false); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.holasearch.hdrMd5", "65CA74F0A1A5E97C1A561C8C8B041A6C"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.holasearch.id", "204c3cc0000000000000742f68a88315"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.holasearch.instlDay", "15947"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.holasearch.instlRef", "sst"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.holasearch.lastVrsnTs", "1.8.16.1612:12:26"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.holasearch.newTab", false); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.holasearch.prdct", "holasearch"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.holasearch.prtnrId", "holasearch"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.holasearch.rvrt", "false"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.holasearch.sg", "azb"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.holasearch.smplGrp", "azb"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.holasearch.tlbrId", "base"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.holasearch.tlbrSrchUrl", ""); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.holasearch.vrsn", "1.8.16.16"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.holasearch.vrsnTs", "1.8.16.1612:12:26"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.holasearch.vrsni", "1.8.16.16"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.wajam.affiliate_id", "5927"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.wajam.firstrun", "false"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.wajam.log_send_info", "false"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21087\",\"supported_sites\":{\"google\":{\"patterns\":[\"^hxxp\\\\:\\/\\/www\\\\.google\\\\..{2,3}(|\\\\\\/ig|\\\\\\/firefox)\",\"[...] [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.wajam.no_trace", "false"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.wajam.server_current_mapping_version", "0.21087"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.wajam.supported_sites.amazon_product.priam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam'[...] [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.wajam.supported_sites.amazon_v2.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';wind[...] [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.wajam.supported_sites.bing.wajam_yahoo_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';win[...] [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'W[...] [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.wajam.supported_sites.google.wajam_google_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';[...] [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.wajam.supported_sites.wikipedia.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';wind[...] [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.wajam.supported_sites.yahoo.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';window['[...] [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.wajam.supported_sites.youtubesearch.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';[...] [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.wajam.trace_log", "1382619756609 - onFlagInfoReceived - Unique ID saved\n"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.wajam.unique_id", "78DF1BF8E767F6C7088C6A9544234953"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.wajam.user_current_mapping_version", "0"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.wajam.version", "1.26"); [2veoap2y.default] - Zeile gelöscht : user_pref("extensions.wajam.website_version", "1.00277.0"); [2veoap2y.default] - Zeile gelöscht : user_pref("om.config", "{\"active\":true,\"name\":\"twde\",\"id\":25,\"dispId\":\"CH-25\",\"aboutLink\":\"\",\"trackingGeneral\":true,\"xhrDomains\":[\"become\",\"shopzilla\",\"twenga\",\"bizrate\"],\[...] [2veoap2y.default] - Zeile gelöscht : user_pref("plugin.state.npconduitfirefoxplugin", 2); [2veoap2y.default] - Zeile gelöscht : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3241949&CUI=UN44613315310696218&UM=1&SearchSource=13"); [2veoap2y.default] - Zeile gelöscht : user_pref("smartbar.defaultSearchOwnerCTID", "CT3241949"); [2veoap2y.default] - Zeile gelöscht : user_pref("smartbar.homePageOwnerCTID", "CT3241949"); [2veoap2y.default] - Zeile gelöscht : user_pref("smartbar.machineId", "FY+EG2+LHUGG8CEZGUWSOTUMLUT0TJ0ERXTTDYE3REBMH1LOI+OFWRKDVD3EXRKG5EH1JKXTPEQPQT/P0USKKG"); [2veoap2y.default] - Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ".*"); [2veoap2y.default] - Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "1"); [2veoap2y.default] - Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "1"); [2veoap2y.default] - Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.enable", "false"); [2veoap2y.default] - Zeile gelöscht : user_pref("{8E9E3331-D360-4f87-8803-52DE43566502}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=toolbar|babsrc=tb_ss|invocationType=tb50-ie-aolsoftonic-tbsbox-en-us|invocationType=tb50-ff-aolsoftonic[...] [2veoap2y.default] - Zeile gelöscht : user_pref("{8E9E3331-D360-4f87-8803-52DE43566502}.ScriptData_WSG_referrer", "hxxp://www.holasearch.com/?babsrc=NT_ss&mntrId=204C742F68A88315&affID=121963&tsp=4990/|||8641380951183282"); [2veoap2y.default] - Zeile gelöscht : user_pref("{8E9E3331-D360-4f87-8803-52DE43566502}.ScriptData_WSG_temp_referer", "hxxp://www.holasearch.com/?babsrc=NT_ss&mntrId=204C742F68A88315&affID=121963&tsp=4990"); [2veoap2y.default] - Zeile gelöscht : user_pref("{8E9E3331-D360-4f87-8803-52DE43566502}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"home.mywebsearch.com\":\"searc[...] [2veoap2y.default] - Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://search.fbdownloader.com/?channel=sfde203fbdgy21"); [2veoap2y.default] - Zeile gelöscht : user_pref("simplenewtab.url", "hxxp://wisersearch.com/?channel=de_nt"); [2veoap2y.default] - Zeile gelöscht : user_pref("browser.search.selectedEngine", "FBDownloader Search"); [2veoap2y.default] - Zeile gelöscht : user_pref("browser.search.defaulturl", "hxxp://search.fbdownloader.com/search.php?channel=sfde203fbdgy21&q="); -\\ Google Chrome v37.0.2062.124 ************************* AdwCleaner[R0].txt - [117444 octets] - [16/10/2014 16:17:52] AdwCleaner[S0].txt - [113417 octets] - [16/10/2014 16:42:23] ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [113479 octets] ########## Das war der 2. Teil des adws So FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-10-2014 02
Ran by Pascal (administrator) on PASCAL-PC on 16-10-2014 17:02:25
Running from C:\Users\Pascal\Desktop
Loaded Profile: Pascal (Available profiles: Pascal & Susu & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(InterVideo Inc.) C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Flux Software LLC) C:\Users\Pascal\AppData\Local\FluxSoftware\Flux\flux.exe
(wifimouse@necta.us) C:\Program Files (x86)\MouseServer\MouseServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\fshoster32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\CCF_Reputation\fsorsp.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Chris Pietschmann (hxxp://pietschsoft.com)) C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Small Island Development) C:\ProgramData\HAunCmYKI\tCJlXj.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSMA32.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSLAUNCH.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSM32.EXE [310208 2013-08-14] (F-Secure Corporation)
HKLM-x32\...\Run: [F-Secure Hoster (47731)] => C:\Program Files (x86)\Kabel BW\fshoster32.exe [191424 2013-05-15] (F-Secure Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-3934173735-3769707255-3857861622-1001\...\Run: [f.lux] => C:\Users\Pascal\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-3934173735-3769707255-3857861622-1001\...\Run: [MouseServer] => C:\Program Files (x86)\MouseServer\MouseServer.exe [122880 2012-03-21] (wifimouse@necta.us)
HKU\S-1-5-21-3934173735-3769707255-3857861622-1001\...\Policies\Explorer: [NoInstrumentation] 1
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - !{1BB22D38-A411-4B13-A746-C2A4F4EC7344} - No File
Toolbar: HKLM - No Name - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No File
Toolbar: HKLM-x32 - No Name - !{1BB22D38-A411-4B13-A746-C2A4F4EC7344} - No File
Toolbar: HKLM-x32 - No Name - !{5018CFD2-804D-4C99-9F81-25EAEA2769DE} - No File
Toolbar: HKLM-x32 - No Name - !{5786d022-540e-4699-b350-b4be0ae94b79} - No File
Toolbar: HKLM-x32 - No Name - !{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No File
Toolbar: HKLM-x32 - No Name - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No File
Toolbar: HKLM-x32 - No Name - !{F9639E4A-801B-4843-AEE3-03D9DA199E77} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Pascal\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\freemake.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\google-chile.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Yahooober4451956.xml
FF Extension: Amazon-Icon - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\amazon-icon@giga.de [2014-01-20]
FF Extension: DoNotTrackMe - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\donottrackplus@abine.com [2013-07-14]
FF Extension: YouTube Unblocker - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\youtubeunblocker@unblocker.yt [2013-10-11]
FF Extension: WOT - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-10-19]
FF Extension: BetterAds - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\betterads@BetterAds.org.xpi [2013-06-08]
FF Extension: Javascript View - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\jid1-u9RbFp9JcoEGGw@jetpack.xpi [2013-09-24]
FF Extension: JS Deminifier - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\jsdeminifier@murphy.ben.name.xpi [2013-09-24]
FF Extension: JavaScript Deobfuscator - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\jsdeobfuscator@adblockplus.org.xpi [2013-09-24]
FF Extension: Personas Plus - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\personas@christopher.beard.xpi [2013-02-19]
FF Extension: Cool Smiley Bar for Facebook - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\pluswinks@PlusWinks.xpi [2013-06-08]
FF Extension: ScrewAds Plus for YouTube - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\screwads@airtint.com.xpi [2013-02-19]
FF Extension: Feedback - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\testpilot@labs.mozilla.com.xpi [2013-03-30]
FF Extension: YesScript - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\yesscript@userstyles.org.xpi [2013-09-26]
FF Extension: Quick Translator - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2013-02-19]
FF Extension: Adblock Plus - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-08]
FF Extension: JavaScript Debugger - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi [2013-09-24]
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2013-04-02]
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha691.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha691\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaPlayerV1alpha418.net] - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha418\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaBuzzV1mode6846.net] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6846\ff
FF Extension: No Name - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [Not Found]
FF Extension: No Name - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\ffxtlbr@holasearch.com [Not Found]
FF Extension: No Name - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\om@offermosquito.com.xpi [Not Found]
FF Extension: No Name - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\SeeSimilar@SeeSimilar.com [Not Found]
FF Extension: No Name - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\{78e516ef-11de-47a1-8364-a99b917ec5ee} [Not Found]
FF Extension: No Name - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2} [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha418\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6846\ff [Not Found]
FF Extension: No Name - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com [Not Found]
FF Extension: No Name - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [Not Found]
FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha691\ff [Not Found]
FF Extension: No Name - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com [Not Found]
FF Extension: No Name - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\ffxtlbr@delta.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&ISID=M5EC8FA62-325C-43FC-A49B-88BDB1143B2B&SearchSource=55&CUI=&UM=6&UP=SPFEAC19B6-4958-4E5B-8531-48F001259B10&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&ISID=M5EC8FA62-325C-43FC-A49B-88BDB1143B2B&SearchSource=55&CUI=&UM=6&UP=SPFEAC19B6-4958-4E5B-8531-48F001259B10&SSPV=", "hxxp://www.search.ask.com/?o=APN10640A&gct=hp&d=473-102&v=n9602-164&t=4", "hxxp://aartemis.com/?type=hp&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX", "hxxp://search.conduit.com/?gd=&ctid=CT3314932&octid=EB_ORIGINAL_CTID&ISID=MF70BB4B3-B174-4BAF-A6B9-7309BCFE9943&SearchSource=55&CUI=&UM=5&UP=SP7FD169C8-79FF-464C-BA8A-0050E7E7B0A3&SSPV="
CHR DefaultSearchKeyword: Default -> trovi.com
CHR DefaultSearchURL: Default -> hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&ISID=M5EC8FA62-325C-43FC-A49B-88BDB1143B2B&SearchSource=58&CUI=&UM=6&UP=SPFEAC19B6-4958-4E5B-8531-48F001259B10&q={searchTerms}&SSPV=
CHR DefaultSuggestURL: Default -> hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
CHR Profile: C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-03]
CHR Extension: (Google Drive) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-03]
CHR Extension: (TV) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-03-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (YouTube) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-03]
CHR Extension: (Google-Suche) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-03]
CHR Extension: (Battlefield Play4Free) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2014-03-03]
CHR Extension: (Google Mail) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-03]
CHR HKLM-x32\...\Chrome\Extension: [aocimlpakaebbmfhjgajelcdbejhgehe] - C:\Users\Pascal\AppData\LocalLow\Playbryte\Chrome.crx []
CHR HKLM-x32\...\Chrome\Extension: [gkipfehgopcajnafpdjajagbjllcobjj] - C:\ProgramData\Browse2save\gkipfehgopcajnafpdjajagbjllcobjj.crx []
CHR HKLM-x32\...\Chrome\Extension: [lemilgpbnfoecfjhpfchannnnkeefjmj] - C:\Users\Pascal\AppData\Local\CRE\lemilgpbnfoecfjhpfchannnnkeefjmj.crx []
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx []
CHR HKLM-x32\...\Chrome\Extension: [mpihchkdinijmdhepcmpbgelkaaoiaek] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6846\ch\MediaBuzzV1mode6846.crx []
CHR HKLM-x32\...\Chrome\Extension: [ohpbokjkbkmdoidlodcdhdhhienlenkl] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha691\ch\WebexpEnhancedV1alpha691.crx []
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-11] (SUPERAntiSpyware.com)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-13] (BlueStack Systems, Inc.)
R2 Capture Device Service; C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-03-27] (Freemake) [File not signed]
R2 fshoster; C:\Program Files (x86)\Kabel BW\fshoster32.exe [191424 2013-05-15] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSMA32.EXE [216000 2013-08-14] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\Kabel BW\apps\CCF_Reputation\fsorsp.exe [61176 2012-08-06] (F-Secure Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-09-17] ()
R2 tCJlXj; C:\ProgramData\HAunCmYKI\tCJlXj.exe [2319728 2014-10-01] (Small Island Development)
R2 Virtual Router; C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe [12288 2009-11-18] (Chris Pietschmann (hxxp://pietschsoft.com)) [File not signed]
S3 SystemExplorerHelpService; No ImagePath
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ALSysIO; No ImagePath
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-13] (BlueStack Systems)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-13] (Disc Soft Ltd)
S3 esgiguard; No ImagePath
R3 F-Secure Gatekeeper; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [203304 2014-06-09] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\HIPS\drivers\fshs.sys [69960 2014-06-23] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2013-11-25] ()
R3 fsni; C:\Program Files (x86)\Kabel BW\apps\CCF_Scanning\fsni64.sys [86056 2014-06-19] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13248 2013-08-14] ()
S3 IntcAzAudAddService; No ImagePath
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 WinRing0_1_2_0; No ImagePath
S3 xhunter1; No ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-16 17:00 - 2014-10-16 17:00 - 00000000 ____D () C:\Users\Pascal\Desktop\FRST-OlderVersion
2014-10-16 16:59 - 2014-10-16 16:59 - 00017462 _____ () C:\Users\Pascal\Desktop\JRT.txt
2014-10-16 16:53 - 2014-10-16 16:53 - 00000000 ____D () C:\Windows\ERUNT
2014-10-16 16:50 - 2014-10-16 16:50 - 00114065 _____ () C:\Users\Pascal\Desktop\AdwCleaner.txt
2014-10-16 16:17 - 2014-10-16 16:46 - 00000000 ____D () C:\AdwCleaner
2014-10-16 16:12 - 2014-10-16 16:00 - 00000076 _____ () C:\Users\Pascal\Desktop\mbam-setup-2.0.3.1025.exe
2014-10-16 16:11 - 2014-10-16 16:03 - 01705698 _____ (Thisisu) C:\Users\Pascal\Desktop\JRT.exe
2014-10-16 16:10 - 2014-10-16 16:02 - 01976320 _____ () C:\Users\Pascal\Desktop\AdwCleaner_4.000.exe
2014-10-15 14:53 - 2014-10-15 14:54 - 00000000 ____D () C:\Users\Pascal\hi
2014-10-15 14:52 - 2014-10-15 14:52 - 00091167 _____ () C:\ComboFix.txt
2014-10-15 14:24 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-10-15 14:24 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-10-15 14:24 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-10-15 14:24 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-10-15 14:24 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-10-15 14:24 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-10-15 14:24 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-10-15 14:24 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-10-15 14:23 - 2014-10-15 14:23 - 00011983 _____ () C:\Users\Pascal\Desktop\ComboFix - Verknüpfung (2).lnk
2014-10-15 13:27 - 2014-10-15 13:27 - 00000000 ____D () C:\Users\Pascal\Desktop\RevoUninstallerPortable
2014-10-15 13:26 - 2014-10-15 13:25 - 02785665 _____ (PortableApps.com) C:\Users\Pascal\Desktop\RevoUninstallerPortable_1.95_Rev_2.paf.exe
2014-10-14 16:23 - 2014-10-14 16:23 - 00000000 _____ () C:\Users\Pascal\AppData\Local\{4D00A673-0067-4B78-B2D9-E0B42BA76DD0}
