Es öffnen sich ungewollt immer neue Tabs & zu viel Werbung

flora27 · 08.12.2014, 18:43

Hallo,
ich habe seit einiger Zeit ziemliche Probleme mit meinem Laptop, ich denke, seit mein Vater meinte, er muss ein unseriöses Programm namens "Speed up my Pc" installieren. Seitdem öffnen sich ständig neue Tabs mit Werbung oder Mitteilungen, dass mein Pc zu langsam ist, wenn man irgendetwas anklickt.
Öffnet man Internet Explorer, dann kommt immer diese Meldung: "stack overflow at line: 0".
Und ich werde auf jeder Seite unglaublich mit Werbung zugetextet!
Heute hat Norton auch angezeigt, dass es Trojan.Gen.2 mehrmals blockiert hat, so wie einige andere, zum Beispiel Suspicious.Cloud.7.F.
Ich habe auch schon mehrmals jetzt versucht, FRST runterzuladen, aber mein Virenprogramm entfernt es immer wieder, weil es sagt, es ist bedrohlich.
Bin überfragt, wie ich jetzt vorgehen soll - kenn mich mit dem Zeug auch gar nicht aus.
Danke schon mal!

deeprybka · 08.12.2014, 19:15

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...

Bitte arbeite alle Schritte der Reihe nach ab.
Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
Bitte kein Crossposting (posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
Poste die Logfiles direkt in Deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.

Los geht's:

Schritt 1

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Lesestoff
Posten in CODE-Tags: So gehts...
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert uns massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

flora27 · 09.12.2014, 12:10

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-12-2014
Ran by Kelmendi (administrator) on KELMENDI-PC on 09-12-2014 11:37:32
Running from C:\Users\Kelmendi\Desktop
Loaded Profile: Kelmendi (Available profiles: Kelmendi & Besa)
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
() C:\Program Files\shopperz\csrcc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\nis.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
() C:\Windows\rcore.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
() C:\Program Files\shopperz\psonupd.exe
(Iminent) C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\nis.exe
(app) C:\Program Files (x86)\Browsers Apps\97a3be2d-8a0e-4403-9ef9-369c868d44d6.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\PLFSetI.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
() C:\Program Files\shopperz\unity.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
() C:\Program Files\shopperz\unity64.exe
(Spotify Ltd) C:\Users\Kelmendi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
() C:\Program Files (x86)\Desktop Dock\DesktopDockApp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Bench\Proxy\pwdg.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(enter) C:\Program Files (x86)\videos MediaPlay-Air\42d3747b-dde9-4d69-a6d3-74eb8d2a0178-6.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8061984 2009-08-17] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-08-07] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-09-10] (Egis Technology Inc.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [496160 2009-10-29] (Acer Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2012-05-22] ()
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [shopperz] => C:\Program Files\shopperz\unity.exe [430472 2014-12-02] ()
HKLM\...\Run: [shopperz64] => C:\Program Files\shopperz\unity64.exe [461704 2014-12-02] ()
HKLM-x32\...\Run: [EgisTecLiveUpdate] => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-09-24] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1157128 2009-08-18] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-29] (CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] => C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-10-21] (Acer Corp.)
HKLM-x32\...\Run: [HF_G_Jul] => "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe"  /DoAction
HKLM-x32\...\Run: [APSDaemon] => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM-x32\...\Run: [ROC_ROC_JULY_P1] => "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
HKLM-x32\...\Run: [iTunesHelper] => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
HKLM-x32\...\Run: [Iminent] => [X]
HKLM-x32\...\Run: [IminentMessenger] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [Bench Communicator Watcher] => C:\Program Files (x86)\Bench\Proxy\pwdg.exe [127488 2014-09-05] ()
HKLM-x32\...\Run: [Bench Settings Cleaner] => C:\Program Files (x86)\Bench\Proxy\cl.exe [55296 2014-08-20] ()
HKLM-x32\...\Run: [fst_de_124] => [X]
HKLM-x32\...\Run: [fst_de_173] => [X]
HKLM-x32\...\RunOnce: [Browse Safe-repairJob] => wscript.exe "C:\Users\Kelmendi\AppData\Local\Browse Safe\repair.js" "Browse Safe-repairJob"
HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-10-21] (Google Inc.)
HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\Run: [Facebook Update] => C:\Users\Kelmendi\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-09-15] (Facebook Inc.)
HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\Run: [Pando Media Booster] => "C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"
HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\Run: [Spotify Web Helper] => C:\Users\Kelmendi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-07] (Spotify Ltd)
HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\Run: [Google Update] => C:\Users\Kelmendi\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-30] (Google Inc.)
HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\Run: [NextLive] => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Kelmendi\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\Run: [PC Speed Maximizer] => C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe
HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\Run: [Spotify] => C:\Users\Kelmendi\AppData\Roaming\Spotify\spotify.exe [6553144 2014-10-07] (Spotify Ltd)
HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\MountPoints2: {1a27e36e-e252-11e3-917b-c2b6d9f4098d} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\MountPoints2: {6f16c361-df29-11e2-b9b2-851712210188} - F:\LaunchU3.exe -a
HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\MountPoints2: {ba791a7f-dd6a-11e1-9937-0026226a35bd} - F:\Startme.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DesktopDock.lnk
ShortcutTarget: DesktopDock.lnk -> C:\Program Files (x86)\Desktop Dock\DesktopDock.exe (Desktop Dock)
Startup: C:\Users\Kelmendi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DesktopDockApp.lnk
ShortcutTarget: DesktopDockApp.lnk -> C:\Program Files (x86)\Desktop Dock\DesktopDockApp.exe ()
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll (Egis Technology Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1407266113&from=tugs&uid=WDCXWD5000BPVT-22A1YT0_WD-WXK1CB1T9074T9074
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.4.0.13
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1407266113&from=tugs&uid=WDCXWD5000BPVT-22A1YT0_WD-WXK1CB1T9074T9074&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1407266113&from=tugs&uid=WDCXWD5000BPVT-22A1YT0_WD-WXK1CB1T9074T9074&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1407266113&from=tugs&uid=WDCXWD5000BPVT-22A1YT0_WD-WXK1CB1T9074T9074
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1407266113&from=tugs&uid=WDCXWD5000BPVT-22A1YT0_WD-WXK1CB1T9074T9074
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1407266113&from=tugs&uid=WDCXWD5000BPVT-22A1YT0_WD-WXK1CB1T9074T9074&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1407266113&from=tugs&uid=WDCXWD5000BPVT-22A1YT0_WD-WXK1CB1T9074T9074&q={searchTerms}
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.4.0.13
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.4.0.13
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.4.0.13
HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://start.iminent.com/?appid=bcac6b2f-343d-4868-845b-5d254772e88c
HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1407266113&from=tugs&uid=WDCXWD5000BPVT-22A1YT0_WD-WXK1CB1T9074T9074
HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Main,Backup.Old.Start Page = hxxp://search.avira.com/?l=dis&o=APN10395&gct=hp&dc=EU&locale=de_DE
HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?affID=119370&babsrc=HP_ss&mntrId=12C00024D6111340
URLSearchHook: HKLM-x32 - DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll No File
URLSearchHook: HKLM-x32 - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll No File
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1407266113&from=tugs&uid=WDCXWD5000BPVT-22A1YT0_WD-WXK1CB1T9074T9074
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1407266113&from=tugs&uid=WDCXWD5000BPVT-22A1YT0_WD-WXK1CB1T9074T9074&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1407266113&from=tugs&uid=WDCXWD5000BPVT-22A1YT0_WD-WXK1CB1T9074T9074&q={searchTerms}
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=dpg&chnl=&cd=2XzuyEtN2Y1L1QzutDtDtByCtBtByC0AtAyD0B0DtB0DtDzytN0D0Tzu0CtByCyDtN1L2XzutBtFtCtFtDtFtAtDtC&cr=1608902655
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1407266113&from=tugs&uid=WDCXWD5000BPVT-22A1YT0_WD-WXK1CB1T9074T9074&q={searchTerms}
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1407266113&from=tugs&uid=WDCXWD5000BPVT-22A1YT0_WD-WXK1CB1T9074T9074&q={searchTerms}
SearchScopes: HKLM-x32 -> {3537899B-B3D3-BCF9-BFA2-27EFE229B339} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=dpg&chnl=&cd=2XzuyEtN2Y1L1QzutDtDtByCtBtByC0AtAyD0B0DtB0DtDzytN0D0Tzu0CtByCyDtN1L2XzutBtFtCtFtDtFtAtDtC&cr=1608902655
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKLM-x32 -> {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=BCAC6B2F-343D-4868-845B-5D254772E88C&ref=toolbox&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3793236011-1497448259-2661613126-1000 -> DefaultScope {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=BCAC6B2F-343D-4868-845B-5D254772E88C&ref=toolbox&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3793236011-1497448259-2661613126-1000 -> Backup.Old.DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233}
SearchScopes: HKU\S-1-5-21-3793236011-1497448259-2661613126-1000 -> bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-3793236011-1497448259-2661613126-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3793236011-1497448259-2661613126-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.holasearch.com/?q={searchTerms}&affID=121962&tt=gc_&babsrc=SP_ss&mntrId=12C00024D6111340
SearchScopes: HKU\S-1-5-21-3793236011-1497448259-2661613126-1000 -> {1DD0E6CF-FD26-EEB0-13E7-1E49C4E5E845} URL = hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=dpg&chnl=&cd=2XzuyEtN2Y1L1QzutDtDtByCtBtByC0AtAyD0B0DtB0DtDzytN0D0Tzu0CtByCyDtN1L2XzutBtFtCtFtDtFtAtDtC&cr=1608902655
SearchScopes: HKU\S-1-5-21-3793236011-1497448259-2661613126-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1407266113&from=tugs&uid=WDCXWD5000BPVT-22A1YT0_WD-WXK1CB1T9074T9074&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3793236011-1497448259-2661613126-1000 -> {3537899B-B3D3-BCF9-BFA2-27EFE229B339} URL = https://isearch.avg.com/search?cid={50F10FEB-5200-4BC8-BED9-CEA29FCC5FB0}&mid=16143c11f81647d09445d16f648edc4e-21862d1207fe91458b8cb4f98465be6d0bf00bbc&lang=de&ds=AVG&pr=pr&d=2012-07-04 21:13:18&v=12.2.5.32&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3793236011-1497448259-2661613126-1000 -> {5F695625-3816-4613-BA0D-9406B7D743DD} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=ffc44216-f748-4f7d-a504-d60c4cfdcccf&apn_sauid=BE7BC93B-EBFC-421C-A8F7-746AE72FE4AC
SearchScopes: HKU\S-1-5-21-3793236011-1497448259-2661613126-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE489
SearchScopes: HKU\S-1-5-21-3793236011-1497448259-2661613126-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=AgnUpd&cd=2XzuyEtN2Y1L1QzutDtDtByE0DyCtCtCtCtAyEtDtB0DtDzytN0D0Tzu0CyEyEtBtN1L2XzutN1L1Czu&cr=1559183977&ir=
SearchScopes: HKU\S-1-5-21-3793236011-1497448259-2661613126-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=DE&ver=21&locale=de_DE&gct=sb&qsrc=2869
SearchScopes: HKU\S-1-5-21-3793236011-1497448259-2661613126-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
SearchScopes: HKU\S-1-5-21-3793236011-1497448259-2661613126-1000 -> {BFFED5CA-8BDF-47CC-AED0-23F4E6D77732} URL = hxxp://start.iminent.com/?appId=BCAC6B2F-343D-4868-845B-5D254772E88C&ref=toolbox&q={searchTerms}
BHO: Browsers Apps -> {11111111-1111-1111-1111-110611171187} -> C:\Program Files (x86)\Browsers Apps\Browsers Apps-bho64.dll (app)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No File
BHO: Browse Safe BHO -> {8E56A02B-46FE-4490-B169-F16E5231533B} -> C:\Program Files (x86)\Browse Safe\FrameworkBHO64.dll ()
BHO: IMinent WebBooster (BHO) -> {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -> C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx64.dll (SIEN)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll No File
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll No File
BHO: shopperz -> {C74AB308-BA97-42f6-BB20-00E0868F52FB} -> C:\Program Files\shopperz\omr64.dll ()
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: DVDVideoSoftTB DE Toolbar -> {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} -> C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll No File
BHO-x32: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll No File
BHO-x32: videos MediaPlay-Air -> {11111111-1111-1111-1111-110611171199} -> C:\Program Files (x86)\videos MediaPlay-Air\videos MediaPlay-Air-bho.dll (enter)
BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Funmoods Helper Object -> {75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7} -> C:\PROGRA~2\Funmoods\1.5.23.22\bh\escort.dll No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoftTB Toolbar -> {872b5b88-9db5-4310-bdd0-ac189557e5f5} -> C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll No File
BHO-x32: Browse Safe BHO -> {8E56A02B-46FE-4490-B169-F16E5231533B} -> C:\Program Files (x86)\Browse Safe\FrameworkBHO.dll ()
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: IMinent WebBooster (BHO) -> {A09AB6EB-31B5-454C-97EC-9B294D92EE2A} -> C:\Program Files (x86)\Iminent\Minibar.InternetExplorer.BHOx86.dll (SIEN)
BHO-x32: Wajam -> {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} -> C:\Program Files (x86)\Wajam\IE\priam_bho.dll No File
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO-x32: delta Helper Object -> {C1AF5FA5-852C-4C90-812E-A7F75E011D87} -> C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll No File
BHO-x32: shopperz -> {C74AB308-BA97-42f6-BB20-00E0868F52FB} -> C:\Program Files\shopperz\omr32.dll ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Funmoods Toolbar - {A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3} - C:\PROGRA~2\Funmoods\1.5.23.22\escorTlbr.dll No File
Toolbar: HKLM-x32 - DVDVideoSoftTB DE Toolbar - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - C:\Program Files (x86)\DVDVideoSoftTB_DE\prxtbDVDV.dll No File
Toolbar: HKLM-x32 - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll No File
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll No File
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3793236011-1497448259-2661613126-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-3793236011-1497448259-2661613126-1000 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKU\S-1-5-21-3793236011-1497448259-2661613126-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKU\S-1-5-21-3793236011-1497448259-2661613126-1000 -> No Name - {0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF} -  No File
Toolbar: HKU\S-1-5-21-3793236011-1497448259-2661613126-1000 -> No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} -  No File
Toolbar: HKU\S-1-5-21-3793236011-1497448259-2661613126-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll File Not found ()
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll File Not found ()
Hosts: 54.225.95.126	bnbaolfhobbbokdcmfiplbokkokobjgc
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default
FF NewTab: chrome://quick_start/content/index.html
FF Homepage: hxxp://start.iminent.com/?appid=bcac6b2f-343d-4868-845b-5d254772e88c
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll No File
FF Plugin: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=11.11.2 -> C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.11.2 -> C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3793236011-1497448259-2661613126-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kelmendi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-3793236011-1497448259-2661613126-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Kelmendi\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3793236011-1497448259-2661613126-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Kelmendi\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3793236011-1497448259-2661613126-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF user.js: detected! => C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\user.js
FF SearchPlugin: C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\searchplugins\ask-search.xml
FF SearchPlugin: C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\searchplugins\bingp.xml
FF SearchPlugin: C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\searchplugins\BrowserProtect.xml
FF SearchPlugin: C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\searchplugins\dvdvideosofttb-customized-web-search.xml
FF SearchPlugin: C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\searchplugins\Funmoods.xml
FF SearchPlugin: C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\searchplugins\safesearch.xml
FF SearchPlugin: C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\searchplugins\Search.xml
FF SearchPlugin: C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\searchplugins\trovi-search.xml
FF SearchPlugin: C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\searchplugins\yahoo_ff.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\StartWeb.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF Extension: video MediaPlayers - C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com [2014-09-20]
FF Extension: Plus-HD-1.8c - C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com [2014-08-10]
FF Extension: Fast Start - C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\faststartff@gmail.com [2014-08-05]
FF Extension: Babylon - C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\ffxtlbr@babylon.com [2012-09-02]
FF Extension: Delta Toolbar - C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\ffxtlbr@delta.com [2013-04-01]
FF Extension: Funmoods.com - C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\ffxtlbr@funmoods.com [2012-09-21]
FF Extension: Browsers App - C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\herman.thorne45@outlook.com [2014-09-20]
FF Extension: Yontoo - C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\plugin@yontoo.com [2013-04-01]
FF Extension: Browse Safe - C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962} [2014-09-26]
FF Extension: DVDVideoSoftTB  - C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2013-11-20]
FF Extension: Layouts Express - C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\{97A78363-B868-4B48-AC91-A783A31215AF} [2012-09-01]
FF Extension: IMinent Toolbar - C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444} [2013-05-19]
FF Extension: Facebook Toolbar - C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\firefox@facebook.com.xpi [2012-12-27]
FF Extension: Iminent - C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\firefoxmini@go.im.xpi [2014-08-10]
FF Extension: Slick Savings - C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\savingsslider@mybrowserbar.com.xpi [2014-04-13]
FF Extension: Ask Toolbar - C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\toolbar_ORJ-V7@apn.ask.com.xpi [2013-10-15]
FF Extension: Start Page - C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi [2014-06-25]
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi [2012-11-20]
FF Extension: Adblock Plus - C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-25]
FF Extension: BonanzaDeals - C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}.xpi [2013-12-18]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-11-11]
FF HKLM\...\Firefox\Extensions: [{C74AB308-BA97-42f6-BB20-00E0868F52FB}] - C:\Program Files\shopperz\Firefox
FF Extension: shopperz - C:\Program Files\shopperz\Firefox [2014-12-08]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn [2014-12-09]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF HKLM-x32\...\Firefox\Extensions: [webbooster@iminent.com] - C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\webbooster@iminent.com
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\faststartff@gmail.com
FF HKLM-x32\...\Firefox\Extensions: [{C74AB308-BA97-42f6-BB20-00E0868F52FB}] - C:\Program Files\shopperz\Firefox
FF HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\Firefox\Extensions: [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}] - C:\Program Files (x86)\Wajam\Firefox\{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}.xpi
FF HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\Firefox\Extensions: [happylyrics@hpyproductions.net] - C:\Program Files (x86)\HappyLyrics\FF
FF Extension: Happy Lyrics - C:\Program Files (x86)\HappyLyrics\FF [2013-05-19]
FF Extension: No Name - {C74AB308-BA97-42f6-BB20-00E0868F52FB} [Not Found]
FF Extension: No Name - {2D3F3651-74B9-4795-BDEC-6DA2F431CB62} [Not Found]

Chrome: 
=======
CHR Profile: C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-30]
CHR Extension: (Google Drive) - C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-30]
CHR Extension: (Funmoods) - C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh [2013-10-30]
CHR Extension: (YouTube) - C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-30]
CHR Extension: (New Tab) - C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj [2013-10-30]
CHR Extension: (Google Search) - C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-30]
CHR Extension: (Happy Lyrics) - C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ealchnonpofjocgofjpopjdoegbbkofj [2013-05-19]
CHR Extension: (Browsers Apps) - C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffhfoagmjcnkolneahbpagjcjjaeofbg [2014-08-05]
CHR Extension: (Iminent) - C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl [2013-05-19]
CHR Extension: (videos MediaPlay-Air) - C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\iklgpchfbohgmghgfagediakopecfmbm [2014-08-05]
CHR Extension: (Plus-HD-1.8) - C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcbanjcfnoiefihobdmmjmaljifgnkhh [2013-10-30]
CHR Extension: (Norton Identity Protection) - C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-10-30]
CHR Extension: (Google Wallet) - C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-30]
CHR Extension: (Gmail) - C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-30]
CHR HKLM\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Kelmendi\AppData\Local\funmoods.crx [2012-09-21]
CHR HKLM\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Kelmendi\AppData\Local\funmoods-speeddial.crx [2012-09-21]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-04]
CHR HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Kelmendi\AppData\Local\funmoods.crx [2012-09-21]
CHR HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Kelmendi\AppData\Local\funmoods-speeddial.crx [2012-09-21]
CHR HKLM-x32\...\Chrome\Extension: [bbjciahceamgodcoidkjpchnokgfpphh] - C:\Users\Kelmendi\AppData\Local\funmoods.crx [2012-09-21]
CHR HKLM-x32\...\Chrome\Extension: [cjpglkicenollcignonpgiafdgfeehoj] - C:\Users\Kelmendi\AppData\Local\funmoods-speeddial.crx [2012-09-21]
CHR HKLM-x32\...\Chrome\Extension: [ealchnonpofjocgofjpopjdoegbbkofj] - C:\Program Files (x86)\HappyLyrics\Chrome.crx [2013-04-21]
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Kelmendi\AppData\Roaming\BabSolution\CR\Delta.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [igdhbblpcellaljokkpfhcjlagemhgjl] - C:\Program Files (x86)\Iminent\Iminent.crx [2013-05-19]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-04]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-08-05]
CHR HKLM-x32\...\Chrome\Extension: [pgafcinpmmpklohkojmllohdhomoefph] - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-14] (Microsoft Corporation) [File not signed]
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [203264 2009-08-04] (AMD) [File not signed]
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2013-12-10] (APN LLC.)
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2009-07-14] (Microsoft Corporation) [File not signed]
R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [676864 2009-07-14] (Microsoft Corporation) [File not signed]
R2 AudioSrv; C:\Windows\System32\Audiosrv.dll [676864 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2009-07-14] (Microsoft Corporation) [File not signed]
S3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-14] (Microsoft Corporation) [File not signed]
R2 BFE; C:\Windows\System32\bfe.dll [703488 2009-07-14] (Microsoft Corporation) [File not signed]
S3 BITS; C:\Windows\System32\qmgr.dll [848384 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Browser; C:\Windows\System32\browser.dll [136192 2009-07-14] (Microsoft Corporation) [File not signed]
S3 bthserv; C:\Windows\system32\bthserv.dll [83968 2009-07-14] (Microsoft Corporation) [File not signed]
S3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2009-07-14] (Microsoft Corporation) [File not signed]
S3 COMSysApp; C:\Windows\system32\dllhost.exe [9728 2009-07-14] (Microsoft Corporation) [File not signed]
S3 COMSysApp; C:\Windows\SysWOW64\dllhost.exe [7168 2009-07-14] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [175104 2009-07-14] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\Windows\SysWOW64\cryptsvc.dll [135680 2009-07-14] (Microsoft Corporation) [File not signed]
R2 csrcc; C:\Program Files\shopperz\csrcc.exe [306568 2014-12-02] ()
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [509440 2009-07-14] (Microsoft Corporation) [File not signed]
S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [314368 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [253440 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [182272 2009-07-14] (Microsoft Corporation) [File not signed]
S3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2009-07-14] (Microsoft Corporation) [File not signed]
R2 DPS; C:\Windows\system32\dps.dll [162816 2009-07-14] (Microsoft Corporation) [File not signed]
R3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-14] (Microsoft Corporation) [File not signed]
R2 EFS; C:\Windows\System32\lsass.exe [31232 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696832 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-14] (Microsoft Corporation) [File not signed]
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [788000 2009-10-29] (Acer Incorporated)
R2 eventlog; C:\Windows\System32\wevtsvc.dll [1646080 2009-07-14] (Microsoft Corporation) [File not signed]
R2 EventSystem; C:\Windows\system32\es.dll [402944 2009-07-14] (Microsoft Corporation) [File not signed]
R2 EventSystem; C:\Windows\SysWOW64\es.dll [271360 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Fax; C:\Windows\system32\fxssvc.exe [689152 2009-07-14] (Microsoft Corporation) [File not signed]
R3 fdPHost; C:\Windows\system32\fdPHost.dll [16384 2009-07-14] (Microsoft Corporation) [File not signed]
R2 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2009-07-14] (Microsoft Corporation) [File not signed]
R3 FontCache; C:\Windows\system32\FntCache.dll [1127936 2009-07-14] (Microsoft Corporation) [File not signed]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-05] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-08-05] (globalUpdate) [File not signed]
R2 gpsvc; C:\Windows\System32\gpsvc.dll [776192 2009-07-14] (Microsoft Corporation) [File not signed]
R3 hidserv; C:\Windows\system32\hidserv.dll [38912 2009-07-14] (Microsoft Corporation) [File not signed]
R3 hidserv; C:\Windows\SysWOW64\hidserv.dll [49152 2009-07-14] (Microsoft Corporation) [File not signed]
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [90624 2009-07-14] (Microsoft Corporation) [File not signed]
S3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [231936 2009-07-14] (Microsoft Corporation) [File not signed]
R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [187904 2009-07-14] (Microsoft Corporation) [File not signed]
R3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [165376 2009-07-14] (Microsoft Corporation) [File not signed]
R2 IKEEXT; C:\Windows\System32\ikeext.dll [845824 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [101888 2009-07-14] (Microsoft Corporation) [File not signed]
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [565760 2009-07-14] (Microsoft Corporation) [File not signed]
R3 KeyIso; C:\Windows\system32\lsass.exe [31232 2009-07-14] (Microsoft Corporation) [File not signed]
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [368640 2009-07-14] (Microsoft Corporation) [File not signed]
R2 LanmanServer; C:\Windows\system32\srvsvc.dll [235520 2009-07-14] (Microsoft Corporation) [File not signed]
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2009-07-14] (Microsoft Corporation) [File not signed]
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-14] (Microsoft Corporation) [File not signed]
R2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-14] (Microsoft Corporation) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [84480 2009-07-14] (Microsoft Corporation) [File not signed]
R2 MMCSS; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation) [File not signed]
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [824832 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [156672 2009-07-14] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\System32\msiexec.exe [127488 2009-07-14] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [73216 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (Egis Technology Inc.)
S3 napagent; C:\Windows\system32\qagentRT.dll [475648 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\Windows\system32\lsass.exe [31232 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-14] (Microsoft Corporation) [File not signed]
R3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-14] (Microsoft Corporation) [File not signed]
R3 netprofm; C:\Windows\SysWOW64\netprofm.dll [360448 2009-07-14] (Microsoft Corporation) [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\NIS.exe [276376 2014-09-21] (Symantec Corporation)
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [302080 2009-07-14] (Microsoft Corporation) [File not signed]
R2 nsi; C:\Windows\system32\nsisvc.dll [25600 2009-07-14] (Microsoft Corporation) [File not signed]
S3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation) [File not signed]
S3 p2psvc; C:\Windows\system32\p2psvc.dll [438784 2009-07-14] (Microsoft Corporation) [File not signed]
R2 PcaSvc; C:\Windows\System32\pcasvc.dll [186368 2009-07-14] (Microsoft Corporation) [File not signed]
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-14] (Microsoft Corporation) [File not signed]
S3 pla; C:\Windows\system32\pla.dll [1390080 2009-07-14] (Microsoft Corporation) [File not signed]
S3 pla; C:\Windows\SysWOW64\pla.dll [1508864 2009-07-14] (Microsoft Corporation) [File not signed]
R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [404480 2009-07-14] (Microsoft Corporation) [File not signed]
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [25088 2009-07-14] (Microsoft Corporation) [File not signed]
S3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation) [File not signed]
R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [500224 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Power; C:\Windows\system32\umpo.dll [163840 2009-07-14] (Microsoft Corporation) [File not signed]
R2 ProfSvc; C:\Windows\system32\profsvc.dll [208384 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [31232 2009-07-14] (Microsoft Corporation) [File not signed]
S3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasMan; C:\Windows\System32\rasmans.dll [343552 2009-07-14] (Microsoft Corporation) [File not signed]
R2 rcores; C:\Windows\rcore.exe [4959744 2014-12-07] () [File not signed]
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-14] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [75264 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [159232 2009-07-14] (Microsoft Corporation) [File not signed]
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2009-07-14] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\Windows\system32\rpcss.dll [509440 2009-07-14] (Microsoft Corporation) [File not signed]
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [253952 2009-07-10] (Acer Incorporated) [File not signed]
R2 SamSs; C:\Windows\system32\lsass.exe [31232 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Schedule; C:\Windows\system32\schedsvc.dll [1104384 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2009-07-14] (Microsoft Corporation) [File not signed]
S3 seclogon; C:\Windows\system32\seclogon.dll [30720 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\System32\sens.dll [64512 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\SysWOW64\sens.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [29184 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\system32\sessenv.dll [104960 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [99328 2009-07-14] (Microsoft Corporation) [File not signed]
S4 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-14] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [369664 2009-07-14] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [328192 2009-07-14] (Microsoft Corporation) [File not signed]
R2 shopperz Updater; C:\Program Files\shopperz\psonupd.exe [224648 2014-12-02] ()
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\Windows\System32\spoolsv.exe [558080 2009-07-14] (Microsoft Corporation) [File not signed]
S2 sppsvc; C:\Windows\system32\sppsvc.exe [3524608 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SProtection; C:\Program Files (x86)\Common Files\Umbrella\umbrella.exe [3550880 2014-11-07] (Iminent)
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [75264 2009-07-14] (Microsoft Corporation) [File not signed]
R2 stisvc; C:\Windows\System32\wiaservc.dll [578560 2009-07-14] (Microsoft Corporation) [File not signed]
S3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SysMain; C:\Windows\system32\sysmain.dll [1780736 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [93184 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [316416 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [241664 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TermService; C:\Windows\System32\termsrv.dll [706560 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-14] (Microsoft Corporation) [File not signed]
S3 THREADORDER; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation) [File not signed]
R2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2009-07-14] (Microsoft Corporation) [File not signed]
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2009-07-14] (Microsoft Corporation) [File not signed]
S3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-14] (Microsoft Corporation) [File not signed]
S3 upnphost; C:\Windows\SysWOW64\upnphost.dll [266752 2009-07-14] (Microsoft Corporation) [File not signed]
R2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-14] (Microsoft Corporation) [File not signed]
S3 VaultSvc; C:\Windows\system32\lsass.exe [31232 2009-07-14] (Microsoft Corporation) [File not signed]
S3 vds; C:\Windows\System32\vds.exe [532480 2009-07-14] (Microsoft Corporation) [File not signed]
S3 VSS; C:\Windows\system32\vssvc.exe [1598976 2009-07-14] (Microsoft Corporation) [File not signed]
S3 W32Time; C:\Windows\system32\w32time.dll [381952 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wbengine; C:\Windows\system32\wbengine.exe [1503744 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [366592 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wcncsvc; C:\Windows\SysWOW64\wcncsvc.dll [276480 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WcsPlugInService; C:\Windows\SysWOW64\WcsPlugInService.dll [32768 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [90624 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WdiSystemHost; C:\Windows\system32\wdi.dll [90624 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WebClient; C:\Windows\System32\webclnt.dll [254464 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [202240 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [237568 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-14] (Microsoft Corporation) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [438784 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [348672 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [242688 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\Windows\system32\WsmSvc.dll [2018816 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [1175040 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1525248 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10752 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [116736 2009-07-14] (Microsoft Corporation) [File not signed]
R2 wscsvc; C:\Windows\System32\wscsvc.dll [97280 2009-07-14] (Microsoft Corporation) [File not signed]
S2 WSearch; C:\Windows\system32\SearchIndexer.exe [593408 2009-07-14] (Microsoft Corporation) [File not signed]
S2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [428032 2009-07-14] (Microsoft Corporation) [File not signed]
R2 wuauserv; C:\Windows\system32\wuaueng.dll [2418176 2009-07-14] (Microsoft Corporation) [File not signed]
R2 wudfsvc; C:\Windows\System32\WUDFSvc.dll [75264 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [229888 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [X]
S2 Apple Mobile Device; "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [X]
S2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [X]
S3 iPod Service; "C:\Program Files\iPod\bin\iPodService.exe" [X]
S2 WajamUpdater; "C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe" [X] <==== ATTENTION
S2 Yontoo Desktop Updater; "C:\Program Files (x86)\Yontoo\Y2Desktop.Updater.exe" "C:\Users\Kelmendi\AppData\Roaming\Yontoo\YontooDesktop.exe"