2014-10-06 13:48 - 2014-10-06 13:48 - 00093865 _____ () C:\Users\Pascal\Desktop\Addition.txt
2014-10-06 13:46 - 2014-10-16 17:02 - 00028688 _____ () C:\Users\Pascal\Desktop\FRST.txt
2014-10-06 13:39 - 2014-10-16 17:02 - 00000000 ____D () C:\FRST
2014-10-06 13:39 - 2014-10-16 17:00 - 02111488 _____ (Farbar) C:\Users\Pascal\Desktop\FRST64.exe
2014-10-04 11:58 - 2014-10-15 14:52 - 00000000 ____D () C:\Qoobox
2014-10-04 11:58 - 2014-10-15 14:48 - 00000000 ____D () C:\Windows\erdnt
2014-10-04 07:03 - 2014-10-04 07:03 - 00000000 ____D () C:\Users\Pascal\Documents\Criterion Games
2014-10-04 06:55 - 2014-10-04 06:55 - 00001331 _____ () C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
2014-10-04 06:55 - 2014-10-04 06:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed™ Most Wanted
2014-10-02 20:01 - 2014-10-02 20:01 - 00000000 ____D () C:\Users\Pascal\AppData\Local\PopCap Games
2014-10-01 21:15 - 2014-10-01 21:15 - 00000000 ____D () C:\NVIDIA Corporation
2014-10-01 18:45 - 2014-10-01 18:45 - 00002444 _____ () C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-5_user.job
2014-10-01 18:44 - 2014-10-01 18:44 - 01522584 _____ (HD-Quality-v3V30.09) C:\Users\Pascal\AppData\Roaming\SUU.exe
2014-10-01 18:44 - 2014-10-01 18:44 - 00001336 _____ () C:\Windows\Tasks\SUU.job
2014-10-01 16:44 - 2014-10-01 16:44 - 00000000 ____D () C:\Users\Pascal\AppData\Local\com
2014-10-01 16:43 - 2014-10-01 16:44 - 02269863 _____ () C:\Users\Pascal\Downloads\forge-1.6.4-9.11.1.965-installer (2).jar
2014-10-01 16:43 - 2014-10-01 16:43 - 00000000 ____D () C:\Windows\Sun
2014-10-01 16:38 - 2014-10-01 19:54 - 00000000 ___HD () C:\Users\Public\Temp
2014-10-01 16:38 - 2014-10-01 16:38 - 00000000 ____D () C:\ProgramData\HAunCmYKI
2014-10-01 16:33 - 2014-10-01 16:33 - 02269863 _____ () C:\Users\Pascal\Downloads\forge-1.6.4-9.11.1.965-installer (1).jar
2014-10-01 16:23 - 2014-10-01 16:23 - 14338316 _____ () C:\Users\Pascal\Downloads\BetterDungeons1-6-4_2091.zip
2014-10-01 13:37 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 13:37 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-27 19:26 - 2014-09-27 19:26 - 00367440 _____ () C:\Users\Pascal\Downloads\SoftonicDownloader_for_open-hexagon.exe
2014-09-27 19:25 - 2014-09-27 19:25 - 22561679 _____ () C:\Users\Pascal\Downloads\open-hexagon-1-91-en-win (2).7z
2014-09-27 19:23 - 2014-09-27 19:24 - 22561679 _____ () C:\Users\Pascal\Downloads\open-hexagon-1-91-en-win (1).7z
2014-09-27 19:21 - 2014-09-27 19:22 - 22561679 _____ () C:\Users\Pascal\Downloads\open-hexagon-1-91-en-win.7z
2014-09-24 15:47 - 2014-09-24 15:47 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Cornelsen
2014-09-24 15:36 - 2014-09-24 15:36 - 00002344 _____ () C:\Users\Public\Desktop\English G 21 e-Workbook A2.lnk
2014-09-24 15:36 - 2014-09-24 15:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cornelsen
2014-09-24 13:26 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 13:26 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-20 17:32 - 2014-09-20 17:32 - 00001225 _____ () C:\Users\Pascal\Desktop\Driver Genius.lnk
2014-09-20 17:30 - 2014-09-20 17:31 - 08719056 _____ (Driver-Soft Inc. ) C:\Users\Pascal\Downloads\Driver_Genius_14de.exe
2014-09-20 17:30 - 2014-09-20 17:31 - 08719056 _____ (Driver-Soft Inc. ) C:\Users\Pascal\Downloads\Driver_Genius_14de (1).exe
2014-09-17 18:45 - 2014-09-17 18:45 - 00000000 ____D () C:\Users\Pascal\Documents\Scratch Projects
2014-09-17 14:23 - 2014-09-17 14:23 - 01402920 _____ () C:\Users\Pascal\Downloads\battlelog-web-plugins_2.5.1_149.exe
2014-09-16 21:12 - 2014-09-16 21:12 - 00001079 _____ () C:\Users\Susu\Desktop\Scratch.lnk
2014-09-16 21:12 - 2014-09-16 21:12 - 00001079 _____ () C:\Users\Pascal\Desktop\Scratch.lnk
2014-09-16 21:12 - 2014-09-16 21:12 - 00001079 _____ () C:\Users\Gast\Desktop\Scratch.lnk
2014-09-16 21:11 - 2014-09-16 21:11 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Scratch
2014-09-16 21:11 - 2014-09-16 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scratch
2014-09-16 21:10 - 2014-09-16 21:11 - 00000000 ____D () C:\Program Files (x86)\Scratch
2014-09-16 21:06 - 2014-09-16 21:09 - 34637975 _____ (MIT Media Lab Lifelong Kindergarten Group) C:\Users\Pascal\Downloads\ScratchInstaller1.4.exe
2014-09-16 21:06 - 2014-09-16 21:09 - 34485667 _____ () C:\Users\Pascal\Downloads\Scratch1.4.msi.installer.zip
2014-09-16 21:05 - 2014-09-16 21:05 - 01101648 _____ () C:\Users\Pascal\Downloads\Sketch - CHIP-Installer.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-16 17:00 - 2013-11-26 11:36 - 00000296 _____ () C:\Windows\Tasks\RegistryBooster Maintenance.job
2014-10-16 16:57 - 2009-07-14 06:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-16 16:57 - 2009-07-14 06:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-16 16:50 - 2014-03-29 07:22 - 00086374 _____ () C:\Windows\setupact.log
2014-10-16 16:50 - 2013-01-25 15:21 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-10-16 16:49 - 2014-06-11 10:27 - 00000678 _____ () C:\Windows\Tasks\Scheduled scanning task.job
2014-10-16 16:49 - 2014-03-03 20:00 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-16 16:49 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-16 16:48 - 2014-03-31 14:14 - 00204488 _____ () C:\Windows\PFRO.log
2014-10-16 16:48 - 2012-01-24 01:22 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-16 16:47 - 2012-04-16 12:02 - 01286619 _____ () C:\Windows\WindowsUpdate.log
2014-10-16 16:45 - 2012-04-16 12:09 - 00000000 ____D () C:\Users\Pascal
2014-10-16 16:42 - 2012-07-21 09:54 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-10-16 16:37 - 2013-10-30 15:32 - 00000094 _____ () C:\Users\Pascal\AppData\Roaming\WB.CFG
2014-10-16 16:31 - 2014-06-03 14:57 - 00003854 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1389385127
2014-10-16 16:31 - 2014-01-10 22:18 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-10-16 16:22 - 2014-03-03 20:00 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-16 16:18 - 2012-12-23 17:51 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-16 15:59 - 2014-06-11 10:27 - 00003310 _____ () C:\Windows\System32\Tasks\Scheduled scanning task
2014-10-15 14:52 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-10-15 14:42 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-10-15 14:39 - 2011-07-18 23:23 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-15 14:39 - 2009-07-14 04:34 - 24117248 _____ () C:\Windows\system32\config\system.bak
2014-10-15 14:39 - 2009-07-14 04:34 - 108527616 _____ () C:\Windows\system32\config\software.bak
2014-10-15 14:39 - 2009-07-14 04:34 - 01835008 _____ () C:\Windows\system32\config\default.bak
2014-10-15 14:39 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\security.bak
2014-10-15 14:39 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\sam.bak
2014-10-15 14:11 - 2012-12-19 17:02 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\UncompressorPackages
2014-10-15 13:23 - 2011-05-16 16:04 - 00707400 _____ () C:\Windows\system32\perfh007.dat
2014-10-15 13:23 - 2011-05-16 16:04 - 00153334 _____ () C:\Windows\system32\perfc007.dat
2014-10-15 13:23 - 2009-07-14 07:13 - 01644624 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-15 13:21 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-07 17:38 - 2013-04-14 09:37 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\.minecraft
2014-10-06 14:04 - 2014-01-22 15:55 - 00000000 ____D () C:\Users\Pascal\Documents\FIFA 14
2014-10-06 14:01 - 2012-04-16 13:39 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-10-04 15:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-04 12:22 - 2012-04-16 13:40 - 00000000 ____D () C:\ProgramData\Origin
2014-10-04 06:55 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-04 06:23 - 2012-09-27 19:33 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-10-03 15:05 - 2013-02-08 19:41 - 00000000 ____D () C:\Windows\pss
2014-10-03 10:41 - 2013-07-11 15:07 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-03 08:45 - 2013-11-20 17:09 - 00000000 ____D () C:\Users\Pascal\AppData\Local\CrashDumps
2014-10-02 19:53 - 2014-05-14 16:36 - 00074044 _____ () C:\Windows\DirectX.log
2014-10-02 17:21 - 2014-09-06 17:07 - 00001348 _____ () C:\Users\Public\Desktop\Die Sims 4.lnk
2014-09-26 18:38 - 2014-03-03 20:30 - 00348928 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-09-26 18:38 - 2013-12-15 14:58 - 00348928 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-09-26 18:33 - 2013-12-15 14:58 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-09-25 20:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-24 19:18 - 2012-12-23 17:51 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-24 19:18 - 2012-10-28 15:54 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 19:18 - 2011-12-01 23:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 15:38 - 2012-04-16 19:41 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Skype
2014-09-24 15:35 - 2012-07-15 12:13 - 00000000 ____D () C:\Program Files (x86)\Cornelsen
2014-09-23 15:07 - 2012-04-17 21:19 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-23 15:05 - 2013-04-21 14:29 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-20 17:49 - 2012-12-03 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2014-09-18 15:55 - 2014-06-04 14:39 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-09-17 14:31 - 2013-12-15 14:58 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
Files to move or delete:
====================
C:\Users\Pascal\DSETUP.dll
C:\Users\Pascal\dsetup32.dll
C:\Users\Pascal\DXSETUP.exe
C:\Users\Pascal\ManiaPlanetCanyon_Setup.exe
C:\Users\Pascal\MouseServer.exe
C:\Users\Pascal\setup.exe
Some content of TEMP:
====================
C:\Users\Pascal\AppData\Local\Temp\Quarantine.exe
C:\Users\Pascal\AppData\Local\Temp\sqlite3.dll
============f======== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-07 14:29
==================== End Of Log ============================
--- --- --- |
|
16.10.2014, 16:35
| #10 |
| | Neue FRST So FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-10-2014 02
Ran by Pascal (administrator) on PASCAL-PC on 16-10-2014 17:02:25
Running from C:\Users\Pascal\Desktop
Loaded Profile: Pascal (Available profiles: Pascal & Susu & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(InterVideo Inc.) C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Flux Software LLC) C:\Users\Pascal\AppData\Local\FluxSoftware\Flux\flux.exe
(wifimouse@necta.us) C:\Program Files (x86)\MouseServer\MouseServer.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\fshoster32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\CCF_Reputation\fsorsp.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Chris Pietschmann (hxxp://pietschsoft.com)) C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Small Island Development) C:\ProgramData\HAunCmYKI\tCJlXj.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSMA32.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSLAUNCH.EXE
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSM32.EXE [310208 2013-08-14] (F-Secure Corporation)
HKLM-x32\...\Run: [F-Secure Hoster (47731)] => C:\Program Files (x86)\Kabel BW\fshoster32.exe [191424 2013-05-15] (F-Secure Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-3934173735-3769707255-3857861622-1001\...\Run: [f.lux] => C:\Users\Pascal\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-3934173735-3769707255-3857861622-1001\...\Run: [MouseServer] => C:\Program Files (x86)\MouseServer\MouseServer.exe [122880 2012-03-21] (wifimouse@necta.us)
HKU\S-1-5-21-3934173735-3769707255-3857861622-1001\...\Policies\Explorer: [NoInstrumentation] 1
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - !{1BB22D38-A411-4B13-A746-C2A4F4EC7344} - No File
Toolbar: HKLM - No Name - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No File
Toolbar: HKLM-x32 - No Name - !{1BB22D38-A411-4B13-A746-C2A4F4EC7344} - No File
Toolbar: HKLM-x32 - No Name - !{5018CFD2-804D-4C99-9F81-25EAEA2769DE} - No File
Toolbar: HKLM-x32 - No Name - !{5786d022-540e-4699-b350-b4be0ae94b79} - No File
Toolbar: HKLM-x32 - No Name - !{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No File
Toolbar: HKLM-x32 - No Name - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No File
Toolbar: HKLM-x32 - No Name - !{F9639E4A-801B-4843-AEE3-03D9DA199E77} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Pascal\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\freemake.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\google-chile.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Yahooober4451956.xml
FF Extension: Amazon-Icon - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\amazon-icon@giga.de [2014-01-20]
FF Extension: DoNotTrackMe - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\donottrackplus@abine.com [2013-07-14]
FF Extension: YouTube Unblocker - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\youtubeunblocker@unblocker.yt [2013-10-11]
FF Extension: WOT - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-10-19]
FF Extension: BetterAds - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\betterads@BetterAds.org.xpi [2013-06-08]
FF Extension: Javascript View - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\jid1-u9RbFp9JcoEGGw@jetpack.xpi [2013-09-24]
FF Extension: JS Deminifier - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\jsdeminifier@murphy.ben.name.xpi [2013-09-24]
FF Extension: JavaScript Deobfuscator - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\jsdeobfuscator@adblockplus.org.xpi [2013-09-24]
FF Extension: Personas Plus - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\personas@christopher.beard.xpi [2013-02-19]
FF Extension: Cool Smiley Bar for Facebook - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\pluswinks@PlusWinks.xpi [2013-06-08]
FF Extension: ScrewAds Plus for YouTube - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\screwads@airtint.com.xpi [2013-02-19]
FF Extension: Feedback - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\testpilot@labs.mozilla.com.xpi [2013-03-30]
FF Extension: YesScript - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\yesscript@userstyles.org.xpi [2013-09-26]
FF Extension: Quick Translator - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2013-02-19]
FF Extension: Adblock Plus - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-08]
FF Extension: JavaScript Debugger - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi [2013-09-24]
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2013-04-02]
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha691.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha691\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaPlayerV1alpha418.net] - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha418\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaBuzzV1mode6846.net] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6846\ff
FF Extension: No Name - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [Not Found]
FF Extension: No Name - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\ffxtlbr@holasearch.com [Not Found]
FF Extension: No Name - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\om@offermosquito.com.xpi [Not Found]
FF Extension: No Name - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\SeeSimilar@SeeSimilar.com [Not Found]
FF Extension: No Name - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\{78e516ef-11de-47a1-8364-a99b917ec5ee} [Not Found]
FF Extension: No Name - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2} [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha418\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6846\ff [Not Found]
FF Extension: No Name - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com [Not Found]
FF Extension: No Name - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [Not Found]
FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha691\ff [Not Found]
FF Extension: No Name - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com [Not Found]
FF Extension: No Name - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\ffxtlbr@delta.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&ISID=M5EC8FA62-325C-43FC-A49B-88BDB1143B2B&SearchSource=55&CUI=&UM=6&UP=SPFEAC19B6-4958-4E5B-8531-48F001259B10&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&ISID=M5EC8FA62-325C-43FC-A49B-88BDB1143B2B&SearchSource=55&CUI=&UM=6&UP=SPFEAC19B6-4958-4E5B-8531-48F001259B10&SSPV=", "hxxp://www.search.ask.com/?o=APN10640A&gct=hp&d=473-102&v=n9602-164&t=4", "hxxp://aartemis.com/?type=hp&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX", "hxxp://search.conduit.com/?gd=&ctid=CT3314932&octid=EB_ORIGINAL_CTID&ISID=MF70BB4B3-B174-4BAF-A6B9-7309BCFE9943&SearchSource=55&CUI=&UM=5&UP=SP7FD169C8-79FF-464C-BA8A-0050E7E7B0A3&SSPV="
CHR DefaultSearchKeyword: Default -> trovi.com
CHR DefaultSearchURL: Default -> hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&ISID=M5EC8FA62-325C-43FC-A49B-88BDB1143B2B&SearchSource=58&CUI=&UM=6&UP=SPFEAC19B6-4958-4E5B-8531-48F001259B10&q={searchTerms}&SSPV=
CHR DefaultSuggestURL: Default -> hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
CHR Profile: C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-03]
CHR Extension: (Google Drive) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-03]
CHR Extension: (TV) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-03-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (YouTube) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-03]
CHR Extension: (Google-Suche) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-03]
CHR Extension: (Battlefield Play4Free) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2014-03-03]
CHR Extension: (Google Mail) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-03]
CHR HKLM-x32\...\Chrome\Extension: [aocimlpakaebbmfhjgajelcdbejhgehe] - C:\Users\Pascal\AppData\LocalLow\Playbryte\Chrome.crx []
CHR HKLM-x32\...\Chrome\Extension: [gkipfehgopcajnafpdjajagbjllcobjj] - C:\ProgramData\Browse2save\gkipfehgopcajnafpdjajagbjllcobjj.crx []
CHR HKLM-x32\...\Chrome\Extension: [lemilgpbnfoecfjhpfchannnnkeefjmj] - C:\Users\Pascal\AppData\Local\CRE\lemilgpbnfoecfjhpfchannnnkeefjmj.crx []
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx []
CHR HKLM-x32\...\Chrome\Extension: [mpihchkdinijmdhepcmpbgelkaaoiaek] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6846\ch\MediaBuzzV1mode6846.crx []
CHR HKLM-x32\...\Chrome\Extension: [ohpbokjkbkmdoidlodcdhdhhienlenkl] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha691\ch\WebexpEnhancedV1alpha691.crx []
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-11] (SUPERAntiSpyware.com)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-13] (BlueStack Systems, Inc.)
R2 Capture Device Service; C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2428088 2014-08-12] (Microsoft Corporation)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-03-27] (Freemake) [File not signed]
R2 fshoster; C:\Program Files (x86)\Kabel BW\fshoster32.exe [191424 2013-05-15] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSMA32.EXE [216000 2013-08-14] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\Kabel BW\apps\CCF_Reputation\fsorsp.exe [61176 2012-08-06] (F-Secure Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-09-17] ()
R2 tCJlXj; C:\ProgramData\HAunCmYKI\tCJlXj.exe [2319728 2014-10-01] (Small Island Development)
R2 Virtual Router; C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe [12288 2009-11-18] (Chris Pietschmann (hxxp://pietschsoft.com)) [File not signed]
S3 SystemExplorerHelpService; No ImagePath
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ALSysIO; No ImagePath
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-13] (BlueStack Systems)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-13] (Disc Soft Ltd)
S3 esgiguard; No ImagePath
R3 F-Secure Gatekeeper; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [203304 2014-06-09] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\HIPS\drivers\fshs.sys [69960 2014-06-23] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2013-11-25] ()
R3 fsni; C:\Program Files (x86)\Kabel BW\apps\CCF_Scanning\fsni64.sys [86056 2014-06-19] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13248 2013-08-14] ()
S3 IntcAzAudAddService; No ImagePath
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 WinRing0_1_2_0; No ImagePath
S3 xhunter1; No ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-16 17:00 - 2014-10-16 17:00 - 00000000 ____D () C:\Users\Pascal\Desktop\FRST-OlderVersion
2014-10-16 16:59 - 2014-10-16 16:59 - 00017462 _____ () C:\Users\Pascal\Desktop\JRT.txt
2014-10-16 16:53 - 2014-10-16 16:53 - 00000000 ____D () C:\Windows\ERUNT
2014-10-16 16:50 - 2014-10-16 16:50 - 00114065 _____ () C:\Users\Pascal\Desktop\AdwCleaner.txt
2014-10-16 16:17 - 2014-10-16 16:46 - 00000000 ____D () C:\AdwCleaner
2014-10-16 16:12 - 2014-10-16 16:00 - 00000076 _____ () C:\Users\Pascal\Desktop\mbam-setup-2.0.3.1025.exe
2014-10-16 16:11 - 2014-10-16 16:03 - 01705698 _____ (Thisisu) C:\Users\Pascal\Desktop\JRT.exe
2014-10-16 16:10 - 2014-10-16 16:02 - 01976320 _____ () C:\Users\Pascal\Desktop\AdwCleaner_4.000.exe
2014-10-15 14:53 - 2014-10-15 14:54 - 00000000 ____D () C:\Users\Pascal\hi
2014-10-15 14:52 - 2014-10-15 14:52 - 00091167 _____ () C:\ComboFix.txt
2014-10-15 14:24 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-10-15 14:24 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-10-15 14:24 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-10-15 14:24 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-10-15 14:24 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-10-15 14:24 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-10-15 14:24 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-10-15 14:24 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-10-15 14:23 - 2014-10-15 14:23 - 00011983 _____ () C:\Users\Pascal\Desktop\ComboFix - Verknüpfung (2).lnk
2014-10-15 13:27 - 2014-10-15 13:27 - 00000000 ____D () C:\Users\Pascal\Desktop\RevoUninstallerPortable
2014-10-15 13:26 - 2014-10-15 13:25 - 02785665 _____ (PortableApps.com) C:\Users\Pascal\Desktop\RevoUninstallerPortable_1.95_Rev_2.paf.exe
2014-10-14 16:23 - 2014-10-14 16:23 - 00000000 _____ () C:\Users\Pascal\AppData\Local\{4D00A673-0067-4B78-B2D9-E0B42BA76DD0}
2014-10-06 13:48 - 2014-10-06 13:48 - 00093865 _____ () C:\Users\Pascal\Desktop\Addition.txt
2014-10-06 13:46 - 2014-10-16 17:02 - 00028688 _____ () C:\Users\Pascal\Desktop\FRST.txt
2014-10-06 13:39 - 2014-10-16 17:02 - 00000000 ____D () C:\FRST
2014-10-06 13:39 - 2014-10-16 17:00 - 02111488 _____ (Farbar) C:\Users\Pascal\Desktop\FRST64.exe
2014-10-04 11:58 - 2014-10-15 14:52 - 00000000 ____D () C:\Qoobox
2014-10-04 11:58 - 2014-10-15 14:48 - 00000000 ____D () C:\Windows\erdnt
2014-10-04 07:03 - 2014-10-04 07:03 - 00000000 ____D () C:\Users\Pascal\Documents\Criterion Games
2014-10-04 06:55 - 2014-10-04 06:55 - 00001331 _____ () C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
2014-10-04 06:55 - 2014-10-04 06:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed™ Most Wanted
2014-10-02 20:01 - 2014-10-02 20:01 - 00000000 ____D () C:\Users\Pascal\AppData\Local\PopCap Games
2014-10-01 21:15 - 2014-10-01 21:15 - 00000000 ____D () C:\NVIDIA Corporation
2014-10-01 18:45 - 2014-10-01 18:45 - 00002444 _____ () C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-5_user.job
2014-10-01 18:44 - 2014-10-01 18:44 - 01522584 _____ (HD-Quality-v3V30.09) C:\Users\Pascal\AppData\Roaming\SUU.exe
2014-10-01 18:44 - 2014-10-01 18:44 - 00001336 _____ () C:\Windows\Tasks\SUU.job
2014-10-01 16:44 - 2014-10-01 16:44 - 00000000 ____D () C:\Users\Pascal\AppData\Local\com
2014-10-01 16:43 - 2014-10-01 16:44 - 02269863 _____ () C:\Users\Pascal\Downloads\forge-1.6.4-9.11.1.965-installer (2).jar
2014-10-01 16:43 - 2014-10-01 16:43 - 00000000 ____D () C:\Windows\Sun
2014-10-01 16:38 - 2014-10-01 19:54 - 00000000 ___HD () C:\Users\Public\Temp
2014-10-01 16:38 - 2014-10-01 16:38 - 00000000 ____D () C:\ProgramData\HAunCmYKI
2014-10-01 16:33 - 2014-10-01 16:33 - 02269863 _____ () C:\Users\Pascal\Downloads\forge-1.6.4-9.11.1.965-installer (1).jar
2014-10-01 16:23 - 2014-10-01 16:23 - 14338316 _____ () C:\Users\Pascal\Downloads\BetterDungeons1-6-4_2091.zip
2014-10-01 13:37 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 13:37 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-27 19:26 - 2014-09-27 19:26 - 00367440 _____ () C:\Users\Pascal\Downloads\SoftonicDownloader_for_open-hexagon.exe
2014-09-27 19:25 - 2014-09-27 19:25 - 22561679 _____ () C:\Users\Pascal\Downloads\open-hexagon-1-91-en-win (2).7z
2014-09-27 19:23 - 2014-09-27 19:24 - 22561679 _____ () C:\Users\Pascal\Downloads\open-hexagon-1-91-en-win (1).7z
2014-09-27 19:21 - 2014-09-27 19:22 - 22561679 _____ () C:\Users\Pascal\Downloads\open-hexagon-1-91-en-win.7z
2014-09-24 15:47 - 2014-09-24 15:47 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Cornelsen
2014-09-24 15:36 - 2014-09-24 15:36 - 00002344 _____ () C:\Users\Public\Desktop\English G 21 e-Workbook A2.lnk
2014-09-24 15:36 - 2014-09-24 15:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cornelsen
2014-09-24 13:26 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 13:26 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-20 17:32 - 2014-09-20 17:32 - 00001225 _____ () C:\Users\Pascal\Desktop\Driver Genius.lnk
2014-09-20 17:30 - 2014-09-20 17:31 - 08719056 _____ (Driver-Soft Inc. ) C:\Users\Pascal\Downloads\Driver_Genius_14de.exe
2014-09-20 17:30 - 2014-09-20 17:31 - 08719056 _____ (Driver-Soft Inc. ) C:\Users\Pascal\Downloads\Driver_Genius_14de (1).exe
2014-09-17 18:45 - 2014-09-17 18:45 - 00000000 ____D () C:\Users\Pascal\Documents\Scratch Projects
2014-09-17 14:23 - 2014-09-17 14:23 - 01402920 _____ () C:\Users\Pascal\Downloads\battlelog-web-plugins_2.5.1_149.exe
2014-09-16 21:12 - 2014-09-16 21:12 - 00001079 _____ () C:\Users\Susu\Desktop\Scratch.lnk
2014-09-16 21:12 - 2014-09-16 21:12 - 00001079 _____ () C:\Users\Pascal\Desktop\Scratch.lnk
2014-09-16 21:12 - 2014-09-16 21:12 - 00001079 _____ () C:\Users\Gast\Desktop\Scratch.lnk
2014-09-16 21:11 - 2014-09-16 21:11 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Scratch
2014-09-16 21:11 - 2014-09-16 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Scratch
2014-09-16 21:10 - 2014-09-16 21:11 - 00000000 ____D () C:\Program Files (x86)\Scratch
2014-09-16 21:06 - 2014-09-16 21:09 - 34637975 _____ (MIT Media Lab Lifelong Kindergarten Group) C:\Users\Pascal\Downloads\ScratchInstaller1.4.exe
2014-09-16 21:06 - 2014-09-16 21:09 - 34485667 _____ () C:\Users\Pascal\Downloads\Scratch1.4.msi.installer.zip
2014-09-16 21:05 - 2014-09-16 21:05 - 01101648 _____ () C:\Users\Pascal\Downloads\Sketch - CHIP-Installer.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-16 17:00 - 2013-11-26 11:36 - 00000296 _____ () C:\Windows\Tasks\RegistryBooster Maintenance.job
2014-10-16 16:57 - 2009-07-14 06:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-16 16:57 - 2009-07-14 06:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-16 16:50 - 2014-03-29 07:22 - 00086374 _____ () C:\Windows\setupact.log
2014-10-16 16:50 - 2013-01-25 15:21 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-10-16 16:49 - 2014-06-11 10:27 - 00000678 _____ () C:\Windows\Tasks\Scheduled scanning task.job
2014-10-16 16:49 - 2014-03-03 20:00 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-16 16:49 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-16 16:48 - 2014-03-31 14:14 - 00204488 _____ () C:\Windows\PFRO.log
2014-10-16 16:48 - 2012-01-24 01:22 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-16 16:47 - 2012-04-16 12:02 - 01286619 _____ () C:\Windows\WindowsUpdate.log
2014-10-16 16:45 - 2012-04-16 12:09 - 00000000 ____D () C:\Users\Pascal
2014-10-16 16:42 - 2012-07-21 09:54 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-10-16 16:37 - 2013-10-30 15:32 - 00000094 _____ () C:\Users\Pascal\AppData\Roaming\WB.CFG
2014-10-16 16:31 - 2014-06-03 14:57 - 00003854 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1389385127
2014-10-16 16:31 - 2014-01-10 22:18 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-10-16 16:22 - 2014-03-03 20:00 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-16 16:18 - 2012-12-23 17:51 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-16 15:59 - 2014-06-11 10:27 - 00003310 _____ () C:\Windows\System32\Tasks\Scheduled scanning task
2014-10-15 14:52 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-10-15 14:42 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-10-15 14:39 - 2011-07-18 23:23 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-15 14:39 - 2009-07-14 04:34 - 24117248 _____ () C:\Windows\system32\config\system.bak
2014-10-15 14:39 - 2009-07-14 04:34 - 108527616 _____ () C:\Windows\system32\config\software.bak
2014-10-15 14:39 - 2009-07-14 04:34 - 01835008 _____ () C:\Windows\system32\config\default.bak
2014-10-15 14:39 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\security.bak
2014-10-15 14:39 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\sam.bak
2014-10-15 14:11 - 2012-12-19 17:02 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\UncompressorPackages
2014-10-15 13:23 - 2011-05-16 16:04 - 00707400 _____ () C:\Windows\system32\perfh007.dat
2014-10-15 13:23 - 2011-05-16 16:04 - 00153334 _____ () C:\Windows\system32\perfc007.dat
2014-10-15 13:23 - 2009-07-14 07:13 - 01644624 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-15 13:21 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-07 17:38 - 2013-04-14 09:37 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\.minecraft
2014-10-06 14:04 - 2014-01-22 15:55 - 00000000 ____D () C:\Users\Pascal\Documents\FIFA 14
2014-10-06 14:01 - 2012-04-16 13:39 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-10-04 15:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-04 12:22 - 2012-04-16 13:40 - 00000000 ____D () C:\ProgramData\Origin
2014-10-04 06:55 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-04 06:23 - 2012-09-27 19:33 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-10-03 15:05 - 2013-02-08 19:41 - 00000000 ____D () C:\Windows\pss
2014-10-03 10:41 - 2013-07-11 15:07 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-03 08:45 - 2013-11-20 17:09 - 00000000 ____D () C:\Users\Pascal\AppData\Local\CrashDumps
2014-10-02 19:53 - 2014-05-14 16:36 - 00074044 _____ () C:\Windows\DirectX.log
2014-10-02 17:21 - 2014-09-06 17:07 - 00001348 _____ () C:\Users\Public\Desktop\Die Sims 4.lnk
2014-09-26 18:38 - 2014-03-03 20:30 - 00348928 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-09-26 18:38 - 2013-12-15 14:58 - 00348928 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-09-26 18:33 - 2013-12-15 14:58 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-09-25 20:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-24 19:18 - 2012-12-23 17:51 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-24 19:18 - 2012-10-28 15:54 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 19:18 - 2011-12-01 23:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 15:38 - 2012-04-16 19:41 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Skype
2014-09-24 15:35 - 2012-07-15 12:13 - 00000000 ____D () C:\Program Files (x86)\Cornelsen
2014-09-23 15:07 - 2012-04-17 21:19 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-23 15:05 - 2013-04-21 14:29 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-09-20 17:49 - 2012-12-03 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2014-09-18 15:55 - 2014-06-04 14:39 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-09-17 14:31 - 2013-12-15 14:58 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
Files to move or delete:
====================
C:\Users\Pascal\DSETUP.dll
C:\Users\Pascal\dsetup32.dll
C:\Users\Pascal\DXSETUP.exe
C:\Users\Pascal\ManiaPlanetCanyon_Setup.exe
C:\Users\Pascal\MouseServer.exe
C:\Users\Pascal\setup.exe
Some content of TEMP:
====================
C:\Users\Pascal\AppData\Local\Temp\Quarantine.exe
C:\Users\Pascal\AppData\Local\Temp\sqlite3.dll
============f======== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-07 14:29
==================== End Of Log ============================
--- --- --- Mehr hab ich an den logs nicht |
|
17.10.2014, 08:29
| #11 |
| /// the machine /// TB-Ausbilder | C:\windows\scorl.trojan.general.exeESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
20.10.2014, 18:01
| #12 |
| | Eset log teil 1 HiESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7623 # api_version=3.0.2 # EOSSerial=efe6c0d0af5e0449a32d2047d5023f19 # engine=20673 # end=stopped # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2014-10-19 05:09:16 # local_time=2014-10-19 07:09:16 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode_1='' # compatibility_mode=5893 16776573 100 94 266936 165368406 0 0 # scanned=193074 # found=200 # cleaned=0 # scan_time=7760 sh=8363F1CC261BAEDFA6AA35E5B5B440059194E165 ft=1 fh=5db96503322a86d0 vn="OSX/ChatZum.C evtl. unerwünschte Anwendung" ac=I fn="C:\chatzum.exe" sh=8871BA7436B0D8B92BE4824C9B0DF4AF1EE01979 ft=1 fh=783c8a9d5bb7b11d vn="Win32/AdWare.Loadshop.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\monitor.exe.vir" sh=C5E60CCD154DB4E5978E33285DB016171C80ED79 ft=1 fh=58635ab0e5696ad2 vn="Win32/AdWare.Loadshop.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\monitorsvc.exe.vir" sh=6CFBBF468E6A211944990A3F77CF20FFD7C656CA ft=1 fh=dcea608ef0c8d43e vn="Variante von Win32/Toolbar.Perion.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Web Assistant\Extension32.dll.vir" sh=FD905A3203366E0DBA86D613918A77D8B8B4456A ft=1 fh=e8ce3b638ef5d058 vn="Variante von Win64/Toolbar.Perion.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Web Assistant\Extension64.dll.vir" sh=75C91850390AF31AE7CD133F07C06F7F4FB32CA2 ft=1 fh=a8c048e2661f49eb vn="Variante von Win32/Toolbar.BitCocktail.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Web Assistant\ExtensionUpdaterService.exe.vir" sh=3152EB88BE6EAD1A6952D9FC7FE48DEC26BAE87F ft=1 fh=3e00041e9d8235c3 vn="Variante von Win32/Toolbar.BitCocktail.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Web Assistant\InstallerHelper.dll.vir" sh=BA3104DC01047E0522EA93F82603B4ADFE166586 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Perion.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Web Assistant\source.crx.vir" sh=F5D787D180AE448471A4C154E09301A4A0F059C4 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Perion.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Web Assistant\Firefox\chrome\content\main.js.vir" sh=9182A923990EDEE0961913EE79DA20DB683E6BCB ft=1 fh=e4a0e7f51d99cd6a vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Amazon Browser Bar\search_protect.exe.vir" sh=DF6BD6FCEA92B53C712122E3B53C3A7FE0D433CB ft=1 fh=c71c0011f9518a8a vn="Variante von Win32/Toolbar.Besttoolbars.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BetterAds\ScriptHost.dll.vir" sh=3FDA53F88C2B98DE37AC2C2080502BE2E576E901 ft=1 fh=3800e8a51d246518 vn="Win32/SProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseToSave\uninstall.exe.vir" sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir" sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir" sh=1409EBB3A3E32D47579100DF86DC75C2C3251B1D ft=1 fh=1bb22fea6c29b3c4 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.10.0\deltaApp.dll.vir" sh=D698B030B32596B463C472026A960115CF8BA08D ft=1 fh=757d60309ad51e46 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.10.0\deltaEng.dll.vir" sh=3400046C996E0D40BFDA36663BE83C5AF213497E ft=1 fh=ee0b8dcbe432084b vn="Win32/Toolbar.Montiera.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.10.0\escortShld.dll.vir" sh=C9B1C1D6B536D17E425934058F0D49A0876B8C14 ft=1 fh=0271089e341685c4 vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.10.0\uninstall.exe.vir" sh=61AE92BDBE73CAA679103CCC8C1C32D9CE4C5036 ft=1 fh=f55a5aa34ffcc0aa vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.16.16\deltaApp.dll.vir" sh=06E77114B379C9398559C80EA1CD42DDAF2F9932 ft=1 fh=7df5bed9d351ded5 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.16.16\deltaEng.dll.vir" sh=2BDFE90F70808F029FFF2FBE3CC11AA6D0BA205C ft=1 fh=bbeaf7302e7445ca vn="Variante von Win32/Toolbar.Montiera.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.16.16\deltaTlbr.dll.vir" sh=272C54D881640B6385AFF828957D43FA9B3E13E7 ft=1 fh=ee0b8dcb5319564f vn="Win32/Toolbar.Montiera.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.16.16\escortShld.dll.vir" sh=9B825CB5C57DF0C16FDBF777993D2F709D988EBA ft=1 fh=c6b55bd17df6dcb7 vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.16.16\uninstall.exe.vir" sh=D987048C3FF42F81F39E3B15E57F32AF7AA0BD00 ft=1 fh=47df87911e710cf9 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.21.5\deltaEng.dll.vir" sh=AE0BF6A9D8E66B04214FEBB5BF4B086E8AA34498 ft=1 fh=502ed3b2eef6754b vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.21.5\uninstall.exe.vir" sh=4F1A1ECBC53648728576DC417328B2DD70532367 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\1293297481.mxaddon.vir" sh=5D54CC20146F3608878DCEEB4C158502DD9336A4 ft=1 fh=92610938c9865243 vn="Variante von Win32/Toolbar.CrossRider.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-2.exe.vir" sh=93A8EAA8B380EFDB76DCF80F24DA42F8EFAF94B4 ft=1 fh=06efcc1ae1b638da vn="Variante von Win32/Toolbar.CrossRider.AX evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-4.exe.vir" sh=064FC06A2EEFDC56BEAD8407259C52EF7081E72D ft=1 fh=6633d1b36f708c10 vn="Variante von Win32/Toolbar.CrossRider.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-5.exe.vir" sh=ECC329D37F6197B2AA59A824C35B4DC2140FDC02 ft=1 fh=89560406b9636c83 vn="Variante von Win32/Toolbar.CrossRider.