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 1394ohci; C:\Windows\system32\DRIVERS\1394ohci.sys [227840 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AcpiPmi; C:\Windows\system32\DRIVERS\acpipmi.sys [12288 2009-07-14] (Microsoft Corporation) [File not signed]
R1 AFD; C:\Windows\system32\drivers\afd.sys [500224 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AmdK8; C:\Windows\system32\DRIVERS\amdk8.sys [64512 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AmdPPM; C:\Windows\system32\DRIVERS\amdppm.sys [60928 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-14] (Microsoft Corporation) [File not signed]
R3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [6038016 2009-08-04] (ATI Technologies Inc.) [File not signed]
S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation) [File not signed]
S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation) [File not signed]
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-14] (Microsoft Corporation) [File not signed]
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\NortonData\21.0.0.100\Definitions\BASHDefs\20141203.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
R1 blbdrive; C:\Windows\system32\DRIVERS\blbdrive.sys [45056 2009-07-14] (Microsoft Corporation) [File not signed]
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2009-07-14] (Microsoft Corporation) [File not signed]
S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.) [File not signed]
S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.) [File not signed]
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-14] (Brother Industries Ltd.) [File not signed]
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.) [File not signed]
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.) [File not signed]
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.) [File not signed]
S3 BTHMODEM; C:\Windows\system32\DRIVERS\bthmodem.sys [72192 2009-07-14] (Microsoft Corporation) [File not signed]
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-14] (Microsoft Corporation) [File not signed]
R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2009-07-14] (Microsoft Corporation) [File not signed]
R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [60376 2014-11-23] (Cherimoya Ltd)
R3 circlass; C:\Windows\system32\DRIVERS\circlass.sys [45568 2009-07-14] (Microsoft Corporation) [File not signed]
R3 CmBatt; C:\Windows\system32\DRIVERS\CmBatt.sys [17664 2009-07-14] (Microsoft Corporation) [File not signed]
R3 CompositeBus; C:\Windows\system32\DRIVERS\CompositeBus.sys [38912 2009-07-14] (Microsoft Corporation) [File not signed]
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2009-07-14] (Microsoft Corporation) [File not signed]
R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-14] (Microsoft Corporation) [File not signed]
S3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5632 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) [File not signed]
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)
R3 enecir; C:\Windows\system32\DRIVERS\enecir.sys [70656 2009-05-20] (ENE TECHNOLOGY INC.) [File not signed]
S3 enecirhid; C:\Windows\system32\DRIVERS\enecirhid.sys [14848 2009-05-19] (ENE TECHNOLOGY INC.) [File not signed]
S3 enecirhidma; C:\Windows\system32\DRIVERS\enecirhidma.sys [6656 2008-04-24] (ENE TECHNOLOGY INC.) [File not signed]
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-11-16] (Symantec Corporation)
S3 ErrDev; C:\Windows\system32\DRIVERS\errdev.sys [9728 2009-07-14] (Microsoft Corporation) [File not signed]
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-14] (Microsoft Corporation) [File not signed]
S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-14] (Microsoft Corporation) [File not signed]
S3 fdc; C:\Windows\system32\DRIVERS\fdc.sys [29696 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-14] (Microsoft Corporation) [File not signed]
S3 flpydisk; C:\Windows\system32\DRIVERS\flpydisk.sys [24576 2009-07-14] (Microsoft Corporation) [File not signed]
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.) [File not signed]
S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2009-07-14] (Microsoft Corporation) [File not signed]
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [122368 2009-07-14] (Microsoft Corporation) [File not signed]
S3 HidBatt; C:\Windows\system32\DRIVERS\HidBatt.sys [26624 2009-07-14] (Microsoft Corporation) [File not signed]
S3 HidBth; C:\Windows\system32\DRIVERS\hidbth.sys [100864 2009-07-14] (Microsoft Corporation) [File not signed]
R3 HidIr; C:\Windows\system32\DRIVERS\hidir.sys [46592 2009-07-14] (Microsoft Corporation) [File not signed]
S3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2009-07-14] (Microsoft Corporation) [File not signed]
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [751616 2009-07-14] (Microsoft Corporation) [File not signed]
R3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [105472 2009-07-14] (Microsoft Corporation) [File not signed]
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\NortonData\21.0.0.100\Definitions\IPSDefs\20141208.001\IDSvia64.sys [637656 2014-11-18] (Symantec Corporation)
R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IPMIDRV; C:\Windows\system32\DRIVERS\IPMIDrv.sys [78848 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-14] (Microsoft Corporation) [File not signed]
S3 JMCR; C:\Windows\System32\DRIVERS\jmcr.sys [140712 2009-07-20] (JMicron Technology Corporation) [File not signed]
S0 johci; C:\Windows\System32\DRIVERS\johci.sys [22640 2009-08-24] (JMicron )
R3 kbdhid; C:\Windows\system32\DRIVERS\kbdhid.sys [33280 2009-07-14] (Microsoft Corporation) [File not signed]
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-14] (Microsoft Corporation) [File not signed]
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Ltn_stk7070P; C:\Windows\System32\DRIVERS\Ltn_stk7070P.sys [625152 2009-05-23] (LiteOn) [File not signed]
R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-14] (Microsoft Corporation) [File not signed]
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-14] (Microsoft Corporation) [File not signed]
R3 mouhid; C:\Windows\system32\DRIVERS\mouhid.sys [31232 2009-07-14] (Microsoft Corporation) [File not signed]
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2009-07-14] (Microsoft Corporation) [File not signed]
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [157184 2009-07-14] (Microsoft Corporation) [File not signed]
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [285696 2009-07-14] (Microsoft Corporation) [File not signed]
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [125952 2009-07-14] (Microsoft Corporation) [File not signed]
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-14] (Microsoft Corporation) [File not signed]
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [15360 2009-07-14] (Microsoft Corporation) [File not signed]
R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-14] (Microsoft Corporation) [File not signed]
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20141207.020_bc5\ENG64.SYS [129752 2014-12-08] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20141207.020_bc5\EX64.SYS [2137304 2014-12-08] (Symantec Corporation)
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-14] (Microsoft Corporation) [File not signed]
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56320 2009-07-14] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2009-07-14] (Microsoft Corporation) [File not signed]
R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2009-07-14] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-14] (Microsoft Corporation) [File not signed]
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [259072 2009-07-14] (Microsoft Corporation) [File not signed]
R3 NETw5s64; C:\Windows\System32\DRIVERS\NETw5s64.sys [6952960 2009-09-15] (Intel Corporation) [File not signed]
S3 netw5v64; C:\Windows\System32\DRIVERS\netw5v64.sys [5434368 2009-06-10] (Intel Corporation) [File not signed]
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-14] (Microsoft Corporation) [File not signed]
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-14] (Microsoft Corporation) [File not signed]
R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ohci1394; C:\Windows\system32\DRIVERS\ohci1394.sys [72832 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Parport; C:\Windows\system32\DRIVERS\parport.sys [97280 2009-07-14] (Microsoft Corporation) [File not signed]
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-14] (Microsoft Corporation) [File not signed]
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111616 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [60416 2009-07-14] (Microsoft Corporation) [File not signed]
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2009-07-14] (Microsoft Corporation) [File not signed]
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-14] (Microsoft Corporation) [File not signed]
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [130048 2009-07-14] (Microsoft Corporation) [File not signed]
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-14] (Microsoft Corporation) [File not signed]
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-14] (Microsoft Corporation) [File not signed]
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2009-07-14] (Microsoft Corporation) [File not signed]
S3 rdpbus; C:\Windows\system32\DRIVERS\rdpbus.sys [24064 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [204800 2009-07-14] (Microsoft Corporation) [File not signed]
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-14] (Microsoft Corporation) [File not signed]
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sdbus; C:\Windows\System32\DRIVERS\sdbus.sys [109056 2009-07-14] (Microsoft Corporation) [File not signed]
R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 Serenum; C:\Windows\system32\DRIVERS\serenum.sys [23552 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [26624 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffdisk; C:\Windows\system32\DRIVERS\sffdisk.sys [14336 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffp_mmc; C:\Windows\system32\DRIVERS\sffp_mmc.sys [13824 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffp_sd; C:\Windows\system32\DRIVERS\sffp_sd.sys [14336 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [16896 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-14] (Microsoft Corporation) [File not signed]
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1506000.020\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [465408 2009-07-14] (Microsoft Corporation) [File not signed]
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [407040 2009-07-14] (Microsoft Corporation) [File not signed]
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [162816 2009-07-14] (Microsoft Corporation) [File not signed]
R0 SymDS; C:\Windows\System32\drivers\NISx64\1506000.020\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1506000.020\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-01-18] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1506000.020\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [44544 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2009-07-14] (Microsoft Corporation) [File not signed]
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [99840 2009-07-14] (Microsoft Corporation) [File not signed]
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [38400 2009-07-14] (Microsoft Corporation) [File not signed]
S3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2009-07-14] (Microsoft Corporation) [File not signed]
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [327168 2009-07-14] (Microsoft Corporation) [File not signed]
R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2009-07-14] (Microsoft Corporation) [File not signed]
S3 UmPass; C:\Windows\system32\DRIVERS\umpass.sys [9728 2009-07-14] (Microsoft Corporation) [File not signed]
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 usbaudio; C:\Windows\System32\drivers\usbaudio.sys [109568 2009-07-14] (Microsoft Corporation) [File not signed]
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [98816 2009-07-14] (Microsoft Corporation) [File not signed]
S3 usbcir; C:\Windows\system32\DRIVERS\usbcir.sys [100352 2009-07-14] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\Windows\system32\DRIVERS\usbehci.sys [51200 2009-07-14] (Microsoft Corporation) [File not signed]
R3 usbhub; C:\Windows\system32\DRIVERS\usbhub.sys [343040 2009-07-14] (Microsoft Corporation) [File not signed]
S3 usbohci; C:\Windows\system32\DRIVERS\usbohci.sys [25600 2009-07-14] (Microsoft Corporation) [File not signed]
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-14] (Microsoft Corporation) [File not signed]
S3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [41984 2009-07-14] (Microsoft Corporation) [File not signed]
S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [89600 2009-07-14] (Microsoft Corporation) [File not signed]
S3 usbuhci; C:\Windows\system32\DRIVERS\usbuhci.sys [30720 2009-07-14] (Microsoft Corporation) [File not signed]
R3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [184576 2009-07-14] (Microsoft Corporation) [File not signed]
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-14] (Microsoft Corporation) [File not signed]
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-14] (Microsoft Corporation) [File not signed]
R3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-14] (Microsoft Corporation) [File not signed]
R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [27776 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-14] (Microsoft Corporation) [File not signed]
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-14] (Microsoft Corporation) [File not signed]
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [40448 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WmiAcpi; C:\Windows\system32\DRIVERS\wmiacpi.sys [14336 2009-07-14] (Microsoft Corporation) [File not signed]
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [112128 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [172544 2009-07-14] (Microsoft Corporation) [File not signed]
S1 avipbb; system32\DRIVERS\avipbb.sys [X]
S1 avkmgr; system32\DRIVERS\avkmgr.sys [X]
S2 avnetflt; system32\DRIVERS\avnetflt.sys [X]
S3 k57nd60a; system32\DRIVERS\k57nd60a.sys [X]
S3 PCDSRVC{5368CD8C-347D2239-06020200}_0; \??\c:\users\admini~1\appdata\local\temp\zst1_guzd1e5\pcdrdiag\bin\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-09 11:37 - 2014-12-09 11:38 - 00081391 _____ () C:\Users\Kelmendi\Desktop\FRST.txt
2014-12-09 11:37 - 2014-12-09 11:37 - 00000000 ____D () C:\FRST
2014-12-09 11:36 - 2014-12-09 11:36 - 02119680 _____ (Farbar) C:\Users\Kelmendi\Desktop\frst64.exe
2014-12-09 11:21 - 2014-12-09 11:21 - 00000000 ____D () C:\ProgramData\ZombieInvasion
2014-12-08 17:49 - 2014-12-09 11:21 - 00000000 ___HD () C:\Users\Public\Temp
2014-12-08 17:48 - 2014-12-08 17:48 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-12-08 17:47 - 2014-12-09 11:19 - 00003472 _____ () C:\Windows\System32\Tasks\ProPCCleaner_Popup
2014-12-08 17:47 - 2014-12-08 17:47 - 00003208 _____ () C:\Windows\System32\Tasks\ProPCCleaner_Start
2014-12-08 17:47 - 2014-12-08 17:47 - 00000000 ____D () C:\Users\Kelmendi\AppData\Local\Pro_PC_Cleaner
2014-12-08 17:47 - 2014-12-07 01:27 - 04959744 _____ () C:\Windows\rcore.exe
2014-12-08 17:46 - 2014-12-09 11:19 - 00000000 ____D () C:\Users\Kelmendi\Documents\ProPCCleaner
2014-12-08 17:46 - 2014-12-08 17:46 - 00000000 ____D () C:\Users\Kelmendi\AppData\Roaming\Dock
2014-12-08 17:45 - 2014-12-09 11:18 - 00000000 ____D () C:\Users\Kelmendi\AppData\Local\DesktopDock
2014-12-08 17:45 - 2014-12-08 18:05 - 00000000 ____D () C:\Program Files (x86)\Pro PC Cleaner
2014-12-08 17:45 - 2014-12-08 17:46 - 00000000 ____D () C:\Program Files\shopperz
2014-12-08 17:45 - 2014-12-08 17:46 - 00000000 ____D () C:\Program Files (x86)\Desktop Dock
2014-12-08 17:45 - 2014-12-08 17:45 - 00003628 _____ () C:\Windows\System32\Tasks\omrUpdater
2014-12-08 17:45 - 2014-12-08 17:45 - 00000000 ____D () C:\Users\Kelmendi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Dock
2014-12-08 17:45 - 2014-12-08 17:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pro PC Cleaner
2014-12-08 17:45 - 2014-12-08 17:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
2014-12-08 17:45 - 2014-11-23 10:07 - 00060376 _____ (Cherimoya Ltd) C:\Windows\system32\Drivers\cherimoya.sys
2014-12-08 17:44 - 2014-12-08 17:44 - 00000000 ____D () C:\Users\Kelmendi\AppData\Roaming\Pro PC Cleaner
2014-12-08 17:39 - 2014-12-08 17:48 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-12-08 17:39 - 2014-12-08 17:48 - 00176040 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-12-08 17:39 - 2014-12-08 17:48 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-08 17:38 - 2014-12-08 17:39 - 00005820 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_71-b14.log
2014-12-08 12:39 - 2014-12-08 12:39 - 00008293 _____ () C:\Users\Kelmendi\Documents\LADKH.odt
2014-12-07 13:10 - 2014-12-07 21:02 - 00000000 ____D () C:\Users\Kelmendi\Documents\GELD ZURÜCKHOLEN
2014-11-17 11:45 - 2014-11-17 11:45 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-11-17 11:45 - 2014-11-17 11:45 - 00000000 ____D () C:\Users\Kelmendi\AppData\Local\Skype
2014-11-17 11:45 - 2014-11-17 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-11-17 11:43 - 2014-11-17 11:44 - 26913384 _____ (Skype Technologies S.A.) C:\Users\Kelmendi\Downloads\SkypeSetupFull.exe
2014-11-13 20:36 - 2014-11-13 20:36 - 00280312 _____ () C:\Windows\Minidump\111314-41995-01.dmp
2014-11-11 10:46 - 2014-12-08 12:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-09 11:35 - 2014-08-05 20:35 - 00001920 _____ () C:\Windows\Tasks\42d3747b-dde9-4d69-a6d3-74eb8d2a0178-6.job
2014-12-09 11:27 - 2013-10-30 08:10 - 00001132 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000UA.job
2014-12-09 11:23 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-09 11:23 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-09 11:21 - 2012-11-24 21:42 - 00000000 ____D () C:\Users\Kelmendi\AppData\Local\CrashDumps
2014-12-09 11:20 - 2012-05-23 00:10 - 06986014 _____ () C:\Windows\system32\perfh007.dat
2014-12-09 11:20 - 2012-05-23 00:10 - 02154518 _____ () C:\Windows\system32\perfc007.dat
2014-12-09 11:20 - 2012-05-22 14:20 - 01466087 _____ () C:\Windows\WindowsUpdate.log
2014-12-09 11:20 - 2009-07-14 06:13 - 00004568 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-09 11:17 - 2013-03-03 21:49 - 00000000 ____D () C:\Users\Kelmendi\AppData\Roaming\Spotify
2014-12-09 11:17 - 2012-10-06 16:37 - 00000000 ____D () C:\Users\Kelmendi\AppData\Roaming\Skype
2014-12-09 11:15 - 2014-08-05 20:17 - 00000622 _____ () C:\Windows\Tasks\99fc5ea7-ad1b-4dec-b731-ed32acd72e5d.job
2014-12-09 11:15 - 2014-01-18 17:10 - 00000000 ____D () C:\Users\Kelmendi\AppData\Roaming\newnext.me
2014-12-09 11:14 - 2014-08-05 20:18 - 00001300 _____ () C:\Windows\Tasks\97a3be2d-8a0e-4403-9ef9-369c868d44d6.job
2014-12-09 11:14 - 2014-08-05 20:17 - 00000904 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2014-12-09 11:14 - 2012-06-24 09:52 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-09 11:13 - 2009-10-21 01:27 - 01005304 _____ () C:\Windows\PFRO.log
2014-12-09 11:13 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-09 11:13 - 2009-07-14 05:51 - 00241573 _____ () C:\Windows\setupact.log
2014-12-08 18:10 - 2013-10-30 08:10 - 00000304 _____ () C:\Windows\Tasks\UpdaterEX.job
2014-12-08 18:05 - 2012-06-24 09:52 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-08 17:49 - 2013-10-30 07:38 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-08 17:48 - 2013-10-30 07:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-12-08 17:48 - 2013-10-30 07:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-08 17:48 - 2013-09-09 21:49 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-08 17:33 - 2013-03-03 21:50 - 00000000 ____D () C:\Users\Kelmendi\AppData\Local\Spotify
2014-12-08 12:57 - 2012-09-15 17:52 - 00000940 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000UA.job
2014-12-08 01:02 - 2012-05-22 14:52 - 00000000 ____D () C:\ProgramData\Temp
2014-12-08 00:55 - 2014-08-05 20:17 - 00000908 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-12-07 21:02 - 2014-08-21 16:08 - 00000099 _____ () C:\Users\Public\LMDebug.log
2014-12-07 14:27 - 2013-10-30 08:10 - 00001080 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000Core.job
2014-12-03 18:57 - 2012-09-15 17:52 - 00000918 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000Core.job
2014-12-02 13:35 - 2012-09-22 12:59 - 00000000 ____D () C:\Program Files (x86)\PhotoScape
2014-12-02 13:02 - 2012-10-18 18:01 - 00000000 ____D () C:\Users\Kelmendi\Documents\Flora
2014-11-17 11:45 - 2012-10-06 16:37 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-11-17 11:45 - 2012-10-06 16:37 - 00000000 ____D () C:\ProgramData\Skype
2014-11-13 20:36 - 2012-07-29 19:08 - 523256374 _____ () C:\Windows\MEMORY.DMP
2014-11-13 20:36 - 2012-07-29 19:08 - 00000000 ____D () C:\Windows\Minidump
2014-11-12 21:26 - 2014-08-05 20:34 - 00000000 ____D () C:\Program Files (x86)\videos MediaPlay-Air
2014-11-11 19:21 - 2012-07-14 18:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.3512.dll


Some content of TEMP:
====================
C:\Users\Besa\AppData\Local\Temp\avgnt.exe
C:\Users\Besa\AppData\Local\Temp\dotNetFx40_Client_setup.exe
C:\Users\Kelmendi\AppData\Local\Temp\6_Offer_15.exe
C:\Users\Kelmendi\AppData\Local\Temp\APNSetup.exe
C:\Users\Kelmendi\AppData\Local\Temp\AskSLib.dll
C:\Users\Kelmendi\AppData\Local\Temp\avgnt.exe
C:\Users\Kelmendi\AppData\Local\Temp\avguidx.dll
C:\Users\Kelmendi\AppData\Local\Temp\CommonInstaller.exe
C:\Users\Kelmendi\AppData\Local\Temp\dlLogic.exe
C:\Users\Kelmendi\AppData\Local\Temp\dltr.exe
C:\Users\Kelmendi\AppData\Local\Temp\EBUAA20.Exe
C:\Users\Kelmendi\AppData\Local\Temp\EBUAD99.DLL
C:\Users\Kelmendi\AppData\Local\Temp\EBUEE8F.Exe
C:\Users\Kelmendi\AppData\Local\Temp\EBUF1DA.DLL
C:\Users\Kelmendi\AppData\Local\Temp\GCVerifier.dll
C:\Users\Kelmendi\AppData\Local\Temp\GenericWndApi.dll
C:\Users\Kelmendi\AppData\Local\Temp\GoogleSetup.exe
C:\Users\Kelmendi\AppData\Local\Temp\iGearedHelper.dll
C:\Users\Kelmendi\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Kelmendi\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Kelmendi\AppData\Local\Temp\MachineIdCreator.exe
C:\Users\Kelmendi\AppData\Local\Temp\nsg16FC.tmp.exe
C:\Users\Kelmendi\AppData\Local\Temp\oi_{A7D3519F-9B10-4979-A053-D90D18D59102}.exe
C:\Users\Kelmendi\AppData\Local\Temp\SHelp2.exe
C:\Users\Kelmendi\AppData\Local\Temp\sprz.exe
C:\Users\Kelmendi\AppData\Local\Temp\TB_D78C.exe
C:\Users\Kelmendi\AppData\Local\Temp\TB_DEDC.exe
C:\Users\Kelmendi\AppData\Local\Temp\ToolbarInstaller.exe
C:\Users\Kelmendi\AppData\Local\Temp\UNINSTALL.EXE
C:\Users\Kelmendi\AppData\Local\Temp\verifier.exe
C:\Users\Kelmendi\AppData\Local\Temp\wajam_install.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-06 21:43

==================== End Of Log ============================

--- --- ---

flora27 · 09.12.2014, 12:15

Und hier die Addition - danke schonmal Jürgen!

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-12-2014
Ran by Kelmendi at 2014-12-09 11:39:29
Running from C:\Users\Kelmendi\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 2 (SP2) (x32 Version:  - Microsoft) Hidden
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.0.7029 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.0.7029 - CyberLink Corp.) Hidden
Acer Arcade Instant On (x32 Version: 3.0.20.1 - Acer) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.1.29 - NewTech Infosystems)
Acer Crystal Eye webcam Ver:1.1.88.610 (HKLM-x32\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.88.610 - Chicony Electronics Co.,Ltd.)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer PowerSmart Manager (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.06.3007 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.9.0715 - Acer Incorporated)
Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3017 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3000 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe PageMaker 7.0 (HKLM-x32\...\Adobe PageMaker 7.0) (Version: 7.0.1 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.05) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.05 - Adobe Systems Incorporated)
Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version:  - Oberon Media)
Amazon Browser Settings (HKLM-x32\...\Amazon Browser Settings) (Version: 3.0 - Amazon)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version:  - Oberon Media)
Apple Application Support (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ask Toolbar (HKLM-x32\...\{4F524A2D-5637-006A-76A7-A758B70C0901}) (Version: 12.9.1.17 - APN, LLC) <==== ATTENTION
ATI AVIVO64 Codecs (Version: 10.7.0.40804 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{C5304802-5E11-D74F-813E-BAABDD870774}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
Backup Manager Advance (x32 Version: 2.0.1.29 - NewTech Infosystems) Hidden
Benutzerhandbuch anzeigen (HKLM-x32\...\View User Guide) (Version: 3.60.43.0 - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Browse Safe (HKLM-x32\...\38985_Browse Safe) (Version: 1.0 - Gratifying Apps)
Browsers Apps (HKLM-x32\...\Browsers Apps) (Version: 1.34.7.29 - app) <==== ATTENTION
ccc-core-static (x32 Version: 2009.0804.2223.38385 - Ihr Firmenname) Hidden
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version:  - Oberon Media)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version:  - Oberon Media)
Delta Chrome Toolbar (HKLM-x32\...\Delta Chrome Toolbar) (Version:  - Visual Tools) <==== ATTENTION
Delta toolbar   (HKLM-x32\...\delta) (Version: 1.8.10.0 - Delta) <==== ATTENTION
DesktopDock (HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\DesktopDock) (Version: 1.0.1.32 - DesktopDock)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
ENE CIR Receiver Driver (HKLM\...\5F4DD0919B4763856B77AD385DEEEFCDF01784A8) (Version: 2.7.3.519 - ENE)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version:  - Oberon Media)
First Class Flurry (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}) (Version:  - Oberon Media)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version:  - Oberon Media)
Happy Lyrics (HKLM-x32\...\happylyrics@hpyproductions.net) (Version:  - Happy Productions) <==== ATTENTION
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version:  - Oberon Media)
ICQ7M (HKLM-x32\...\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}) (Version: 7.8 - ICQ)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3002 - Acer Incorporated)
Iminent (HKLM-x32\...\IMBoosterARP) (Version: 6.20.11.0 - Iminent) <==== ATTENTION
Iminent (x32 Version: 6.20.11.0 - Iminent) Hidden <==== ATTENTION
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.710 - Oracle)
Java 7 Update 9 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417009FF}) (Version: 7.0.90 - Oracle)
Java 8 Update 11 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218011FF}) (Version: 8.0.110 - Oracle Corporation)
Java SE Development Kit 7 Update 9 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170090}) (Version: 1.7.0.90 - Oracle)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.05.00 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.32.1 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.04 - Acer Inc.)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.10 - McAfee, Inc.)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM-x32\...\OMUI.de-de) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.40624.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 33.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.1 (x86 en-US)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.76.0 - Egis Technology Inc.)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.6.0.32 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6623 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6623 - NewTech Infosystems) Hidden
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 9.0.15.65 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version:  - PopCap Games)
Plus-HD-1.8 (HKLM-x32\...\Plus-HD-1.8) (Version: 1.27.153.1 - Plus HD) <==== ATTENTION
Pro PC Cleaner (HKLM-x32\...\{C3060724-6AC7-4BEF-B516-4F6B1D90887D}) (Version: 2.5.5 - Pro PC Cleaner)
Qtrax Player (HKLM-x32\...\{58C91689-85E3-4B25-ADEC-2697986DF817}) (Version: 1.00.0001 - Qtrax)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5918 - Realtek Semiconductor Corp.)
Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.05.78 (28.06.2013) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.03.60.00(23.07.2013) - Samsung Electronics Co., Ltd.)
Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.60.40.3 - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.10 (14.02.2014) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.01.08.00 - Samsung Electronics Co., Ltd.) Hidden
shopperz 2.0.0.450 (HKLM\...\{C74AB308-BA97-42f6-BB20-00E0868F52FB}_is1) (Version: 2.0.0.450 - shopperz)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Spotify (HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.2.0 - Synaptics Incorporated)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
videos MediaPlay-Air (HKLM-x32\...\videos MediaPlay-Air) (Version: 1.34.7.29 - enter) <==== ATTENTION
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Vocup 1.4.3 (HKLM-x32\...\Vocup_is1) (Version: 1.4.3 - Florian Amstutz)
webssearches uninstall (HKLM-x32\...\webssearches uninstall) (Version:  - webssearches) <==== ATTENTION
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
Welt der Zahl 2 (HKLM-x32\...\Welt der Zahl 2) (Version:  - Bildungshaus Schulbuchverlage Westermann Schroedel Diesterweg Schöningh Winklers GmbH)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
WindowsMangerProtect20.0.0.502 (HKLM-x32\...\WindowsMangerProtect) (Version: 20.0.0.502 - WindowsProtect LIMITED) <==== ATTENTION
Yontoo 2.051 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 2.051 - Yontoo LLC) <==== ATTENTION
Zombie Invasion (HKLM-x32\...\ZombieInvasion) (Version: 2.7.50 - Time Lapse Solutions)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

17-11-2014 10:39:00 Removed Skype™ 6.0
17-11-2014 10:40:48 Removed Skype Click to Call
29-11-2014 10:53:49 Geplanter Prüfpunkt
08-12-2014 16:38:17 Installed Java 7 Update 71
08-12-2014 16:48:14 Installed Java 8 Update 11

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-09-26 15:57 - 00000872 ____N C:\Windows\system32\Drivers\etc\hosts
54.225.95.126	bnbaolfhobbbokdcmfiplbokkokobjgc

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {085E2D7B-1061-4D77-B272-8D6B74F43473} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000Core => C:\Users\Kelmendi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-15] (Facebook Inc.)
Task: {1A8D429E-B1B8-41C5-AE3C-3F83F042222B} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {2EF90809-455D-4837-BA31-1ABCEE109022} - System32\Tasks\42d3747b-dde9-4d69-a6d3-74eb8d2a0178-6 => C:\Program Files (x86)\videos MediaPlay-Air\42d3747b-dde9-4d69-a6d3-74eb8d2a0178-6.exe [2014-08-05] (enter) <==== ATTENTION
Task: {354588CB-B8F5-4C11-952F-E159A8F25DD1} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
Task: {3E9119A3-D10D-4CBB-A93D-F154040EC8FC} - System32\Tasks\99fc5ea7-ad1b-4dec-b731-ed32acd72e5d => C:\Program Files (x86)\Browsers Apps\99fc5ea7-ad1b-4dec-b731-ed32acd72e5d.exe [2014-08-05] () <==== ATTENTION
Task: {524F3E5E-01DD-404D-BB0C-578B3E078C2E} - System32\Tasks\BrowserProtect => Sc.exe start BrowserProtect <==== ATTENTION
Task: {57FA8763-96FA-4403-9BE4-B98F963BC3F9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000Core => C:\Users\Kelmendi\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-30] (Google Inc.)
Task: {601A189D-14BE-4512-920E-B5C89F08D3F5} - System32\Tasks\McQcModifier-5c47-a7b0 => C:\ProgramData\McQcModifier-5c47-a7b0\McQcModifier-5c47-a7b0.cmd [2009-08-29] ()
Task: {664B581A-259B-4A79-B318-0F4193CEB2C2} - \Adobe Flash Player Updater No Task File <==== ATTENTION
Task: {66C8A2C2-EEE7-443E-A44A-3270A342A080} - \EPUpdater No Task File <==== ATTENTION
Task: {6D24B8AC-8E6D-4E6E-AC90-B30F3D3CD4B0} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-08-05] (globalUpdate) <==== ATTENTION
Task: {76D46D9D-14F0-4E05-A945-C9848230A2BB} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {7D1DF084-B7E9-4642-901C-0A0ECC9766F1} - System32\Tasks\97a3be2d-8a0e-4403-9ef9-369c868d44d6 => C:\Program Files (x86)\Browsers Apps\97a3be2d-8a0e-4403-9ef9-369c868d44d6.exe [2014-08-05] (app) <==== ATTENTION
Task: {7D2E27B9-90CB-45BF-9E6A-AA9339FF49CB} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe [2014-08-22] (Pro PC Cleaner)
Task: {87662F65-50CF-47A5-B85B-01DC51293793} - System32\Tasks\omrUpdater => C:\Program Files\shopperz\custer.bat [2014-12-02] ()
Task: {A383AAD1-64C8-44B4-B7D9-F7E41C8C847B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-24] (Google Inc.)
Task: {ABFF2DBA-FFED-4475-9CC7-8B785B477FE8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000UA => C:\Users\Kelmendi\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-30] (Google Inc.)
Task: {C1B104F0-2DD4-432F-8E96-D962E14373CF} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files (x86)\Pro PC Cleaner\Splash.exe [2014-08-22] ()
Task: {C9355EE5-36D8-4152-A53F-6BA92AFDA97F} - System32\Tasks\DealPly => C:\Users\Kelmendi\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {C9E0932B-E9D4-42E5-AA6F-A2A0E2673188} - System32\Tasks\DSite => C:\Users\Kelmendi\AppData\Roaming\DSite\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {EC6158F2-6E0A-4A38-BD7A-1F65122B38F1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000UA => C:\Users\Kelmendi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-15] (Facebook Inc.)
Task: {ED6E3C86-A418-413C-B557-160C314400BA} - System32\Tasks\UpdaterEX => C:\Users\Kelmendi\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {EEED2A1F-FFEF-4F4D-AD5B-1F16A027A94F} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-08-05] (globalUpdate) <==== ATTENTION
Task: {FA567ED5-7F7E-4E15-B136-ED114E728B86} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-24] (Google Inc.)
Task: {FBEDF8F5-ACE4-4131-AF99-E0E96AA00D83} - \Funmoods No Task File <==== ATTENTION
Task: C:\Windows\Tasks\42d3747b-dde9-4d69-a6d3-74eb8d2a0178-6.job => C:\Program Files (x86)\videos MediaPlay-Air\42d3747b-dde9-4d69-a6d3-74eb8d2a0178-6.exe/wBeAJS='videos MediaPlay-Air' /bjuuF=61799 /Lzzhb='001673' /ixabY='verticals-shopping' /TFrJs='0' /qnjItqW=2427A73BB2C24297ABC8835EA5137886IE /sNKZRp=8e5543f94a06624028844926e57e0ba9 /irIEEtNr=1_34_07_29 /cxwgI=1.34.7.29 /vbozDJi=1407267287 /QvhSYlpK=hxxp://stats.infostatsserv.com /FOPAZbDo=hxxp://errors.infostatsserv.com /nhRONkxQ=hxxp://js.infostatsserv.com /nzyKBo=ff /ezeIo /dykimqj=videos MediaPlay-Air /eHRcr601222de-3c30-48d8-8a82-d06da73d300c.dll /hJekbrn51b2f8a2-66aa-46fc-84f2-8f7422875450.dll /FnfCkC42d3747b-dde9-4d69-a6d3-74eb8d2a0178-64.exe <==== ATTENTION
Task: C:\Windows\Tasks\97a3be2d-8a0e-4403-9ef9-369c868d44d6.job => C:\Program Files (x86)\Browsers Apps\97a3be2d-8a0e-4403-9ef9-369c868d44d6.exe <==== ATTENTION
Task: C:\Windows\Tasks\99fc5ea7-ad1b-4dec-b731-ed32acd72e5d.job => C:\Program Files (x86)\Browsers Apps\99fc5ea7-ad1b-4dec-b731-ed32acd72e5d.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000Core.job => C:\Users\Kelmendi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000UA.job => C:\Users\Kelmendi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000Core.job => C:\Users\Kelmendi\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000UA.job => C:\Users\Kelmendi\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\UpdaterEX.job => C:\Users\Kelmendi\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2014-08-21 16:04 - 2014-01-23 10:00 - 00034304 _____ () C:\Windows\System32\ssm4mlm.dll
2014-12-08 17:45 - 2014-12-02 18:03 - 00306568 _____ () C:\Program Files\shopperz\csrcc.exe
2014-12-08 17:47 - 2014-12-07 01:27 - 04959744 _____ () C:\Windows\rcore.exe
2014-12-08 17:45 - 2014-12-02 18:03 - 00224648 _____ () C:\Program Files\shopperz\psonupd.exe
2014-12-08 17:45 - 2014-12-02 18:03 - 00297864 _____ () C:\Program Files\shopperz\socek64.dll
2012-05-22 14:37 - 2012-05-22 14:37 - 00200704 _____ () C:\Windows\PLFSetI.exe
2012-03-09 08:58 - 2012-03-09 08:58 - 00462712 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-03-09 08:58 - 2012-03-09 08:58 - 00057208 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2014-12-08 17:45 - 2014-12-02 18:03 - 00430472 _____ () C:\Program Files\shopperz\unity.exe
2014-12-08 17:45 - 2014-12-02 18:03 - 00461704 _____ () C:\Program Files\shopperz\unity64.exe
2014-12-08 17:45 - 2014-12-02 18:03 - 00402824 _____ () C:\Program Files\shopperz\hleb64.dll
2014-12-08 17:45 - 2014-12-02 18:03 - 00276872 _____ () C:\Program Files\shopperz\compot64.dll
2014-12-08 17:45 - 2014-12-02 18:03 - 00333704 _____ () C:\Program Files\shopperz\creed64.dll
2014-10-09 15:14 - 2014-10-09 15:14 - 01448472 _____ () C:\Program Files (x86)\Desktop Dock\DesktopDockApp.exe
2014-09-05 18:42 - 2014-09-05 18:42 - 00127488 _____ () C:\Program Files (x86)\Bench\Proxy\pwdg.exe
2009-07-29 12:10 - 2009-07-29 12:10 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2012-05-22 14:24 - 2012-05-22 14:24 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2014-12-08 17:45 - 2014-12-02 18:03 - 00124808 _____ () C:\Program Files\shopperz\nfapi32.dll
2014-12-08 17:45 - 2014-12-02 18:03 - 00345480 _____ () C:\Program Files\shopperz\ProtocolFilters32.dll
2009-02-03 01:33 - 2009-02-03 01:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 01:55 - 2008-09-29 01:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2014-12-08 17:45 - 2014-12-02 18:03 - 00291720 _____ () C:\Program Files\shopperz\socek.dll
2014-12-08 17:45 - 2014-12-02 18:03 - 00395144 _____ () C:\Program Files\shopperz\hleb.dll
2014-12-08 17:45 - 2014-12-02 18:03 - 00242056 _____ () C:\Program Files\shopperz\compot.dll
2014-12-08 17:45 - 2014-12-02 18:03 - 00309128 _____ () C:\Program Files\shopperz\creed32.dll
2014-11-11 10:46 - 2014-11-11 10:46 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-12-11 18:51 - 2013-12-11 18:51 - 16242056 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\Users\Kelmendi\Downloads\Bewerbung für ein Schülerpraktikum-Diellza Kelmendi.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3793236011-1497448259-2661613126-500 - Administrator - Disabled)
Besa (S-1-5-21-3793236011-1497448259-2661613126-1001 - Limited - Enabled) => C:\Users\Besa
Guest (S-1-5-21-3793236011-1497448259-2661613126-501 - Limited - Disabled)
Kelmendi (S-1-5-21-3793236011-1497448259-2661613126-1000 - Administrator - Enabled) => C:\Users\Kelmendi

==================== Faulty Device Manager Devices =============

Name: avipbb
Description: avipbb
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: avipbb
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: avkmgr
Description: avkmgr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: avkmgr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: avnetflt
Description: avnetflt
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: avnetflt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/09/2014 11:39:28 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -583.

Error: (12/09/2014 11:39:28 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -583.

Error: (12/09/2014 11:39:28 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -583.

Error: (12/09/2014 11:39:28 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -583.

Error: (12/09/2014 11:39:28 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -583.

Error: (12/09/2014 11:39:28 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -583.

Error: (12/09/2014 11:39:28 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -583.

Error: (12/09/2014 11:39:28 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -583.

Error: (12/09/2014 11:39:28 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -583.

Error: (12/09/2014 11:39:28 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -583.


System errors:
=============
Error: (12/09/2014 11:22:04 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 7 Mal passiert.

Error: (12/09/2014 11:22:04 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147217025.

Error: (12/09/2014 11:21:42 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 6 Mal passiert.

Error: (12/09/2014 11:21:42 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147217025.

Error: (12/09/2014 11:20:07 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 5 Mal passiert.

Error: (12/09/2014 11:20:07 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147217025.

Error: (12/09/2014 11:18:47 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Der Dienst "Windows Search" wurde nicht richtig gestartet.

Error: (12/09/2014 11:16:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update Service (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (12/09/2014 11:16:08 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update Service (gupdate) erreicht.

Error: (12/09/2014 11:15:36 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 4 Mal passiert.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-04-24 15:11:28.294
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-04-24 15:11:28.294
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-02 19:04:40.841
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-02 19:04:40.837
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-02 19:04:36.369
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-02 19:04:36.365
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-02 19:03:43.795
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-02 19:03:43.787
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-02 18:12:42.108
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-02 18:12:42.100
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Percentage of memory in use: 65%
Total physical RAM: 4086.77 MB
Available physical RAM: 1429.64 MB
Total Pagefile: 8171.7 MB
Available Pagefile: 5326.48 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:220.5 GB) (Free:56.43 GB) NTFS
Drive d: (DATA) (Fixed) (Total:221.16 GB) (Free:221.02 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2BBDCA29)
Partition 1: (Not Active) - (Size=20.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=3.5 GB) - (Type=12)
Partition 3: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=441.7 GB) - (Type=OF Extended)

==================== End Of Log ============================

deeprybka · 09.12.2014, 13:51

Hi, so geht's weiter...

Einfach in Ruhe Schritt für Schritt abarbeiten. Wenn es Probleme gibt oder etwas unklar ist, einfach fragen.

Schritt 1

Bitte deinstalliere folgende Programme:

Ask Toolbar
Browsers Apps
Delta Chrome Toolbar
Delta toolbar
Happy Lyrics
Iminent
Plus-HD-1.8
Remote Desktop Access
videos MediaPlay-Air
webssearches uninstall
WindowsMangerProtect20.0.0.502
Yontoo 2.051

Versuche es bei Windows 7

zunächst über Systemsteuerung/Programme deinstallieren.

Sollte das nicht gehen, lade Dir bitte Revo Uninstaller

hier herunter. Entpacke die zip-Datei auf den Desktop. Anleitung

Starte die Revouninstaller.exe
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den oben angegebenen Programmen und wähle sie einzeln aus.
Klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
Reste löschen:
Klicke auf dann auf und dann auf .

Wenn Du ein Programm nicht deinstallieren kannst, mach mit dem nächsten weiter.
Auch wenn am Ende noch Programme übrig geblieben sind, führe den nächsten Schritt aus:

Schritt 2
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3

Download
Installiere das Programm in den vorgegebenen Pfad.
Starte Malwarebytes' Anti-Malware (MBAM).
Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
Unter Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
Klicke im Anschluss auf "Suchlauf", wähle den Bedrohungssuchlauf aus, aktualisiere die Datenbanken und klicke auf "Suchlauf jetzt starten".
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. (geht so...)
Poste mir den Inhalt der Logdatei (geht so...). Klicke dazu auf Verlauf und dann auf Anwendungsprotokolle.
Wähle das neueste Suchlauf-Protokoll aus und klicke auf Ansicht. Klicke auf "In Zwischenablage kopieren" poste mir den Inhalt in Code-Tags als Antwort in den Thread.

Schritt 4
Download von

ZOEK (by Smeenk)

Speichere die zoek.exe auf dem Desktop.
Bitte deaktiviere während der Verwendung von Zoek Deinen Virenscanner, da dieser Zoek stören könnte.
Starte die zoek.exe mit einem Doppelklick und warte bis die Programmoberfläche erscheint (ca. 30 Sekunden)

Kopiere den Text der folgenden Box in das Skriptfenster von Zoek:

Code:

ATTFilter

autoclean;
iedefaults;
FFdefaults;
emptyclsid;
process;
services-list;
systemspecs;
startupall;
filesrcm;

Nun klicke auf "Run script" und sei geduldig bis das Skript durchgelaufen ist.
Wenn das Tool fertig ist, wird sich eine Logdatei öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter C:\
Bitte poste mir das zoek-results.log.

Schritt 5

Bitte starte FRST erneut, markiere auch die checkbox

und drücke auf Scan.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

flora27 · 09.12.2014, 16:42

Also, Schritt 1 und 2 sind ausgeführt, hier schon mal das zum AdwCleaner, mache auch direkt weiter mit Schritt 3

Code:

ATTFilter

# AdwCleaner v4.105 - Bericht erstellt am 09/12/2014 um 14:56:08
# Aktualisiert 08/12/2014 von Xplode
# Database : 2014-12-08.2 [Live]
# Betriebssystem : Windows 7 Home Premium  (64 bits)
# Benutzername : Kelmendi - KELMENDI-PC
# Gestartet von : C:\Users\Kelmendi\Desktop\AdwCleaner_4.105.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : APNMCP
[#] Dienst Gelöscht : globalUpdate
[#] Dienst Gelöscht : globalUpdatem
Dienst Gelöscht : SProtection
[#] Dienst Gelöscht : WajamUpdater
[#] Dienst Gelöscht : Yontoo Desktop Updater
Dienst Gelöscht : rcores
Dienst Gelöscht : shopperz Updater

***** [ Dateien / Ordner ] *****

[!] Ordner Gelöscht : C:\ProgramData\apn
[!] Ordner Gelöscht : C:\ProgramData\AskPartnerNetwork
[!] Ordner Gelöscht : C:\ProgramData\Babylon
[!] Ordner Gelöscht : C:\ProgramData\BrowserProtect
[!] Ordner Gelöscht : C:\ProgramData\IBUpdaterService
[!] Ordner Gelöscht : C:\ProgramData\Partner
[!] Ordner Gelöscht : C:\ProgramData\Tarma Installer
[!] Ordner Gelöscht : C:\ProgramData\ytd video downloader
[!] Ordner Gelöscht : C:\ProgramData\ZombieInvasion
[!] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip
[!] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pro PC Cleaner
[!] Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
[!] Ordner Gelöscht : C:\Program Files (x86)\AskPartnerNetwork
[!] Ordner Gelöscht : C:\Program Files (x86)\BabylonToolbar
[!] Ordner Gelöscht : C:\Program Files (x86)\Bench
[!] Ordner Gelöscht : C:\Program Files (x86)\BonanzaDeals
[!] Ordner Gelöscht : C:\Program Files (x86)\Browse Safe
[!] Ordner Gelöscht : C:\Program Files (x86)\Delta
[!] Ordner Gelöscht : C:\Program Files (x86)\DVDVideoSoftTB
[!] Ordner Gelöscht : C:\Program Files (x86)\DVDVideoSoftTB_DE
[!] Ordner Gelöscht : C:\Program Files (x86)\Easy Speed Check
[!] Ordner Gelöscht : C:\Program Files (x86)\globalUpdate
[!] Ordner Gelöscht : C:\Program Files (x86)\GreenTree Applications
[!] Ordner Gelöscht : C:\Program Files (x86)\HappyLyrics
[!] Ordner Gelöscht : C:\Program Files (x86)\Minibar
[!] Ordner Gelöscht : C:\Program Files (x86)\Mobogenie
[!] Ordner Gelöscht : C:\Program Files (x86)\predm
[!] Ordner Gelöscht : C:\Program Files (x86)\Probit Software
[!] Ordner Gelöscht : C:\Program Files (x86)\Yontoo
[!] Ordner Gelöscht : C:\Program Files (x86)\YTD Toolbar
[!] Ordner Gelöscht : C:\Program Files (x86)\Pro PC Cleaner
[!] Ordner Gelöscht : C:\Program Files (x86)\Desktop Dock
[!] Ordner Gelöscht : C:\Program Files (x86)\Common Files\Spigot
[!] Ordner Gelöscht : C:\Program Files (x86)\Common Files\Umbrella
[!] Ordner Gelöscht : C:\Windows\SysWOW64\SearchProtect
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Local\Temp\apn
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Local\Temp\AskSearch
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Local\Temp\Iminent
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Local\Temp\mt_ffx
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Local\Temp\Smartbar
[!] Ordner Gelöscht : C:\Program Files\shopperz
[!] Ordner Gelöscht : C:\Users\Besa\AppData\Local\SearchProtect
[!] Ordner Gelöscht : C:\Users\Kelmendi\Qtrax
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Local\Babylon
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Local\BenchUpdater
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Local\Browse Safe
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Local\genienext
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Local\globalUpdate
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Local\lollipop
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Local\Minibar
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Local\Mobogenie
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Local\Slick Savings
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Local\DesktopDock
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\LocalLow\BabylonToolbar
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\LocalLow\Conduit
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\LocalLow\Delta
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\LocalLow\DVDVideoSoftTB
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\LocalLow\DVDVideoSoftTB_DE
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\LocalLow\Funmoods
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\LocalLow\Minibar
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\LocalLow\PriceGong
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\LocalLow\Search Settings
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Babylon
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\BabylonToolbar
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\DealPly
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\DSite
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\dvdvideosoftiehelpers
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\eType
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Funmoods
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Mipony Download Manager Packages
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\newnext.me
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\OpenCandy
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\PerformerSoft
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Probit Software
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Slick Savings
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Systweak
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Uniblue
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Uniblue\SpeedUpMyPC
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\UpdaterEX
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Yontoo
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Pro PC Cleaner
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Desktop Dock
[!] Ordner Gelöscht : C:\Users\Kelmendi\Documents\AGI
[!] Ordner Gelöscht : C:\Users\Kelmendi\Documents\Mobogenie
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\{97A78363-B868-4B48-AC91-A783A31215AF}
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}.xpi
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\faststartff@gmail.com
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\ffxtlbr@babylon.com
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\ffxtlbr@delta.com
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\ffxtlbr@funmoods.com
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\firefoxmini@go.im.xpi
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\plugin@yontoo.com
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\savingsslider@mybrowserbar.com.xpi
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ealchnonpofjocgofjpopjdoegbbkofj
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffhfoagmjcnkolneahbpagjcjjaeofbg
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\iklgpchfbohgmghgfagediakopecfmbm
[!] Ordner Gelöscht : C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\kcbanjcfnoiefihobdmmjmaljifgnkhh
Datei Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi
Datei Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\{ACAA314B-EEBA-48E4-AD47-84E31C44796C}.xpi
Datei Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\{f9d03c26-0575-497e-821d-f7956d23e0ca}.xpi
Datei Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\firefoxmini@go.im.xpi
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Public\Desktop\eBay.lnk
Datei Gelöscht : C:\Windows\rcore.exe
Datei Gelöscht : C:\Users\Kelmendi\AppData\Local\Temp\Uninstall.exe
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Users\Besa\Desktop\NewPlayer.lnk
Datei Gelöscht : C:\Users\Kelmendi\daemonprocess.txt
Datei Gelöscht : C:\Users\Kelmendi\AppData\Local\funmoods.crx
Datei Gelöscht : C:\Users\Kelmendi\AppData\Local\funmoods-speeddial.crx
Datei Gelöscht : C:\Users\Kelmendi\Desktop\Continue Live Installation.lnk
Datei Gelöscht : C:\Users\Kelmendi\Desktop\NewPlayer.lnk
Datei Gelöscht : C:\Users\Kelmendi\Desktop\Live PC Help.lnk
Datei Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\bprotector_prefs.js
Datei Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\searchplugins\ask-search.xml
Datei Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\searchplugins\Babylon.xml
Datei Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\searchplugins\bingp.xml
Datei Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\searchplugins\BrowserProtect.xml
Datei Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\searchplugins\delta.xml
Datei Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\searchplugins\dvdvideosofttb-customized-web-search.xml
Datei Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\searchplugins\funmoods.xml
Datei Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\searchplugins\safesearch.xml
Datei Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\searchplugins\search.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\StartWeb.xml
Datei Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\searchplugins\trovi-search.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\webssearches.xml
Datei Gelöscht : C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\user.js
Datei Gelöscht : C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx
Datei Gelöscht : C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage
Datei Gelöscht : C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cjpglkicenollcignonpgiafdgfeehoj_0.localstorage
Datei Gelöscht : C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
Datei Gelöscht : C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Datei Gelöscht : C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
Datei Gelöscht : C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal

***** [ Tasks ] *****

Task Gelöscht : BrowserProtect
Task Gelöscht : Dealply
Task Gelöscht : DSite
Task Gelöscht : Funmoods
Task Gelöscht : globalUpdateUpdateTaskMachineCore
Task Gelöscht : globalUpdateUpdateTaskMachineUA
Task Gelöscht : UpdaterEX
Task Gelöscht : 42d3747b-dde9-4d69-a6d3-74eb8d2a0178-6
Task Gelöscht : 97a3be2d-8a0e-4403-9ef9-369c868d44d6
Task Gelöscht : 99fc5ea7-ad1b-4dec-b731-ed32acd72e5d

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\Users\Kelmendi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk