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-6.exe.vir" sh=FC7C71EF282BDADC317F651887DB6CE5EE6C6B1D ft=1 fh=bef86365191541b9 vn="Variante von Win64/Toolbar.Crossrider.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-64.exe.vir" sh=9E52C47FC494AFF0440088E483B18D7011FB946C ft=1 fh=83b4a2710f2bc08e vn="Variante von Win32/Toolbar.CrossRider.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-7.exe.vir" sh=3D3BE21D7E55B320E30D83D6B81BEBB8E9670B55 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2.xpi.vir" sh=0A163C943802AE6D0AAC01147DB71C216A92A422 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\acd42e4d-df71-4a2e-beba-ac536b327013.crx.vir" sh=D1E18E9F905A2CAD4EE497D7A51DF0445B1101DB ft=1 fh=9e3d18a222d9a44b vn="Variante von Win32/Toolbar.CrossRider.BC evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\c6ac72ed-56b8-40ca-9074-9efe04ef1716.exe.vir" sh=D3E33E4E35F8FD09209D79A685867DFE2F2B574C ft=1 fh=ee7646437016bc45 vn="Variante von Win32/Toolbar.CrossRider.BA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\HD-Quality-v3V30.09-bg.exe.vir" sh=9E1911A6EEF24AC241DBBCE84E373229A625A231 ft=1 fh=41139c7b58d49d73 vn="Variante von Win32/Toolbar.CrossRider.BA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\HD-Quality-v3V30.09-bho.dll.vir" sh=0C0A8D142D794BD3FAF1153B74E1143AC14B2ECD ft=1 fh=35b914c4dd00007b vn="Variante von Win64/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\HD-Quality-v3V30.09-bho64.dll.vir" sh=9E52C47FC494AFF0440088E483B18D7011FB946C ft=1 fh=83b4a2710f2bc08e vn="Variante von Win32/Toolbar.CrossRider.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\HD-Quality-v3V30.09-codedownloader.exe.vir" sh=70AC14E8DE4912453547D6B6AE03AFD071C81319 ft=1 fh=2c09e3c93d43b5ce vn="Variante von Win32/Toolbar.CrossRider.AW evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\Uninstall.exe.vir" sh=35CD6076EDC796893F50D81B43E105F6C1FCF54D ft=1 fh=6e3c5e19b25b262a vn="Win32/Packed.VMDetector.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\utils.exe.vir" sh=5627C44F247AEF7013AD6DCBD679579E67C238C0 ft=1 fh=c0cd3f62ccf1fb7d vn="Variante von Win32/Toolbar.CrossRider.BC evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\1242f82e-6c0d-47d3-a2c9-9feb3999108a.exe.vir" sh=4F1A1ECBC53648728576DC417328B2DD70532367 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\1293297481.mxaddon.vir" sh=55BCCCE93EB24CAF4500089E96353FA8AA68D474 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\3be94935-703d-4a9f-bdf8-bd3f9894f8d0.crx.vir" sh=7EEE19AB6A75D01301D150B05EDB4A4265A4F892 ft=1 fh=50691d8e0b41f6d4 vn="Variante von Win32/Toolbar.CrossRider.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-2.exe.vir" sh=C452D0FCE143239751AB626307DA1F9C68C9AC7D ft=1 fh=c5515ae6d95b0c4e vn="Variante von Win32/Toolbar.CrossRider.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-5.exe.vir" sh=A18C0C54CDD97A25D85C53EF1F55A7B039587779 ft=1 fh=5a973de0418f45a4 vn="Variante von Win32/Toolbar.CrossRider.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-6.exe.vir" sh=278F1223CD543704085BE02586CFC7FB4C5A8815 ft=1 fh=641c474ae09c53f2 vn="Variante von Win64/Toolbar.Crossrider.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-64.exe.vir" sh=B9D6E4F3291FD8233E7554EB7F6B88F5B72F6BD8 ft=1 fh=6406a13c56074767 vn="Variante von Win32/Toolbar.CrossRider.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-7.exe.vir" sh=55BCCCE93EB24CAF4500089E96353FA8AA68D474 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044.crx.vir" sh=AA57D22DA179DE7A9C579C15CF2D9FFB65EDF55F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044.xpi.vir" sh=7DAF026B9231B638C7AAB0E84E3E51ED56FD5B6A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\906da2ab-4d09-499c-8021-0f0019e75c93.crx.vir" sh=5E7A59ADEF619E2BDF69F544236E70211191C4C0 ft=1 fh=260d59ea34370b51 vn="Variante von Win32/Toolbar.CrossRider.BA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\HQCinema1.9V01.10-bg.exe.vir" sh=4D20F4A4B5DEC96C1B7C0DA5A0EF424E4D315687 ft=1 fh=23df21a9da12f8a7 vn="Variante von Win32/Toolbar.CrossRider.BA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\HQCinema1.9V01.10-bho.dll.vir" sh=04075C6F3919D4FCB09C809D68FBA403230C784C ft=1 fh=187c0ce90e204671 vn="Variante von Win64/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\HQCinema1.9V01.10-bho64.dll.vir" sh=B9D6E4F3291FD8233E7554EB7F6B88F5B72F6BD8 ft=1 fh=6406a13c56074767 vn="Variante von Win32/Toolbar.CrossRider.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\HQCinema1.9V01.10-codedownloader.exe.vir" sh=A6D8EBF60CA863CFDEE5CEA8DBA53DB8FA80EF3B ft=1 fh=b0abb287df74b473 vn="Variante von Win32/Toolbar.CrossRider.AW evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\Uninstall.exe.vir" sh=B187C94D7A76AAB7FD724D492CE50935A8735961 ft=1 fh=b550a8d907d63aa6 vn="Win32/Packed.VMDetector.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\utils.exe.vir" sh=67D59D15A734F2B41373F1CAF8347D199215D42C ft=1 fh=86e026dc2bf78850 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\New_UpdateMoboGenie.exe.vir" sh=A8A25383F8F16E2337D1664E0055BD2B9DDA687D ft=1 fh=295c78733579e7ab vn="Win32/AdWare.Loadshop.G Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PCTRunner\postcollect.exe.vir" sh=EAFFBE73877C256957F085F048A5F26015B4F44D ft=1 fh=486104c11900e37c vn="Win32/AdWare.Loadshop.G Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PCTRunner\precollect.exe.vir" sh=8C7AA36C88A0B5C208FD2D881305E5F055E94878 ft=1 fh=658a3d63544a3ef7 vn="Variante von MSIL/Vittalia.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SoftwareUpdater\AppsUpdater.exe.vir" sh=D45C6C4DA01BDC3927E6446B13C3545CDC7580EB ft=1 fh=67f9311d165235d3 vn="Variante von MSIL/Vittalia.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SoftwareUpdater\UpdaterService.exe.vir" sh=90427D5199B56EC25CF37432DD01BA5DB6577688 ft=1 fh=d027f2ca170647de vn="Variante von Win32/InstallCore.AZ evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Uncompressor\Uninstall\Uninstall.exe.vir" sh=479FE7631AD9FD53FB6701E34E83CA5F5BF72EB5 ft=1 fh=dcbb57b665ef3044 vn="Win32/RegistryBooster evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Uniblue\RegistryBooster\registrybooster.exe.vir" sh=DBC113FB8C67793BA76E1FE6F6659E56DA56AF79 ft=1 fh=3a3964e85d4c79c1 vn="Variante von Win32/AdWare.AddLyrics.BY Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ver4NewPlayer\Uninstall.exe.vir" sh=D4622558BA366F2F94560DA301A81C6C16F95A3C ft=1 fh=a051d81d6a04e061 vn="Win32/Adware.MultiPlug.G Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Browse2Save\50e05214d5b32.dll.vir" sh=D8809854AAB454F467FFEEE191B7A85D62079771 ft=0 fh=0000000000000000 vn="OSX/ChatZum.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\wsflpik0.default\Extensions\staged\{ADFA33FD-16F5-4355-8504-DF4D664CFE83}\chrome\content\id_chatzum\bubble.js.vir" sh=EBF01B3EC4607AEB707184674F723440272D4EF5 ft=0 fh=0000000000000000 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pascal\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.1.32.zip.vir" sh=22DF0C5225334D3AD807485F5E9DC92AD42DB731 ft=1 fh=10832299a7779ae3 vn="Variante von MSIL/Adware.StrongVault.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pascal\AppData\Local\WeatherAlerts\DesktopWeatherAlertsApp.exe.vir" sh=9F82BB5DC8D4EC6B8B2BB47CB6C329B8AF1C14CE ft=1 fh=c92ed1f3ca58c043 vn="Win32/InstallCore.AZ evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pascal\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z\Codec Pack Packages\uninstaller.exe.vir" sh=0096823BB7E0BD8E4775AB1F9C39CE499AE6D57A ft=1 fh=519fa8678758cdf3 vn="Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pascal\AppData\Roaming\BabSolution\Shared\BabMaint.exe.vir" sh=BE3A5951F9D566E9C0B10B41781E42A3A8562B12 ft=1 fh=bfe637157b287a9d vn="Variante von Win32/Toolbar.Babylon.W evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pascal\AppData\Roaming\BabSolution\Shared\enhancedNT.dll.vir" sh=FD0663F63F87B7B5B310EC6CE26E72AF58243084 ft=1 fh=f52ffd4db74c8f0b vn="Variante von Win32/DealPly.S evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pascal\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe.vir" sh=3E34A96020F886FD82E1FE746938E167F6428930 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\0b105cbff1eb40b89bca7dae371d@7ead2390 35fb4613ab38ef.com\extensionData\plugins\91.js.vir" sh=3E34A96020F886FD82E1FE746938E167F6428930 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\0cd1569197354ecf9be03@d3ee3bc4210848f 7b5a58324f064f.com\extensionData\plugins\91.js.vir" sh=A6B0985ABC1E2C02B26045E46506CAAC737DA137 ft=1 fh=121662fb9c8fa164 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{78e516ef-11de-47a1-8364-a99b917ec5ee}\Plugins\npConduitFirefoxPlugin.dll.vir" sh=7347094BB7355D843C3B590B6944158EF33010C2 ft=1 fh=d6498a4cb5105e4e vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}\Plugins\npConduitFirefoxPlugin.dll.vir" sh=5DA66EA0FA52EB3985E65FF2719A1BF4BC893D8C ft=1 fh=4c5d11f7907db64c vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pascal\AppData\Roaming\OpenCandy\070522356A1948D6B101B6E5E09B6E9D\Ignite_DLMgr_241.exe.vir" sh=D4E58F4D2FCC1BF5F09154AFC9EDB884CDEC46A3 ft=1 fh=f3410d3bb263c685 vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pascal\AppData\Roaming\OpenCandy\564B4FDFB5E1426F96EB8DC1A2E202B5\dlm.exe.vir" sh=C4420C6E94B8CAACCB3811384280D8A93CB0A37D ft=1 fh=25f111c507a31a21 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pascal\AppData\Roaming\OpenCandy\564B4FDFB5E1426F96EB8DC1A2E202B5\sp-downloader.exe.vir" sh=7C620D1FDA9B0BCB94387A0E5AFD2565B2FB5B08 ft=1 fh=0ea7a7a2438ec590 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pascal\AppData\Roaming\OpenCandy\564B4FDFB5E1426F96EB8DC1A2E202B5\Whitesmoke_directN_p1v1.exe.vir" sh=DFC4F20235026E8BE5513D8CFA11C1C9AEC3A2A5 ft=1 fh=f9c6064045e48fe6 vn="Win32/AdWare.Snoozer.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pascal\AppData\Roaming\Snz\Snz.exe.vir" sh=2B9A1340BEC2FE2694C333ACD77F0E12EF9550D1 ft=1 fh=fcbeb3ad261a92d1 vn="Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Susu\AppData\Local\Google\Chrome\User Data\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp\10.31.4.510_0\APISupport\APISupport.dll.vir" sh=675526C1B3CB27C6635233B62EDB8ECEEBFE1556 ft=1 fh=8382eeac10eb278f vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Susu\AppData\Local\Google\Chrome\User Data\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe.vir" sh=C0114483C9E2C1271B0D594AB6A6BF1E4F383D63 ft=1 fh=e2607344a0894545 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Susu\AppData\Local\Google\Chrome\User Data\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp\10.31.4.510_0\plugins\ChromeApiPlugin.dll.vir" sh=2B9A1340BEC2FE2694C333ACD77F0E12EF9550D1 ft=1 fh=fcbeb3ad261a92d1 vn="Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Susu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga\10.31.4.510_0\APISupport\APISupport.dll.vir" sh=675526C1B3CB27C6635233B62EDB8ECEEBFE1556 ft=1 fh=8382eeac10eb278f vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Susu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe.vir" sh=C0114483C9E2C1271B0D594AB6A6BF1E4F383D63 ft=1 fh=e2607344a0894545 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Susu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga\10.31.4.510_0\plugins\ChromeApiPlugin.dll.vir" sh=2B9A1340BEC2FE2694C333ACD77F0E12EF9550D1 ft=1 fh=fcbeb3ad261a92d1 vn="Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Susu\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.31.4.510_0\APISupport\APISupport.dll.vir" sh=675526C1B3CB27C6635233B62EDB8ECEEBFE1556 ft=1 fh=8382eeac10eb278f vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Susu\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe.vir" sh=C0114483C9E2C1271B0D594AB6A6BF1E4F383D63 ft=1 fh=e2607344a0894545 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Susu\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.31.4.510_0\plugins\ChromeApiPlugin.dll.vir" sh=558C365776AD71C812363E30D7880CF564028A06 ft=1 fh=e10f04e359590fdb vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir" sh=9EDBB0A8432968C445554889EE814E0425793CC7 ft=1 fh=d7b195f2da2a51d9 vn="Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung" ac=I fn="C:\Downloads\Software\SoftonicDownloader_fuer_corel-videostudio-pro-x4(1).exe" sh=9EDBB0A8432968C445554889EE814E0425793CC7 ft=1 fh=d7b195f2da2a51d9 vn="Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung" ac=I fn="C:\Downloads\Software\SoftonicDownloader_fuer_corel-videostudio-pro-x4.exe" sh=93510E07EBD463BE51052EC8114EC16C5423103E ft=0 fh=0000000000000000 vn="Win32/Conduit.SearchProtect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Mozilla Firefox\components\sprotector.js" sh=282E43766D30716E793A5122951C2AE76FD8CBCC ft=0 fh=0000000000000000 vn="Win32/DealPly.J evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Mozilla Firefox\extensions\staged\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}\chrome\content\dealply.xul" sh=23D2353C524021F8AB247785FA9EC968AB9DE357 ft=1 fh=24daf732dbd6b92c vn="Variante von Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\SRToolbar\del_IEBHO_19.dll" sh=E9D98D6E3550549CE5376A3C06708F05B6702568 ft=1 fh=66e30dadf5a4da2d vn="Variante von Win64/Toolbar.SearchSuite.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\SRToolbar\del_IEBHO_22.dll" sh=24D87B0364FAAE61616174B47AB968D24335661D ft=1 fh=a8ba3bebfe3c0e87 vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\ProgramData\HAunCmYKI\tCJlXj.exe" sh=F5C41EBFA6285BA1EF4F328C69600DE0381A1930 ft=1 fh=50781270dc878ffd vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\ProgramData\HAunCmYKI\dat\BNaPTVTLvol.exe" sh=C2BD33C883BF10AA57683C90DD6E63A571540296 ft=1 fh=9f41366889df498c vn="Variante von MSIL/Adware.PullUpdate.C Anwendung" ac=I fn="C:\ProgramData\HAunCmYKI\dat\csLSYQX.dll" sh=BF7200E30A1E5FE56ABCC2D45D7EFEA842E17037 ft=1 fh=55ce11d46d47ac7e vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\ProgramData\HAunCmYKI\dat\gqVTxIDpRLy.exe" sh=34F2250D95985E2EEEE0F3CA484EFBBC1B592F74 ft=0 fh=0000000000000000 vn="Win32/DealPly.E evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\DealPly\DealPly.crx.vir" sh=E08AE9A63C7D24CB30CBCAA919B3E450A1BF39EC ft=1 fh=0bcd3e3f572ae765 vn="Win32/DealPly.D evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\DealPly\DealPlyUpdate.exe.vir" sh=D511C85A94649134C7BA8ECFD7876125A4C2F832 ft=1 fh=bdced5e2a18ee905 vn="Variante von Win32/DealPly.C evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\DealPly\DealPlyUpdateRun.exe.vir" sh=F10D376B105ED6AA048EF25BC631502B04FE5A02 ft=1 fh=7624ac884a7f8292 vn="Win32/DealPly.D evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\DealPly\uninst.exe.vir" sh=041836D322EFE0BB1C3B635166B447276AE4EF64 ft=1 fh=6ac5b3f201470712 vn="Variante von Win32/Toolbar.CrossRider.BB evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\acd42e4d-df71-4a2e-beba-ac536b327013.dll.vir" sh=D0C3C169B53AB1AEF9D0A30F833D0C8C1E3653E3 ft=1 fh=82f92155cc901dbc vn="Variante von Win32/Toolbar.CrossRider.BB evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\3be94935-703d-4a9f-bdf8-bd3f9894f8d0.dll.vir" sh=218B9EC7A2AFBABC5F9FB3E6640913E3679607CA ft=1 fh=3c950061cc04500e vn="Win32/Toolbar.SearchSuite.H evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\Searchqu Toolbar\Datamngr\BrowserConnection.dll.vir" sh=0310A60A916C6A0DF24C0530F46E1A8EBDFD97B8 ft=1 fh=8b22f77f354a04e7 vn="Variante von Win32/Toolbar.SearchSuite.C evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngr.dll.vir" sh=61C34116CE03FED40D352C9BBD289EC35AF0EFE6 ft=1 fh=ffe3bbe14592330c vn="Variante von Win32/Toolbar.SearchSuite.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe.vir" sh=852CD487D40E353530F7623141C0D6F21C2BA95D ft=1 fh=f0a2e409ac939350 vn="Variante von Win32/Toolbar.SearchSuite.R evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\Searchqu Toolbar\Datamngr\DnsBHO.dll.vir" sh=FA636F4293236C10B6DB308B016AB93F220D40F3 ft=1 fh=317b02b0ab10ad0b vn="Variante von Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\Searchqu Toolbar\Datamngr\IEBHO.dll.vir" sh=95175EED729C707F44A9258B47B687E347177B7E ft=1 fh=2d5df013251b1827 vn="Variante von Win64/Toolbar.SearchSuite.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\datamngr.dll.vir" sh=C183E5B410C46A7896994338CA2709638EB3572C ft=1 fh=0ef8ee90b9f8add7 vn="Variante von Win64/Toolbar.SearchSuite.