***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [{5a95a9e0-59dd-4314-bd84-4d18ca83a0e2}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Wert Gelöscht : HKCU\Software\Mozilla\Firefox\Extensions [happylyrics@hpyproductions.net]
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [webbooster@iminent.com]
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ealchnonpofjocgofjpopjdoegbbkofj
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Schlüssel Gelöscht : HKCU\Software\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.old.Start Page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NextLive]
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [PC Speed Maximizer]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\Iminent.WebBooster.InternetExplorer.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.funmoodsESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\f
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\funmoods.dskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\funmoods.dskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\funmoods.funmoodsHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\funmoodsApp.appCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\funmoodsApp.appCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\com.bench.nmhost
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs [bProtectTabs]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Bench Communicator Watcher]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Bench Settings Cleaner]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Iminent]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [IminentMessenger]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gelöscht : HKCU\Software\5a48dd9b668ec48
Schlüssel Gelöscht : HKLM\SOFTWARE\5a48dd9b668ec48
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0032540.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0032540.BHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0061787.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0061787.BHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2269050
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2625848
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2B47855E-B429-4DF6-8293-E1DBF2381A07}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8E56A02B-46FE-4490-B169-F16E5231533B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{965B9DBE-B104-44AC-950A-8A5F97AFF439}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A9DB719C-7156-415E-B49D-BAD039DE4F13}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F03FD9D0-4F2B-497C-8A71-DD41D70B07D9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{457EF9F0-0A7C-4302-B47B-C207A8DE8598}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6A83313B-E6B5-4F18-B49D-15EBE176A8B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E4C3E50F-5761-4BF8-95A0-939A819DF1C3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{134B8A85-6292-4010-9FB0-D2D7B3768B9D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1D085C0A-E4F4-4F66-BDBF-4BE51015BFC3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9AE7A6AE-162E-44C4-9A2B-A6B4EF19909D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E56A02B-46FE-4490-B169-F16E5231533B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000000-6E41-4FD3-8538-502F5495E5FC}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E56A02B-46FE-4490-B169-F16E5231533B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F443A627-5009-4323-9C1D-7FD598D0D712}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{457EF9F0-0A7C-4302-B47B-C207A8DE8598}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{75EBB0AA-4214-4CB4-90EC-E3E07ECD04F7}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E56A02B-46FE-4490-B169-F16E5231533B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EA582743-9076-4178-9AA6-7393FDF4D5CE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF7BD87A-8024-11E2-F316-F3E56188709B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F443A627-5009-4323-9C1D-7FD598D0D712}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{457EF9F0-0A7C-4302-B47B-C207A8DE8598}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{A4C272EC-ED9E-4ACE-A6F2-9558C7F29EF3}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}]
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{2B47855E-B429-4DF6-8293-E1DBF2381A07}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{5C176BA0-6FC0-4EBD-8ACF-24AC592506B6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{8E56A02B-46FE-4490-B169-F16E5231533B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0D80F1C5-D17B-4177-AC68-955F3EF9F191}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{23C70BCA-6E23-4A65-AD2E-1389062074F1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{23D8EEF7-0E13-4000-B9C4-6603C1E912D1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{295CACB4-51F5-46FD-914E-C72BAAE1B672}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2CE5C4B9-6DBE-4528-96FA-C9FF38EF1762}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{34C1FDF7-02C1-4F23-B393-F48B16E071D1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{54291324-7A3D-4F11-B707-3FB6A2C97BD9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{59C63F11-D4E5-46E7-9B8A-EE158DCA83A8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{5DA22CBD-0029-4A09-B757-CF0FAFC488ED}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6A83313B-E6B5-4F18-B49D-15EBE176A8B1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{77A6E7D4-4A83-4A9B-A2A0-EF3B125DC29D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C0585B2F-74D7-4734-88DE-6C150C5D4036}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{CA17D76B-F91D-4659-A7FD-A9F7ED375CDD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D8242E89-2F81-484A-AE5B-BA8CAD5B7347}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{EF0588D6-1621-4A75-B8BE-F4BC34794136}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E4C3E50F-5761-4BF8-95A0-939A819DF1C3}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E56A02B-46FE-4490-B169-F16E5231533B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A09AB6EB-31B5-454C-97EC-9B294D92EE2A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}]
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1DD0E6CF-FD26-EEB0-13E7-1E49C4E5E845}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3537899B-B3D3-BCF9-BFA2-27EFE229B339}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{5F695625-3816-4613-BA0D-9406B7D743DD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Schlüssel Gelöscht : HKCU\Software\Alexa Internet
Schlüssel Gelöscht : HKCU\Software\AskPartnerNetwork
Schlüssel Gelöscht : HKCU\Software\BABSOLUTION
Schlüssel Gelöscht : HKCU\Software\BabylonToolbar
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\DataMngr
[#] Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\delta LTD
Schlüssel Gelöscht : HKCU\Software\distromatic
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\FreeSoftToday
Schlüssel Gelöscht : HKCU\Software\Funmoods
Schlüssel Gelöscht : HKCU\Software\GlobalUpdate
Schlüssel Gelöscht : HKCU\Software\IGearSettings
Schlüssel Gelöscht : HKCU\Software\Iminent
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions
Schlüssel Gelöscht : HKCU\Software\lollipop
Schlüssel Gelöscht : HKCU\Software\Proxy
Schlüssel Gelöscht : HKCU\Software\SearchProtectINT
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\SupHpUISoft
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\TutoTag
Schlüssel Gelöscht : HKCU\Software\UpdaterEX
Schlüssel Gelöscht : HKCU\Software\Easy Speed Check
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Toolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Browsers Apps
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\DynConIE
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\HappyLyrics
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKLM\SOFTWARE\AdvertisingSupport
Schlüssel Gelöscht : HKLM\SOFTWARE\AskPartnerNetwork
Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Bench
Schlüssel Gelöscht : HKLM\SOFTWARE\BonanzaDealsLive
Schlüssel Gelöscht : HKLM\SOFTWARE\Browse Safe
Schlüssel Gelöscht : HKLM\SOFTWARE\Conduit
Schlüssel Gelöscht : HKLM\SOFTWARE\DataMngr
Schlüssel Gelöscht : HKLM\SOFTWARE\DVDVideoSoftTB
Schlüssel Gelöscht : HKLM\SOFTWARE\FreeSoftToday
Schlüssel Gelöscht : HKLM\SOFTWARE\Funmoods
Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate
Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : HKLM\SOFTWARE\Proxy
Schlüssel Gelöscht : HKLM\SOFTWARE\SupDp
Schlüssel Gelöscht : HKLM\SOFTWARE\supWindowsMangerProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Tutorials
Schlüssel Gelöscht : HKLM\SOFTWARE\Umbrella
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\webssearchesSoftware
Schlüssel Gelöscht : HKLM\SOFTWARE\shopperz
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Amazon Browser Settings
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\38985_Browse Safe
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Iminent
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Tarma Installer
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\shopperz
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0702826FCAC36EE52AC0441EEEEE2170
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1198E28F40C3E185E9958608554D4253
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\14C66209FCA938858B9729645C666684
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15A073601B9AEC3549BE4A9314794615
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F7C80F9CE5CDF44E9AADDC99402534C
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\206AF45B775E3A445B3B2273827DA85F
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\225C3CBCEB850204D860A6C7CC7724AF
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2310FC151CD4F185798FA0996B3524D7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\28572D2E2DE533256AC6B560EA573C22
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29C79786B109AC443B0DC7BFD61B1896
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2ABB56EABB920EB59B04BDDD26A62083
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2DABA02DFED47E352A2FA2EBDD6F6187
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\311567B4A9A002050BB9423FD73FB880
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\373FCED70D7F84E5FB5F3F7B76BEE024
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3BE992C130B235E53A2937391FDCA35B
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3DA5F64B3483DE549947A9164ACBAD21
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3ED93605BB9B6635E9D0D86615AF31F1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4759B017032BA185F9BA6F7DBC95A2D4
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4A78ABCBB54E46E5482A3EE0AD66C39E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4F9E947B6B895EB5A86757FC5D3DB862
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4FEEA83BF72B97E43A2DF0EE4BE4F261
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\509EC7EFB89B7D942997574AB14037A4
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50A730A9A3A61BF5BA70CA8A3B7C133B
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\51A95A1D4CDE4F958A9451FBB39BF54A
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\536133807DE80465BA6CD0A9742B7DE5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5E25036E68895D45B95E72D1C3C58C74
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60ECC80C54085B141A40437A96CA2618
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\60FD8CD5BE007315CA3B5C7E41F24017
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\618E7D05458C4F257909ED9C8CDC0D66
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\621C21014D3C152529E2460FA6304EE3
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6241FF6F317CABD4EBBEE0DE9076BD94
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\636B9C23C79154B57AB561F39A139BFD
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\65AAF0F0CB7F0B45F900FDF19CEAAF2B
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6879A5E348601C45986308CA84958E94
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6A6F3B7A9805E1F5492A1020EEDF2341
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6B1F5D204E4EEB342A5AD1D7E60D61BF
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7005A2A4DCF9DD7548137AB17E3A3AF3
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\712EAF07EE73CC65C822CC3BAE3B2483
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75FF6D97AF9FC004A9521D4B83FA6321
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7947B301B2446E752A3FE06EAD7D26B5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7987CE52D13E16258B0E1E3DB1BB0974
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7BEED197C514FDA53901AE8DD8EF0891
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DFDCF03D46C34159BDE29FBDBF1ACF5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\87EC9ACEAFE8ECD52A529663CD35213F
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\890F436B85B790A55A582B7307DA12CE
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8C13DA6755F685B529615C8E92B3CA39
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8D07CD9CB3E6BE652872BF06A1CCA782
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\90841B1FC98200349925C88999866F17
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\94194FDD4DF523E53A888D65722A135D
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\95266D07D008D2E4E9B6F8E0DD15432A
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A4223BBC9438CAD49BBE10B4E344B1DD
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A72F23B1D745C27508518132197BC982
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A89E2B6FB14D8275DA63D075171DA184
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A9C43CD4001E9E4518B274AF9A0EFDA9
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AABA081CF7F19915FBB80B3BAF47CE63
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AC2A0FFD0A1686D53A4E24D6E96949E4
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AE5BDB2750259915D8442D4591A7717B
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B1A79C71D5DC1C150B76B6ED11195DFC
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B6D497DB33974935488761F7C4C3D755
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B752EF3300008394886C402CC27B474F
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B8C8BCC1206978D51A8B9EECBF806C53
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAD3576CEA646895B962F94754612791
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BB4091512C8F4295E99CE2D061ED2020
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BEE6BBC9A31531F598794A62120B51C7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C19162788CA4D235E829F88E2F771567
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C71F07DA356B66B5484A8E7F2ADEB7DC
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C96AD15EE8E887B56BAF2136A9088503
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C9E6B66ECC49D155888399C51D05C49E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CA360F24F0B214744BE40657FDA0B727
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB13D869D7D092348847B7481BB59E27
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE85F265816AE2D4E9B73C3E207E679C
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5389AEEA4A1E20428D045E86BCF643B
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D5B62BB7BC607FB539585E2B7B6AFD16
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB027F01D4D53765C8E4FBE7DB77E07E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DC2EB492393411F5ABE8ED13C59FBF20
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDA2534BD056D1F44B6EC96AAA7F1F6E
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDCA763D4C48A105086B4CCCEE78043F
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DEF7558C7CD27EF46AF802AFBE402675
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E05B987540A9E2849AAF9E5B06C27DA8
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E09F4A6B9D2A08B599AE9E38BFC93CD6
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E27B6535D0D94A24E91047C7D86F27BC
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E45D171E075A5425CBACF6631A45FA39
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E513C2076D90AD04F888BD762143F191
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E8F4C985459564F5B8DCFF2B3C7EBD27
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E96E33222BAC06B57A1FA9D72951C945
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EAA46CE9007F70A5CAFA5F26E5DDEBE5
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EE43FF091A8714A599F33EF2533FB59A
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EE790015CF30DAA569960905FF1651A0
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EEB44C47185BD304D80FDF5A4BBE8F54
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F214EB834D2EC474CA76C1CDE306CF3A
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F25491036D0FA5D5FA6742F5742F151A
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F2E0D3DD9E5E4B74CA43BCE77815E287
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F4D1BA8B482D9734E943EE260A7ADEF2
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F6704141BAAF6884785EC6843143D6A7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7507D4D4C310125E9A22BD909A41FB6
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F79C21D785419125595AC59458A6142D
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA15C90F092A60F53A4E0F88CED02968
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA1CF130B3D58B553833ACB6BE8AFAD4
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB0F1A18E4F0DBD509A42F4D4C05C02A
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FD17ED194F1C2B457B4F6EF4AE8DEAF3
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F1057DD419AED0B468AD8888429E139A
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\delta-search.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\icq.com
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\iminent.com

***** [ Browser ] *****

-\\ Internet Explorer v8.0.7600.16385

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Backup.Old.Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v34.0.5 (x86 en-US)

[i03dpvd7.default\prefs.js] - Zeile gelöscht : user_pref("iminent.enableToolbar", "true");
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://start.iminent.com/?appid=bcac6b2f-343d-4868-845b-5d254772e88c");
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.ORJ-V7.domain", "\"www.search.ask.com\"");
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.ORJ-V7.newTabSearchURL", "\"hxxp://www.search.ask.com/web?o=APN10446&p2=%5EAKB%5EOSJ000%5EYY%5EDE&tpid=ORJ-V7&gct=tab&apn_uid=A626164D-5CC7-48AA-BE52-0FB93AFF2B83&apn_ptnrs=AKB&a[...]
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.ORJ-V7.searchURL", "\"hxxp://www.search.ask.com/web?o=APN10446&p2=%5EAKB%5EOSJ000%5EYY%5EDE&tpid=ORJ-V7&gct=bar&apn_uid=A626164D-5CC7-48AA-BE52-0FB93AFF2B83&apn_ptnrs=AKB&apn_dti[...]
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.a5c8764929678437cbd90994a5a82ac863d978ade40948f4c7f15bb3c4com61799.61799.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.co.uk%22[...]
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.a5c8764929678437cbd90994a5a82ac863d978ade40948f4c7f15bb3c4com61799.61799.internaldb.__ICM_LITE__fifty_test_rules.value", "%7B%22BR%22%3A%7B%22ALL%22%3A%5B%22tam.com.br%22%2C%22go[...]
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.a5c8764929678437cbd90994a5a82ac863d978ade40948f4c7f15bb3c4com61799.61799.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.co[...]
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.af60c9edf34214e3083305533344b756bgmailcom62454.62454.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22deal[...]
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.ahermanthorne45outlookcom61787.61787.internaldb.__ICM_LITE__blacklist_domain.value", "%7B%22SLIDERS%22%3A%5B%226pm.com%22%2C%22amazon.co.uk%22%2C%22amazon.com%22%2C%22anthropolog[...]
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.ahermanthorne45outlookcom61787.61787.internaldb.__ICM_LITE__fifty_test_rules.value", "%7B%22BR%22%3A%7B%22ALL%22%3A%5B%22tam.com.br%22%2C%22gol.com.br%22%2C%22walmart.com.br%22%2[...]
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.ahermanthorne45outlookcom61787.61787.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssfiles.com%22%5D%7D%2C%22dealply_p%22%3A%7B%2[...]
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.crossrider.bic", "1494c502253e9d01842ad9282ab0bf41");
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.enabledAddons", "ffxtlbr%40babylon.com:1.5.0,ffxtlbr%40delta.com:1.5.0,ffxtlbr%40funmoods.com:1.5.1,firefox%40facebook.com:1.8.2,plugin%40yontoo.com:1.20.02,%7B97A78363-B868-4B48[...]
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.quick_start.enable_search1", false);
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.wajam.affiliate_id", "6447");
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.wajam.firstrun", "false");
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.wajam.log_send_info", "false");
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21099\",\"update_interval\":61,\"base_url\":\"hxxp:\\/\\/www.wajam.com\\/\",\"supported_sites\":{\"google\":{\"main_pattern\":\".*[...]
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.wajam.no_trace", "false");
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.wajam.server_current_mapping_version", "0.21099");
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.wajam.trace_log", "");
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.wajam.unique_id", "00FC0FB169B694CA26BA175390C3829F");
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.wajam.user_current_mapping_version", "0");
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("extensions.wajam.version", "1.26");
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("iminent.LayoutId", "1");
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("iminent.ShowThankyouPixel", "0");
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("iminent._oaZGabJJ8Q_", "{\"cpt\":0,\"cpr\":0,\"s\":0,\"es\":1}");
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("iminent.adapters", "{\"www.facebook.com\":{\"CountryCode\":\"DE\",\"NoAds\":false,\"Status\":1,\"AdapterKey\":\"facebook\",\"v\":true,\"p\":0,\"t\":1,\"th\":1.1,\"expireTime\":\"14143245740[...]
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("iminent.enableToolbar", "false");
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("iminent.externalScripts", "{\"value\":[{\"addonUid\":\"b7110a40-a16f-4a12-a411-bd0b6014905a\",\"name\":\"Superfish\",\"addonId\":2,\"url\":\"//www.superfish.com/ws/sf_main.jsp\",\"urlhxxps\[...]
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("iminent.registerToolbarEvent101", "1417509447102");
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("iminent.registerToolbarEvent102", "1418132684901");
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("iminent.registerToolbarEvent109", "1417509944575");
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("iminent.registerToolbarEvent110", "1415296740533");
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("iminent.registerToolbarEvent111", "1417509943656");
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("iminent.registerToolbarEvent112", "1417509972963");
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("iminent.registerToolbarEvent122", "1417509944698");
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("iminent.registerToolbarEvent140", "1417956078505");
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("iminent.trackingInfo", "{\"state\":0,\"samplingRate\":0}");
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("iminent.version", "8.45.2.1");
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("iminent.versioning", "{\"CurrentVersion\":\"8.45.2.1\",\"InstallEventCTime\":1418130433253,\"InstallEvent\":\"True\"}");
[m9rivr4j.default\prefs.js] - Zeile gelöscht : user_pref("{C74AB308-BA97-42f6-BB20-00E0868F52FB}.ScriptData_whiteListSearch", "{\"isearch.babylon.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"home.mywebsearch.com\":\"se[...]

-\\ Google Chrome v

[C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
[C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2269050
[C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://searchfunmoods.com/results.php?f=4&q={searchTerms}&a=AgnUpd&cd=2XzuyEtN2Y1L1QzutDtDtByE0DyCtCtCtCtAyEtDtB0DtDzytN0D0Tzu0CyEyEtBtN1L2XzutN1L1Czu&cr=1559183977&ir=
[C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://start.funmoods.com/results.php?f=4&q={searchTerms}&a=dpg&chnl=&cd=2XzuyEtN2Y1L1QzutDtDtByCtBtByC0AtAyD0B0DtB0DtDzytN0D0Tzu0CtByCyDtN1L2XzutBtFtCtFtDtFtAtDtC&cr=1608902655
[C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=ffc44216-f748-4f7d-a504-d60c4cfdcccf&apn_sauid=BE7BC93B-EBFC-421C-A8F7-746AE72FE4AC
[C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=ffc44216-f748-4f7d-a504-d60c4cfdcccf&apn_sauid=BE7BC93B-EBFC-421C-A8F7-746AE72FE4AC
[C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.holasearch.com/?q={searchTerms}&affID=121962&tt=gc_&babsrc=SP_ss&mntrId=12C00024D6111340
[C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxps://isearch.avg.com/search?cid={50F10FEB-5200-4BC8-BED9-CEA29FCC5FB0}&mid=16143c11f81647d09445d16f648edc4e-21862d1207fe91458b8cb4f98465be6d0bf00bbc&lang=de&ds=AVG&pr=pr&d=2012-07-04%2021:13:18&v=12.2.5.32&sap=dsp&q={searchTerms}
[C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3323878&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPBCCAEB20-7C5C-4C63-A335-3DC2580E28BB&q={searchTerms}&SSPV=
[C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://search.conduit.com/Results.aspx?ctid=CT3323878&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=2&UP=SPBCCAEB20-7C5C-4C63-A335-3DC2580E28BB&q={searchTerms}&SSPV=
[C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1407266113&from=tugs&uid=WDCXWD5000BPVT-22A1YT0_WD-WXK1CB1T9074T9074&q={searchTerms}
[C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1407266113&from=tugs&uid=WDCXWD5000BPVT-22A1YT0_WD-WXK1CB1T9074T9074&q={searchTerms}
[C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://start.iminent.com/?appId=BCAC6B2F-343D-4868-845B-5D254772E88C&ref=toolbox&q={searchTerms}

*************************

AdwCleaner[R0].txt - [78462 octets] - [09/12/2014 14:49:37]
AdwCleaner[S0].txt - [73867 octets] - [09/12/2014 14:56:08]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [73928 octets] ##########

Schritt 3, jedoch aufgesplittet, weil es sonst zu groß ist:

Code:

ATTFilter

 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 09.12.2014
Suchlauf-Zeit: 15:10:56
Logdatei: 
Administrator: Ja

Version: 2.00.4.1028
Malware Datenbank: v2014.12.09.05
Rootkit Datenbank: v2014.12.08.03
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7
CPU: x64
Dateisystem: NTFS
Benutzer: Kelmendi

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 388438
Verstrichene Zeit: 1 Std, 10 Min, 26 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 21
PUP.Optional.Iminent.A, HKU\S-1-5-21-3793236011-1497448259-2661613126-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BFFED5CA-8BDF-47CC-AED0-23F4E6D77732}, In Quarantäne, [ab1c5010671587af59493892dd253ec2], 
PUP.Optional.DVDVideoSoftTB.A, HKLM\SOFTWARE\WOW6432NODE\DVDVideoSoftTB_DE, In Quarantäne, [d6f1b5abb8c480b6665d8cc8a1629e62], 
PUP.Optional.BrowsersApp.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Browsers Apps, In Quarantäne, [3c8bcf91215bb3836a5fadb282811de3], 
PUP.Optional.MediaPlayer.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\videos MediaPlay-Air, In Quarantäne, [54734b15a8d40a2cf8af873925df19e7], 
PUP.Optional.DesktopDockApp.A, HKU\S-1-5-21-3793236011-1497448259-2661613126-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DesktopDockApp, In Quarantäne, [5e69293786f694a2e234301a57acef11], 
PUP.Optional.FunMoods.A, HKU\S-1-5-21-3793236011-1497448259-2661613126-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\funmoodsToolbar, In Quarantäne, [6265154b3b418bab520caafb3fc5ec14], 
PUP.Optional.DVDVideoSoftTB.A, HKU\S-1-5-21-3793236011-1497448259-2661613126-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\DVDVideoSoftTB_DE, In Quarantäne, [3790c8981f5d55e19134df759d6613ed], 
PUP.Optional.MediaPlayer.A, HKU\S-1-5-21-3793236011-1497448259-2661613126-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\videos MediaPlay-Air, In Quarantäne, [eadda4bc2a52e254ccdb9a263bc9847c], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-3793236011-1497448259-2661613126-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOWREGISTRY\Iminent, In Quarantäne, [992eb6aa196370c62c4e6f07768d9f61], 
PUP.Optional.Iminent.A, HKU\S-1-5-21-3793236011-1497448259-2661613126-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Iminent, In Quarantäne, [d0f7de82621a989e562ef9927f8424dc], 
PUP.Optional.AmazonTB.A, HKU\S-1-5-21-3793236011-1497448259-2661613126-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ALEXA INTERNET\ALEXA9\Amazon, In Quarantäne, [09be5709ea929c9a8aa23473986c2cd4], 
PUP.Optional.BrowsersApp.A, HKU\S-1-5-21-3793236011-1497448259-2661613126-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Browsers Apps, In Quarantäne, [b710a1bf3a4287af6d5ce67924df3bc5], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3793236011-1497448259-2661613126-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, In Quarantäne, [487ffe62413b90a6b72e3a7ac73d39c7], 
PUP.Optional.PlusHD.A, HKU\S-1-5-21-3793236011-1497448259-2661613126-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-1.8, In Quarantäne, [15b2bfa16b11181e8789740a976c39c7], 
PUP.Optional.MediaPlayer.A, HKU\S-1-5-21-3793236011-1497448259-2661613126-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\videos MediaPlay-Air, In Quarantäne, [ae19d8886814a19514935769d52fcb35], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, In Quarantäne, [ddea1749e696bc7a2473a68bf90a5ea2], 
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\GOOGLEUPDATE.EXE, In Quarantäne, [ddea1749e696bc7a2473a68bf90a5ea2], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110611171187}, In Quarantäne, [0dbaf868512be35335cb09641ee7e31d], 
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110611171187}, In Quarantäne, [0dbaf868512be35335cb09641ee7e31d], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3793236011-1497448259-2661613126-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{11111111-1111-1111-1111-110611171187}, In Quarantäne, [0dbaf868512be35335cb09641ee7e31d], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-3793236011-1497448259-2661613126-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{11111111-1111-1111-1111-110611171187}, In Quarantäne, [0dbaf868512be35335cb09641ee7e31d], 

Registrierungswerte: 2
PUP.Optional.FirstSeenToday.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fst_de_124, In Quarantäne, [cef97ce40c700c2a533280f7ff048a76], 
PUP.Optional.FirstSeenToday.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fst_de_173, In Quarantäne, [e6e1ca964339c472c5c084f3cf34b24e], 

Registrierungsdaten: 0
(Keine schädliche Elemente erkannt)

Ordner: 55
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock, Löschen bei Neustart, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons, Löschen bei Neustart, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.AmazonTB.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\jetpack\abb@amazon.com, Löschen bei Neustart, [5a6d17497c00a1956da437e62dd62ed2], 
PUP.Optional.AmazonTB.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\jetpack\abb@amazon.com\simple-storage, In Quarantäne, [5a6d17497c00a1956da437e62dd62ed2], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps, Löschen bei Neustart, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2269050, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.324545, In Quarantäne, [ddea1749e696bc7a2473a68bf90a5ea2], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.478362, In Quarantäne, [62656df337453afc6e2943eed1325ba5], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}, Löschen bei Neustart, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\AppFramework, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\CanvasFramework, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework-ui, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\icons, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com, Löschen bei Neustart, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome, Löschen bei Neustart, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content, Löschen bei Neustart, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\defaults, Löschen bei Neustart, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\defaults\preferences, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData, Löschen bei Neustart, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\userCode, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\locale, Löschen bei Neustart, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\locale\en-US, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\skin, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com, Löschen bei Neustart, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome, Löschen bei Neustart, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content, Löschen bei Neustart, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\defaults, Löschen bei Neustart, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\defaults\preferences, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData, Löschen bei Neustart, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\userCode, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\locale, Löschen bei Neustart, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\locale\en-US, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\skin, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com, Löschen bei Neustart, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome, Löschen bei Neustart, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content, Löschen bei Neustart, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\defaults, Löschen bei Neustart, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\defaults\preferences, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData, Löschen bei Neustart, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\userCode, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\locale, Löschen bei Neustart, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\locale\en-US, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\skin, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 

Dateien: 552
PUP.Optional.BrowsersApps.A, C:\$Recycle.Bin\S-1-5-21-3793236011-1497448259-2661613126-1000\$REF9WQB.dll, In Quarantäne, [c4039cc4176564d2037a7f46926f9a66], 
PUP.Optional.CrossRider.A, C:\$Recycle.Bin\S-1-5-21-3793236011-1497448259-2661613126-1000\$RVRGJ2O.exe, In Quarantäne, [6f5875ebafcd50e656e22138907014ec], 
PUP.Optional.CrossRider, C:\$Recycle.Bin\S-1-5-21-3793236011-1497448259-2661613126-1000\$R4VL2C0.dll, In Quarantäne, [4a7d4b15bebe8babe7d16f732ad716ea], 
PUP.Optional.BrowsersApps.A, C:\$Recycle.Bin\S-1-5-21-3793236011-1497448259-2661613126-1000\$RPVRZFP.exe, In Quarantäne, [388f570999e345f1720b02c355acce32], 
PUP.Optional.WindowsProtectManger.A, C:\$Recycle.Bin\S-1-5-21-3793236011-1497448259-2661613126-1000\$RWBXLAQ\ProtectWindowsManager.exe, In Quarantäne, [4b7c530d710b7eb824f65669d1301ce4], 
PUP.Optional.MediaPlayer.A, C:\$Recycle.Bin\S-1-5-21-3793236011-1497448259-2661613126-1000\$R0IQGQ4\42d3747b-dde9-4d69-a6d3-74eb8d2a0178-6.exe, In Quarantäne, [1daa164a7a021125edb9fcaf7c856e92], 
PUP.Optional.MediaPlayer.A, C:\$Recycle.Bin\S-1-5-21-3793236011-1497448259-2661613126-1000\$R0IQGQ4\42d3747b-dde9-4d69-a6d3-74eb8d2a0178-64.exe, In Quarantäne, [596e1c449ede989e7a2cc1ea6a978977], 
PUP.Optional.CrossRider, C:\$Recycle.Bin\S-1-5-21-3793236011-1497448259-2661613126-1000\$R0IQGQ4\51b2f8a2-66aa-46fc-84f2-8f7422875450.dll, In Quarantäne, [00c7cf91d2aad165dbdddc06976ad62a], 
PUP.Optional.MediaPlayer.A, C:\$Recycle.Bin\S-1-5-21-3793236011-1497448259-2661613126-1000\$R0IQGQ4\videos MediaPlay-Air-bg.exe, In Quarantäne, [9f28e17f2854ec4ad3d36a4112eff907], 
PUP.Optional.MediaPlayer.A, C:\$Recycle.Bin\S-1-5-21-3793236011-1497448259-2661613126-1000\$R0IQGQ4\videos MediaPlay-Air-bho.dll, In Quarantäne, [80472f315a224de932745853738e966a], 
PUP.Optional.DownloadAdmin, C:\Users\Kelmendi\AppData\Local\Temp\norbbi6d.exe.part, In Quarantäne, [2c9bdb85f78571c5090a23ae34cd39c7], 
PUP.Optional.Conduit.A, C:\Users\Kelmendi\AppData\Local\Temp\verifier.exe, In Quarantäne, [22a5055bb0ccb97d8b806dd64cb46a96], 
PUP.Optional.Wajam.A, C:\Users\Kelmendi\AppData\Local\Temp\wajam_install.exe, In Quarantäne, [e6e11e42a1dbe74fe46b71d6639d0bf5], 
Trojan.RotBrowse, C:\Users\Kelmendi\AppData\Local\Temp\B97B.tmp, In Quarantäne, [82453b25ec90eb4b1c9bb384ce37da26], 
PUP.Optional.Bandoo, C:\Users\Kelmendi\AppData\Local\Temp\DFOuPEE7.exe.part, In Quarantäne, [43841a462e4ee650f78cb076c53c0cf4], 
PUP.Optional.Conduit.A, C:\Users\Kelmendi\AppData\Local\Temp\dlLogic.exe, In Quarantäne, [d4f32838443870c665a51231cb35dc24], 
PUP.Optional.Conduit.A, C:\Users\Kelmendi\AppData\Local\Temp\dltr.exe, In Quarantäne, [26a195cb6f0db68024e747fcbc442cd4], 
MSIL.Solimba, C:\Users\Kelmendi\AppData\Local\Temp\KhCptKla.exe.part, In Quarantäne, [6e59c69a44382e084a2f4aefb74a2fd1], 
PUP.Optional.SnapDo.A, C:\Users\Kelmendi\AppData\Local\Temp\Installer.msi, In Quarantäne, [93346ff1b4c8ac8a04d6237d5ea3d927], 
PUP.Optional.ShopHelper, C:\Users\Kelmendi\AppData\Local\Temp\SHelp2.exe, In Quarantäne, [1ea965fb93e9bb7ba15b5a63b052a060], 
PUP.Optional.4Shared, C:\Users\Kelmendi\AppData\Local\Temp\BigWRZeI.exe.part, In Quarantäne, [7750a9b71d5fbd79180e6c43b24fb050], 
PUP.Optional.Conduit.A, C:\Users\Kelmendi\AppData\Local\Temp\GCVerifier.dll, In Quarantäne, [26a14c14572533031feac57e6799966a], 
PUP.Optional.Delta.A, C:\Users\Kelmendi\AppData\Local\Temp\1071A232-BAB0-7891-8116-EC3742DFCD64\MyBabylonTB.exe, In Quarantäne, [9b2ce37d225a71c5be62c2cb2dd437c9], 
PUP.Optional.InstallMonetizer, C:\Users\Kelmendi\AppData\Local\Temp\nsaB250.tmp\nsManeshWeb.dll, In Quarantäne, [a720e27e413b4beb20551ca961a14fb1], 
PUP.Optional.Wajam, C:\Users\Kelmendi\AppData\Local\Temp\nsaB250.tmp\OurChecker.exe, In Quarantäne, [3f88a2beb3c9c274d46d07b343bf867a], 
PUP.Optional.BabSolution.A, C:\Users\Kelmendi\AppData\Local\Temp\busC7E0\BUSolution.dll, In Quarantäne, [e8df82de5923e94d9b962aff0ef3ce32], 
Trojan.MSIL.BVXGen, C:\Users\Kelmendi\AppData\Local\Temp\Low\stuprt.exe, In Quarantäne, [1daa293773092214c5683ea1808112ee], 
PUP.Optional.Shopperz.A, C:\Users\Kelmendi\AppData\Local\Temp\719Btmp\setspz.exe, In Quarantäne, [1daa96ca4c304aece0061bcd966bd42c], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Local\Temp\719Etmp\setup.exe, In Quarantäne, [b5123b2580fcd75f6b63b53a1ae7c937], 
PUP.Optional.InstallMonetizer, C:\Users\Kelmendi\AppData\Local\Temp\nshBB26.tmp\nsManeshWeb.dll, In Quarantäne, [15b238286b11b086e98c3e87db2752ae], 
PUP.Optional.Installcore, C:\Users\Kelmendi\AppData\Local\Temp\nshBB26.tmp\nsvmd.dll, In Quarantäne, [9532223e7efe4cea5dad60a0f111bc44], 
PUP.Optional.Wajam, C:\Users\Kelmendi\AppData\Local\Temp\nshBB26.tmp\OurChecker.exe, In Quarantäne, [cdfa88d82f4d48ee93aee5d5a260a55b], 
PUP.Optional.SearchHijacker.A, C:\Users\Kelmendi\AppData\Local\Temp\914Etmp\lly_webssearches.exe, In Quarantäne, [dfe889d78af2f73f6616c2f950b1ff01], 
PUP.Optional.BonanzaDeals.A, C:\Users\Kelmendi\AppData\Local\Temp\is1275519350\1021121_stp\bd.exe, In Quarantäne, [d0f7fc6415679c9ae4b381be9071639d], 
PUP.Optional.Babylon.A, C:\Users\Kelmendi\AppData\Local\Temp\is1590112554\DeltaTB.exe, In Quarantäne, [5671adb3760649ed417cbf6333cebc44], 
PUP.Optional.Wajam.A, C:\Users\Kelmendi\AppData\Local\Temp\is1590112554\wajam_download.exe, In Quarantäne, [18af540c0973989ee06fec5b758b13ed], 
PUP.Optional.InstallCore, C:\Users\Kelmendi\AppData\Local\Temp\is45637729\1543986_stp\Generic_vo.exe, In Quarantäne, [9235025ec7b5290de7312595c23f6a96], 
PUP.Optional.Delta.A, C:\Users\Kelmendi\AppData\Local\Temp\F6118268-BAB0-7891-8E06-6670EF521E39\Latest\MyBabylonTB.exe, In Quarantäne, [5275e57b93e99a9c1808fa93df22d42c], 
PUP.Optional.OpenCandy.A, C:\Users\Kelmendi\AppData\Local\Temp\is-QTAGL.tmp\OCSetupHlp.dll, In Quarantäne, [07c06000b6c684b2a61cb989f60a13ed], 
PUP.Optional.InstallMonetizer, C:\Users\Kelmendi\AppData\Local\Temp\is-7283H.tmp\InstallManagerNS.exe, In Quarantäne, [8c3b9dc344382c0a7afb477e5ca6e818], 
PUP.Optional.Tuto4PC.A, C:\Users\Kelmendi\AppData\Local\Temp\is-7283H.tmp\package_secprotwhite_installer_multilang.exe, In Quarantäne, [1bac322e1666e84eae40edff41c0847c], 
PUP.Optional.Tuto4PC.A, C:\Users\Kelmendi\AppData\Local\Temp\is-ARF10.tmp\package_secprotkeys_installer_multilang.exe, In Quarantäne, [5f683a261f5dab8b915d7b71b54c4eb2], 
PUP.Optional.Tuto4PC.A, C:\Users\Kelmendi\AppData\Local\Temp\is-OB5ET.tmp\package_browsesafe_installer_multilang.exe, In Quarantäne, [cafd1b459fdd3ff74ea018d49968c23e], 
PUP.Optional.Tuto4PC.A, C:\Users\Kelmendi\AppData\Local\Temp\is-OB5ET.tmp\package_regclean_installer_multilang.exe, In Quarantäne, [c205134da0dc85b11ad47d6f59a841bf], 
PUP.Optional.InstallMonetizer, C:\Users\Kelmendi\AppData\Local\Temp\is-PTG94.tmp\InstallManagerNS.exe, In Quarantäne, [e1e6df81d4a8c571d0a50cb9ec1622de], 
PUP.Optional.Tuto4PC.A, C:\Users\Kelmendi\AppData\Local\Temp\is-PTG94.tmp\package_shoppinghelper_installer_multilang.exe, In Quarantäne, [77506ef2780496a06c82915bdf2209f7], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nshCC47.exe, In Quarantäne, [982f2d33d0acad8993dd009f54ad50b0], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nsjD5B5.exe, In Quarantäne, [bf08c799dba1a59185ebacf3e91814ec], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nsr72A3.exe, In Quarantäne, [3592233d0577191d165a346b61a0f808], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nssF71F.exe, In Quarantäne, [923560005a22d0660868772849b859a7], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nsx7C74.exe, In Quarantäne, [f7d0baa693e9b48294dcdac5a25f03fd], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nsc85C6.exe, In Quarantäne, [8e395a06423ae94dcaa6653aad5419e7], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nscDA7B.exe, In Quarantäne, [8c3b85db1f5db185323e5a45b54c6b95], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nscEE2.exe, In Quarantäne, [d2f5c29ede9ef046caa6a8f7758ce020], 
PUP.Optional.Conduit.A, C:\Windows\Temp\nsh4982.exe, In Quarantäne, [ab1c560ac5b722148de3b2ed52af09f7], 
PUP.Optional.Searchprotect, C:\Windows\Temp\TBU002\Update.exe, In Quarantäne, [f1d65b0556260135213f71c77889ff01], 
PUP.Optional.OpenCandy, C:\Users\Kelmendi\Downloads\PhotoScape_V3-7.exe, In Quarantäne, [d4f31749f08cfc3afea32864e42131cf], 
PUP.Optional.Softonic.A, C:\Users\Kelmendi\Downloads\SoftonicDownloader_fuer_photoscape.exe, In Quarantäne, [e1e6fb65ed8fdc5a528e2616d52c29d7], 
PUP.Optional.Softonic, C:\Users\Kelmendi\Downloads\SoftonicDownloader_fuer_zoo-tycoon.exe, In Quarantäne, [5077ff61ceae5fd7ed9529f8b24f52ae], 
PUP.Optional.Iminent.A, C:\Windows\Installer\a8aa243.msi, In Quarantäne, [ac1b0e5225579d993e2fe7637a878e72], 
PUP.Optional.DeskTopDock.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DesktopDock.lnk, In Quarantäne, [9e293b25f28aa393b1264ffb47bc15eb], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\DockData.ice, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\instagram.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\africa.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\asia.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\blogspot.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\bus.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\business.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\ch.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\ent.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\europe.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\Facebook.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\ff.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\foot.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\games.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\games2.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\golf.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\horoscope.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\icon-news.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\ie.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\Linkedin.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\lnews.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\me.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\msport.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\opera.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\reddit.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\Settings.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\skyrocket.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\space.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\tech.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\tennis.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\twitter.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\us.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\Wikipedia.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\wnews.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\wsport.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\yahoonews.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\Yahoow.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Dock\Icons\int\Youtube.png, In Quarantäne, [55723c24ec9012242ed312393ec5a25e], 
PUP.Optional.DeskTopDock.A, C:\Users\Kelmendi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DesktopDockApp.lnk, In Quarantäne, [0dba015f3f3d66d06b9882c97e855ea2], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bnbaolfhobbbokdcmfiplbokkokobjgc_0.localstorage, In Quarantäne, [01c6015fafcd3bfb90f7144c35ce07f9], 
PUP.Optional.AmazonTB.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\jetpack\abb@amazon.com\simple-storage\store.json, In Quarantäne, [5a6d17497c00a1956da437e62dd62ed2],