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\IEBHO.dll.vir" sh=6D337B7209C2E4837F4075D44D5928D0F4BC54E6 ft=1 fh=c71c0011cc6930ff vn="Win32/Vittalia.K evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SoftwareUpdater\KeyGen.dll.vir" sh=91FD0C68DC46843917C8FEA976D8DDF7B941D897 ft=1 fh=fe05ab993baef410 vn="Win32/Toolbar.Babylon.P evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\BabMaint.exe.vir" sh=58C3F42D04D646EB15C73F8558B7A6FC8CE26A8C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\101_cortica_m.js.vir" sh=B5ED1E639B7D9AD3C0F3C81E5AA2E9F88DDFEB65 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\102_dealply_m.js.vir" sh=FC28D62EDB6C0C353E97185BB4B6DC87F5EDED14 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\103_intext_5_m.js.vir" sh=1AA56806D2545B3773D7C5CCEAE82353BDBB575F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\104_jollywallet_m.js.vir" sh=0B21E41A47E579081215969619861996F43524B1 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\105_corticas_m.js.vir" sh=30AFCC1D03C04E68202593C239C4964A29BA2E15 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\108_icm_m.js.vir" sh=6EF5B1448DE7B0A1263E32EBA7DC2AFE502C8FB4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\116_ads_only_5_m.js.vir" sh=7F7359D9F0900191297BFDF5B85D5CDF588CD9EA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\117_coupons_intext_ads_5_m.js.vir" sh=FE3704EEF2BFB9DCA552518E7AEC9D6AFC1ED15C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\119_similar_web_m.js.vir" sh=1A9BCED07CCAC5AABE7F80BB199360D125E6F268 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\120_luck_m.js.vir" sh=0CE44D7F4F3469C96749E6220CA51CB96B0CFA1F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\123_intext_adv_m.js.vir" sh=B0DF9F21E3E69C188775A6F9C466B19932C9238A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\124_superfish_no_search_no_coupons_m.js.vir" sh=D295E3F253D0942BD3114F61DEF5D78DD0FC5BFB ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\125_arcadi2_m.js.vir" sh=3CFE90E3825BB08EB9B4222552FAC05360188207 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\126_revizer_ws_m.js.vir" sh=031F6CD140ED363E0F137E627AE1FE4DED5714E2 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\127_revizer_p_m.js.vir" sh=28ECD06AF56EB424F74BB63563BC79E57C15C2D9 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\128_superfish_pricora_m.js.vir" sh=05480BD17A63333789D1E425879FBF083C177A99 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\129_widdit_m.js.vir" sh=BB2946641B9FEB2F76D281220A52220336E454E1 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\135_arcadi3_m.js.vir" sh=8BD506BDCB470B73FE581B4DA1769AD9FBCAF0D8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\138_getdeal_m.js.vir" sh=90A4F559561CF603A203F93D56C80B17B8152325 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\141_corticas_ru_m.js.js.vir" sh=8395A2B6D59D2F3EDDCFC863DDA2F674396DC74C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\142_intext_fa_m.js.vir" sh=943F60E8E3F306CF4EE6E844D06FAC7552EE1856 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\155_ibario_pops_m.js.vir" sh=0CEB1A073B87956FD1F21F8425B8F76015B1BCD8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\158_50onred_ads_only_no_fb_m.js.vir" sh=441E98540BDEC21B7E534C2B317AE91925F6CEE7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\159_cortica_rollover_m.js.vir" sh=C8B01A1511A63AEC3D40B1D045034D76B1E85EFD ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\171_arcadi2_sourceID_m.js.vir" sh=078C314715CCC0DE7547172AD4B810FD754115C6 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js.vir" sh=E2AAC0A6807AABEFDD15388FE0DF40EDD826084E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\175_coolmirage_m.js.vir" sh=CFFCA6A4EE3A0DF2319440491BB297ADEC6EEF37 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\178_revizer_ws_dynamic_m.js.vir" sh=ADB54DE323736C99B4191A45B478B70DF1B7B945 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\179_revizer_p_dynamic_m.js.vir" sh=631D51C0D12FBED68BBF95F6E6505F2CE3692BAB ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\91_monetizationLoader.js.js.vir" sh=93022F69189E8D2F1B4B8717522CA1AFFA59F708 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\92_superfish_m.js.vir" sh=0C5AC30A082628E85A9A8B68EF5E5EAFA46F0CC7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\93_superfish_no_coupons_m.js.vir" sh=8E404BAFA9CEAC0628F089B4F1AA879EB5A3404E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\101_cortica_m.js.vir" sh=957E505E027C2F899F844C27AC8B82EF94AEBB68 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\102_dealply_m.js.vir" sh=7A8863E5095C870FD812E92F74507EED957A94B8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\103_intext_5_m.js.vir" sh=EB047CB7862459E0F74832AEF6A7954A3663373F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\104_jollywallet_m.js.vir" sh=F2126D68553053F0A5A411866DEC205E27283EDA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\105_corticas_m.js.vir" sh=A69DBD3502EA9C4EDD7DEAFB23A8FC1C97BAB232 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\107_coupish_m.js.vir" sh=FA38D9448030424887879C530E2ADBCACD605CEA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\108_icm_m.js.vir" sh=E531E2197FC767CFACEA72A75E1CE492D08F92DA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\116_ads_only_5_m.js.vir" sh=C3D3CCADC78D71D7482BB5DBA16FBB0534200D12 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\117_coupons_intext_ads_5_m.js.vir" sh=9495814AE107F6739D62A09B1829E5A2DCDA1354 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\119_similar_web_m.js.vir" sh=D10EA105AB5DB329186B0B6F10541DD58058AEB8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\120_luck_m.js.vir" sh=B985E49C6E0E423954A36327BE2EA87F0F287145 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\123_intext_adv_m.js.vir" sh=EAAF312959AC9CCF5138825927B5E2D38F57E2E1 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\124_superfish_no_search_no_coupons_m.js.vir" sh=62B063E0D121966E9A83C9AB518DADAE47423555 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\125_arcadi2_m.js.vir" sh=46256E3D1583A586B8F130BA0CCB1671D2B666C1 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\126_revizer_ws_m.js.vir" sh=F139543D5C107C30764FA7A0473152F192FA43D2 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\127_revizer_p_m.js.vir" sh=4A86247BDE5D2225473389037FA942819FD677CF ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\128_superfish_pricora_m.js.vir" sh=D9E89F57D3A13498640961F3B9954D67D7EA1039 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\129_widdit_m.js.vir" sh=B9CFC11B067C54952D592C618BD391AA26B3393B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\135_arcadi3_m.js.vir" sh=17483832BF1FA23335B7C1E04A0530AB60CBEDC6 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\138_getdeal_m.js.vir" sh=90A4F559561CF603A203F93D56C80B17B8152325 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\141_corticas_ru_m.js.js.vir" sh=8395A2B6D59D2F3EDDCFC863DDA2F674396DC74C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\142_intext_fa_m.js.vir" sh=DB51332A37F65FD4863EE1B8A5BA62A02DA885F8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\155_ibario_pops_m.js.vir" sh=EF02C9278F4E7BDC1EC5895CAE01C16A68FF4FAB ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\158_50onred_ads_only_no_fb_m.js.vir" sh=18C46AE5CB67274764D17F8A40975EEB5C67F795 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\159_cortica_rollover_m.js.vir" sh=3DA0E458C1D4F5CECA7F012A2B0DA4CC1C7B63A1 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\170_icm1_5_m.js.vir" sh=EDAF8A2B6318DD482F0BBDC2A96C109697D86E5A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\171_arcadi2_sourceID_m.js.vir" sh=2184DFBF93B03726607BF2C44682CF058FB2987B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js.vir" sh=BAA03B328F746B8C2F0459C92BB3D9B03A8E5067 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\175_coolmirage_m.js.vir" sh=52E4B498947D3D88D7C6042611258238D71CA0C4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\91_monetizationLoader.js.js.vir" sh=93022F69189E8D2F1B4B8717522CA1AFFA59F708 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\92_superfish_m.js.vir" sh=D628ECC839BB1AC5640113BF5884D0B708A56984 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\93_superfish_no_coupons_m.js.vir" sh=24D87B0364FAAE61616174B47AB968D24335661D ft=1 fh=a8ba3bebfe3c0e87 vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\Users\All Users\HAunCmYKI\tCJlXj.exe" sh=F5C41EBFA6285BA1EF4F328C69600DE0381A1930 ft=1 fh=50781270dc878ffd vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\Users\All Users\HAunCmYKI\dat\BNaPTVTLvol.exe" sh=C2BD33C883BF10AA57683C90DD6E63A571540296 ft=1 fh=9f41366889df498c vn="Variante von MSIL/Adware.PullUpdate.C Anwendung" ac=I fn="C:\Users\All Users\HAunCmYKI\dat\csLSYQX.dll" sh=BF7200E30A1E5FE56ABCC2D45D7EFEA842E17037 ft=1 fh=55ce11d46d47ac7e vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\Users\All Users\HAunCmYKI\dat\gqVTxIDpRLy.exe" sh=9413821E4285C46DAF48156B472065FC2D763FE8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Pascal\AppData\Roaming\SUU" sh=93A8EAA8B380EFDB76DCF80F24DA42F8EFAF94B4 ft=1 fh=06efcc1ae1b638da vn="Variante von Win32/Toolbar.CrossRider.AX evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Pascal\AppData\Roaming\SUU.exe" sh=FED76CBD8D5660DEC60B3F16547372DEE7F87FA6 ft=1 fh=9705b06916654cd4 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\uqbb6zzc.default\extensions\{6a81a935-50f5-4d3f-bd29-06e9c06c3397}\components\SmartbarFireFoxRemotePlugin_18.dll" sh=3E34A96020F886FD82E1FE746938E167F6428930 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Pascal\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.49_0\extensionData\plugins\91.js" sh=FDCBC8D81CF255A328EE31C244613B1B5C56DC43 ft=1 fh=cfb484d79a6c1c3a vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Pascal\AppData\Roaming\VisicomToolBar\gamesagogo_en_w3i_toolbar_3.2.0.36.exe" sh=5485D0C340ADDDBC73E8EC2FD7F1F298835E0B3A ft=1 fh=9dd14d452c4cd67c vn="Variante von Win32/Toolbar.MyWebSearch.R evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Pascal\Downloads\Allin1ConvertSetup2.5.14.73.^AYY^man000^YYA^.exe" sh=3FFFE11EA667EF518ECD23CC0154C682845671A6 ft=1 fh=c71c00119e2675e2 vn="Variante von Win32/InstallCore.BY evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Pascal\Downloads\BitLordInstaller - Watch Dogs-RELOADED.exe" sh=91B61DAB9AE2EE477CBCE6F204AD25A6F470CF69 ft=1 fh=188c542fd3c95b67 vn="Variante von Win32/WinloadSDA.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Pascal\Downloads\Bully--Die-Ehrenrunde-lnstall.exe" sh=C662A89E2318810A6012EF702A9C39F6E0AC3B36 ft=1 fh=e8789dd77b481b56 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Pascal\Downloads\ccsetup411 (1).exe" sh=C662A89E2318810A6012EF702A9C39F6E0AC3B36 ft=1 fh=e8789dd77b481b56 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Pascal\Downloads\ccsetup411.exe" sh=2E966A60869CB2B4C9D5473B5DC26D95BBA143D4 ft=1 fh=0eaf74f7306ef4c6 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Pascal\Downloads\Daemon Tools Pro Advanced - CHIP-Installer.exe" sh=72E5D0E84C4A1E37E097DEB761F46597C6435D8A ft=1 fh=e3ca417c41eb611a vn="Win32/Toolbar.Conduit.AE evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Pascal\Downloads\Fake_Voice_7.0_TSA1PTSE.exe" sh=5281EA99625F2FA1E760CB457C302962374C24BA ft=1 fh=dfd2691ec14c4544 vn="Variante von Win32/iLivid.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Pascal\Downloads\iLividSetup-r725-n-bc.exe" sh=45759468FEE8B45BF08F7B9525F44A64165B0732 ft=1 fh=0fb2f2fa48fb6491 vn="Variante von Win32/Verti.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Pascal\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe" ESETSmartInstaller@High as downloader log: all ok # product=EOS # version=8 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.7623 # api_version=3.0.2 # EOSSerial=efe6c0d0af5e0449a32d2047d5023f19 # engine=20685 # end=finished # remove_checked=false # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2014-10-20 04:30:30 # local_time=2014-10-20 06:30:30 (+0100, Mitteleuropäische Sommerzeit) # country="Germany" # lang=1031 # osver=6.1.7601 NT Service Pack 1 # compatibility_mode_1='' # compatibility_mode=5893 16776573 100 94 92124 165452480 0 0 # scanned=334435 # found=213 # cleaned=0 # scan_time=14646 sh=8363F1CC261BAEDFA6AA35E5B5B440059194E165 ft=1 fh=5db96503322a86d0 vn="OSX/ChatZum.C evtl. unerwünschte Anwendung" ac=I fn="C:\chatzum.exe" sh=8871BA7436B0D8B92BE4824C9B0DF4AF1EE01979 ft=1 fh=783c8a9d5bb7b11d vn="Win32/AdWare.Loadshop.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\monitor.exe.vir" sh=C5E60CCD154DB4E5978E33285DB016171C80ED79 ft=1 fh=58635ab0e5696ad2 vn="Win32/AdWare.Loadshop.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\monitorsvc.exe.vir" sh=6CFBBF468E6A211944990A3F77CF20FFD7C656CA ft=1 fh=dcea608ef0c8d43e vn="Variante von Win32/Toolbar.Perion.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Web Assistant\Extension32.dll.vir" sh=FD905A3203366E0DBA86D613918A77D8B8B4456A ft=1 fh=e8ce3b638ef5d058 vn="Variante von Win64/Toolbar.Perion.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Web Assistant\Extension64.dll.vir" sh=75C91850390AF31AE7CD133F07C06F7F4FB32CA2 ft=1 fh=a8c048e2661f49eb vn="Variante von Win32/Toolbar.BitCocktail.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Web Assistant\ExtensionUpdaterService.exe.vir" sh=3152EB88BE6EAD1A6952D9FC7FE48DEC26BAE87F ft=1 fh=3e00041e9d8235c3 vn="Variante von Win32/Toolbar.BitCocktail.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Web Assistant\InstallerHelper.dll.vir" sh=BA3104DC01047E0522EA93F82603B4ADFE166586 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Perion.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Web Assistant\source.crx.vir" sh=F5D787D180AE448471A4C154E09301A4A0F059C4 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Perion.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Web Assistant\Firefox\chrome\content\main.js.vir" sh=9182A923990EDEE0961913EE79DA20DB683E6BCB ft=1 fh=e4a0e7f51d99cd6a vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Amazon Browser Bar\search_protect.exe.vir" sh=DF6BD6FCEA92B53C712122E3B53C3A7FE0D433CB ft=1 fh=c71c0011f9518a8a vn="Variante von Win32/Toolbar.Besttoolbars.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BetterAds\ScriptHost.dll.vir" sh=3FDA53F88C2B98DE37AC2C2080502BE2E576E901 ft=1 fh=3800e8a51d246518 vn="Win32/SProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\BrowseToSave\uninstall.exe.vir" sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir" sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir" sh=1409EBB3A3E32D47579100DF86DC75C2C3251B1D ft=1 fh=1bb22fea6c29b3c4 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.10.0\deltaApp.dll.vir" sh=D698B030B32596B463C472026A960115CF8BA08D ft=1 fh=757d60309ad51e46 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.10.0\deltaEng.dll.vir" sh=3400046C996E0D40BFDA36663BE83C5AF213497E ft=1 fh=ee0b8dcbe432084b vn="Win32/Toolbar.Montiera.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.10.0\escortShld.dll.vir" sh=C9B1C1D6B536D17E425934058F0D49A0876B8C14 ft=1 fh=0271089e341685c4 vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.10.0\uninstall.exe.vir" sh=61AE92BDBE73CAA679103CCC8C1C32D9CE4C5036 ft=1 fh=f55a5aa34ffcc0aa vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.16.16\deltaApp.dll.vir" sh=06E77114B379C9398559C80EA1CD42DDAF2F9932 ft=1 fh=7df5bed9d351ded5 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.16.16\deltaEng.dll.vir" sh=2BDFE90F70808F029FFF2FBE3CC11AA6D0BA205C ft=1 fh=bbeaf7302e7445ca vn="Variante von Win32/Toolbar.Montiera.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.16.16\deltaTlbr.dll.vir" sh=272C54D881640B6385AFF828957D43FA9B3E13E7 ft=1 fh=ee0b8dcb5319564f vn="Win32/Toolbar.Montiera.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.16.16\escortShld.dll.vir" sh=9B825CB5C57DF0C16FDBF777993D2F709D988EBA ft=1 fh=c6b55bd17df6dcb7 vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.16.16\uninstall.exe.vir" sh=D987048C3FF42F81F39E3B15E57F32AF7AA0BD00 ft=1 fh=47df87911e710cf9 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.21.5\deltaEng.dll.vir" sh=AE0BF6A9D8E66B04214FEBB5BF4B086E8AA34498 ft=1 fh=502ed3b2eef6754b vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.21.5\uninstall.exe.vir" sh=4F1A1ECBC53648728576DC417328B2DD70532367 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\1293297481.mxaddon.vir" sh=5D54CC20146F3608878DCEEB4C158502DD9336A4 ft=1 fh=92610938c9865243 vn="Variante von Win32/Toolbar.CrossRider.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-2.exe.vir" sh=93A8EAA8B380EFDB76DCF80F24DA42F8EFAF94B4 ft=1 fh=06efcc1ae1b638da vn="Variante von Win32/Toolbar.CrossRider.AX evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-4.exe.vir" sh=064FC06A2EEFDC56BEAD8407259C52EF7081E72D ft=1 fh=6633d1b36f708c10 vn="Variante von Win32/Toolbar.CrossRider.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-5.exe.vir" sh=ECC329D37F6197B2AA59A824C35B4DC2140FDC02 ft=1 fh=89560406b9636c83 vn="Variante von Win32/Toolbar.CrossRider.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-6.exe.vir" sh=FC7C71EF282BDADC317F651887DB6CE5EE6C6B1D ft=1 fh=bef86365191541b9 vn="Variante von Win64/Toolbar.Crossrider.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-64.exe.vir" sh=9E52C47FC494AFF0440088E483B18D7011FB946C ft=1 fh=83b4a2710f2bc08e vn="Variante von Win32/Toolbar.CrossRider.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2-7.exe.vir" sh=3D3BE21D7E55B320E30D83D6B81BEBB8E9670B55 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\56c2d237-88f9-437d-be8e-58367541cdc2.xpi.vir" sh=0A163C943802AE6D0AAC01147DB71C216A92A422 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\acd42e4d-df71-4a2e-beba-ac536b327013.crx.vir" sh=D1E18E9F905A2CAD4EE497D7A51DF0445B1101DB ft=1 fh=9e3d18a222d9a44b vn="Variante von Win32/Toolbar.CrossRider.BC evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\c6ac72ed-56b8-40ca-9074-9efe04ef1716.exe.vir" sh=D3E33E4E35F8FD09209D79A685867DFE2F2B574C ft=1 fh=ee7646437016bc45 vn="Variante von Win32/Toolbar.CrossRider.BA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\HD-Quality-v3V30.09-bg.exe.vir" sh=9E1911A6EEF24AC241DBBCE84E373229A625A231 ft=1 fh=41139c7b58d49d73 vn="Variante von Win32/Toolbar.CrossRider.BA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\HD-Quality-v3V30.09-bho.dll.vir" sh=0C0A8D142D794BD3FAF1153B74E1143AC14B2ECD ft=1 fh=35b914c4dd00007b vn="Variante von Win64/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\HD-Quality-v3V30.09-bho64.dll.vir" sh=9E52C47FC494AFF0440088E483B18D7011FB946C ft=1 fh=83b4a2710f2bc08e vn="Variante von Win32/Toolbar.CrossRider.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\HD-Quality-v3V30.09-codedownloader.exe.vir" sh=70AC14E8DE4912453547D6B6AE03AFD071C81319 ft=1 fh=2c09e3c93d43b5ce vn="Variante von Win32/Toolbar.CrossRider.AW evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\Uninstall.exe.vir" sh=35CD6076EDC796893F50D81B43E105F6C1FCF54D ft=1 fh=6e3c5e19b25b262a vn="Win32/Packed.VMDetector.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\utils.exe.vir" sh=5627C44F247AEF7013AD6DCBD679579E67C238C0 ft=1 fh=c0cd3f62ccf1fb7d vn="Variante von Win32/Toolbar.CrossRider.BC evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\1242f82e-6c0d-47d3-a2c9-9feb3999108a.exe.vir" sh=4F1A1ECBC53648728576DC417328B2DD70532367 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\1293297481.mxaddon.vir" sh=55BCCCE93EB24CAF4500089E96353FA8AA68D474 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\3be94935-703d-4a9f-bdf8-bd3f9894f8d0.crx.vir" sh=7EEE19AB6A75D01301D150B05EDB4A4265A4F892 ft=1 fh=50691d8e0b41f6d4 vn="Variante von Win32/Toolbar.CrossRider.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-2.exe.vir" sh=C452D0FCE143239751AB626307DA1F9C68C9AC7D ft=1 fh=c5515ae6d95b0c4e vn="Variante von Win32/Toolbar.CrossRider.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-5.exe.vir" sh=A18C0C54CDD97A25D85C53EF1F55A7B039587779 ft=1 fh=5a973de0418f45a4 vn="Variante von Win32/Toolbar.CrossRider.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-6.exe.vir" sh=278F1223CD543704085BE02586CFC7FB4C5A8815 ft=1 fh=641c474ae09c53f2 vn="Variante von Win64/Toolbar.Crossrider.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-64.exe.vir" sh=B9D6E4F3291FD8233E7554EB7F6B88F5B72F6BD8 ft=1 fh=6406a13c56074767 vn="Variante von Win32/Toolbar.CrossRider.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044-7.exe.vir" sh=55BCCCE93EB24CAF4500089E96353FA8AA68D474 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044.crx.vir" sh=AA57D22DA179DE7A9C579C15CF2D9FFB65EDF55F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\815a6f6b-5b57-4751-8a99-2a2f9410b044.xpi.vir" sh=7DAF026B9231B638C7AAB0E84E3E51ED56FD5B6A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\906da2ab-4d09-499c-8021-0f0019e75c93.crx.vir" sh=5E7A59ADEF619E2BDF69F544236E70211191C4C0 ft=1 fh=260d59ea34370b51 vn="Variante von Win32/Toolbar.CrossRider.BA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\HQCinema1.9V01.10-bg.exe.vir" sh=4D20F4A4B5DEC96C1B7C0DA5A0EF424E4D315687 ft=1 fh=23df21a9da12f8a7 vn="Variante von Win32/Toolbar.CrossRider.BA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\HQCinema1.9V01.10-bho.dll.vir" sh=04075C6F3919D4FCB09C809D68FBA403230C784C ft=1 fh=187c0ce90e204671 vn="Variante von Win64/Toolbar.Crossrider.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\HQCinema1.9V01.10-bho64.dll.vir" sh=B9D6E4F3291FD8233E7554EB7F6B88F5B72F6BD8 ft=1 fh=6406a13c56074767 vn="Variante von Win32/Toolbar.CrossRider.AV evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\HQCinema1.9V01.10-codedownloader.exe.vir" sh=A6D8EBF60CA863CFDEE5CEA8DBA53DB8FA80EF3B ft=1 fh=b0abb287df74b473 vn="Variante von Win32/Toolbar.CrossRider.AW evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\Uninstall.exe.vir" sh=B187C94D7A76AAB7FD724D492CE50935A8735961 ft=1 fh=b550a8d907d63aa6 vn="Win32/Packed.VMDetector.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\utils.exe.vir" sh=67D59D15A734F2B41373F1CAF8347D199215D42C ft=1 fh=86e026dc2bf78850 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\New_UpdateMoboGenie.exe.vir" sh=A8A25383F8F16E2337D1664E0055BD2B9DDA687D ft=1 fh=295c78733579e7ab vn="Win32/AdWare.Loadshop.G Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PCTRunner\postcollect.exe.vir" sh=EAFFBE73877C256957F085F048A5F26015B4F44D ft=1 fh=486104c11900e37c vn="Win32/AdWare.Loadshop.G Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PCTRunner\precollect.exe.vir" sh=8C7AA36C88A0B5C208FD2D881305E5F055E94878 ft=1 fh=658a3d63544a3ef7 vn="Variante von MSIL/Vittalia.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SoftwareUpdater\AppsUpdater.exe.vir" sh=D45C6C4DA01BDC3927E6446B13C3545CDC7580EB ft=1 fh=67f9311d165235d3 vn="Variante von MSIL/Vittalia.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SoftwareUpdater\UpdaterService.exe.vir" sh=90427D5199B56EC25CF37432DD01BA5DB6577688 ft=1 fh=d027f2ca170647de vn="Variante von Win32/InstallCore.AZ evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Uncompressor\Uninstall\Uninstall.exe.vir" sh=479FE7631AD9FD53FB6701E34E83CA5F5BF72EB5 ft=1 fh=dcbb57b665ef3044 vn="Win32/RegistryBooster evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Uniblue\RegistryBooster\registrybooster.exe.vir" sh=DBC113FB8C67793BA76E1FE6F6659E56DA56AF79 ft=1 fh=3a3964e85d4c79c1 vn="Variante von Win32/AdWare.AddLyrics.BY Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ver4NewPlayer\Uninstall.exe.vir" sh=D4622558BA366F2F94560DA301A81C6C16F95A3C ft=1 fh=a051d81d6a04e061 vn="Win32/Adware.MultiPlug.G Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Browse2Save\50e05214d5b32.dll.vir" sh=D8809854AAB454F467FFEEE191B7A85D62079771 ft=0 fh=0000000000000000 vn="OSX/ChatZum.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\wsflpik0.default\Extensions\staged\{ADFA33FD-16F5-4355-8504-DF4D664CFE83}\chrome\content\id_chatzum\bubble.js.vir" sh=EBF01B3EC4607AEB707184674F723440272D4EF5 ft=0 fh=0000000000000000 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pascal\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.1.32.zip.vir" sh=22DF0C5225334D3AD807485F5E9DC92AD42DB731 ft=1 fh=10832299a7779ae3 vn="Variante von MSIL/Adware.StrongVault.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pascal\AppData\Local\WeatherAlerts\DesktopWeatherAlertsApp.exe.vir" sh=9F82BB5DC8D4EC6B8B2BB47CB6C329B8AF1C14CE ft=1 fh=c92ed1f3ca58c043 vn="Win32/InstallCore.AZ evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pascal\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z\Codec Pack Packages\uninstaller.exe.vir" sh=0096823BB7E0BD8E4775AB1F9C39CE499AE6D57A ft=1 fh=519fa8678758cdf3 vn="Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pascal\AppData\Roaming\BabSolution\Shared\BabMaint.exe.vir" sh=BE3A5951F9D566E9C0B10B41781E42A3A8562B12 ft=1 fh=bfe637157b287a9d vn="Variante von Win32/Toolbar.Babylon.W evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pascal\AppData\Roaming\BabSolution\Shared\enhancedNT.dll.vir" sh=FD0663F63F87B7B5B310EC6CE26E72AF58243084 ft=1 fh=f52ffd4db74c8f0b vn="Variante von Win32/DealPly.S evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pascal\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe.vir" sh=3E34A96020F886FD82E1FE746938E167F6428930 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\0b105cbff1eb40b89bca7dae371d@7ead2390 35fb4613ab38ef.com\extensionData\plugins\91.js.vir" sh=3E34A96020F886FD82E1FE746938E167F6428930 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\0cd1569197354ecf9be03@d3ee3bc4210848f 7b5a58324f064f.com\extensionData\plugins\91.js.vir" sh=A6B0985ABC1E2C02B26045E46506CAAC737DA137 ft=1 fh=121662fb9c8fa164 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{78e516ef-11de-47a1-8364-a99b917ec5ee}\Plugins\npConduitFirefoxPlugin.dll.vir" sh=7347094BB7355D843C3B590B6944158EF33010C2 ft=1 fh=d6498a4cb5105e4e vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{C840E246-6B95-475E-9BD7-CAA1C7ECA9F2}\Plugins\npConduitFirefoxPlugin.dll.vir" sh=5DA66EA0FA52EB3985E65FF2719A1BF4BC893D8C ft=1 fh=4c5d11f7907db64c vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pascal\AppData\Roaming\OpenCandy\070522356A1948D6B101B6E5E09B6E9D\Ignite_DLMgr_241.exe.vir" sh=D4E58F4D2FCC1BF5F09154AFC9EDB884CDEC46A3 ft=1 fh=f3410d3bb263c685 vn="Variante von Win32/OpenCandy.A potenziell unsichere Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pascal\AppData\Roaming\OpenCandy\564B4FDFB5E1426F96EB8DC1A2E202B5\dlm.exe.vir" sh=C4420C6E94B8CAACCB3811384280D8A93CB0A37D ft=1 fh=25f111c507a31a21 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pascal\AppData\Roaming\OpenCandy\564B4FDFB5E1426F96EB8DC1A2E202B5\sp-downloader.exe.vir" sh=7C620D1FDA9B0BCB94387A0E5AFD2565B2FB5B08 ft=1 fh=0ea7a7a2438ec590 vn="Win32/Toolbar.Conduit.R evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pascal\AppData\Roaming\OpenCandy\564B4FDFB5E1426F96EB8DC1A2E202B5\Whitesmoke_directN_p1v1.exe.vir" sh=DFC4F20235026E8BE5513D8CFA11C1C9AEC3A2A5 ft=1 fh=f9c6064045e48fe6 vn="Win32/AdWare.Snoozer.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Pascal\AppData\Roaming\Snz\Snz.exe.vir" sh=2B9A1340BEC2FE2694C333ACD77F0E12EF9550D1 ft=1 fh=fcbeb3ad261a92d1 vn="Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Susu\AppData\Local\Google\Chrome\User Data\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp\10.31.4.510_0\APISupport\APISupport.dll.vir" sh=675526C1B3CB27C6635233B62EDB8ECEEBFE1556 ft=1 fh=8382eeac10eb278f vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Susu\AppData\Local\Google\Chrome\User Data\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe.vir" sh=C0114483C9E2C1271B0D594AB6A6BF1E4F383D63 ft=1 fh=e2607344a0894545 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Susu\AppData\Local\Google\Chrome\User Data\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp\10.31.4.510_0\plugins\ChromeApiPlugin.dll.vir" sh=2B9A1340BEC2FE2694C333ACD77F0E12EF9550D1 ft=1 fh=fcbeb3ad261a92d1 vn="Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Susu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga\10.31.4.510_0\APISupport\APISupport.dll.vir" sh=675526C1B3CB27C6635233B62EDB8ECEEBFE1556 ft=1 fh=8382eeac10eb278f vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Susu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe.vir" sh=C0114483C9E2C1271B0D594AB6A6BF1E4F383D63 ft=1 fh=e2607344a0894545 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Susu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkjoiggkbepedjmjjbhhecjiimlckcga\10.31.4.510_0\plugins\ChromeApiPlugin.dll.vir" sh=2B9A1340BEC2FE2694C333ACD77F0E12EF9550D1 ft=1 fh=fcbeb3ad261a92d1 vn="Variante von Win32/Conduit.SearchProtect.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Susu\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.31.4.510_0\APISupport\APISupport.dll.vir" sh=675526C1B3CB27C6635233B62EDB8ECEEBFE1556 ft=1 fh=8382eeac10eb278f vn="Variante von Win32/Toolbar.Conduit.AH evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Susu\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.31.4.510_0\nativeMessaging\TBMessagingHost.exe.vir" sh=C0114483C9E2C1271B0D594AB6A6BF1E4F383D63 ft=1 fh=e2607344a0894545 vn="Variante von Win32/Conduit.SearchProtect.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Susu\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkcangbigakljkjeglcofaomihpejif\10.31.4.510_0\plugins\ChromeApiPlugin.dll.vir" sh=558C365776AD71C812363E30D7880CF564028A06 ft=1 fh=e10f04e359590fdb vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir" sh=9EDBB0A8432968C445554889EE814E0425793CC7 ft=1 fh=d7b195f2da2a51d9 vn="Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung" ac=I fn="C:\Downloads\Software\SoftonicDownloader_fuer_corel-videostudio-pro-x4(1).exe" sh=9EDBB0A8432968C445554889EE814E0425793CC7 ft=1 fh=d7b195f2da2a51d9 vn="Win32/SoftonicDownloader.E evtl. unerwünschte Anwendung" ac=I fn="C:\Downloads\Software\SoftonicDownloader_fuer_corel-videostudio-pro-x4.exe" sh=93510E07EBD463BE51052EC8114EC16C5423103E ft=0 fh=0000000000000000 vn="Win32/Conduit.SearchProtect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Mozilla Firefox\components\sprotector.js" sh=282E43766D30716E793A5122951C2AE76FD8CBCC ft=0 fh=0000000000000000 vn="Win32/DealPly.J evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Mozilla Firefox\extensions\staged\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}\chrome\content\dealply.xul" sh=23D2353C524021F8AB247785FA9EC968AB9DE357 ft=1 fh=24daf732dbd6b92c vn="Variante von Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\SRToolbar\del_IEBHO_19.dll" sh=E9D98D6E3550549CE5376A3C06708F05B6702568 ft=1 fh=66e30dadf5a4da2d vn="Variante von Win64/Toolbar.SearchSuite.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\SRToolbar\del_IEBHO_22.dll" sh=24D87B0364FAAE61616174B47AB968D24335661D ft=1 fh=a8ba3bebfe3c0e87 vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\ProgramData\HAunCmYKI\tCJlXj.exe" sh=F5C41EBFA6285BA1EF4F328C69600DE0381A1930 ft=1 fh=50781270dc878ffd vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\ProgramData\HAunCmYKI\dat\BNaPTVTLvol.exe" sh=C2BD33C883BF10AA57683C90DD6E63A571540296 ft=1 fh=9f41366889df498c vn="Variante von MSIL/Adware.PullUpdate.C Anwendung" ac=I fn="C:\ProgramData\HAunCmYKI\dat\csLSYQX.dll" sh=BF7200E30A1E5FE56ABCC2D45D7EFEA842E17037 ft=1 fh=55ce11d46d47ac7e vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\ProgramData\HAunCmYKI\dat\gqVTxIDpRLy.exe" sh=34F2250D95985E2EEEE0F3CA484EFBBC1B592F74 ft=0 fh=0000000000000000 vn="Win32/DealPly.E evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\DealPly\DealPly.crx.vir" sh=E08AE9A63C7D24CB30CBCAA919B3E450A1BF39EC ft=1 fh=0bcd3e3f572ae765 vn="Win32/DealPly.D evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\DealPly\DealPlyUpdate.exe.vir" sh=D511C85A94649134C7BA8ECFD7876125A4C2F832 ft=1 fh=bdced5e2a18ee905 vn="Variante von Win32/DealPly.C evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\DealPly\DealPlyUpdateRun.exe.vir" sh=F10D376B105ED6AA048EF25BC631502B04FE5A02 ft=1 fh=7624ac884a7f8292 vn="Win32/DealPly.D evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\DealPly\uninst.exe.vir" sh=041836D322EFE0BB1C3B635166B447276AE4EF64 ft=1 fh=6ac5b3f201470712 vn="Variante von Win32/Toolbar.CrossRider.BB evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\HD-Quality-v3V30.09\acd42e4d-df71-4a2e-beba-ac536b327013.dll.vir" sh=D0C3C169B53AB1AEF9D0A30F833D0C8C1E3653E3 ft=1 fh=82f92155cc901dbc vn="Variante von Win32/Toolbar.CrossRider.BB evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\HQCinema1.9V01.10\3be94935-703d-4a9f-bdf8-bd3f9894f8d0.dll.vir" sh=218B9EC7A2AFBABC5F9FB3E6640913E3679607CA ft=1 fh=3c950061cc04500e vn="Win32/Toolbar.SearchSuite.H evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\Searchqu Toolbar\Datamngr\BrowserConnection.dll.vir" sh=0310A60A916C6A0DF24C0530F46E1A8EBDFD97B8 ft=1 fh=8b22f77f354a04e7 vn="Variante von Win32/Toolbar.SearchSuite.C evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngr.dll.vir" sh=61C34116CE03FED40D352C9BBD289EC35AF0EFE6 ft=1 fh=ffe3bbe14592330c vn="Variante von Win32/Toolbar.SearchSuite.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe.vir" sh=852CD487D40E353530F7623141C0D6F21C2BA95D ft=1 fh=f0a2e409ac939350 vn="Variante von Win32/Toolbar.SearchSuite.R evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\Searchqu Toolbar\Datamngr\DnsBHO.dll.vir" sh=FA636F4293236C10B6DB308B016AB93F220D40F3 ft=1 fh=317b02b0ab10ad0b vn="Variante von Win32/Toolbar.SearchSuite evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\Searchqu Toolbar\Datamngr\IEBHO.dll.vir" sh=95175EED729C707F44A9258B47B687E347177B7E ft=1 fh=2d5df013251b1827 vn="Variante von Win64/Toolbar.SearchSuite.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\datamngr.dll.vir" sh=C183E5B410C46A7896994338CA2709638EB3572C ft=1 fh=0ef8ee90b9f8add7 vn="Variante von Win64/Toolbar.SearchSuite.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\Searchqu Toolbar\Datamngr\x64\IEBHO.dll.vir" sh=6D337B7209C2E4837F4075D44D5928D0F4BC54E6 ft=1 fh=c71c0011cc6930ff vn="Win32/Vittalia.K evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Program Files (x86)\SoftwareUpdater\KeyGen.dll.vir" sh=91FD0C68DC46843917C8FEA976D8DDF7B941D897 ft=1 fh=fe05ab993baef410 vn="Win32/Toolbar.Babylon.P evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\BabMaint.exe.vir" sh=58C3F42D04D646EB15C73F8558B7A6FC8CE26A8C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\101_cortica_m.js.vir" sh=B5ED1E639B7D9AD3C0F3C81E5AA2E9F88DDFEB65 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\102_dealply_m.js.vir" sh=FC28D62EDB6C0C353E97185BB4B6DC87F5EDED14 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\103_intext_5_m.js.vir" sh=1AA56806D2545B3773D7C5CCEAE82353BDBB575F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\104_jollywallet_m.js.vir" sh=0B21E41A47E579081215969619861996F43524B1 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\105_corticas_m.js.vir" sh=30AFCC1D03C04E68202593C239C4964A29BA2E15 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\108_icm_m.js.vir" sh=6EF5B1448DE7B0A1263E32EBA7DC2AFE502C8FB4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\116_ads_only_5_m.js.vir" sh=7F7359D9F0900191297BFDF5B85D5CDF588CD9EA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\117_coupons_intext_ads_5_m.js.vir" sh=FE3704EEF2BFB9DCA552518E7AEC9D6AFC1ED15C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\119_similar_web_m.js.vir" sh=1A9BCED07CCAC5AABE7F80BB199360D125E6F268 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\120_luck_m.js.vir" sh=0CE44D7F4F3469C96749E6220CA51CB96B0CFA1F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\123_intext_adv_m.js.vir" sh=B0DF9F21E3E69C188775A6F9C466B19932C9238A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\124_superfish_no_search_no_coupons_m.js.vir" sh=D295E3F253D0942BD3114F61DEF5D78DD0FC5BFB ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\125_arcadi2_m.js.vir" sh=3CFE90E3825BB08EB9B4222552FAC05360188207 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\126_revizer_ws_m.js.vir" sh=031F6CD140ED363E0F137E627AE1FE4DED5714E2 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\127_revizer_p_m.js.vir" sh=28ECD06AF56EB424F74BB63563BC79E57C15C2D9 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\128_superfish_pricora_m.js.vir" sh=05480BD17A63333789D1E425879FBF083C177A99 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\129_widdit_m.js.vir" sh=BB2946641B9FEB2F76D281220A52220336E454E1 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\135_arcadi3_m.js.vir" sh=8BD506BDCB470B73FE581B4DA1769AD9FBCAF0D8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\138_getdeal_m.js.vir" sh=90A4F559561CF603A203F93D56C80B17B8152325 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\141_corticas_ru_m.js.js.vir" sh=8395A2B6D59D2F3EDDCFC863DDA2F674396DC74C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\142_intext_fa_m.js.vir" sh=943F60E8E3F306CF4EE6E844D06FAC7552EE1856 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\155_ibario_pops_m.js.vir" sh=0CEB1A073B87956FD1F21F8425B8F76015B1BCD8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\158_50onred_ads_only_no_fb_m.js.vir" sh=441E98540BDEC21B7E534C2B317AE91925F6CEE7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\159_cortica_rollover_m.js.vir" sh=C8B01A1511A63AEC3D40B1D045034D76B1E85EFD ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\171_arcadi2_sourceID_m.js.vir" sh=078C314715CCC0DE7547172AD4B810FD754115C6 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js.vir" sh=E2AAC0A6807AABEFDD15388FE0DF40EDD826084E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\175_coolmirage_m.js.vir" sh=CFFCA6A4EE3A0DF2319440491BB297ADEC6EEF37 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\178_revizer_ws_dynamic_m.js.vir" sh=ADB54DE323736C99B4191A45B478B70DF1B7B945 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\179_revizer_p_dynamic_m.js.vir" sh=631D51C0D12FBED68BBF95F6E6505F2CE3692BAB ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\91_monetizationLoader.js.js.vir" sh=93022F69189E8D2F1B4B8717522CA1AFFA59F708 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\92_superfish_m.js.vir" sh=0C5AC30A082628E85A9A8B68EF5E5EAFA46F0CC7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\249911bc-d1bd-4d66-8c17-df533609e6d8@c76f3de9-939e-4922-b73c-5d7a3139375d.com\extensionData\plugins\93_superfish_no_coupons_m.js.vir" sh=8E404BAFA9CEAC0628F089B4F1AA879EB5A3404E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\101_cortica_m.js.vir" sh=957E505E027C2F899F844C27AC8B82EF94AEBB68 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\102_dealply_m.js.vir" sh=7A8863E5095C870FD812E92F74507EED957A94B8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\103_intext_5_m.js.vir" sh=EB047CB7862459E0F74832AEF6A7954A3663373F ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\104_jollywallet_m.js.vir" sh=F2126D68553053F0A5A411866DEC205E27283EDA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\105_corticas_m.js.vir" sh=A69DBD3502EA9C4EDD7DEAFB23A8FC1C97BAB232 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\107_coupish_m.js.vir" sh=FA38D9448030424887879C530E2ADBCACD605CEA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\108_icm_m.js.vir" sh=E531E2197FC767CFACEA72A75E1CE492D08F92DA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\116_ads_only_5_m.js.vir" sh=C3D3CCADC78D71D7482BB5DBA16FBB0534200D12 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\117_coupons_intext_ads_5_m.js.vir" sh=9495814AE107F6739D62A09B1829E5A2DCDA1354 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\119_similar_web_m.js.vir" sh=D10EA105AB5DB329186B0B6F10541DD58058AEB8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\120_luck_m.js.vir" sh=B985E49C6E0E423954A36327BE2EA87F0F287145 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\123_intext_adv_m.js.vir" sh=EAAF312959AC9CCF5138825927B5E2D38F57E2E1 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\124_superfish_no_search_no_coupons_m.js.vir" sh=62B063E0D121966E9A83C9AB518DADAE47423555 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\125_arcadi2_m.js.vir" sh=46256E3D1583A586B8F130BA0CCB1671D2B666C1 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\126_revizer_ws_m.js.vir" sh=F139543D5C107C30764FA7A0473152F192FA43D2 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\127_revizer_p_m.js.vir" sh=4A86247BDE5D2225473389037FA942819FD677CF ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\128_superfish_pricora_m.js.vir" sh=D9E89F57D3A13498640961F3B9954D67D7EA1039 