flora27 · 09.12.2014, 16:43

hier der zweite Teil davon - hoffe das passt so

Code:

ATTFilter

PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E.x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\mam_gk_appsConfig.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\mam_gk_eventsCache.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\mam_gk_localization.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\mam_gk_settings1.13.0.17.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E+x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E,x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E-x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E._2z527.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E0x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E1x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E2x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E3x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E4x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E5x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E6x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E7x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E8x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E9x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E;x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E=x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E@x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7EAx305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7EBx305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7ECx305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7EDx305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7Etx305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E_x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.324545\GoogleCrashHandler.exe, In Quarantäne, [ddea1749e696bc7a2473a68bf90a5ea2], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.324545\GoogleUpdate.exe, In Quarantäne, [ddea1749e696bc7a2473a68bf90a5ea2], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.324545\GoogleUpdateBroker.exe, In Quarantäne, [ddea1749e696bc7a2473a68bf90a5ea2], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.324545\GoogleUpdateHelper.msi, In Quarantäne, [ddea1749e696bc7a2473a68bf90a5ea2], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.324545\GoogleUpdateOnDemand.exe, In Quarantäne, [ddea1749e696bc7a2473a68bf90a5ea2], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.324545\goopdate.dll, In Quarantäne, [ddea1749e696bc7a2473a68bf90a5ea2], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.324545\goopdateres_en.dll, In Quarantäne, [ddea1749e696bc7a2473a68bf90a5ea2], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.324545\npGoogleUpdate4.dll, In Quarantäne, [ddea1749e696bc7a2473a68bf90a5ea2], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.324545\psmachine.dll, In Quarantäne, [ddea1749e696bc7a2473a68bf90a5ea2], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.324545\psuser.dll, In Quarantäne, [ddea1749e696bc7a2473a68bf90a5ea2], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.478362\GoogleCrashHandler.exe, In Quarantäne, [62656df337453afc6e2943eed1325ba5], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.478362\GoogleUpdate.exe, In Quarantäne, [62656df337453afc6e2943eed1325ba5], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.478362\GoogleUpdateBroker.exe, In Quarantäne, [62656df337453afc6e2943eed1325ba5], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.478362\GoogleUpdateHelper.msi, In Quarantäne, [62656df337453afc6e2943eed1325ba5], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.478362\GoogleUpdateOnDemand.exe, In Quarantäne, [62656df337453afc6e2943eed1325ba5], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.478362\goopdate.dll, In Quarantäne, [62656df337453afc6e2943eed1325ba5], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.478362\goopdateres_en.dll, In Quarantäne, [62656df337453afc6e2943eed1325ba5], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.478362\npGoogleUpdate4.dll, In Quarantäne, [62656df337453afc6e2943eed1325ba5], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.478362\psmachine.dll, In Quarantäne, [62656df337453afc6e2943eed1325ba5], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.478362\psuser.dll, In Quarantäne, [62656df337453afc6e2943eed1325ba5], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\background.html, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\bootstrap.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\chrome.manifest, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\extension_info.json, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\install.rdf, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\AppFramework\appAPI_bg.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\AppFramework\appAPI_browseraction.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\AppFramework\appAPI_common.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\AppFramework\appAPI_content.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\AppFramework\appAPI_settings.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\AppFramework\appAPI_webrequest.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\AppFramework\jquery.min.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\CanvasFramework\canvasscript_engine.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\CanvasFramework\canvas_bg.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\CanvasFramework\md5.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\CanvasFramework\registry.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\CanvasFramework\webrequest.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\backgroundscript_engine.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\base.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\browser.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\chrome_windows.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\console.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\content_proxy.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\framework.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\i18n.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\invoke_async.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\io.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\lang.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\legacy.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\message_target.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\messaging.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\storage.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\timer.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\uninstall.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\userscript_client.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\userscript_engine.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\utils.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\xhr.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework-ui\browser_button.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework-ui\contentNotification.tmpl, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework-ui\contentNotificationStyle.tmpl, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework-ui\content_notifications.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework-ui\context_menu.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework-ui\framework_api.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework-ui\notifications.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework-ui\options.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework-ui\ui_base.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\icons\button.png, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\icons\icon100.png, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\icons\icon128.png, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\icons\icon32.png, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\icons\icon48.png, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome.manifest, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\install.rdf, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\04ddf7c8c2493a43b9ab42b9df5137c5.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\1075c020af9cc97bd7c4c3173693dab3.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\4f7cb0659129ac45b80e05c435cae534.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\b93dc2ddfb4e2354d94e7572467a4da2.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\background.html, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\browser.xul, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\d2858628cee96fcedd59208f7529beee.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\d78280043d2597cc4fdf444851336f96.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\dialog.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\ffCoreFilesIndex.txt, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\options.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\options.xul, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\search_dialog.xul, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\b634ff7c60bfa2de8fb588a9a3c060a6.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\0c40b229dfc10b65cd3a225f12129b0f.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\3c8a244c7a49716a066d1d69ef17e869.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\5c2cbcfbd9816dddecc39c6237507f49.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\6e51168f1ac9e8ac7954e34f53261d13.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\798a68b8dc3e67563cdf083a3afd5bff.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\83625af00616099dc67d5f0ec6157a0e.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\843c26f14c4a9410ca67a275d1e4dbc1.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\9e1a7ec8b9d36fea6439956ef23bb957.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\b8b1c65138b2693a0492f589672cca41.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\beb1f0617772b546a0a2b5f2c7b77bfb.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\c32015361b70b8449948d62f2d83379c.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\cf827b97f2c91be609a453ed84bda75d.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\df844c569ff16bf011506b320a30163c.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\e5bbf3d89a00b924797f90f53d6b1733.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\ffd096751ee4c1cc8563a9e795683e3b.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\d144b464d6d8613a1e702f84eb44c412.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\0cf602f8857fc07f60b2773014f3282f.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\12deb00fd4a34368fd43329845b5e29f.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\2900936e1f1fc364c8ebffce90aa1800.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\2d1261b435faf54a52529bb89b38ee30.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\44440d69662ae2901700bb01035615bc.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\45f18f1c67a7530f951116ddd3b98246.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\5f2d34c545758b5c228205a655854aa1.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\75259b0ba1a3919f75f2782b1fffd798.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\866c5df46fca98a1a64560cca34b117c.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\9e8f76c4096a35f3ed2bf9dc9a386699.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\a7fcbde048cc1fb57b5b497e4b585b3c.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\af9775d660d8b067eb748d4b7d5dafc5.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\bf92527e600faf20d78d962228ef609c.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\d8852b24b0dfbba6b27126dfc8047885.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\e0e3865d0f34a666e0ebc37399ce2896.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\e15c6286d001651bdd5298dd60dd8033.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\e77320d138401065c08f1b3d949abefe.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\ee4a36e0dadb7dbd5484a6d7e3a66259.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\fbf4cb762eafd43bb45378c50ae23e3c.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\installer.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\defaults\preferences\prefs.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\manifest.xml, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins.json, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\221.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\1.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\102.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\104.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\119.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\123.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\124.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\13.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\14.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\155.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\16.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\17.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\177.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\178.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\179.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\180.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\182.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\183.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\184.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\191.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\195.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\198.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\207.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\21.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\217.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\22.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\220.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\223.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\231.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\232.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\234.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\246.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\259.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\262.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\263.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\266.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\268.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\273.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\28.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\281.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\284.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\289.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\4.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\47.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\64.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\7.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\72.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\78.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\9.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\91.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\93.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\98.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\userCode\background.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\userCode\extension.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\locale\en-US\translations.dtd, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\skin\button1.png, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\skin\button2.png, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\skin\button3.png, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\skin\button4.png, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\skin\button5.png, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\skin\crossrider_statusbar.png, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\skin\icon128.png, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\skin\icon16.png, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\skin\icon24.png, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\skin\icon48.png, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\skin\panelarrow-up.png, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\skin\popup.html, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\skin\skin.css, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\skin\update.css, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome.manifest, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\install.rdf, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\19edf00420213bd82b96dc83efc49b7e.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\background.html, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\be34d88f371918bcbc46eb36f8407e55.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\browser.xul, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\c558b36f3cc1a1b2ce787896f9596aa0.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\caa7fd31ef66bdd324fe03114c1edb0c.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\cabb005c122ff02c09d0547c48d26696.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\dialog.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\fe67758e0e9aed6609989402e7215c88.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\ffCoreFilesIndex.txt, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\options.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\options.xul, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\search_dialog.xul, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\57ea9be0abf544474cc9e75181753cf0.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\03b58d27efe6d9ee09ec1ee629e4a3a9.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\0aeea6799a722fb56177699edb7581d3.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\1ce92a247d99c5378a341ef2cfc201d8.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\2d403972f706a75ee0fcd95acab8c72f.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\3279cafd077ab31ae267a121652ec11a.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\3598da8be857633ae5fa75ce1b83ea02.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\4b1dbcf6ca55dcd48318a36a6f1b751b.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\545e61c77d9a9163fc7c43abb6cd27d8.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\77b9199aa38da8cb1d4bbaa04f8c42bf.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\7eef263cefd3230495cfbaaddbd9bacb.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\876693b1e8b537d570aca56113a02389.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\8edcc30ba838496a3062a110985e3ac0.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\c7775f19eb56b544c4ced5eaa91d98c7.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\cb805f5f5aa5722c5cf3dca92290a4a4.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\e92dd513be629b13abf394131a95b67d.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\c938faff83b101149c6e20ff777156b0.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\115a8b6b8b0ac2bcd9c0208cbae2dcdb.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\1501ca2b389010087c95c6471aa81fe1.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\2052002aceeac42d2785153e17e3609b.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\26798ceb87c66c770b4ad2f6a2b5dae7.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\4d6d7f7e7fa275b6113d31bc4d28dd19.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\5a7c7f8bdd512fc66666684c15b93a04.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\5d6d84faa6cfda21d1668721a1f2df79.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\61cfa8cdfa8eb4093d54e22cf16ffecf.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\6622307dc37e9a2721c3c830cea32ce1.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\6ed70499205d17858852957333cf3742.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\91d3e1fd5cedf00630a2f5f56d74e3f4.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\a0881326e1c083281719c5e8503997b2.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\bed18d891fdc25a238c3f33aeb026c35.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\ca11c4de2f3343c794a2b47dd4688229.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\d5540539431bd045e8af6fba2092c5ed.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\d64ea8dbbbcbd15621802a9359116071.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\e090cd4d7f64c8d6a433b2ed0727eb7e.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\e363335c211ce0099496f1a003979bbb.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\f96efa2c11cf690d60ee2404fa2758aa.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\installer.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\defaults\preferences\prefs.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\manifest.xml, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins.json, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\102.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\104.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\13.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\14.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\16.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\17.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\180.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\184.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\192.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\193.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\195.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\220.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\221.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\223.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\226.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\242.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\244.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\246.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\262.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\263.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\268.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\273.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\275.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\281.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\284.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\289.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\301.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\302.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\314.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\324.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\337.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\4.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\47.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\64.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\7.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\78.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\9.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\91.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\93.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\userCode\background.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\userCode\extension.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\locale\en-US\translations.dtd, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\skin\button1.png, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\skin\button2.png, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\skin\button3.png, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\skin\button4.png, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\skin\button5.png, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\skin\crossrider_statusbar.png, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\skin\icon128.png, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\skin\icon16.png, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\skin\icon24.png, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\skin\icon48.png, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\skin\panelarrow-up.png, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\skin\popup.html, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\skin\skin.css, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\skin\update.css, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome.manifest, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\install.rdf, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\20aef0aa454cb68a832bbd6474fb19dd.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\4b0dad5327182a31c905f1e7a4a3865c.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\5228eb41dfe2037d82b5ea667a384a78.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\b9a288e526ce3e151dafe16b8eecbdf3.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\background.html, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\browser.xul, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\c2819aa91741747c43ca05bb510fd6f2.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\d78131fa3e0f804bb8fecf7317bb0ce5.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\dialog.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\ffCoreFilesIndex.txt, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\options.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\options.xul, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\search_dialog.xul, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\a60c4f40075ec9014f63f85bdd4d931f.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\11e210a018be780b20e5599b59136247.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\349d33748629b566af8b3bbeb04c8131.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\3a5cfe84891d62607c05a3fc64231f22.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\3c7772cc3e5c3109250838f86471952b.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\6fe79d25393b1169e90eed9bde1a6e53.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\7925e6c1e52d073ce1f7c80a19ea32de.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\7b89e2a2028e76cd47bba075ed78a839.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\a2ea910a5f56a6c8148061a3f4ebdb3e.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\b478db323c28b4c1a90b986dfd496e92.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\b4858b01fca24edf2e899b47072eed46.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\b9af67f4c36122aa0e22f22d44bdc297.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\c1857e16fed8321c3fd6e0abbfc8360c.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\cb7d2700be6c647bcc42e01da14492e8.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\e076de725781f3fb7dcc700937145238.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\fc28453db6eb6e115724d50b3d2be0bb.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\9ef8a1be1ae346343fb717249928e95f.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\1b3c69336491c18d296126fd52b5b9c7.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\1e2750913c170c5b25d2a577eb054b36.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\217d9820f1e9951ad6c2890819583cf8.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\2feb81724d82f3bf2c850b582ce7b96f.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\33b01878bb9189a4bfdf5ef0a3762ee1.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\33e5b6d39c33997abcc42cb59c55c84c.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\3cf4e95dacc87896546a9c59a7314b7a.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\4372a766ab0bdfa3d2371da65b2ac2e3.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\62aec5e199e3f5222ef847bfd09d754b.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\6ce02368d3ce678a621c26b8a02830cd.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\7121f3b26657be3525a7b2aa37d4e885.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\92a7cf53daa098cbc5bb18334d522dbb.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\940ce9d49d38fd7fa5fe37ca466b5adf.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\a3c5c41a6e785cb37141a9f3433819c3.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\a9d0d4957cc7d16f968e8617a7994ca6.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\ab259f51ad6bbe20be38e76ba761a660.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\b449033c4340f0adcf9b79bf60addc27.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\c1a15795d07ec706bb268ebf712add8e.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\d67b1a7b0d393d4a9c22d57833aa7a9b.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\installer.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\defaults\preferences\prefs.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\manifest.xml, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins.json, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\260.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\102.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\104.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\13.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\14.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\16.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\17.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\180.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\184.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\192.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\193.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\195.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\220.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\221.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\223.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\226.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\230.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\233.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\242.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\244.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\246.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\262.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\263.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\268.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\273.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\275.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\281.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\289.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\300.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\301.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\302.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\314.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\324.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\337.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\4.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\47.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\64.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\7.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\78.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\9.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\91.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\93.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\userCode\background.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\userCode\extension.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\locale\en-US\translations.dtd, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\skin\button1.png, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\skin\button2.png, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\skin\button3.png, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\skin\button4.png, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\skin\button5.png, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\skin\crossrider_statusbar.png, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\skin\icon128.png, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\skin\icon16.png, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\skin\icon24.png, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\skin\icon48.png, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\skin\panelarrow-up.png, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\skin\popup.html, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\skin\skin.css, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\skin\update.css, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.Iminent.A, C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: (   "homepage" : "hxxp://start.iminent.com/?appId=BCAC6B2F-343D-4868-845B-5D254772E88C",), Ersetzt,[329537296d0f05313f1a6a35be4730d0]

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

flora27 · 09.12.2014, 16:45

hier der zweite Teil davon - hoffe das passt so

Code:

ATTFilter

PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E.x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\mam_gk_appsConfig.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\mam_gk_eventsCache.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\mam_gk_localization.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\mam_gk_settings1.13.0.17.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E+x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E,x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E-x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E._2z527.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E0x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E1x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E2x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E3x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E4x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E5x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E6x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E7x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E8x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E9x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E;x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E=x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E@x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7EAx305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7EBx305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7ECx305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7EDx305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7Etx305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.ValueApps.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\valueApps\CT2625848\_9B+7E_x305.txt, In Quarantäne, [982fabb54a3223130a86819c4cb712ee], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.324545\GoogleCrashHandler.exe, In Quarantäne, [ddea1749e696bc7a2473a68bf90a5ea2], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.324545\GoogleUpdate.exe, In Quarantäne, [ddea1749e696bc7a2473a68bf90a5ea2], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.324545\GoogleUpdateBroker.exe, In Quarantäne, [ddea1749e696bc7a2473a68bf90a5ea2], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.324545\GoogleUpdateHelper.msi, In Quarantäne, [ddea1749e696bc7a2473a68bf90a5ea2], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.324545\GoogleUpdateOnDemand.exe, In Quarantäne, [ddea1749e696bc7a2473a68bf90a5ea2], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.324545\goopdate.dll, In Quarantäne, [ddea1749e696bc7a2473a68bf90a5ea2], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.324545\goopdateres_en.dll, In Quarantäne, [ddea1749e696bc7a2473a68bf90a5ea2], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.324545\npGoogleUpdate4.dll, In Quarantäne, [ddea1749e696bc7a2473a68bf90a5ea2], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.324545\psmachine.dll, In Quarantäne, [ddea1749e696bc7a2473a68bf90a5ea2], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.324545\psuser.dll, In Quarantäne, [ddea1749e696bc7a2473a68bf90a5ea2], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.478362\GoogleCrashHandler.exe, In Quarantäne, [62656df337453afc6e2943eed1325ba5], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.478362\GoogleUpdate.exe, In Quarantäne, [62656df337453afc6e2943eed1325ba5], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.478362\GoogleUpdateBroker.exe, In Quarantäne, [62656df337453afc6e2943eed1325ba5], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.478362\GoogleUpdateHelper.msi, In Quarantäne, [62656df337453afc6e2943eed1325ba5], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.478362\GoogleUpdateOnDemand.exe, In Quarantäne, [62656df337453afc6e2943eed1325ba5], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.478362\goopdate.dll, In Quarantäne, [62656df337453afc6e2943eed1325ba5], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.478362\goopdateres_en.dll, In Quarantäne, [62656df337453afc6e2943eed1325ba5], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.478362\npGoogleUpdate4.dll, In Quarantäne, [62656df337453afc6e2943eed1325ba5], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.478362\psmachine.dll, In Quarantäne, [62656df337453afc6e2943eed1325ba5], 
PUP.Optional.GlobalUpdate.A, C:\Users\Kelmendi\AppData\Local\Temp\comh.478362\psuser.dll, In Quarantäne, [62656df337453afc6e2943eed1325ba5], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\background.html, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\bootstrap.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\chrome.manifest, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\extension_info.json, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\install.rdf, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\AppFramework\appAPI_bg.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\AppFramework\appAPI_browseraction.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\AppFramework\appAPI_common.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\AppFramework\appAPI_content.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\AppFramework\appAPI_settings.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\AppFramework\appAPI_webrequest.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\AppFramework\jquery.min.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\CanvasFramework\canvasscript_engine.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\CanvasFramework\canvas_bg.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\CanvasFramework\md5.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\CanvasFramework\registry.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\CanvasFramework\webrequest.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\backgroundscript_engine.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\base.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\browser.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\chrome_windows.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\console.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\content_proxy.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\framework.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\i18n.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\invoke_async.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\io.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\lang.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\legacy.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\message_target.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\messaging.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\storage.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\timer.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\uninstall.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\userscript_client.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\userscript_engine.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\utils.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework\xhr.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework-ui\browser_button.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework-ui\contentNotification.tmpl, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework-ui\contentNotificationStyle.tmpl, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework-ui\content_notifications.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework-ui\context_menu.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework-ui\framework_api.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework-ui\notifications.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework-ui\options.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\framework-ui\ui_base.js, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\icons\button.png, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\icons\icon100.png, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\icons\icon128.png, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\icons\icon32.png, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.BrowseSafe.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\{1D10EB57-E111-EA32-C58F-B1EAAEAE1962}\icons\icon48.png, In Quarantäne, [7d4a035d1864f3432e5ff0450af9d22e], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome.manifest, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\install.rdf, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\04ddf7c8c2493a43b9ab42b9df5137c5.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\1075c020af9cc97bd7c4c3173693dab3.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\4f7cb0659129ac45b80e05c435cae534.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\b93dc2ddfb4e2354d94e7572467a4da2.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\background.html, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\browser.xul, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\d2858628cee96fcedd59208f7529beee.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\d78280043d2597cc4fdf444851336f96.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\dialog.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\ffCoreFilesIndex.txt, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\options.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\options.xul, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\search_dialog.xul, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\b634ff7c60bfa2de8fb588a9a3c060a6.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\0c40b229dfc10b65cd3a225f12129b0f.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\3c8a244c7a49716a066d1d69ef17e869.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\5c2cbcfbd9816dddecc39c6237507f49.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\6e51168f1ac9e8ac7954e34f53261d13.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\798a68b8dc3e67563cdf083a3afd5bff.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\83625af00616099dc67d5f0ec6157a0e.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\843c26f14c4a9410ca67a275d1e4dbc1.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\9e1a7ec8b9d36fea6439956ef23bb957.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\b8b1c65138b2693a0492f589672cca41.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\beb1f0617772b546a0a2b5f2c7b77bfb.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\c32015361b70b8449948d62f2d83379c.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\cf827b97f2c91be609a453ed84bda75d.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\df844c569ff16bf011506b320a30163c.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\e5bbf3d89a00b924797f90f53d6b1733.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\api\ffd096751ee4c1cc8563a9e795683e3b.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\d144b464d6d8613a1e702f84eb44c412.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\0cf602f8857fc07f60b2773014f3282f.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\12deb00fd4a34368fd43329845b5e29f.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\2900936e1f1fc364c8ebffce90aa1800.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\2d1261b435faf54a52529bb89b38ee30.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\44440d69662ae2901700bb01035615bc.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\45f18f1c67a7530f951116ddd3b98246.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\5f2d34c545758b5c228205a655854aa1.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\75259b0ba1a3919f75f2782b1fffd798.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\866c5df46fca98a1a64560cca34b117c.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\9e8f76c4096a35f3ed2bf9dc9a386699.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\a7fcbde048cc1fb57b5b497e4b585b3c.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\af9775d660d8b067eb748d4b7d5dafc5.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\bf92527e600faf20d78d962228ef609c.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\d8852b24b0dfbba6b27126dfc8047885.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\e0e3865d0f34a666e0ebc37399ce2896.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\e15c6286d001651bdd5298dd60dd8033.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\e77320d138401065c08f1b3d949abefe.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\ee4a36e0dadb7dbd5484a6d7e3a66259.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\fbf4cb762eafd43bb45378c50ae23e3c.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\chrome\content\core\installer.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\defaults\preferences\prefs.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\manifest.xml, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins.json, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\221.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\1.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\102.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\104.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\119.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\123.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\124.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\13.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\14.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\155.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\16.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\17.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\177.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\178.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\179.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\180.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\182.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\183.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\184.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\191.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\195.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\198.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\207.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\21.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\217.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\22.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\220.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\223.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\231.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\232.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\234.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\246.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\259.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\262.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\263.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\266.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\268.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\273.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\28.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\281.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\284.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\289.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\4.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\47.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\64.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\7.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\72.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\78.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\9.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\91.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\93.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\plugins\98.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\userCode\background.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\extensionData\userCode\extension.js, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\locale\en-US\translations.dtd, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\skin\button1.png, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\skin\button2.png, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\skin\button3.png, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\skin\button4.png, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\skin\button5.png, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\skin\crossrider_statusbar.png, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\skin\icon128.png, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\skin\icon16.png, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\skin\icon24.png, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\skin\icon48.png, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\skin\panelarrow-up.png, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\skin\popup.html, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\skin\skin.css, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\f60c9edf-3421-4e30-8330-5533344b756b@gmail.com\skin\update.css, In Quarantäne, [12b56af6a9d35bdb366d3afc05fecf31], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome.manifest, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\install.rdf, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\19edf00420213bd82b96dc83efc49b7e.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\background.html, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\be34d88f371918bcbc46eb36f8407e55.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\browser.xul, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\c558b36f3cc1a1b2ce787896f9596aa0.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\caa7fd31ef66bdd324fe03114c1edb0c.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\cabb005c122ff02c09d0547c48d26696.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\dialog.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\fe67758e0e9aed6609989402e7215c88.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\ffCoreFilesIndex.txt, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\options.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\options.xul, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\search_dialog.xul, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\57ea9be0abf544474cc9e75181753cf0.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\03b58d27efe6d9ee09ec1ee629e4a3a9.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\0aeea6799a722fb56177699edb7581d3.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\1ce92a247d99c5378a341ef2cfc201d8.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\2d403972f706a75ee0fcd95acab8c72f.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\3279cafd077ab31ae267a121652ec11a.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\3598da8be857633ae5fa75ce1b83ea02.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\4b1dbcf6ca55dcd48318a36a6f1b751b.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\545e61c77d9a9163fc7c43abb6cd27d8.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\77b9199aa38da8cb1d4bbaa04f8c42bf.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\7eef263cefd3230495cfbaaddbd9bacb.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\876693b1e8b537d570aca56113a02389.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\8edcc30ba838496a3062a110985e3ac0.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\c7775f19eb56b544c4ced5eaa91d98c7.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\cb805f5f5aa5722c5cf3dca92290a4a4.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\api\e92dd513be629b13abf394131a95b67d.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\c938faff83b101149c6e20ff777156b0.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\115a8b6b8b0ac2bcd9c0208cbae2dcdb.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\1501ca2b389010087c95c6471aa81fe1.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\2052002aceeac42d2785153e17e3609b.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\26798ceb87c66c770b4ad2f6a2b5dae7.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\4d6d7f7e7fa275b6113d31bc4d28dd19.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\5a7c7f8bdd512fc66666684c15b93a04.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\5d6d84faa6cfda21d1668721a1f2df79.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\61cfa8cdfa8eb4093d54e22cf16ffecf.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\6622307dc37e9a2721c3c830cea32ce1.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\6ed70499205d17858852957333cf3742.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\91d3e1fd5cedf00630a2f5f56d74e3f4.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\a0881326e1c083281719c5e8503997b2.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\bed18d891fdc25a238c3f33aeb026c35.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\ca11c4de2f3343c794a2b47dd4688229.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\d5540539431bd045e8af6fba2092c5ed.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\d64ea8dbbbcbd15621802a9359116071.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\e090cd4d7f64c8d6a433b2ed0727eb7e.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\e363335c211ce0099496f1a003979bbb.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\f96efa2c11cf690d60ee2404fa2758aa.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\chrome\content\core\installer.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\defaults\preferences\prefs.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\manifest.xml, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins.json, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\102.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\104.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\13.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\14.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\16.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\17.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\180.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\184.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\192.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\193.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\195.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\220.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\221.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\223.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\226.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\242.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\244.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\246.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\262.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\263.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\268.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\273.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\275.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\281.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\284.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\289.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\301.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\302.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\314.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\324.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\337.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\4.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\47.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\64.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\7.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\78.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\9.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\91.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\plugins\93.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\userCode\background.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\extensionData\userCode\extension.js, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\locale\en-US\translations.dtd, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\skin\button1.png, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\skin\button2.png, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\skin\button3.png, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\skin\button4.png, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\skin\button5.png, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\skin\crossrider_statusbar.png, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\skin\icon128.png, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\skin\icon16.png, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\skin\icon24.png, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\skin\icon48.png, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\skin\panelarrow-up.png, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\skin\popup.html, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\skin\skin.css, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\5c8764929678437cbd90994a5a82@ac863d978ade40948f4c7f15bb3c4.com\skin\update.css, In Quarantäne, [596e154bf884dd59208466d0fd067789], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome.manifest, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\install.rdf, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\20aef0aa454cb68a832bbd6474fb19dd.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\4b0dad5327182a31c905f1e7a4a3865c.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\5228eb41dfe2037d82b5ea667a384a78.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\b9a288e526ce3e151dafe16b8eecbdf3.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\background.html, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\browser.xul, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\c2819aa91741747c43ca05bb510fd6f2.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\d78131fa3e0f804bb8fecf7317bb0ce5.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\dialog.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\ffCoreFilesIndex.txt, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\options.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\options.xul, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\search_dialog.xul, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\a60c4f40075ec9014f63f85bdd4d931f.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\11e210a018be780b20e5599b59136247.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\349d33748629b566af8b3bbeb04c8131.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\3a5cfe84891d62607c05a3fc64231f22.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\3c7772cc3e5c3109250838f86471952b.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\6fe79d25393b1169e90eed9bde1a6e53.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\7925e6c1e52d073ce1f7c80a19ea32de.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\7b89e2a2028e76cd47bba075ed78a839.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\a2ea910a5f56a6c8148061a3f4ebdb3e.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\b478db323c28b4c1a90b986dfd496e92.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\b4858b01fca24edf2e899b47072eed46.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\b9af67f4c36122aa0e22f22d44bdc297.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\c1857e16fed8321c3fd6e0abbfc8360c.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\cb7d2700be6c647bcc42e01da14492e8.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\e076de725781f3fb7dcc700937145238.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\api\fc28453db6eb6e115724d50b3d2be0bb.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\9ef8a1be1ae346343fb717249928e95f.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\1b3c69336491c18d296126fd52b5b9c7.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\1e2750913c170c5b25d2a577eb054b36.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\217d9820f1e9951ad6c2890819583cf8.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\2feb81724d82f3bf2c850b582ce7b96f.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\33b01878bb9189a4bfdf5ef0a3762ee1.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\33e5b6d39c33997abcc42cb59c55c84c.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\3cf4e95dacc87896546a9c59a7314b7a.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\4372a766ab0bdfa3d2371da65b2ac2e3.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\62aec5e199e3f5222ef847bfd09d754b.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\6ce02368d3ce678a621c26b8a02830cd.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\7121f3b26657be3525a7b2aa37d4e885.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\92a7cf53daa098cbc5bb18334d522dbb.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\940ce9d49d38fd7fa5fe37ca466b5adf.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\a3c5c41a6e785cb37141a9f3433819c3.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\a9d0d4957cc7d16f968e8617a7994ca6.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\ab259f51ad6bbe20be38e76ba761a660.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\b449033c4340f0adcf9b79bf60addc27.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\c1a15795d07ec706bb268ebf712add8e.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\d67b1a7b0d393d4a9c22d57833aa7a9b.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\chrome\content\core\installer.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\defaults\preferences\prefs.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\manifest.xml, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins.json, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\260.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\102.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\104.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\13.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\14.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\16.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\17.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\180.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\184.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\192.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\193.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\195.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\220.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\221.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\223.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\226.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\230.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\233.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\242.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\244.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\246.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\262.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\263.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\268.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\273.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\275.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\281.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\289.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\300.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\301.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\302.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\314.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\324.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\337.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\4.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\47.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\64.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\7.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\78.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\9.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\91.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\plugins\93.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\userCode\background.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\extensionData\userCode\extension.js, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\locale\en-US\translations.dtd, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\skin\button1.png, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\skin\button2.png, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\skin\button3.png, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\skin\button4.png, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\skin\button5.png, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\skin\crossrider_statusbar.png, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\skin\icon128.png, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\skin\icon16.png, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\skin\icon24.png, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\skin\icon48.png, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\skin\panelarrow-up.png, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\skin\popup.html, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\skin\skin.css, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.CrossRider.A, C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\herman.thorne45@outlook.com\skin\update.css, In Quarantäne, [fec9fd637a02e056767973d4d72c41bf], 
PUP.Optional.Iminent.A, C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Preferences, Gut: (), Schlecht: (   "homepage" : "hxxp://start.iminent.com/?appId=BCAC6B2F-343D-4868-845B-5D254772E88C",), Ersetzt,[329537296d0f05313f1a6a35be4730d0]

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)

flora27 · 09.12.2014, 18:08

hier zu Schritt 4, die zoek.results.

Code:

ATTFilter

Zoek.exe v5.0.0.0 Updated 08-December-2014
Tool run by Kelmendi on 09.12.2014 at 16:58:18,85.
Microsoft Windows 7 Home Premium  6.1.7600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Kelmendi\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

09.12.2014 17:00:03 Zoek.exe System Restore Point Created Succesfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp. 
# 
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows. 
# 
# This file contains the mappings of IP addresses to host names. Each 
# entry should be kept on an individual line. The IP address should 
# be placed in the first column followed by the corresponding host name. 
# The IP address and the host name should be separated by at least one 
# space. 
# 
# Additionally, comments (such as these) may be inserted on individual 
# lines or following the machine name denoted by a '#' symbol. 
# 
# For example: 
# 
#      102.54.94.97     rhino.acme.com          # source server 
#       38.25.63.10     x.acme.com              # x client host 
 
# localhost name resolution is handle within DNS itself. 
127.0.0.1       localhost 
::1             localhost 

==== Empty Folders Check ======================

C:\Program Files\005 deleted successfully
C:\Program Files\Symantec deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\Users\Kelmendi\AppData\Roaming\Video Converter Packages deleted successfully
C:\Users\Besa\AppData\Local\VirtualStore deleted successfully
C:\Users\Kelmendi\AppData\Local\Downloaded Installations deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C74AB308-BA97-42f6-BB20-00E0868F52FB} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C74AB308-BA97-42f6-BB20-00E0868F52FB} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{13B701E0-41A5-4EE6-AFB3-C4CB01591F7} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{19C2F67A-7B0-407C-9A9F-6CB8F168B2C4} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1D7A7469-274B-42FC-84A3-2C2E1141D725} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1E5BF6E5-F420-44DC-A969-5D8ADA26CCBA} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F04D6E9-88DE-4833-89F2-D1EFFA82C931} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F3D658C-EF9A-4D9A-A51D-EA882E9240F1} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{22255856-3C8D-4EDF-8E69-39253C2D1EE} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{22B765F9-E730-4A81-A973-D0EA19A1175} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{22D7D676-9488-4327-B58A-F3332632E61F} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{23C542F3-B2B3-49F2-9134-2A906FA38B8F} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{24CDEA0A-69B9-45F7-B755-E76AAD95346A} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{259D8DED-1930-4E9F-B760-F32114A7D7A} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{25B696A5-BB35-4D3C-ABB0-3B82E8BF12C} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27651D2-9BCF-43E2-8B9F-F431222E9B33} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{277fc7e8-dd1a-4b14-a34d-546641d275db} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27D526C6-C125-41B4-BFD3-43C5FA9A2E34} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2F76005F-78BF-421D-A25E-DDD35ADA13BC} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{303CD490-AC82-4BD6-8FE0-3EAFFDDDEC35} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3290B3C0-A5D2-4087-A465-22407584342C} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{332FF22C-4A7E-415D-8D6C-212F319B279A} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33408682-D90D-4C9B-A96B-F63EF4B61B0} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{342FD6BC-AE95-4925-A8E5-F1E642E93310} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35072972-F282-42FB-9973-90B4FA98D458} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4BEEEDC1-AC38-4B01-82F1-895B18C67A4C} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4CE868C9-CAB9-4C5E-8D7D-CC35B118F84E} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FC840A2-BFD5-49B2-A924-63FB635B194B} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{508814CA-A4CF-4942-B99D-7463954968C} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{519736BE-5E63-4457-901D-E926CD1295C6} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{532077E5-1DB4-4F26-866D-3DF65656C377} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{543683F0-7CA2-4EA9-A513-A21D235B187} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{54A7A429-B906-436A-A4A1-25544527AB55} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{55E66DEA-692D-4664-8921-D17D7CD34ECD} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5961B6C4-AA98-4C87-93DE-352322A31091} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B05A2DB-4EF2-460A-AFFD-878646FDA9B0} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5DBA04CB-B034-46AB-8EDE-93BF2F7583C} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5EADE29E-A79B-4C8B-8D99-4B94B4E54153} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5FCB1877-66CD-4AE9-8DF8-C5C0A9FA8E14} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{61A1D83C-41D3-4E35-B7E7-7CFCC387D32C} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{620FD560-E1E7-40E4-8725-E9B248AAB762} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6315AE8C-C5E1-4159-8352-B5AC639F2E8} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{634CE3E8-783F-46DB-9125-93A2C39C639B} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{63928716-F95F-4D97-8840-25267EB219EB} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{646AF640-AB30-48E6-B824-A4A158316E58} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AFC13E-19AA-4377-80EF-12DB4353DDE4} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B3AB32-2C6A-4252-ADD6-D29B3370C8A6} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6AA7F9C5-8CA5-4705-8CB-FB9757A6448} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{713CB28B-97C6-4976-8672-514D1A8E2374} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{788DAB36-F72C-459C-BC42-C522EA7C53CE} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7BC3CE06-20AC-4E8D-9660-D37D942F92E} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8002F419-F2AB-479F-938F-95CAB8CFB829} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84E1EDF2-4A43-4681-9783-B796C4975D71} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{851A08B9-CDCC-438D-98A3-30B5FA11444E} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{85575122-3E79-4A0A-8D9F-EA091CA0FA} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{86C30287-5F7C-48C9-9154-35D815115DA5} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{88C503A4-A307-43E5-A568-1A35F0EAD4} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{891D8062-3250-40E4-999D-3EF6E727648} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89378FE1-B58D-415D-A36D-919466B9C5AC} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8982BD32-CE23-4750-BFDF-7C1A3651CF5E} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8B265479-BE20-489E-8EF4-CAC76B64DE34} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8B7AC656-13FE-4592-B5C8-F45B4E4886E9} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8DB9ABBD-BEA3-4655-9311-F0C611A5EAF9} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F013880-CE9E-4056-99FA-E9F25C512074} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F0E4132-AC5D-4DE2-BAD7-35FEAC1DDB5E} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8F7281F-728A-4D0F-B246-904CA1A73A6B} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{91CC7E7B-EBAB-404E-9915-CD7B1B5CF112} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{929B8D6-E58B-4327-A3EC-C9683BA37ED8} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93F0F0BF-853F-4F81-BA40-CE1CCE7BB86} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95E2C1C0-B467-4A21-AEF6-2B2186B5ED4C} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96CBD75D-2755-49D6-8AD8-AE3C1D8ADE1E} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96E38BE5-6A83-4F42-A7FE-5D402D9D4B56} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{973C0594-E129-4100-872-A9C5F4F54D3} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9A152CA9-932D-4CE4-94B1-4C3A60493B46} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9a8cfae4-0a73-4e6b-a6fd-d0be8a813e7d} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9BC566D5-FE6F-40B5-90BB-CE1B1997222} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A3723F91-93CA-4908-878-B7B5FD49A8B7} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a7c0d01d-2dce-4fcc-bb6a-0dd716b2d44e} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AEA079B1-6396-4646-A571-F850F8FE1EAC} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AF6B6B78-6CC9-4DE7-856A-1C9134A779} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b06391ac-2a10-4ab5-a9cb-6dc5a3e197b3} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B4CF822C-3F4-4BAC-891D-26B4335B77A} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B52A102A-E5A1-4E8D-AC0-F8E2DEEE26AA} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5E8F14A-48B9-4908-BFFB-FB8F839696AF} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BB917C87-1942-42F4-9552-5A9C47D2CBEC} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BC6C747F-BBAA-4BB0-8294-E8DB51759F8B} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C0171B24-168A-425A-9B41-102CA228273} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C02C427C-5FC7-4645-9951-6E777837FE40} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2AE36AC-1B55-4962-AC4D-45E59816405} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C421BFD3-9956-4CA4-89AD-E22B9564657B} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C5D89410-8ECC-45A9-A923-32DC594F3797} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7C615E0-E5F1-4DCB-BD8A-34DEEE98E5DC} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CC1609C5-1E2C-4383-A8CF-1DB324D26A82} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CF2621EB-B8BC-49CD-9B8D-D0E3C44C5BFF} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D3205414-5AFA-48D1-9AB5-F58BD1A9E075} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D3BBF9BF-18F6-4AC8-BFDD-3A3EC01013A4} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D851A811-3B32-4445-A6B8-88FE6198B55A} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D9A996E4-4AE5-45AC-91F0-A42D7B5CDA61} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDF8DDF1-DEB5-465B-B01B-7FC0A5CF2DA0} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DFB0017C-320C-4DAA-9173-63488AAC2DC} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E5DF7362-801C-448C-8523-EBE160965E6C} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6340168-B3E8-482F-A810-8CC9D474D4DC} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F036A4B8-5A59-4A93-BD6A-5F636E6D32B4} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F0A0F4BB-EAD6-4B8D-8B5-9E7CCA80BE} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F0CBAC2-B6BE-41BD-B7E1-364132C5184B} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F249AB76-33D-4835-8B71-378267ACEFA7} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F684057D-EF85-4B49-8B3-237CBAA88494} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F7CCE463-B91C-4CCA-91B1-FB137726DCC} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FBF57039-79EE-471C-BDE-DB82FBF3B} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FE3DAED8-A7F0-4B71-B298-7FA957288058} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{C74AB308-BA97-42f6-BB20-00E0868F52FB} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{C74AB308-BA97-42f6-BB20-00E0868F52FB} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C74AB308-BA97-42f6-BB20-00E0868F52FB} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C74AB308-BA97-42f6-BB20-00E0868F52FB} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{277fc7e8-dd1a-4b14-a34d-546641d275db} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9a8cfae4-0a73-4e6b-a6fd-d0be8a813e7d} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a7c0d01d-2dce-4fcc-bb6a-0dd716b2d44e} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{b06391ac-2a10-4ab5-a9cb-6dc5a3e197b3} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{C74AB308-BA97-42f6-BB20-00E0868F52FB} deleted successfully
HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Approved Extensions\{C74AB308-BA97-42f6-BB20-00E0868F52FB} deleted successfully
HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Approved Extensions\{C74AB308-BA97-42f6-BB20-00E0868F52FB} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{C74AB308-BA97-42f6-BB20-00E0868F52FB} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Classes\Software\Microsoft\Internet Explorer\Approved Extensions\{C74AB308-BA97-42f6-BB20-00E0868F52FB} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{fe063412-bea4-4d76-8ed3-183be6220d17} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110611171187} deleted successfully
HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110611171199} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{C74AB308-BA97-42f6-BB20-00E0868F52FB} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{C74AB308-BA97-42f6-BB20-00E0868F52FB} deleted successfully

==== Running Processes ======================

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\NIS.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\NIS.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\PLFSetI.exe
C:\Users\Kelmendi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
C:\Program Files (x86)\Launch Manager\LManager.exe
C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Kelmendi\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Services and Drivers ======================

You do not have Microsoft .NET Framework 4.0(or higher) installed.
Download it here v4.0: hxxp://www.microsoft.com/en-us/download/details.aspx?id=17851
Download it here v4.5: hxxp://www.microsoft.com/en-in/download/details.aspx?id=30653

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Besa\AppData\Roaming\Mozilla\Firefox\Profiles\i03dpvd7.default\prefs.js:

Added to C:\Users\Besa\AppData\Roaming\Mozilla\Firefox\Profiles\i03dpvd7.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");

Added to C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\prefs.js:

ProfilePath: C:\Users\Besa\AppData\Roaming\Mozilla\Firefox\Profiles\i03dpvd7.default

user.js not found
---- FireFox user.js and prefs.js backups ---- 

prefs__1721_.backup

ProfilePath: C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default

user.js not found
---- FireFox user.js and prefs.js backups ---- 

prefs__1721_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome.VJUE2HPGRZFUDXJLZVB2HMAL4I\shell\open\command]
@="C:\\Users\\Kelmendi\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe"

==== Deleting Files \ Folders ======================

"C:\Windows\Installer\a8aa243.msi" not found
C:\Users\Kelmendi\.android deleted
C:\PROGRA~2\SamsungPrinterLiveUpdateInstaller deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\found.000 deleted
C:\found.001 deleted
C:\found.002 deleted
C:\found.003 deleted
C:\found.004 deleted
C:\Users\Kelmendi\AppData\Roaming\WB.CFG deleted
C:\Users\Kelmendi\AppData\Local\cache deleted
C:\Users\Public\AlexaNSISPlugin.3512.dll deleted
C:\Users\Kelmendi\Downloads\FreeYouTubeToMP3Converter-3.12.20.1230(1).exe deleted
C:\Users\Kelmendi\Downloads\FreeYouTubeToMP3Converter-3.12.20.1230.exe deleted
C:\Users\Kelmendi\Downloads\FreeYouTubeToMP3Converter-327.exe deleted
C:\Users\Kelmendi\Downloads\FreeYouTubeToMP3Converter.exe deleted
C:\Users\Kelmendi\Downloads\FreeYouTubeToMP3Converter34430.exe deleted
C:\Users\Kelmendi\AppData\LocalLow\Company deleted
C:\Users\Kelmendi\AppData\LocalLow\{8E56A02B-46FE-4490-B169-F16E5231533B} deleted
C:\Users\Kelmendi\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A} deleted
C:\Users\Kelmendi\AppData\LocalLow\{FAECC00E-8025-47C7-94A5-DCC838C392A1} deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A} deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Toolbar4 deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\firefox@facebook.com.xpi deleted
C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\jetpack deleted
C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\CT2269050 deleted
C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\CT2625848 deleted
C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extension-data\toolbar_ORJ-V7@apn.ask.com deleted
C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extension-data\toolbar___ps__@apn.ask.com deleted
C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\smartbar deleted
C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\extensions\toolbar_ORJ-V7@apn.ask.com.xpi deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) (Build 7600)
Memory (RAM): 4087 MB
CPU Info: Intel(R) Core(TM) i7 CPU       Q 720  @ 1.60GHz
CPU Speed: 1617,0 MHz
Sound Card: Speakers (Realtek High Definiti | 
Realtek Digital Output (Realtek | 
Display Adapters: ATI Mobility Radeon HD 4650           | ATI Mobility Radeon HD 4650           | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; PnP-Monitor (Standard) | 
Screen Resolution: 1366 X 768 - 32 bit
Network: Network Present
Network Adapters: Intel(R) WiFi Link 5100 AGN
CD / DVD Drives: 1x (E: | ) E: Optiarc DVD RW AD-7585H
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C:  220,5GB | D:  221,2GB
Hard Disks - Free: C:  65,1GB | D:  221,0GB
Manufacturer *: Acer
BIOS Info: AT/AT COMPATIBLE | 06/01/10 | ACRSYS - 1
Time Zone: Mitteleuropäische Zeit
Motherboard *: Acer Aspire 5940
Country: Deutschland 
Language: DEU 

==== System Specs (Software) ======================

Anti-Virus: Norton Internet Security On-access scanning disabled (Outdated)
Anti-Spyware: Norton Internet Security disabled (Outdated)
Firewall: Norton Internet Security disabled
Default Browser: Firefox	34.0.5
Internet Explorer version: 8.0.7600.16385 
Mozilla Firefox version: 34.0.5 (x86 en-US)
Adobe Reader version: 11.0.04.63
Sun Java version: 1.8.0_11 (32-bit) 
Flash Player version: 11.9.900.170

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Kelmendi\AppData\Local\Temp ====
2014-12-09 13:14:05	8A0F4351919BC63848CEFA14F0115B10	394312	----a-w-	C:\Users\Kelmendi\AppData\Local\Temp\uninst1.exe
2014-12-09 01:03:54	1B0D76019DF4D3E170F9130F8E870823	175908	------w-	C:\Users\Kelmendi\AppData\Local\Temp\is45637729\1681646_stp\Generic_vo.exe
2014-12-08 16:44:28	ED549D32F11FD000C9546E5652129A63	2787152	----a-w-	C:\Users\Kelmendi\AppData\Local\Temp\sprz.exe
2014-12-08 16:44:04	98D876AE6989A6E8991B3448936F28B5	2360490	----a-w-	C:\Users\Kelmendi\AppData\Local\Temp\7198tmp\setup.exe
2014-12-08 16:44:03	762029A372F7F1823F05AC54185B7639	31150504	----a-w-	C:\Users\Kelmendi\AppData\Local\Temp\7197tmp\jre-8u11.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-12-08 16:48:54	909C2FB1368651B33BAB278944B60D72	272808	----a-w-	C:\Windows\SysWOW64\javaws.exe
2014-12-08 16:39:10	C2E744BDB5A4267FC2AA6C11E836033F	176552	----a-w-	C:\Windows\SysWOW64\javaw.exe
2014-12-08 16:39:10	BFE72E2B56BDE6FAC7B3E2743B53568C	176040	----a-w-	C:\Windows\SysWOW64\java.exe
2014-12-08 16:39:10	BD9FB9E6C99F377A936062A74C454610	98216	----a-w-	C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2014-12-09 14:08:19	26C43960C99EE861A5D0EDC4DCF3B1C3	129752	----a-w-	C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2014-12-09 14:08:01	CA43F8904E24BBE49982E4C0B29E6579	25816	----a-w-	C:\Windows\Sysnative\drivers\mbam.sys
2014-12-09 14:08:01	A646C2DDB8C46E9B20A326FAF566646C	63704	----a-w-	C:\Windows\Sysnative\drivers\mwac.sys
2014-12-09 14:08:01	478CC94C937D235CB0A96AB8F2359D81	93400	----a-w-	C:\Windows\Sysnative\drivers\mbamchameleon.sys
2014-12-08 16:45:36	3D9A8E1CA0C0DC65ABA437B0F21BD5AE	60376	----a-w-	C:\Windows\Sysnative\drivers\cherimoya.sys
====== C:\Windows\Tasks ======
2014-12-08 16:45:56	0156DBB65DEF9E29EFE819B4A3A70676	3628	----a-w-	C:\Windows\Sysnative\Tasks\omrUpdater
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2014-11-17 10:45:32	--------	d-----w-	C:\PROGRA~2\COMMON~1\Skype
======= C: =====
====== C:\Users\Kelmendi\AppData\Roaming ======
2014-12-08 16:49:17	--------	d-----w-	C:\Users\Kelmendi\AppData\Locallow\Oracle
2014-12-08 16:47:16	--------	d-----w-	C:\Users\Kelmendi\AppData\Local\Pro_PC_Cleaner
2014-12-08 16:45:18	--------	d-----r-	C:\Users\Kelmendi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-11-17 10:45:52	--------	d-----w-	C:\Users\Kelmendi\AppData\Local\Skype
====== C:\Users\Kelmendi ======
2014-12-09 14:05:57	3BD59D6C407AB1F6DDD7C5D9BD727469	20447072	----a-w-	C:\Users\Kelmendi\Desktop\mbam-setup-2.0.4.1028.exe
2014-12-09 14:05:37	3BD59D6C407AB1F6DDD7C5D9BD727469	20447072	----a-w-	C:\Users\Kelmendi\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-09 13:48:17	7AC98BE8593253FDDF8293E1C60B04BA	2166272	----a-w-	C:\Users\Kelmendi\Desktop\AdwCleaner_4.105.exe
2014-12-09 13:48:07	7AC98BE8593253FDDF8293E1C60B04BA	2166272	----a-w-	C:\Users\Kelmendi\Downloads\AdwCleaner_4.105.exe
2014-12-09 13:18:58	75792D4CBF8A138CEBA044868FDE766D	2785665	----a-w-	C:\Users\Kelmendi\Desktop\RevoUninstallerPortable_1.95_Rev_2.paf.exe
2014-12-09 10:36:43	DEF4F8225DA327189C4EC0BBF7817CD3	2119680	----a-w-	C:\Users\Kelmendi\Desktop\frst64.exe
2014-12-08 16:49:33	--------	d--h--w-	C:\Users\Public\Temp
2014-11-17 10:45:33	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

====== C: exe-files ==
2014-12-09 14:05:57	3BD59D6C407AB1F6DDD7C5D9BD727469	20447072	----a-w-	C:\Users\Kelmendi\Desktop\mbam-setup-2.0.4.1028.exe
2014-12-09 14:05:37	3BD59D6C407AB1F6DDD7C5D9BD727469	20447072	----a-w-	C:\Users\Kelmendi\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-09 13:48:17	7AC98BE8593253FDDF8293E1C60B04BA	2166272	----a-w-	C:\Users\Kelmendi\Desktop\AdwCleaner_4.105.exe
2014-12-09 13:48:07	7AC98BE8593253FDDF8293E1C60B04BA	2166272	----a-w-	C:\Users\Kelmendi\Downloads\AdwCleaner_4.105.exe
2014-12-09 13:25:48	D7FE1B2CD586A0D4FD3185DCF3DE4FA1	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3793236011-1497448259-2661613126-1000\$IHKMEHD.exe
2014-12-09 13:25:48	BC3D28A2F972E20E49C1B8A4D44C9E48	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3793236011-1497448259-2661613126-1000\$ISFWEKD.exe
2014-12-09 13:25:48	441658AC6436320DC0C9B12EE73F0018	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3793236011-1497448259-2661613126-1000\$IPVRZFP.exe
2014-12-09 13:25:48	10AF1D8A5B19F496F21B340F360A2518	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3793236011-1497448259-2661613126-1000\$IVRGJ2O.exe
2014-12-09 13:18:58	75792D4CBF8A138CEBA044868FDE766D	2785665	----a-w-	C:\Users\Kelmendi\Desktop\RevoUninstallerPortable_1.95_Rev_2.paf.exe
2014-12-09 13:14:05	8A0F4351919BC63848CEFA14F0115B10	394312	----a-w-	C:\Users\Kelmendi\AppData\Local\Temp\uninst1.exe
2014-12-09 10:36:43	DEF4F8225DA327189C4EC0BBF7817CD3	2119680	----a-w-	C:\Users\Kelmendi\Desktop\frst64.exe
2014-12-09 01:03:54	1B0D76019DF4D3E170F9130F8E870823	175908	------w-	C:\Users\Kelmendi\AppData\Local\Temp\is45637729\1681646_stp\Generic_vo.exe
2014-12-08 16:48:54	909C2FB1368651B33BAB278944B60D72	272808	----a-w-	C:\Windows\SysWOW64\javaws.exe
2014-12-08 16:48:31	F441544D94811EA32C1888C19BCC3768	15784	----a-w-	C:\Program Files (x86)\Java\jre8\bin\klist.exe
2014-12-08 16:48:31	EDBFE2771525CE5C4E69CCAD6CCCCA41	51112	----a-w-	C:\Program Files (x86)\Java\jre8\bin\ssvagent.exe
2014-12-08 16:48:31	BA6372AB0302A918DADD4465E7CA425D	157608	----a-w-	C:\Program Files (x86)\Java\jre8\bin\unpack200.exe
2014-12-08 16:48:31	B5D293BD871BBAE6B89DE10C9F931340	16296	----a-w-	C:\Program Files (x86)\Java\jre8\bin\orbd.exe
2014-12-08 16:48:31	9F1DAB0ED59DF69154329DFC5C7E31ED	16296	----a-w-	C:\Program Files (x86)\Java\jre8\bin\servertool.exe
2014-12-08 16:48:31	64387EDCB122C9C591DC6E6A3F2DF714	16296	----a-w-	C:\Program Files (x86)\Java\jre8\bin\tnameserv.exe
2014-12-08 16:48:31	34E2C6557E1672EA695FD6D3EFF036FB	15784	----a-w-	C:\Program Files (x86)\Java\jre8\bin\pack200.exe
2014-12-08 16:48:31	31D8BC282517513DEB59C5E1B9FBC5A3	15784	----a-w-	C:\Program Files (x86)\Java\jre8\bin\ktab.exe
2014-12-08 16:48:31	2CEBE07627551579319B19F8A47AE650	16296	----a-w-	C:\Program Files (x86)\Java\jre8\bin\rmiregistry.exe
2014-12-08 16:48:31	28B4282A0D7176D8EA9751CBFB3722D7	15784	----a-w-	C:\Program Files (x86)\Java\jre8\bin\rmid.exe
2014-12-08 16:48:31	24BBC049D368F27D4C05B4106B526DA4	16296	----a-w-	C:\Program Files (x86)\Java\jre8\bin\policytool.exe
2014-12-08 16:48:30	C841D12CD78EBA9B3206815E1FA24337	76200	----a-w-	C:\Program Files (x86)\Java\jre8\bin\jp2launcher.exe
2014-12-08 16:48:30	C2E744BDB5A4267FC2AA6C11E836033F	176552	----a-w-	C:\Program Files (x86)\Java\jre8\bin\javaw.exe
2014-12-08 16:48:30	BFE72E2B56BDE6FAC7B3E2743B53568C	176040	----a-w-	C:\Program Files (x86)\Java\jre8\bin\java.exe
2014-12-08 16:48:30	B4832D118B5F5AD138CF48EFBE6B2117	15784	----a-w-	C:\Program Files (x86)\Java\jre8\bin\jjs.exe
2014-12-08 16:48:30	AC622615773BEDD637CE55AC83B46E98	15784	----a-w-	C:\Program Files (x86)\Java\jre8\bin\kinit.exe
2014-12-08 16:48:30	909C2FB1368651B33BAB278944B60D72	272808	----a-w-	C:\Program Files (x86)\Java\jre8\bin\javaws.exe
2014-12-08 16:48:30	7FC07F80F39F1D8EF6AD493F67819916	15784	----a-w-	C:\Program Files (x86)\Java\jre8\bin\java-rmi.exe
2014-12-08 16:48:30	45DCBC8F21FF16B68F545CB51B41C8DB	15784	----a-w-	C:\Program Files (x86)\Java\jre8\bin\keytool.exe
2014-12-08 16:48:30	09E78B444BE3C24BB44D96B9991D0354	30632	----a-w-	C:\Program Files (x86)\Java\jre8\bin\jabswitch.exe
2014-12-08 16:48:30	08709AA84906EF38D2416799262B161C	68008	----a-w-	C:\Program Files (x86)\Java\jre8\bin\javacpl.exe
2014-12-08 16:44:28	ED549D32F11FD000C9546E5652129A63	2787152	----a-w-	C:\Users\Kelmendi\AppData\Local\Temp\sprz.exe
2014-12-08 16:44:04	98D876AE6989A6E8991B3448936F28B5	2360490	----a-w-	C:\Users\Kelmendi\AppData\Local\Temp\7198tmp\setup.exe
2014-12-08 16:44:03	762029A372F7F1823F05AC54185B7639	31150504	----a-w-	C:\Users\Kelmendi\AppData\Local\Temp\7197tmp\jre-8u11.exe
2014-12-08 16:39:10	C2E744BDB5A4267FC2AA6C11E836033F	176552	----a-w-	C:\Windows\SysWOW64\javaw.exe
2014-12-08 16:39:10	BFE72E2B56BDE6FAC7B3E2743B53568C	176040	----a-w-	C:\Windows\SysWOW64\java.exe
2014-12-08 16:38:04	3842C46F2FBC7522EF625F1833530804	145408	----a-w-	C:\Users\Kelmendi\AppData\LocalLow\Sun\Java\jre1.7.0_71\lzma.exe
=== C: other files ==
2014-12-09 14:08:19	26C43960C99EE861A5D0EDC4DCF3B1C3	129752	----a-w-	C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-12-09 14:08:01	CA43F8904E24BBE49982E4C0B29E6579	25816	----a-w-	C:\Windows\System32\drivers\mbam.sys
2014-12-09 14:08:01	A646C2DDB8C46E9B20A326FAF566646C	63704	----a-w-	C:\Windows\System32\drivers\mwac.sys
2014-12-09 14:08:01	478CC94C937D235CB0A96AB8F2359D81	93400	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys
2014-12-09 13:25:48	F35D5FC491BB48C8CEBFE4EFD87BE5EB	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3793236011-1497448259-2661613126-1000\$IBCH0BQ.crx
2014-12-09 13:25:48	947DC8FB8A01D1E4905117A80D317E1D	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3793236011-1497448259-2661613126-1000\$I6OG1NN.crx
2014-12-09 13:25:48	8AA8BE45412CA7C5A11480651AB5B92B	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3793236011-1497448259-2661613126-1000\$I9RT43J.xpi
2014-12-09 13:25:48	26A6CC4CCB2575FB6BF61FF73FADADBB	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3793236011-1497448259-2661613126-1000\$ITEN2JA.xpi
2014-12-09 13:25:48	207767D15FCF38F7C35BFA6D714DD94F	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3793236011-1497448259-2661613126-1000\$IHAJ34O.crx
2014-12-08 16:48:32	FAB5F5C9E9F2E8BDF27BCDE6E66340DE	14130	----a-w-	C:\Program Files (x86)\Java\jre8\lib\deploy\ffjcext.zip
2014-12-08 16:45:36	3D9A8E1CA0C0DC65ABA437B0F21BD5AE	60376	----a-w-	C:\Windows\System32\drivers\cherimoya.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Facebook Update"="C:\Users\Kelmendi\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"EA Core"="C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent"
"Pando Media Booster"="C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"
"Spotify Web Helper"="C:\Users\Kelmendi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"Google Update"="C:\Users\Kelmendi\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Spotify"="C:\Users\Kelmendi\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"EgisTecLiveUpdate"="C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe"
"BackupManagerTray"="C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe -h -k"
"NortonOnlineBackupReminder"="C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe UNATTENDED"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe"
"ArcadeDeluxeAgent"="C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
"PlayMovie"="C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
"HF_G_Jul"="C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe  /DoAction"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"ROC_ROC_JULY_P1"="C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe / /PROMPT /CMPID=ROC_JULY_P1"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Facebook Update"="C:\Users\Kelmendi\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"EA Core"="C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent"
"Pando Media Booster"="C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"
"Spotify Web Helper"="C:\Users\Kelmendi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"Google Update"="C:\Users\Kelmendi\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Spotify"="C:\Users\Kelmendi\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"IAAnotif"="C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe"
"mwlDaemon"="C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe"
"Acer ePower Management"="C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe"
"PLFSetI"="C:\Windows\PLFSetI.exe"
"CDAServer"="C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe"
"shopperz"="C:\Program Files\shopperz\unity.exe"
"shopperz64"="C:\Program Files\shopperz\unity64.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Startup Folders ======================

2009-10-21 00:28:35	1782	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe []
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000Core.job --a------ C:\Users\Kelmendi\AppData\Local\Facebook\Update\FacebookUpdate.exe [15.09.2012 17:52]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000UA.job --a------ C:\Users\Kelmendi\AppData\Local\Facebook\Update\FacebookUpdate.exe [15.09.2012 17:52]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [24.06.2012 09:52]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000Core.job --a------ C:\Users\Kelmendi\AppData\Local\Google\Update\GoogleUpdate.exe [30.10.2013 08:10]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000UA.job --a------ C:\Users\Kelmendi\AppData\Local\Google\Update\GoogleUpdate.exe [30.10.2013 08:10]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000Core" [C:\Users\Kelmendi\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000UA" [C:\Users\Kelmendi\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000Core" [C:\Users\Kelmendi\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000UA" [C:\Users\Kelmendi\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\McQcModifier-5c47-a7b0" [C:\ProgramData\McQcModifier-5c47-a7b0\McQcModifier-5c47-a7b0.cmd]
"C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe"]
"C:\Windows\SysNative\tasks\omrUpdater" ["C:\Program Files\shopperz\custer.bat"]
"C:\Windows\SysNative\tasks\ProPCCleaner_Popup" [C:\Program Files (x86)\Pro PC Cleaner\Splash.exe]
"C:\Windows\SysNative\tasks\ProPCCleaner_Start" [C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\SymErr.exe]
"C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\SymErr.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn" [09.12.2014 16:26]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default
- Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn
- Undetermined - firefox@facebook.com
- Undetermined - toolbar_ORJ-V7@apn.ask.com
- Undetermined - {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Undetermined - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default
3CD19649B2C3023D65E67C056457A2BC	- C:\Users\Kelmendi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll -	Facebook Video Calling Plugin
F891089A6AB9E12FEDEBCC5EC0F40D66	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll -	Shockwave Flash
C36444D7301A8C881FC7296B092609C7	- C:\Users\Kelmendi\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll -	Google Update


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
iikflkcanblccfahdhdonehdalibjnif - No path found[]
mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx[20.09.2014 09:52]

Norton Identity Protection - Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk

==== Chromium Fix ======================

C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.live-lyrics.com_0.localstorage deleted successfully
C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.live-lyrics.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
"Backup.Old.Start Page"="hxxp://www.google.com"
"Default_Page_URL"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://www.google.com"
"Default_Page_URL"="hxxp://www.google.com"
"Start Page"="hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.4.0.13"
"Search Page"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://www.google.com"
"Default_Page_URL"="hxxp://www.google.com"
"Start Page"="hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.4.0.13"
"Search Page"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="hxxp://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="hxxp://www.google.com"
"Backup.Old.Start Page"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{67A2568C-7A0A-4EED-AECC-B5405DE63B64}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="hxxp://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google  Url="hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE489"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8C15B847BDD01B048B104F5BE0C94236 deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C74AB308-BA97-42f6-BB20-00E0868F52FB}_is1 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{58C91689-85E3-4B25-ADEC-2697986DF817} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\8C15B847BDD01B048B104F5BE0C94236 deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\98619C853E5852B4DACE627989D68F71 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Besa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Besa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Kelmendi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Kelmendi\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Kelmendi\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Kelmendi\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Kelmendi\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Kelmendi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Besa\AppData\Local\Mozilla\Firefox\Profiles\i03dpvd7.default\cache2 emptied successfully
C:\Users\Kelmendi\AppData\Local\Mozilla\Firefox\Profiles\m9rivr4j.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=770 folders=276 201840705 bytes)

==== Empty Temp Folders ======================

C:\Users\Besa\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Kelmendi\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Kelmendi\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Kelmendi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on 09.12.2014 at 18:05:22,71 ======================

flora27 · 09.12.2014, 18:13

und hier das, was bei FRST rausgekommen ist - es öffnen sich übrigens schon mal endlich keine tabs mehr und ich werde von Werbung nicht mehr so überflutet, danke!

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-12-2014
Ran by Kelmendi (administrator) on KELMENDI-PC on 09-12-2014 18:09:06
Running from C:\Users\Kelmendi\Desktop
Loaded Profile: Kelmendi (Available profiles: Kelmendi & Besa)
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GregHSRW.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\nis.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe
(Acer) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\nis.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Windows\PLFSetI.exe
() C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
(Google Inc.) C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Spotify Ltd) C:\Users\Kelmendi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(CyberLink Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe
(Acer Corp.) C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8061984 2009-08-17] (Realtek Semiconductor)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-08-07] (Intel Corporation)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\mwlDaemon.exe [349480 2009-09-10] (Egis Technology Inc.)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [496160 2009-10-29] (Acer Incorporated)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-18] (Synaptics Incorporated)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2012-05-22] ()
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] ()
HKLM\...\Run: [shopperz] => C:\Program Files\shopperz\unity.exe
HKLM\...\Run: [shopperz64] => C:\Program Files\shopperz\unity64.exe
HKLM-x32\...\Run: [EgisTecLiveUpdate] => C:\Program Files (x86)\EgisTec Egis Software Update\EgisUpdate.exe [199464 2009-08-04] (Egis Technology Inc.)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [261888 2009-09-24] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-08-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1157128 2009-08-18] (Dritek System Inc.)
HKLM-x32\...\Run: [ArcadeDeluxeAgent] => C:\Program Files (x86)\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe [419112 2009-10-29] (CyberLink Corp.)
HKLM-x32\...\Run: [PlayMovie] => C:\Program Files (x86)\Acer Arcade Deluxe\PlayMovie\PMVService.exe [181480 2009-10-21] (Acer Corp.)
HKLM-x32\...\Run: [HF_G_Jul] => "C:\Program Files (x86)\AVG Secure Search\HF_G_Jul.exe"  /DoAction
HKLM-x32\...\Run: [APSDaemon] => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM-x32\...\Run: [ROC_ROC_JULY_P1] => "C:\Program Files (x86)\AVG Secure Search\ROC_ROC_JULY_P1.exe" / /PROMPT /CMPID=ROC_JULY_P1
HKLM-x32\...\Run: [iTunesHelper] => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-10-21] (Google Inc.)
HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\Run: [Facebook Update] => C:\Users\Kelmendi\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-09-15] (Facebook Inc.)
HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\Run: [EA Core] => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\Run: [Pando Media Booster] => "C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"
HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\Run: [Spotify Web Helper] => C:\Users\Kelmendi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1514040 2014-10-07] (Spotify Ltd)
HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\Run: [Google Update] => C:\Users\Kelmendi\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-30] (Google Inc.)
HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\Run: [Spotify] => C:\Users\Kelmendi\AppData\Roaming\Spotify\spotify.exe [6553144 2014-10-07] (Spotify Ltd)
HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\MountPoints2: {1a27e36e-e252-11e3-917b-c2b6d9f4098d} - F:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\MountPoints2: {6f16c361-df29-11e2-b9b2-851712210188} - F:\LaunchU3.exe -a
HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\MountPoints2: {ba791a7f-dd6a-11e1-9937-0026226a35bd} - F:\Startme.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk
ShortcutTarget: Acer VCM.lnk -> C:\Program Files (x86)\Acer\Acer VCM\AcerVCM.exe (Acer Incorporated)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x64\psdprotect.dll (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\psdprotect.dll (Egis Technology Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.4.0.13
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.4.0.13
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.4.0.13
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64}
SearchScopes: HKLM-x32 -> {3537899B-B3D3-BCF9-BFA2-27EFE229B339} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-3793236011-1497448259-2661613126-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE489
SearchScopes: HKU\S-1-5-21-3793236011-1497448259-2661613126-1000 -> Backup.Old.DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233}
SearchScopes: HKU\S-1-5-21-3793236011-1497448259-2661613126-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3793236011-1497448259-2661613126-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_deDE489
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine64\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll No File
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg64.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll No File
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre8\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre8\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\coIEPlg.dll (Symantec Corporation)
Toolbar: HKU\S-1-5-21-3793236011-1497448259-2661613126-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework//microsoft/wrc32.ocx
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
Winsock: Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll File Not found ()
Winsock: Catalog5-x64 07 C:\Program Files\Bonjour\mdnsNSP.dll File Not found ()
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll No File
FF Plugin: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=11.11.2 -> C:\Program Files (x86)\Java\jre8\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.11.2 -> C:\Program Files (x86)\Java\jre8\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\3.0.40624.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3793236011-1497448259-2661613126-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kelmendi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-3793236011-1497448259-2661613126-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Kelmendi\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3793236011-1497448259-2661613126-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Kelmendi\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3793236011-1497448259-2661613126-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF SearchPlugin: C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\searchplugins\yahoo_ff.xml
FF Extension: Adblock Plus - C:\Users\Kelmendi\AppData\Roaming\Mozilla\Firefox\Profiles\m9rivr4j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-25]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-12-09]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.0.0.100\coFFPlgn [2014-12-09]
FF Extension: No Name - {2D3F3651-74B9-4795-BDEC-6DA2F431CB62} [Not Found]