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\129_widdit_m.js.vir" sh=B9CFC11B067C54952D592C618BD391AA26B3393B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\135_arcadi3_m.js.vir" sh=17483832BF1FA23335B7C1E04A0530AB60CBEDC6 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\138_getdeal_m.js.vir" sh=90A4F559561CF603A203F93D56C80B17B8152325 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\141_corticas_ru_m.js.js.vir" sh=8395A2B6D59D2F3EDDCFC863DDA2F674396DC74C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\142_intext_fa_m.js.vir" sh=DB51332A37F65FD4863EE1B8A5BA62A02DA885F8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\155_ibario_pops_m.js.vir" sh=EF02C9278F4E7BDC1EC5895CAE01C16A68FF4FAB ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\158_50onred_ads_only_no_fb_m.js.vir" sh=18C46AE5CB67274764D17F8A40975EEB5C67F795 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\159_cortica_rollover_m.js.vir" sh=3DA0E458C1D4F5CECA7F012A2B0DA4CC1C7B63A1 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\170_icm1_5_m.js.vir" sh=EDAF8A2B6318DD482F0BBDC2A96C109697D86E5A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\171_arcadi2_sourceID_m.js.vir" sh=2184DFBF93B03726607BF2C44682CF058FB2987B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js.vir" sh=BAA03B328F746B8C2F0459C92BB3D9B03A8E5067 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\175_coolmirage_m.js.vir" sh=52E4B498947D3D88D7C6042611258238D71CA0C4 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\91_monetizationLoader.js.js.vir" sh=93022F69189E8D2F1B4B8717522CA1AFFA59F708 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\92_superfish_m.js.vir" sh=D628ECC839BB1AC5640113BF5884D0B708A56984 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com\extensionData\plugins\93_superfish_no_coupons_m.js.vir" sh=24D87B0364FAAE61616174B47AB968D24335661D ft=1 fh=a8ba3bebfe3c0e87 vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\Users\All Users\HAunCmYKI\tCJlXj.exe" sh=F5C41EBFA6285BA1EF4F328C69600DE0381A1930 ft=1 fh=50781270dc878ffd vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\Users\All Users\HAunCmYKI\dat\BNaPTVTLvol.exe" sh=C2BD33C883BF10AA57683C90DD6E63A571540296 ft=1 fh=9f41366889df498c vn="Variante von MSIL/Adware.PullUpdate.C Anwendung" ac=I fn="C:\Users\All Users\HAunCmYKI\dat\csLSYQX.dll" sh=BF7200E30A1E5FE56ABCC2D45D7EFEA842E17037 ft=1 fh=55ce11d46d47ac7e vn="Variante von MSIL/Adware.PullUpdate.E Anwendung" ac=I fn="C:\Users\All Users\HAunCmYKI\dat\gqVTxIDpRLy.exe" sh=9413821E4285C46DAF48156B472065FC2D763FE8 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Pascal\AppData\Roaming\SUU" sh=93A8EAA8B380EFDB76DCF80F24DA42F8EFAF94B4 ft=1 fh=06efcc1ae1b638da vn="Variante von Win32/Toolbar.CrossRider.AX evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Pascal\AppData\Roaming\SUU.exe" sh=FED76CBD8D5660DEC60B3F16547372DEE7F87FA6 ft=1 fh=9705b06916654cd4 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\uqbb6zzc.default\extensions\{6a81a935-50f5-4d3f-bd29-06e9c06c3397}\components\SmartbarFireFoxRemotePlugin_18.dll" sh=3E34A96020F886FD82E1FE746938E167F6428930 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Pascal\AppData\Roaming\Opera Software\Opera Stable\Extensions\plimopelmdneikoknbgpopffpbmlhgpa\1.26.49_0\extensionData\plugins\91.js" sh=FDCBC8D81CF255A328EE31C244613B1B5C56DC43 ft=1 fh=cfb484d79a6c1c3a vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Pascal\AppData\Roaming\VisicomToolBar\gamesagogo_en_w3i_toolbar_3.2.0.36.exe" sh=5485D0C340ADDDBC73E8EC2FD7F1F298835E0B3A ft=1 fh=9dd14d452c4cd67c vn="Variante von Win32/Toolbar.MyWebSearch.R evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Pascal\Downloads\Allin1ConvertSetup2.5.14.73.^AYY^man000^YYA^.exe" sh=3FFFE11EA667EF518ECD23CC0154C682845671A6 ft=1 fh=c71c00119e2675e2 vn="Variante von Win32/InstallCore.BY evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Pascal\Downloads\BitLordInstaller - Watch Dogs-RELOADED.exe" sh=91B61DAB9AE2EE477CBCE6F204AD25A6F470CF69 ft=1 fh=188c542fd3c95b67 vn="Variante von Win32/WinloadSDA.D evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Pascal\Downloads\Bully--Die-Ehrenrunde-lnstall.exe" sh=C662A89E2318810A6012EF702A9C39F6E0AC3B36 ft=1 fh=e8789dd77b481b56 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Pascal\Downloads\ccsetup411 (1).exe" sh=C662A89E2318810A6012EF702A9C39F6E0AC3B36 ft=1 fh=e8789dd77b481b56 vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Users\Pascal\Downloads\ccsetup411.exe" sh=2E966A60869CB2B4C9D5473B5DC26D95BBA143D4 ft=1 fh=0eaf74f7306ef4c6 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Pascal\Downloads\Daemon Tools Pro Advanced - CHIP-Installer.exe" sh=72E5D0E84C4A1E37E097DEB761F46597C6435D8A ft=1 fh=e3ca417c41eb611a vn="Win32/Toolbar.Conduit.AE evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Pascal\Downloads\Fake_Voice_7.0_TSA1PTSE.exe" sh=5281EA99625F2FA1E760CB457C302962374C24BA ft=1 fh=dfd2691ec14c4544 vn="Variante von Win32/iLivid.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Pascal\Downloads\iLividSetup-r725-n-bc.exe" sh=45759468FEE8B45BF08F7B9525F44A64165B0732 ft=1 fh=0fb2f2fa48fb6491 vn="Variante von Win32/Verti.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Pascal\Downloads\MediaPlayerClassic_RocketFuelInstaller.exe" sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Pascal\Downloads\os_spiele_42.iso" sh=66CD7AF2D5997C8D92E6668F076D627C5E32EF61 ft=1 fh=05cf08288063ce4a vn="Variante von Win32/SoftonicDownloader.G evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Pascal\Downloads\SoftonicDownloader_for_open-hexagon.exe" sh=520B403219931F3002574B70FBC94A697A0E9D33 ft=1 fh=41a8ccc90192878c vn="Variante von Win32/SoftonicDownloader.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Pascal\Downloads\SoftonicDownloader_fuer_minecraft-server.exe" sh=ABCE3F0FF4EC03C872205D398CEA8415CB0E8474 ft=1 fh=a364eb9ea25e7346 vn="Variante von Win32/SoftonicDownloader.F evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Pascal\Downloads\SoftonicDownloader_fuer_minecraft.exe" sh=30F94388D500A279A3EFD8EB466920673F932730 ft=1 fh=e2621cf0cc5d5a3e vn="Win32/OpenCandy potenziell unsichere Anwendung" ac=I fn="C:\Users\Pascal\Downloads\SweetHome3D-4.4-windows-oc.exe" sh=FC1DD1D45CD4E293EF8ED7C2B3709ECB9E04442B ft=1 fh=364b28d8dff84f34 vn="Variante von Win32/Bundled.Toolbar.Ask potenziell unsichere Anwendung" ac=I fn="C:\Windows\Installer\MSI51E.tmp" sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Windows\System32\Adobe\Shockwave 12\gt.exe" sh=59C3BDEFC68355A97A05906A15F2EF159A28BC87 ft=1 fh=b9fb697a9ab81959 vn="Variante von Win32/Toolbar.Perion.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\update[1]" sh=59C3BDEFC68355A97A05906A15F2EF159A28BC87 ft=1 fh=b9fb697a9ab81959 vn="Variante von Win32/Toolbar.Perion.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\update[2]" sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potenziell unsichere Anwendung" ac=I fn="C:\Windows\SysWOW64\Adobe\Shockwave 12\gt.exe" sh=59C3BDEFC68355A97A05906A15F2EF159A28BC87 ft=1 fh=b9fb697a9ab81959 vn="Variante von Win32/Toolbar.Perion.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\update[1]" sh=59C3BDEFC68355A97A05906A15F2EF159A28BC87 ft=1 fh=b9fb697a9ab81959 vn="Variante von Win32/Toolbar.Perion.A evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\update[2]" sh=A9F6A3299D8E5A8B0F8F18915521C8B3E7C9F864 ft=1 fh=a874d3fc82897e2d vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="D:\Tools\MEDION MediaPack 2\Setup.exe" SecurityChecklog und frischen FRST log kriegst du Morgen. Und vielen dank an das was du bis jetzt gemacht hast. |
|
21.10.2014, 11:58
| #13 |
| /// the machine /// TB-Ausbilder | C:\windows\scorl.trojan.general.exe ich warte dann mal auf den Rest
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
21.10.2014, 14:15
| #14 |
| | Der checkuplog Results of screen317's Security Check version 0.99.87 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 10 Out of date! ``````````````Antivirus/Firewall Check:`````````````` Computer Schutz Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` TuneUp Utilities Language Pack (de-DE) Java 7 Update 67 Adobe Flash Player 15.0.0.152 Adobe Reader 10.1.5 Adobe Reader out of Date! Mozilla Thunderbird (17.0.8) Google Chrome 37.0.2062.120 Google Chrome 37.0.2062.124 ````````Process Check: objlist.exe by Laurent```````` Kabel BW apps ComputerSecurity Anti-Virus\FSGK32.EXE Kabel BW apps ComputerSecurity Anti-Virus\fssm32.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: ````````````````````End of Log`````````````````````` FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-10-2014
Ran by Pascal (administrator) on PASCAL-PC on 21-10-2014 15:01:34
Running from C:\Users\Pascal\Desktop
Loaded Profile: Pascal (Available profiles: Pascal & Susu & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(InterVideo Inc.) C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\fshoster32.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\CCF_Reputation\fsorsp.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\fsgk32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Chris Pietschmann (hxxp://pietschsoft.com)) C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Small Island Development) C:\ProgramData\HAunCmYKI\tCJlXj.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Flux Software LLC) C:\Users\Pascal\AppData\Local\FluxSoftware\Flux\flux.exe
(wifimouse@necta.us) C:\Program Files (x86)\MouseServer\MouseServer.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\fshoster32.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSMA32.EXE
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\fssm32.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(F-Secure Corporation) C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSLAUNCH.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSM32.EXE [310208 2013-08-14] (F-Secure Corporation)
HKLM-x32\...\Run: [F-Secure Hoster (47731)] => C:\Program Files (x86)\Kabel BW\fshoster32.exe [191424 2013-05-15] (F-Secure Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-3934173735-3769707255-3857861622-1001\...\Run: [f.lux] => C:\Users\Pascal\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC)
HKU\S-1-5-21-3934173735-3769707255-3857861622-1001\...\Run: [MouseServer] => C:\Program Files (x86)\MouseServer\MouseServer.exe [122880 2012-03-21] (wifimouse@necta.us)
HKU\S-1-5-21-3934173735-3769707255-3857861622-1001\...\Policies\Explorer: [NoInstrumentation] 1
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - Backup.Old.DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21}
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - !{1BB22D38-A411-4B13-A746-C2A4F4EC7344} - No File
Toolbar: HKLM - No Name - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No File
Toolbar: HKLM-x32 - No Name - !{1BB22D38-A411-4B13-A746-C2A4F4EC7344} - No File
Toolbar: HKLM-x32 - No Name - !{5018CFD2-804D-4C99-9F81-25EAEA2769DE} - No File
Toolbar: HKLM-x32 - No Name - !{5786d022-540e-4699-b350-b4be0ae94b79} - No File
Toolbar: HKLM-x32 - No Name - !{977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No File
Toolbar: HKLM-x32 - No Name - !{98889811-442D-49dd-99D7-DC866BE87DBC} - No File
Toolbar: HKLM-x32 - No Name - !{F9639E4A-801B-4843-AEE3-03D9DA199E77} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @java.com/DTPlugin,version=10.17.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nokia.com/EnablerPlugin -> C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll ( )
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Pascal\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\freemake.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\google-chile.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Yahooober4451956.xml
FF Extension: Amazon-Icon - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\amazon-icon@giga.de [2014-01-20]
FF Extension: DoNotTrackMe - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\donottrackplus@abine.com [2013-07-14]
FF Extension: YouTube Unblocker - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\youtubeunblocker@unblocker.yt [2013-10-11]
FF Extension: WOT - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-10-19]
FF Extension: BetterAds - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\betterads@BetterAds.org.xpi [2013-06-08]
FF Extension: Javascript View - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\jid1-u9RbFp9JcoEGGw@jetpack.xpi [2013-09-24]
FF Extension: JS Deminifier - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\jsdeminifier@murphy.ben.name.xpi [2013-09-24]
FF Extension: JavaScript Deobfuscator - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\jsdeobfuscator@adblockplus.org.xpi [2013-09-24]
FF Extension: Personas Plus - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\personas@christopher.beard.xpi [2013-02-19]
FF Extension: Cool Smiley Bar for Facebook - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\pluswinks@PlusWinks.xpi [2013-06-08]
FF Extension: ScrewAds Plus for YouTube - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\screwads@airtint.com.xpi [2013-02-19]
FF Extension: Feedback - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\testpilot@labs.mozilla.com.xpi [2013-03-30]
FF Extension: YesScript - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\yesscript@userstyles.org.xpi [2013-09-26]
FF Extension: Quick Translator - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2013-02-19]
FF Extension: Adblock Plus - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-08]
FF Extension: JavaScript Debugger - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\Extensions\{f13b157f-b174-47e7-a34d-4815ddfdfeb8}.xpi [2013-09-24]
FF HKLM-x32\...\Firefox\Extensions: [fmconverter@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox
FF Extension: Freemake Video Converter Plugin - C:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Firefox [2013-04-02]
FF HKLM-x32\...\Firefox\Extensions: [ext@WebexpEnhancedV1alpha691.net] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha691\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaPlayerV1alpha418.net] - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha418\ff
FF HKLM-x32\...\Firefox\Extensions: [ext@MediaBuzzV1mode6846.net] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6846\ff
FF Extension: No Name - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ff [Not Found]
FF Extension: No Name - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\ffxtlbr@holasearch.com [Not Found]
FF Extension: No Name - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\om@offermosquito.com.xpi [Not Found]
FF Extension: No Name - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\SeeSimilar@SeeSimilar.com [Not Found]
FF Extension: No Name - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\{78e516ef-11de-47a1-8364-a99b917ec5ee} [Not Found]
FF Extension: No Name - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\{c840e246-6b95-475e-9bd7-caa1c7eca9f2} [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaPlayerV1\MediaPlayerV1alpha418\ff [Not Found]
FF Extension: No Name - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6846\ff [Not Found]
FF Extension: No Name - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\0cd1569197354ecf9be03@d3ee3bc4210848f7b5a58324f064f.com [Not Found]
FF Extension: No Name - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\0b105cbff1eb40b89bca7dae371d@7ead239035fb4613ab38ef.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi [Not Found]
FF Extension: No Name - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha691\ff [Not Found]
FF Extension: No Name - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\7f404ccc-b0a9-4faf-b3c0-89ceea949aea@a6724a05-9380-4ebe-be02-e67e35a3402c.com [Not Found]
FF Extension: No Name - C:\Users\Pascal\AppData\Roaming\Mozilla\Firefox\Profiles\2veoap2y.default\extensions\ffxtlbr@delta.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.trovi.com/?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&ISID=M5EC8FA62-325C-43FC-A49B-88BDB1143B2B&SearchSource=55&CUI=&UM=6&UP=SPFEAC19B6-4958-4E5B-8531-48F001259B10&SSPV=
CHR StartupUrls: Default -> "hxxp://www.trovi.com/?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&ISID=M5EC8FA62-325C-43FC-A49B-88BDB1143B2B&SearchSource=55&CUI=&UM=6&UP=SPFEAC19B6-4958-4E5B-8531-48F001259B10&SSPV=", "hxxp://www.search.ask.com/?o=APN10640A&gct=hp&d=473-102&v=n9602-164&t=4", "hxxp://aartemis.com/?type=hp&ts=1384525389&from=cor&uid=HitachiXHDS721010DLE630_MSE5215V0VT81U0VT81UX", "hxxp://search.conduit.com/?gd=&ctid=CT3314932&octid=EB_ORIGINAL_CTID&ISID=MF70BB4B3-B174-4BAF-A6B9-7309BCFE9943&SearchSource=55&CUI=&UM=5&UP=SP7FD169C8-79FF-464C-BA8A-0050E7E7B0A3&SSPV="
CHR DefaultSearchKeyword: Default -> trovi.com
CHR DefaultSearchURL: Default -> hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3314958&octid=EB_ORIGINAL_CTID&ISID=M5EC8FA62-325C-43FC-A49B-88BDB1143B2B&SearchSource=58&CUI=&UM=6&UP=SPFEAC19B6-4958-4E5B-8531-48F001259B10&q={searchTerms}&SSPV=
CHR DefaultSuggestURL: Default -> hxxp://suggest.seccint.com/CSuggestJson.ashx?prefix={searchTerms}
CHR Profile: C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-03]
CHR Extension: (Google Drive) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-03]
CHR Extension: (TV) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2014-03-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-06]
CHR Extension: (YouTube) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-03]
CHR Extension: (Google-Suche) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-03]
CHR Extension: (Battlefield Play4Free) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh [2014-03-03]
CHR Extension: (Google Mail) - C:\Users\Pascal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-03]
CHR HKLM-x32\...\Chrome\Extension: [aocimlpakaebbmfhjgajelcdbejhgehe] - C:\Users\Pascal\AppData\LocalLow\Playbryte\Chrome.crx []
CHR HKLM-x32\...\Chrome\Extension: [gkipfehgopcajnafpdjajagbjllcobjj] - C:\ProgramData\Browse2save\gkipfehgopcajnafpdjajagbjllcobjj.crx []
CHR HKLM-x32\...\Chrome\Extension: [lemilgpbnfoecfjhpfchannnnkeefjmj] - C:\Users\Pascal\AppData\Local\CRE\lemilgpbnfoecfjhpfchannnnkeefjmj.crx []
CHR HKLM-x32\...\Chrome\Extension: [mmifolfpllfdhilecpdpmemhelmanajl] - C:\Program Files (x86)\BetterSurf\BetterSurfPlus\ch\BetterSurfPlus.crx []
CHR HKLM-x32\...\Chrome\Extension: [mpihchkdinijmdhepcmpbgelkaaoiaek] - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode6846\ch\MediaBuzzV1mode6846.crx []
CHR HKLM-x32\...\Chrome\Extension: [ohpbokjkbkmdoidlodcdhdhhienlenkl] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha691\ch\WebexpEnhancedV1alpha691.crx []
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S4 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-11] (SUPERAntiSpyware.com)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-13] (BlueStack Systems, Inc.)
R2 Capture Device Service; C:\Program Files (x86)\Common Files\InterVideo\DeviceService\DevSvc.exe [198168 2007-03-06] (InterVideo Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2436280 2014-09-25] (Microsoft Corporation)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-03-27] (Freemake) [File not signed]
R2 fshoster; C:\Program Files (x86)\Kabel BW\fshoster32.exe [191424 2013-05-15] (F-Secure Corporation)
R3 FSMA; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Common\FSMA32.EXE [216000 2013-08-14] (F-Secure Corporation)
R2 FSORSPClient; C:\Program Files (x86)\Kabel BW\apps\CCF_Reputation\fsorsp.exe [61176 2012-08-06] (F-Secure Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-09-17] ()
R2 tCJlXj; C:\ProgramData\HAunCmYKI\tCJlXj.exe [2321776 2014-10-20] (Small Island Development)
R2 Virtual Router; C:\Program Files (x86)\Virtual Router\VirtualRouterService.exe [12288 2009-11-18] (Chris Pietschmann (hxxp://pietschsoft.com)) [File not signed]
S3 SystemExplorerHelpService; No ImagePath
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ALSysIO; No ImagePath
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-13] (BlueStack Systems)
R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-13] (Disc Soft Ltd)
S3 esgiguard; No ImagePath
R3 F-Secure Gatekeeper; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\minifilter\fsgk.sys [203304 2014-06-09] (F-Secure Corporation)
R1 F-Secure HIPS; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\HIPS\drivers\fshs.sys [69960 2014-06-23] (F-Secure Corporation)
R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [56016 2013-11-25] ()
R3 fsni; C:\Program Files (x86)\Kabel BW\apps\CCF_Scanning\fsni64.sys [86056 2014-06-19] (F-Secure Corporation)
R1 fsvista; C:\Program Files (x86)\Kabel BW\apps\ComputerSecurity\Anti-Virus\minifilter\fsvista.sys [13248 2013-08-14] ()
S3 IntcAzAudAddService; No ImagePath
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 WinRing0_1_2_0; No ImagePath
S3 xhunter1; No ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-21 15:00 - 2014-10-21 15:00 - 00001022 _____ () C:\Users\Pascal\Desktop\checkup.txt
2014-10-20 18:42 - 2014-10-20 18:42 - 00001979 _____ () C:\Users\Susu\Desktop\Google Chrome.lnk
2014-10-20 18:40 - 2014-10-20 18:42 - 00001979 _____ () C:\Users\Public\Desktop\speed browser.lnk
2014-10-20 18:40 - 2014-10-20 18:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\speed browser
2014-10-20 18:40 - 2014-10-20 18:40 - 00000000 ____D () C:\Users\Pascal\AppData\Local\speed browser
2014-10-20 18:40 - 2014-10-20 18:40 - 00000000 ____D () C:\Program Files (x86)\speed browser
2014-10-20 18:24 - 2014-10-20 18:24 - 00000000 ____D () C:\ProgramData\Browser
2014-10-20 18:19 - 2014-10-20 18:19 - 00000000 ____D () C:\ProgramData\TVWizard
2014-10-19 16:52 - 2014-10-19 16:36 - 00854417 _____ () C:\Users\Pascal\Desktop\SecurityCheck.exe
2014-10-19 16:51 - 2014-10-19 16:36 - 02347384 _____ (ESET) C:\Users\Pascal\Desktop\esetsmartinstaller_deu.exe
2014-10-16 18:12 - 2014-10-16 18:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2014-10-16 17:33 - 2014-10-16 17:33 - 00000000 ____D () C:\Users\Pascal\AppData\Local\TVWizard
2014-10-16 17:16 - 2014-10-16 17:27 - 00063756 _____ () C:\Users\Pascal\Desktop\AdwCleaner 2. Teil.txt
2014-10-16 17:15 - 2014-10-16 17:16 - 00050307 _____ () C:\Users\Pascal\Desktop\AdwCleaner 1. Teil.txt
2014-10-16 17:10 - 2014-10-16 16:50 - 00114065 _____ () C:\Users\Pascal\Desktop\AdwCleaner - Kopie.txt
2014-10-16 17:00 - 2014-10-21 15:01 - 00000000 ____D () C:\Users\Pascal\Desktop\FRST-OlderVersion
2014-10-16 16:59 - 2014-10-16 16:59 - 00017462 _____ () C:\Users\Pascal\Desktop\JRT.txt
2014-10-16 16:53 - 2014-10-16 16:53 - 00000000 ____D () C:\Windows\ERUNT
2014-10-16 16:50 - 2014-10-16 16:50 - 00114065 _____ () C:\Users\Pascal\Desktop\AdwCleaner.txt
2014-10-16 16:29 - 2014-09-29 02:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-16 16:29 - 2014-09-04 07:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-16 16:29 - 2014-09-04 07:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-16 16:29 - 2014-06-19 00:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-16 16:29 - 2014-06-19 00:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-16 16:29 - 2014-06-19 00:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-16 16:29 - 2014-06-19 00:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-16 16:29 - 2014-06-19 00:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-16 16:29 - 2014-06-19 00:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-16 16:28 - 2014-10-10 04:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-16 16:28 - 2014-10-10 04:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-16 16:28 - 2014-10-10 04:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-16 16:28 - 2014-09-18 04:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-16 16:27 - 2014-09-18 03:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-16 16:27 - 2014-08-29 04:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-16 16:26 - 2014-09-05 04:11 - 06584320 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-16 16:26 - 2014-07-17 04:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-16 16:26 - 2014-07-17 04:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-16 16:26 - 2014-07-17 04:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-16 16:26 - 2014-07-17 04:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-16 16:26 - 2014-07-17 04:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-16 16:26 - 2014-07-17 04:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-16 16:26 - 2014-07-17 03:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-16 16:26 - 2014-07-17 03:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-16 16:26 - 2014-07-17 03:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-16 16:26 - 2014-07-17 03:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-16 16:26 - 2014-07-17 03:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-16 16:25 - 2014-09-20 07:16 - 19280896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-16 16:25 - 2014-09-20 07:16 - 15399424 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-16 16:25 - 2014-09-20 05:57 - 14368768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-16 16:25 - 2014-09-13 03:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-16 16:25 - 2014-09-13 03:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-16 16:25 - 2014-09-05 03:52 - 05703168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-16 16:24 - 2014-09-20 07:18 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-16 16:24 - 2014-09-20 07:17 - 02236928 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-16 16:24 - 2014-09-20 07:17 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-16 16:24 - 2014-09-20 07:16 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-16 16:24 - 2014-09-20 07:16 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-16 16:24 - 2014-09-20 07:16 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-10-16 16:24 - 2014-09-20 07:16 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-16 16:24 - 2014-09-20 07:16 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-16 16:24 - 2014-09-20 07:16 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-16 16:24 - 2014-09-20 07:16 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-16 16:24 - 2014-09-20 07:16 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-10-16 16:24 - 2014-09-20 07:16 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-16 16:24 - 2014-09-20 07:16 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-16 16:24 - 2014-09-20 07:16 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-16 16:24 - 2014-09-20 07:16 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-16 16:24 - 2014-09-20 07:15 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-16 16:24 - 2014-09-20 07:15 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-16 16:24 - 2014-09-20 07:15 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-16 16:24 - 2014-09-20 05:57 - 13757952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-16 16:24 - 2014-09-20 05:57 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-16 16:24 - 2014-09-20 05:57 - 02055168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-16 16:24 - 2014-09-20 05:57 - 01762816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-16 16:24 - 2014-09-20 05:57 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-16 16:24 - 2014-09-20 05:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-10-16 16:24 - 2014-09-20 05:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-16 16:24 - 2014-09-20 05:57 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-16 16:24 - 2014-09-20 05:57 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-16 16:24 - 2014-09-20 05:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-16 16:24 - 2014-09-20 05:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-10-16 16:24 - 2014-09-20 05:57 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-16 16:24 - 2014-09-20 05:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-16 16:24 - 2014-09-20 05:57 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-16 16:24 - 2014-09-20 05:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-16 16:24 - 2014-09-20 05:56 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-16 16:24 - 2014-09-20 05:56 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-16 16:24 - 2014-09-20 05:56 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-16 16:24 - 2014-09-20 05:38 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-16 16:24 - 2014-09-20 05:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-16 16:24 - 2014-09-20 04:43 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-10-16 16:24 - 2014-09-20 04:35 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-10-16 16:17 - 2014-10-16 16:46 - 00000000 ____D () C:\AdwCleaner
2014-10-16 16:12 - 2014-10-16 16:00 - 00000076 _____ () C:\Users\Pascal\Desktop\mbam-setup-2.0.3.1025.exe
2014-10-16 16:11 - 2014-10-16 16:03 - 01705698 _____ (Thisisu) C:\Users\Pascal\Desktop\JRT.exe
2014-10-16 16:10 - 2014-10-16 16:02 - 01976320 _____ () C:\Users\Pascal\Desktop\AdwCleaner_4.000.exe
2014-10-15 14:53 - 2014-10-15 14:54 - 00000000 ____D () C:\Users\Pascal\hi
2014-10-15 14:52 - 2014-10-15 14:52 - 00091167 _____ () C:\ComboFix.txt
2014-10-15 14:24 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-10-15 14:24 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-10-15 14:24 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-10-15 14:24 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-10-15 14:24 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-10-15 14:24 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-10-15 14:24 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-10-15 14:24 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-10-15 14:23 - 2014-10-15 14:23 - 00011983 _____ () C:\Users\Pascal\Desktop\ComboFix - Verknüpfung (2).lnk
2014-10-15 13:27 - 2014-10-15 13:27 - 00000000 ____D () C:\Users\Pascal\Desktop\RevoUninstallerPortable
2014-10-15 13:26 - 2014-10-15 13:25 - 02785665 _____ (PortableApps.com) C:\Users\Pascal\Desktop\RevoUninstallerPortable_1.95_Rev_2.paf.exe
2014-10-14 16:23 - 2014-10-14 16:23 - 00000000 _____ () C:\Users\Pascal\AppData\Local\{4D00A673-0067-4B78-B2D9-E0B42BA76DD0}
2014-10-06 13:48 - 2014-10-06 13:48 - 00093865 _____ () C:\Users\Pascal\Desktop\Addition.txt
2014-10-06 13:46 - 2014-10-21 15:01 - 00028468 _____ () C:\Users\Pascal\Desktop\FRST.txt
2014-10-06 13:39 - 2014-10-21 15:01 - 02110976 _____ (Farbar) C:\Users\Pascal\Desktop\FRST64.exe
2014-10-06 13:39 - 2014-10-21 15:01 - 00000000 ____D () C:\FRST
2014-10-04 11:58 - 2014-10-15 14:52 - 00000000 ____D () C:\Qoobox
2014-10-04 11:58 - 2014-10-15 14:48 - 00000000 ____D () C:\Windows\erdnt
2014-10-04 07:03 - 2014-10-04 07:03 - 00000000 ____D () C:\Users\Pascal\Documents\Criterion Games
2014-10-04 06:55 - 2014-10-04 06:55 - 00001331 _____ () C:\Users\Public\Desktop\Need for Speed™ Most Wanted.lnk
2014-10-04 06:55 - 2014-10-04 06:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Need for Speed™ Most Wanted
2014-10-02 20:01 - 2014-10-02 20:01 - 00000000 ____D () C:\Users\Pascal\AppData\Local\PopCap Games
2014-10-01 21:15 - 2014-10-01 21:15 - 00000000 ____D () C:\NVIDIA Corporation
2014-10-01 18:45 - 2014-10-01 18:45 - 00002444 _____ () C:\Windows\Tasks\56c2d237-88f9-437d-be8e-58367541cdc2-5_user.job
2014-10-01 18:44 - 2014-10-01 18:44 - 01522584 _____ (HD-Quality-v3V30.09) C:\Users\Pascal\AppData\Roaming\SUU.exe
2014-10-01 18:44 - 2014-10-01 18:44 - 00001336 _____ () C:\Windows\Tasks\SUU.job
2014-10-01 16:44 - 2014-10-01 16:44 - 00000000 ____D () C:\Users\Pascal\AppData\Local\com
2014-10-01 16:43 - 2014-10-01 16:44 - 02269863 _____ () C:\Users\Pascal\Downloads\forge-1.6.4-9.11.1.965-installer (2).jar
2014-10-01 16:43 - 2014-10-01 16:43 - 00000000 ____D () C:\Windows\Sun
2014-10-01 16:38 - 2014-10-01 19:54 - 00000000 ___HD () C:\Users\Public\Temp
2014-10-01 16:38 - 2014-10-01 16:38 - 00000000 ____D () C:\ProgramData\HAunCmYKI
2014-10-01 16:33 - 2014-10-01 16:33 - 02269863 _____ () C:\Users\Pascal\Downloads\forge-1.6.4-9.11.1.965-installer (1).jar
2014-10-01 16:23 - 2014-10-01 16:23 - 14338316 _____ () C:\Users\Pascal\Downloads\BetterDungeons1-6-4_2091.zip
2014-10-01 13:37 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-10-01 13:37 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-27 19:26 - 2014-09-27 19:26 - 00367440 _____ () C:\Users\Pascal\Downloads\SoftonicDownloader_for_open-hexagon.exe
2014-09-27 19:25 - 2014-09-27 19:25 - 22561679 _____ () C:\Users\Pascal\Downloads\open-hexagon-1-91-en-win (2).7z
2014-09-27 19:23 - 2014-09-27 19:24 - 22561679 _____ () C:\Users\Pascal\Downloads\open-hexagon-1-91-en-win (1).7z
2014-09-27 19:21 - 2014-09-27 19:22 - 22561679 _____ () C:\Users\Pascal\Downloads\open-hexagon-1-91-en-win.7z
2014-09-24 15:47 - 2014-09-24 15:47 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Cornelsen
2014-09-24 15:36 - 2014-09-24 15:36 - 00002344 _____ () C:\Users\Public\Desktop\English G 21 e-Workbook A2.lnk
2014-09-24 15:36 - 2014-09-24 15:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cornelsen
2014-09-24 13:26 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 13:26 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-21 15:00 - 2013-11-26 11:36 - 00000296 _____ () C:\Windows\Tasks\RegistryBooster Maintenance.job
2014-10-21 14:41 - 2012-04-17 21:19 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-21 14:38 - 2013-04-21 14:29 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-10-21 14:35 - 2009-07-14 06:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-21 14:35 - 2009-07-14 06:45 - 00024800 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-21 14:34 - 2012-04-16 12:02 - 01515413 _____ () C:\Windows\WindowsUpdate.log
2014-10-21 14:28 - 2014-06-11 10:27 - 00003310 _____ () C:\Windows\System32\Tasks\Scheduled scanning task
2014-10-21 14:28 - 2014-06-11 10:27 - 00000678 _____ () C:\Windows\Tasks\Scheduled scanning task.job
2014-10-21 14:27 - 2014-03-03 20:00 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-21 14:27 - 2013-01-25 15:21 - 00000374 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-10-21 14:26 - 2014-03-29 07:22 - 00087046 _____ () C:\Windows\setupact.log
2014-10-21 14:25 - 2014-03-31 14:14 - 00205546 _____ () C:\Windows\PFRO.log
2014-10-21 14:25 - 2012-01-24 01:22 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-21 14:25 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-20 18:42 - 2014-08-20 11:35 - 00002095 _____ () C:\Users\Susu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-20 18:42 - 2012-04-19 13:20 - 00002095 _____ () C:\Users\Gast\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-20 18:42 - 2012-04-16 12:09 - 00002083 _____ () C:\Users\Pascal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-10-20 18:41 - 2014-03-03 20:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-20 18:22 - 2014-03-03 20:00 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-20 18:18 - 2012-12-23 17:51 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-19 16:56 - 2011-05-16 16:04 - 00707400 _____ () C:\Windows\system32\perfh007.dat
2014-10-19 16:56 - 2011-05-16 16:04 - 00153334 _____ () C:\Windows\system32\perfc007.dat
2014-10-19 16:56 - 2009-07-14 07:13 - 01644624 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-19 16:42 - 2009-07-14 06:45 - 05241312 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-19 16:37 - 2014-05-06 21:47 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-16 18:11 - 2013-07-28 21:34 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-16 17:49 - 2011-07-18 22:31 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-16 17:34 - 2013-11-20 17:09 - 00000000 ____D () C:\Users\Pascal\AppData\Local\CrashDumps
2014-10-16 16:45 - 2012-04-16 12:09 - 00000000 ____D () C:\Users\Pascal
2014-10-16 16:42 - 2013-02-12 18:20 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Common
2014-10-16 16:42 - 2012-07-21 09:54 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-10-16 16:37 - 2013-10-30 15:32 - 00000094 _____ () C:\Users\Pascal\AppData\Roaming\WB.CFG
2014-10-16 16:31 - 2014-06-03 14:57 - 00003854 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1389385127
2014-10-16 16:31 - 2014-01-10 22:18 - 00000000 ____D () C:\Program Files (x86)\Opera
2014-10-15 14:52 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default
2014-10-15 14:42 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-10-15 14:39 - 2011-07-18 23:23 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-15 14:39 - 2009-07-14 04:34 - 24117248 _____ () C:\Windows\system32\config\system.bak
2014-10-15 14:39 - 2009-07-14 04:34 - 108527616 _____ () C:\Windows\system32\config\software.bak
2014-10-15 14:39 - 2009-07-14 04:34 - 01835008 _____ () C:\Windows\system32\config\default.bak
2014-10-15 14:39 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\security.bak
2014-10-15 14:39 - 2009-07-14 04:34 - 00262144 _____ () C:\Windows\system32\config\sam.bak
2014-10-15 14:11 - 2012-12-19 17:02 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\UncompressorPackages
2014-10-15 13:21 - 2009-07-14 07:08 - 00032632 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-07 17:38 - 2013-04-14 09:37 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\.minecraft
2014-10-06 14:04 - 2014-01-22 15:55 - 00000000 ____D () C:\Users\Pascal\Documents\FIFA 14
2014-10-06 14:01 - 2012-04-16 13:39 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-10-04 15:40 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-04 12:22 - 2012-04-16 13:40 - 00000000 ____D () C:\ProgramData\Origin
2014-10-04 06:55 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-04 06:23 - 2012-09-27 19:33 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-10-03 15:05 - 2013-02-08 19:41 - 00000000 ____D () C:\Windows\pss
2014-10-03 10:41 - 2013-07-11 15:07 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-02 19:53 - 2014-05-14 16:36 - 00074044 _____ () C:\Windows\DirectX.log
2014-10-02 17:21 - 2014-09-06 17:07 - 00001348 _____ () C:\Users\Public\Desktop\Die Sims 4.lnk
2014-10-02 15:53 - 2010-11-21 05:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-26 18:38 - 2014-03-03 20:30 - 00348928 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-09-26 18:38 - 2013-12-15 14:58 - 00348928 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-09-26 18:33 - 2013-12-15 14:58 - 00280904 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-09-25 20:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-09-24 19:18 - 2012-12-23 17:51 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-24 19:18 - 2012-10-28 15:54 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 19:18 - 2011-12-01 23:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 15:38 - 2012-04-16 19:41 - 00000000 ____D () C:\Users\Pascal\AppData\Roaming\Skype
2014-09-24 15:35 - 2012-07-15 12:13 - 00000000 ____D () C:\Program Files (x86)\Cornelsen
Files to move or delete:
====================
C:\Users\Pascal\DSETUP.dll
C:\Users\Pascal\dsetup32.dll
C:\Users\Pascal\DXSETUP.exe
C:\Users\Pascal\ManiaPlanetCanyon_Setup.exe
C:\Users\Pascal\MouseServer.exe
C:\Users\Pascal\setup.exe
Some content of TEMP:
====================
C:\Users\Pascal\AppData\Local\Temp\Quarantine.exe
C:\Users\Pascal\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-10-19 20:08
==================== End Of Log ============================
--- --- --- |
|
22.10.2014, 10:07
| #15 |
| /// the machine /// TB-Ausbilder | C:\windows\scorl.trojan.general.exe Adobe updaten. Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
Emptytemp:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Revo Uninstaller - Download - Filepony damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren. Dann: https://support.google.com/chrome/answer/3296214?hl=de Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
dann auf 
und dann auf 
. 
WARNUNG an die MITLESER: 
Linear-Darstellung