Chrome: 
=======
CHR Profile: C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-10-30]
CHR Extension: (Google Drive) - C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-30]
CHR Extension: (YouTube) - C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-30]
CHR Extension: (Google Search) - C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-30]
CHR Extension: (Norton Identity Protection) - C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-10-30]
CHR Extension: (Google Wallet) - C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-10-30]
CHR Extension: (Gmail) - C:\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-10-30]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-04]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - No Path
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\Exts\Chrome.crx [2014-10-04]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AeLookupSvc; C:\Windows\System32\aelupsvc.dll [72192 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ALG; C:\Windows\System32\alg.exe [79360 2009-07-14] (Microsoft Corporation) [File not signed]
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [203264 2009-08-04] (AMD) [File not signed]
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32256 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Appinfo; C:\Windows\System32\appinfo.dll [70144 2009-07-14] (Microsoft Corporation) [File not signed]
R2 AudioEndpointBuilder; C:\Windows\System32\Audiosrv.dll [676864 2009-07-14] (Microsoft Corporation) [File not signed]
R2 AudioSrv; C:\Windows\System32\Audiosrv.dll [676864 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AxInstSV; C:\Windows\System32\AxInstSV.dll [114688 2009-07-14] (Microsoft Corporation) [File not signed]
S3 BDESVC; C:\Windows\System32\bdesvc.dll [100864 2009-07-14] (Microsoft Corporation) [File not signed]
R2 BFE; C:\Windows\System32\bfe.dll [703488 2009-07-14] (Microsoft Corporation) [File not signed]
S3 BITS; C:\Windows\System32\qmgr.dll [848384 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Browser; C:\Windows\System32\browser.dll [136192 2009-07-14] (Microsoft Corporation) [File not signed]
S3 bthserv; C:\Windows\system32\bthserv.dll [83968 2009-07-14] (Microsoft Corporation) [File not signed]
S3 CertPropSvc; C:\Windows\System32\certprop.dll [80384 2009-07-14] (Microsoft Corporation) [File not signed]
S3 COMSysApp; C:\Windows\system32\dllhost.exe [9728 2009-07-14] (Microsoft Corporation) [File not signed]
S3 COMSysApp; C:\Windows\SysWOW64\dllhost.exe [7168 2009-07-14] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [175104 2009-07-14] (Microsoft Corporation) [File not signed]
R2 CryptSvc; C:\Windows\SysWOW64\cryptsvc.dll [135680 2009-07-14] (Microsoft Corporation) [File not signed]
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [509440 2009-07-14] (Microsoft Corporation) [File not signed]
S3 defragsvc; C:\Windows\System32\defragsvc.dll [291328 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\Windows\system32\dhcpcore.dll [314368 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Dhcp; C:\Windows\SysWOW64\dhcpcore.dll [253440 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Dnscache; C:\Windows\System32\dnsrslvr.dll [182272 2009-07-14] (Microsoft Corporation) [File not signed]
S3 dot3svc; C:\Windows\System32\dot3svc.dll [252416 2009-07-14] (Microsoft Corporation) [File not signed]
R2 DPS; C:\Windows\system32\dps.dll [162816 2009-07-14] (Microsoft Corporation) [File not signed]
R3 EapHost; C:\Windows\System32\eapsvc.dll [111104 2009-07-14] (Microsoft Corporation) [File not signed]
R2 EFS; C:\Windows\System32\lsass.exe [31232 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ehRecvr; C:\Windows\ehome\ehRecvr.exe [696832 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ehSched; C:\Windows\ehome\ehsched.exe [127488 2009-07-14] (Microsoft Corporation) [File not signed]
R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [788000 2009-10-29] (Acer Incorporated)
R2 eventlog; C:\Windows\System32\wevtsvc.dll [1646080 2009-07-14] (Microsoft Corporation) [File not signed]
R2 EventSystem; C:\Windows\system32\es.dll [402944 2009-07-14] (Microsoft Corporation) [File not signed]
R2 EventSystem; C:\Windows\SysWOW64\es.dll [271360 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Fax; C:\Windows\system32\fxssvc.exe [689152 2009-07-14] (Microsoft Corporation) [File not signed]
R3 fdPHost; C:\Windows\system32\fdPHost.dll [16384 2009-07-14] (Microsoft Corporation) [File not signed]
R2 FDResPub; C:\Windows\system32\fdrespub.dll [34816 2009-07-14] (Microsoft Corporation) [File not signed]
R3 FontCache; C:\Windows\system32\FntCache.dll [1127936 2009-07-14] (Microsoft Corporation) [File not signed]
R2 gpsvc; C:\Windows\System32\gpsvc.dll [776192 2009-07-14] (Microsoft Corporation) [File not signed]
R3 hidserv; C:\Windows\system32\hidserv.dll [38912 2009-07-14] (Microsoft Corporation) [File not signed]
R3 hidserv; C:\Windows\SysWOW64\hidserv.dll [49152 2009-07-14] (Microsoft Corporation) [File not signed]
S3 hkmsvc; C:\Windows\system32\kmsvc.dll [90624 2009-07-14] (Microsoft Corporation) [File not signed]
S3 HomeGroupListener; C:\Windows\system32\ListSvc.dll [231936 2009-07-14] (Microsoft Corporation) [File not signed]
R3 HomeGroupProvider; C:\Windows\system32\provsvc.dll [187904 2009-07-14] (Microsoft Corporation) [File not signed]
R3 HomeGroupProvider; C:\Windows\SysWOW64\provsvc.dll [165376 2009-07-14] (Microsoft Corporation) [File not signed]
R2 IKEEXT; C:\Windows\System32\ikeext.dll [845824 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IPBusEnum; C:\Windows\system32\ipbusenum.dll [101888 2009-07-14] (Microsoft Corporation) [File not signed]
R2 iphlpsvc; C:\Windows\System32\iphlpsvc.dll [565760 2009-07-14] (Microsoft Corporation) [File not signed]
R3 KeyIso; C:\Windows\system32\lsass.exe [31232 2009-07-14] (Microsoft Corporation) [File not signed]
S3 KtmRm; C:\Windows\system32\msdtckrm.dll [368640 2009-07-14] (Microsoft Corporation) [File not signed]
R2 LanmanServer; C:\Windows\system32\srvsvc.dll [235520 2009-07-14] (Microsoft Corporation) [File not signed]
R2 LanmanWorkstation; C:\Windows\System32\wkssvc.dll [118784 2009-07-14] (Microsoft Corporation) [File not signed]
S3 lltdsvc; C:\Windows\System32\lltdsvc.dll [300032 2009-07-14] (Microsoft Corporation) [File not signed]
R2 lmhosts; C:\Windows\System32\lmhsvc.dll [23552 2009-07-14] (Microsoft Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [84480 2009-07-14] (Microsoft Corporation) [File not signed]
R2 MMCSS; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation) [File not signed]
R2 MpsSvc; C:\Windows\system32\mpssvc.dll [824832 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSDTC; C:\Windows\System32\msdtc.exe [141824 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSiSCSI; C:\Windows\system32\iscsiexe.dll [156672 2009-07-14] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\System32\msiexec.exe [127488 2009-07-14] (Microsoft Corporation) [File not signed]
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [73216 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MWLService; C:\Program Files (x86)\EgisTec\MyWinLocker 3\x86\\MWLService.exe [305448 2009-09-10] (Egis Technology Inc.)
S3 napagent; C:\Windows\system32\qagentRT.dll [475648 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Netlogon; C:\Windows\system32\lsass.exe [31232 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Netman; C:\Windows\System32\netman.dll [360448 2009-07-14] (Microsoft Corporation) [File not signed]
R3 netprofm; C:\Windows\System32\netprofm.dll [459776 2009-07-14] (Microsoft Corporation) [File not signed]
R3 netprofm; C:\Windows\SysWOW64\netprofm.dll [360448 2009-07-14] (Microsoft Corporation) [File not signed]
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\NIS.exe [276376 2014-09-21] (Symantec Corporation)
R2 NlaSvc; C:\Windows\System32\nlasvc.dll [302080 2009-07-14] (Microsoft Corporation) [File not signed]
R2 nsi; C:\Windows\system32\nsisvc.dll [25600 2009-07-14] (Microsoft Corporation) [File not signed]
S3 p2pimsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation) [File not signed]
S3 p2psvc; C:\Windows\system32\p2psvc.dll [438784 2009-07-14] (Microsoft Corporation) [File not signed]
R2 PcaSvc; C:\Windows\System32\pcasvc.dll [186368 2009-07-14] (Microsoft Corporation) [File not signed]
S3 PerfHost; C:\Windows\SysWow64\perfhost.exe [20992 2009-07-14] (Microsoft Corporation) [File not signed]
S3 pla; C:\Windows\system32\pla.dll [1390080 2009-07-14] (Microsoft Corporation) [File not signed]
S3 pla; C:\Windows\SysWOW64\pla.dll [1508864 2009-07-14] (Microsoft Corporation) [File not signed]
R2 PlugPlay; C:\Windows\system32\umpnpmgr.dll [404480 2009-07-14] (Microsoft Corporation) [File not signed]
S3 PNRPAutoReg; C:\Windows\system32\pnrpauto.dll [25088 2009-07-14] (Microsoft Corporation) [File not signed]
S3 PNRPsvc; C:\Windows\system32\pnrpsvc.dll [327168 2009-07-14] (Microsoft Corporation) [File not signed]
R3 PolicyAgent; C:\Windows\System32\ipsecsvc.dll [500224 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Power; C:\Windows\system32\umpo.dll [163840 2009-07-14] (Microsoft Corporation) [File not signed]
R2 ProfSvc; C:\Windows\system32\profsvc.dll [208384 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [31232 2009-07-14] (Microsoft Corporation) [File not signed]
S3 QWAVE; C:\Windows\system32\qwave.dll [242688 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasAuto; C:\Windows\System32\rasauto.dll [99328 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasMan; C:\Windows\System32\rasmans.dll [343552 2009-07-14] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\System32\mprdim.dll [97792 2009-07-14] (Microsoft Corporation) [File not signed]
S4 RemoteAccess; C:\Windows\SysWOW64\mprdim.dll [75264 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RemoteRegistry; C:\Windows\system32\regsvc.dll [159232 2009-07-14] (Microsoft Corporation) [File not signed]
R2 RpcEptMapper; C:\Windows\System32\RpcEpMap.dll [67072 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RpcLocator; C:\Windows\system32\locator.exe [10240 2009-07-14] (Microsoft Corporation) [File not signed]
R2 RpcSs; C:\Windows\system32\rpcss.dll [509440 2009-07-14] (Microsoft Corporation) [File not signed]
R2 RS_Service; C:\Program Files (x86)\Acer\Acer VCM\RS_Service.exe [253952 2009-07-10] (Acer Incorporated) [File not signed]
R2 SamSs; C:\Windows\system32\lsass.exe [31232 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SCardSvr; C:\Windows\System32\SCardSvr.dll [190976 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Schedule; C:\Windows\system32\schedsvc.dll [1104384 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SCPolicySvc; C:\Windows\System32\certprop.dll [80384 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SDRSVC; C:\Windows\System32\SDRSVC.dll [170496 2009-07-14] (Microsoft Corporation) [File not signed]
S3 seclogon; C:\Windows\system32\seclogon.dll [30720 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\System32\sens.dll [64512 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SENS; C:\Windows\SysWOW64\sens.dll [49664 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SensrSvc; C:\Windows\system32\sensrsvc.dll [29184 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\system32\sessenv.dll [104960 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SessionEnv; C:\Windows\SysWOW64\sessenv.dll [99328 2009-07-14] (Microsoft Corporation) [File not signed]
S4 SharedAccess; C:\Windows\System32\ipnathlp.dll [359424 2009-07-14] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\System32\shsvcs.dll [369664 2009-07-14] (Microsoft Corporation) [File not signed]
R2 ShellHWDetection; C:\Windows\SysWOW64\shsvcs.dll [328192 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SNMPTRAP; C:\Windows\System32\snmptrap.exe [14336 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Spooler; C:\Windows\System32\spoolsv.exe [558080 2009-07-14] (Microsoft Corporation) [File not signed]
S2 sppsvc; C:\Windows\system32\sppsvc.exe [3524608 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sppuinotify; C:\Windows\system32\sppuinotify.dll [65536 2009-07-14] (Microsoft Corporation) [File not signed]
R3 SSDPSRV; C:\Windows\System32\ssdpsrv.dll [193024 2009-07-14] (Microsoft Corporation) [File not signed]
S3 SstpSvc; C:\Windows\system32\sstpsvc.dll [75264 2009-07-14] (Microsoft Corporation) [File not signed]
S2 stisvc; C:\Windows\System32\wiaservc.dll [578560 2009-07-14] (Microsoft Corporation) [File not signed]
S3 swprv; C:\Windows\System32\swprv.dll [524288 2009-07-14] (Microsoft Corporation) [File not signed]
R2 SysMain; C:\Windows\system32\sysmain.dll [1780736 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TabletInputService; C:\Windows\System32\TabSvc.dll [93184 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:\Windows\System32\tapisrv.dll [316416 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TapiSrv; C:\Windows\SysWOW64\tapisrv.dll [241664 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TBS; C:\Windows\System32\tbssvc.dll [65536 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TermService; C:\Windows\System32\termsrv.dll [706560 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2009-07-14] (Microsoft Corporation) [File not signed]
S3 THREADORDER; C:\Windows\system32\mmcss.dll [67584 2009-07-14] (Microsoft Corporation) [File not signed]
R2 TrkWks; C:\Windows\System32\trkwks.dll [119808 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TrustedInstaller; C:\Windows\servicing\TrustedInstaller.exe [194048 2009-07-14] (Microsoft Corporation) [File not signed]
S3 UI0Detect; C:\Windows\system32\UI0Detect.exe [40960 2009-07-14] (Microsoft Corporation) [File not signed]
S3 upnphost; C:\Windows\System32\upnphost.dll [353792 2009-07-14] (Microsoft Corporation) [File not signed]
S3 upnphost; C:\Windows\SysWOW64\upnphost.dll [266752 2009-07-14] (Microsoft Corporation) [File not signed]
R2 UxSms; C:\Windows\System32\uxsms.dll [38912 2009-07-14] (Microsoft Corporation) [File not signed]
S3 VaultSvc; C:\Windows\system32\lsass.exe [31232 2009-07-14] (Microsoft Corporation) [File not signed]
S3 vds; C:\Windows\System32\vds.exe [532480 2009-07-14] (Microsoft Corporation) [File not signed]
S3 VSS; C:\Windows\system32\vssvc.exe [1598976 2009-07-14] (Microsoft Corporation) [File not signed]
S3 W32Time; C:\Windows\system32\w32time.dll [381952 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wbengine; C:\Windows\system32\wbengine.exe [1503744 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WbioSrvc; C:\Windows\System32\wbiosrvc.dll [202240 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wcncsvc; C:\Windows\System32\wcncsvc.dll [366592 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wcncsvc; C:\Windows\SysWOW64\wcncsvc.dll [276480 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WcsPlugInService; C:\Windows\System32\WcsPlugInService.dll [40960 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WcsPlugInService; C:\Windows\SysWOW64\WcsPlugInService.dll [32768 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:\Windows\system32\wdi.dll [90624 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WdiServiceHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WdiSystemHost; C:\Windows\system32\wdi.dll [90624 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WdiSystemHost; C:\Windows\SysWOW64\wdi.dll [76288 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WebClient; C:\Windows\System32\webclnt.dll [254464 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [202240 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Wecsvc; C:\Windows\system32\wecsvc.dll [237568 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wercplsupport; C:\Windows\System32\wercplsupport.dll [84480 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WerSvc; C:\Windows\System32\WerSvc.dll [76800 2009-07-14] (Microsoft Corporation) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WinHttpAutoProxySvc; C:\Windows\system32\winhttp.dll [438784 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WinHttpAutoProxySvc; C:\Windows\SysWOW64\winhttp.dll [348672 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Winmgmt; C:\Windows\system32\wbem\WMIsvc.dll [242688 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\Windows\system32\WsmSvc.dll [2018816 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WinRM; C:\Windows\SysWOW64\WsmSvc.dll [1175040 2009-07-14] (Microsoft Corporation) [File not signed]
R2 Wlansvc; C:\Windows\System32\wlansvc.dll [886784 2009-07-14] (Microsoft Corporation) [File not signed]
S3 wmiApSrv; C:\Windows\system32\wbem\WmiApSrv.exe [203264 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WMPNetworkSvc; C:\Program Files\Windows Media Player\wmpnetwk.exe [1525248 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WPCSvc; C:\Windows\System32\wpcsvc.dll [12288 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WPCSvc; C:\Windows\SysWOW64\wpcsvc.dll [10752 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WPDBusEnum; C:\Windows\system32\wpdbusenum.dll [116736 2009-07-14] (Microsoft Corporation) [File not signed]
R2 wscsvc; C:\Windows\System32\wscsvc.dll [97280 2009-07-14] (Microsoft Corporation) [File not signed]
S2 WSearch; C:\Windows\system32\SearchIndexer.exe [593408 2009-07-14] (Microsoft Corporation) [File not signed]
S2 WSearch; C:\Windows\SysWOW64\SearchIndexer.exe [428032 2009-07-14] (Microsoft Corporation) [File not signed]
R2 wuauserv; C:\Windows\system32\wuaueng.dll [2418176 2009-07-14] (Microsoft Corporation) [File not signed]
R2 wudfsvc; C:\Windows\System32\WUDFSvc.dll [75264 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WwanSvc; C:\Windows\System32\wwansvc.dll [229888 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [X]
S2 Apple Mobile Device; "C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe" [X]
S2 Bonjour Service; "C:\Program Files\Bonjour\mDNSResponder.exe" [X]
S2 csrcc; "C:\Program Files\shopperz\csrcc.exe" [X]
S3 iPod Service; "C:\Program Files\iPod\bin\iPodService.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 1394ohci; C:\Windows\system32\DRIVERS\1394ohci.sys [227840 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AcpiPmi; C:\Windows\system32\DRIVERS\acpipmi.sys [12288 2009-07-14] (Microsoft Corporation) [File not signed]
R1 AFD; C:\Windows\system32\drivers\afd.sys [500224 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AmdK8; C:\Windows\system32\DRIVERS\amdk8.sys [64512 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AmdPPM; C:\Windows\system32\DRIVERS\amdppm.sys [60928 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2009-07-14] (Microsoft Corporation) [File not signed]
S3 AsyncMac; C:\Windows\System32\DRIVERS\asyncmac.sys [23040 2009-07-14] (Microsoft Corporation) [File not signed]
R3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [6038016 2009-08-04] (ATI Technologies Inc.) [File not signed]
S3 b06bdrv; C:\Windows\system32\DRIVERS\bxvbda.sys [468480 2009-06-10] (Broadcom Corporation) [File not signed]
S3 b57nd60a; C:\Windows\System32\DRIVERS\b57nd60a.sys [270848 2009-06-10] (Broadcom Corporation) [File not signed]
R1 Beep; C:\Windows\System32\Drivers\Beep.sys [6656 2009-07-14] (Microsoft Corporation) [File not signed]
R1 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\NortonData\21.0.0.100\Definitions\BASHDefs\20141203.001\BHDrvx64.sys [1587416 2014-10-03] (Symantec Corporation)
R1 blbdrive; C:\Windows\system32\DRIVERS\blbdrive.sys [45056 2009-07-14] (Microsoft Corporation) [File not signed]
R3 bowser; C:\Windows\System32\DRIVERS\bowser.sys [90624 2009-07-14] (Microsoft Corporation) [File not signed]
S3 BrFiltLo; C:\Windows\system32\DRIVERS\BrFiltLo.sys [18432 2009-06-10] (Brother Industries, Ltd.) [File not signed]
S3 BrFiltUp; C:\Windows\system32\DRIVERS\BrFiltUp.sys [8704 2009-06-10] (Brother Industries, Ltd.) [File not signed]
S3 Brserid; C:\Windows\System32\Drivers\Brserid.sys [286720 2009-07-14] (Brother Industries Ltd.) [File not signed]
S3 BrSerWdm; C:\Windows\System32\Drivers\BrSerWdm.sys [47104 2009-06-10] (Brother Industries Ltd.) [File not signed]
S3 BrUsbMdm; C:\Windows\System32\Drivers\BrUsbMdm.sys [14976 2009-06-10] (Brother Industries Ltd.) [File not signed]
S3 BrUsbSer; C:\Windows\System32\Drivers\BrUsbSer.sys [14720 2009-06-10] (Brother Industries Ltd.) [File not signed]
S3 BTHMODEM; C:\Windows\system32\DRIVERS\bthmodem.sys [72192 2009-07-14] (Microsoft Corporation) [File not signed]
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1506000.020\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
S4 cdfs; C:\Windows\System32\DRIVERS\cdfs.sys [92160 2009-07-14] (Microsoft Corporation) [File not signed]
R1 cdrom; C:\Windows\System32\DRIVERS\cdrom.sys [147456 2009-07-14] (Microsoft Corporation) [File not signed]
R1 cherimoya; C:\Windows\System32\drivers\cherimoya.sys [60376 2014-11-23] (Cherimoya Ltd)
R3 circlass; C:\Windows\system32\DRIVERS\circlass.sys [45568 2009-07-14] (Microsoft Corporation) [File not signed]
R3 CmBatt; C:\Windows\system32\DRIVERS\CmBatt.sys [17664 2009-07-14] (Microsoft Corporation) [File not signed]
R3 CompositeBus; C:\Windows\system32\DRIVERS\CompositeBus.sys [38912 2009-07-14] (Microsoft Corporation) [File not signed]
R1 DfsC; C:\Windows\System32\Drivers\dfsc.sys [102400 2009-07-14] (Microsoft Corporation) [File not signed]
R1 discache; C:\Windows\System32\drivers\discache.sys [40448 2009-07-14] (Microsoft Corporation) [File not signed]
S3 drmkaud; C:\Windows\System32\drivers\drmkaud.sys [5632 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation) [File not signed]
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)
R3 enecir; C:\Windows\system32\DRIVERS\enecir.sys [70656 2009-05-20] (ENE TECHNOLOGY INC.) [File not signed]
S3 enecirhid; C:\Windows\system32\DRIVERS\enecirhid.sys [14848 2009-05-19] (ENE TECHNOLOGY INC.) [File not signed]
S3 enecirhidma; C:\Windows\system32\DRIVERS\enecirhidma.sys [6656 2008-04-24] (ENE TECHNOLOGY INC.) [File not signed]
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-11-16] (Symantec Corporation)
S3 ErrDev; C:\Windows\system32\DRIVERS\errdev.sys [9728 2009-07-14] (Microsoft Corporation) [File not signed]
S3 exfat; C:\Windows\System32\Drivers\exfat.sys [195072 2009-07-14] (Microsoft Corporation) [File not signed]
S3 fastfat; C:\Windows\System32\Drivers\fastfat.sys [204800 2009-07-14] (Microsoft Corporation) [File not signed]
S3 fdc; C:\Windows\system32\DRIVERS\fdc.sys [29696 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Filetrace; C:\Windows\System32\drivers\filetrace.sys [34304 2009-07-14] (Microsoft Corporation) [File not signed]
S3 flpydisk; C:\Windows\system32\DRIVERS\flpydisk.sys [24576 2009-07-14] (Microsoft Corporation) [File not signed]
S3 hcw85cir; C:\Windows\system32\drivers\hcw85cir.sys [31232 2009-06-10] (Hauppauge Computer Works, Inc.) [File not signed]
S3 HdAudAddService; C:\Windows\System32\drivers\HdAudio.sys [350208 2009-07-14] (Microsoft Corporation) [File not signed]
R3 HDAudBus; C:\Windows\System32\DRIVERS\HDAudBus.sys [122368 2009-07-14] (Microsoft Corporation) [File not signed]
S3 HidBatt; C:\Windows\system32\DRIVERS\HidBatt.sys [26624 2009-07-14] (Microsoft Corporation) [File not signed]
S3 HidBth; C:\Windows\system32\DRIVERS\hidbth.sys [100864 2009-07-14] (Microsoft Corporation) [File not signed]
R3 HidIr; C:\Windows\system32\DRIVERS\hidir.sys [46592 2009-07-14] (Microsoft Corporation) [File not signed]
S3 HidUsb; C:\Windows\System32\DRIVERS\hidusb.sys [30208 2009-07-14] (Microsoft Corporation) [File not signed]
R3 HTTP; C:\Windows\System32\drivers\HTTP.sys [751616 2009-07-14] (Microsoft Corporation) [File not signed]
R3 i8042prt; C:\Windows\System32\DRIVERS\i8042prt.sys [105472 2009-07-14] (Microsoft Corporation) [File not signed]
R1 IDSVia64; C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\NortonData\21.0.0.100\Definitions\IPSDefs\20141208.001\IDSvia64.sys [637656 2014-11-18] (Symantec Corporation)
R3 intelppm; C:\Windows\System32\DRIVERS\intelppm.sys [62464 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IpFilterDriver; C:\Windows\System32\DRIVERS\ipfltdrv.sys [82944 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IPMIDRV; C:\Windows\system32\DRIVERS\IPMIDrv.sys [78848 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IPNAT; C:\Windows\System32\drivers\ipnat.sys [116224 2009-07-14] (Microsoft Corporation) [File not signed]
S3 IRENUM; C:\Windows\System32\drivers\irenum.sys [17920 2009-07-14] (Microsoft Corporation) [File not signed]
S3 JMCR; C:\Windows\System32\DRIVERS\jmcr.sys [140712 2009-07-20] (JMicron Technology Corporation) [File not signed]
S0 johci; C:\Windows\System32\DRIVERS\johci.sys [22640 2009-08-24] (JMicron )
R3 kbdhid; C:\Windows\system32\DRIVERS\kbdhid.sys [33280 2009-07-14] (Microsoft Corporation) [File not signed]
R3 ksthunk; C:\Windows\system32\drivers\ksthunk.sys [20992 2009-07-14] (Microsoft Corporation) [File not signed]
R2 lltdio; C:\Windows\System32\DRIVERS\lltdio.sys [60928 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Ltn_stk7070P; C:\Windows\System32\DRIVERS\Ltn_stk7070P.sys [625152 2009-05-23] (LiteOn) [File not signed]
R2 luafv; C:\Windows\system32\drivers\luafv.sys [113152 2009-07-14] (Microsoft Corporation) [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-09] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 Modem; C:\Windows\System32\drivers\modem.sys [40448 2009-07-14] (Microsoft Corporation) [File not signed]
R3 monitor; C:\Windows\System32\DRIVERS\monitor.sys [30208 2009-07-14] (Microsoft Corporation) [File not signed]
R3 mouhid; C:\Windows\system32\DRIVERS\mouhid.sys [31232 2009-07-14] (Microsoft Corporation) [File not signed]
R3 mpsdrv; C:\Windows\System32\drivers\mpsdrv.sys [77312 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MRxDAV; C:\Windows\system32\drivers\mrxdav.sys [140800 2009-07-14] (Microsoft Corporation) [File not signed]
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [157184 2009-07-14] (Microsoft Corporation) [File not signed]
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [285696 2009-07-14] (Microsoft Corporation) [File not signed]
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [125952 2009-07-14] (Microsoft Corporation) [File not signed]
R1 Msfs; C:\Windows\System32\Drivers\Msfs.sys [26112 2009-07-14] (Microsoft Corporation) [File not signed]
S3 mshidkmdf; C:\Windows\System32\drivers\mshidkmdf.sys [8192 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSKSSRV; C:\Windows\System32\drivers\MSKSSRV.sys [11136 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSPCLOCK; C:\Windows\System32\drivers\MSPCLOCK.sys [7168 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSPQM; C:\Windows\System32\drivers\MSPQM.sys [6784 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MSTEE; C:\Windows\System32\drivers\MSTEE.sys [8064 2009-07-14] (Microsoft Corporation) [File not signed]
S3 MTConfig; C:\Windows\system32\DRIVERS\MTConfig.sys [15360 2009-07-14] (Microsoft Corporation) [File not signed]
R3 NativeWifiP; C:\Windows\System32\DRIVERS\nwifi.sys [318976 2009-07-14] (Microsoft Corporation) [File not signed]
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20141208.035\ENG64.SYS [129752 2014-12-09] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\NortonData\21.0.0.100\Definitions\VirusDefs\20141208.035\EX64.SYS [2137304 2014-12-09] (Symantec Corporation)
S3 NdisCap; C:\Windows\System32\DRIVERS\ndiscap.sys [35328 2009-07-14] (Microsoft Corporation) [File not signed]
R3 NdisTapi; C:\Windows\System32\DRIVERS\ndistapi.sys [24064 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Ndisuio; C:\Windows\System32\DRIVERS\ndisuio.sys [56320 2009-07-14] (Microsoft Corporation) [File not signed]
R3 NdisWan; C:\Windows\System32\DRIVERS\ndiswan.sys [164352 2009-07-14] (Microsoft Corporation) [File not signed]
R3 NDProxy; C:\Windows\System32\Drivers\NDProxy.sys [57856 2009-07-14] (Microsoft Corporation) [File not signed]
R1 NetBIOS; C:\Windows\System32\DRIVERS\netbios.sys [44544 2009-07-14] (Microsoft Corporation) [File not signed]
R1 NetBT; C:\Windows\System32\DRIVERS\netbt.sys [259072 2009-07-14] (Microsoft Corporation) [File not signed]
R3 NETw5s64; C:\Windows\System32\DRIVERS\NETw5s64.sys [6952960 2009-09-15] (Intel Corporation) [File not signed]
S3 netw5v64; C:\Windows\System32\DRIVERS\netw5v64.sys [5434368 2009-06-10] (Intel Corporation) [File not signed]
R1 Npfs; C:\Windows\System32\Drivers\Npfs.sys [44032 2009-07-14] (Microsoft Corporation) [File not signed]
R1 nsiproxy; C:\Windows\System32\drivers\nsiproxy.sys [24576 2009-07-14] (Microsoft Corporation) [File not signed]
R1 Null; C:\Windows\System32\Drivers\Null.sys [6144 2009-07-14] (Microsoft Corporation) [File not signed]
S3 ohci1394; C:\Windows\system32\DRIVERS\ohci1394.sys [72832 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Parport; C:\Windows\system32\DRIVERS\parport.sys [97280 2009-07-14] (Microsoft Corporation) [File not signed]
R2 PEAUTH; C:\Windows\System32\drivers\peauth.sys [651264 2009-07-14] (Microsoft Corporation) [File not signed]
R3 PptpMiniport; C:\Windows\System32\DRIVERS\raspptp.sys [111616 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Processor; C:\Windows\system32\DRIVERS\processr.sys [60416 2009-07-14] (Microsoft Corporation) [File not signed]
R1 Psched; C:\Windows\System32\DRIVERS\pacer.sys [131584 2009-07-14] (Microsoft Corporation) [File not signed]
S3 QWAVEdrv; C:\Windows\system32\drivers\qwavedrv.sys [46592 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RasAcd; C:\Windows\System32\DRIVERS\rasacd.sys [14848 2009-07-14] (Microsoft Corporation) [File not signed]
R3 RasAgileVpn; C:\Windows\System32\DRIVERS\AgileVpn.sys [60416 2009-07-14] (Microsoft Corporation) [File not signed]
R3 Rasl2tp; C:\Windows\System32\DRIVERS\rasl2tp.sys [130048 2009-07-14] (Microsoft Corporation) [File not signed]
R3 RasPppoe; C:\Windows\System32\DRIVERS\raspppoe.sys [92672 2009-07-14] (Microsoft Corporation) [File not signed]
R3 RasSstp; C:\Windows\System32\DRIVERS\rassstp.sys [83968 2009-07-14] (Microsoft Corporation) [File not signed]
R1 rdbss; C:\Windows\System32\DRIVERS\rdbss.sys [309248 2009-07-14] (Microsoft Corporation) [File not signed]
S3 rdpbus; C:\Windows\system32\DRIVERS\rdpbus.sys [24064 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPCDD; C:\Windows\System32\DRIVERS\RDPCDD.sys [7680 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPENCDD; C:\Windows\System32\drivers\rdpencdd.sys [7680 2009-07-14] (Microsoft Corporation) [File not signed]
R1 RDPREFMP; C:\Windows\System32\drivers\rdprefmp.sys [8192 2009-07-14] (Microsoft Corporation) [File not signed]
S3 RDPWD; C:\Windows\System32\Drivers\RDPWD.sys [204800 2009-07-14] (Microsoft Corporation) [File not signed]
R2 rspndr; C:\Windows\System32\DRIVERS\rspndr.sys [76800 2009-07-14] (Microsoft Corporation) [File not signed]
S3 scfilter; C:\Windows\System32\DRIVERS\scfilter.sys [29696 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sdbus; C:\Windows\System32\DRIVERS\sdbus.sys [109056 2009-07-14] (Microsoft Corporation) [File not signed]
R2 secdrv; C:\Windows\System32\Drivers\secdrv.sys [23040 2009-06-10] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) [File not signed]
S3 Serenum; C:\Windows\system32\DRIVERS\serenum.sys [23552 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sermouse; C:\Windows\system32\DRIVERS\sermouse.sys [26624 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffdisk; C:\Windows\system32\DRIVERS\sffdisk.sys [14336 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffp_mmc; C:\Windows\system32\DRIVERS\sffp_mmc.sys [13824 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sffp_sd; C:\Windows\system32\DRIVERS\sffp_sd.sys [14336 2009-07-14] (Microsoft Corporation) [File not signed]
S3 sfloppy; C:\Windows\system32\DRIVERS\sfloppy.sys [16896 2009-07-14] (Microsoft Corporation) [File not signed]
S3 Smb; C:\Windows\System32\DRIVERS\smb.sys [93184 2009-07-14] (Microsoft Corporation) [File not signed]
R1 SRTSP; C:\Windows\System32\Drivers\NISx64\1506000.020\SRTSP64.SYS [876248 2014-08-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1506000.020\SRTSPX64.SYS [37592 2014-08-26] (Symantec Corporation)
R3 srv; C:\Windows\System32\DRIVERS\srv.sys [465408 2009-07-14] (Microsoft Corporation) [File not signed]
R3 srv2; C:\Windows\System32\DRIVERS\srv2.sys [407040 2009-07-14] (Microsoft Corporation) [File not signed]
R3 srvnet; C:\Windows\System32\DRIVERS\srvnet.sys [162816 2009-07-14] (Microsoft Corporation) [File not signed]
R0 SymDS; C:\Windows\System32\drivers\NISx64\1506000.020\SYMDS64.SYS [493656 2013-08-01] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1506000.020\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-01-18] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1506000.020\Ironx64.SYS [266968 2014-08-06] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1506000.020\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)
R2 tcpipreg; C:\Windows\System32\drivers\tcpipreg.sys [44544 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TDPIPE; C:\Windows\System32\drivers\tdpipe.sys [15872 2009-07-14] (Microsoft Corporation) [File not signed]
S3 TDTCP; C:\Windows\System32\drivers\tdtcp.sys [23552 2009-07-14] (Microsoft Corporation) [File not signed]
R1 tdx; C:\Windows\System32\DRIVERS\tdx.sys [99840 2009-07-14] (Microsoft Corporation) [File not signed]
S3 tssecsrv; C:\Windows\System32\DRIVERS\tssecsrv.sys [38400 2009-07-14] (Microsoft Corporation) [File not signed]
S3 tunnel; C:\Windows\System32\DRIVERS\tunnel.sys [125440 2009-07-14] (Microsoft Corporation) [File not signed]
S4 udfs; C:\Windows\System32\DRIVERS\udfs.sys [327168 2009-07-14] (Microsoft Corporation) [File not signed]
R3 umbus; C:\Windows\System32\DRIVERS\umbus.sys [48640 2009-07-14] (Microsoft Corporation) [File not signed]
S3 UmPass; C:\Windows\system32\DRIVERS\umpass.sys [9728 2009-07-14] (Microsoft Corporation) [File not signed]
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 usbaudio; C:\Windows\System32\drivers\usbaudio.sys [109568 2009-07-14] (Microsoft Corporation) [File not signed]
R3 usbccgp; C:\Windows\System32\DRIVERS\usbccgp.sys [98816 2009-07-14] (Microsoft Corporation) [File not signed]
S3 usbcir; C:\Windows\system32\DRIVERS\usbcir.sys [100352 2009-07-14] (Microsoft Corporation) [File not signed]
R3 usbehci; C:\Windows\system32\DRIVERS\usbehci.sys [51200 2009-07-14] (Microsoft Corporation) [File not signed]
R3 usbhub; C:\Windows\system32\DRIVERS\usbhub.sys [343040 2009-07-14] (Microsoft Corporation) [File not signed]
S3 usbohci; C:\Windows\system32\DRIVERS\usbohci.sys [25600 2009-07-14] (Microsoft Corporation) [File not signed]
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [25088 2009-07-14] (Microsoft Corporation) [File not signed]
S3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [41984 2009-07-14] (Microsoft Corporation) [File not signed]
S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [89600 2009-07-14] (Microsoft Corporation) [File not signed]
S3 usbuhci; C:\Windows\system32\DRIVERS\usbuhci.sys [30720 2009-07-14] (Microsoft Corporation) [File not signed]
R3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [184576 2009-07-14] (Microsoft Corporation) [File not signed]
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [29184 2009-07-14] (Microsoft Corporation) [File not signed]
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [29184 2009-07-14] (Microsoft Corporation) [File not signed]
R3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [24576 2009-07-14] (Microsoft Corporation) [File not signed]
R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [59904 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WacomPen; C:\Windows\system32\DRIVERS\wacompen.sys [27776 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-14] (Microsoft Corporation) [File not signed]
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [88576 2009-07-14] (Microsoft Corporation) [File not signed]
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [12800 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WinUsb; C:\Windows\System32\DRIVERS\WinUsb.sys [40448 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WmiAcpi; C:\Windows\system32\DRIVERS\wmiacpi.sys [14336 2009-07-14] (Microsoft Corporation) [File not signed]
S4 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [21504 2009-07-14] (Microsoft Corporation) [File not signed]
R3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [112128 2009-07-14] (Microsoft Corporation) [File not signed]
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [172544 2009-07-14] (Microsoft Corporation) [File not signed]
S1 avipbb; system32\DRIVERS\avipbb.sys [X]
S1 avkmgr; system32\DRIVERS\avkmgr.sys [X]
S2 avnetflt; system32\DRIVERS\avnetflt.sys [X]
S3 k57nd60a; system32\DRIVERS\k57nd60a.sys [X]
S3 PCDSRVC{5368CD8C-347D2239-06020200}_0; \??\c:\users\admini~1\appdata\local\temp\zst1_guzd1e5\pcdrdiag\bin\pcdsrvc_x64.pkms [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-09 17:32 - 2014-12-09 16:56 - 00024064 _____ () C:\Windows\zoek-delete.exe
2014-12-09 16:59 - 2014-12-09 18:05 - 00060753 _____ () C:\zoek-results.log
2014-12-09 16:56 - 2014-12-09 17:28 - 00000000 ____D () C:\zoek_backup
2014-12-09 15:08 - 2014-12-09 18:04 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-09 15:08 - 2014-12-09 15:09 - 00001110 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-12-09 15:08 - 2014-12-09 15:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-12-09 15:08 - 2014-12-09 15:09 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-12-09 15:08 - 2014-12-09 15:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-12-09 15:08 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-09 15:08 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-12-09 15:08 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-12-09 15:05 - 2014-12-09 15:06 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Kelmendi\Downloads\mbam-setup-2.0.4.1028.exe
2014-12-09 15:05 - 2014-12-09 15:06 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\Kelmendi\Desktop\mbam-setup-2.0.4.1028.exe
2014-12-09 14:49 - 2014-12-09 14:57 - 00000000 ____D () C:\AdwCleaner
2014-12-09 14:48 - 2014-12-09 14:48 - 02166272 _____ () C:\Users\Kelmendi\Downloads\AdwCleaner_4.105.exe
2014-12-09 14:48 - 2014-12-09 14:48 - 02166272 _____ () C:\Users\Kelmendi\Desktop\AdwCleaner_4.105.exe
2014-12-09 14:32 - 2014-12-09 14:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-09 14:20 - 2014-12-09 14:20 - 00000000 ____D () C:\Users\Kelmendi\Desktop\RevoUninstallerPortable
2014-12-09 14:18 - 2014-12-09 14:19 - 02785665 _____ (PortableApps.com) C:\Users\Kelmendi\Desktop\RevoUninstallerPortable_1.95_Rev_2.paf.exe
2014-12-09 11:39 - 2014-12-09 11:40 - 00040689 _____ () C:\Users\Kelmendi\Desktop\Addition.txt
2014-12-09 11:37 - 2014-12-09 18:09 - 00059749 _____ () C:\Users\Kelmendi\Desktop\FRST.txt
2014-12-09 11:37 - 2014-12-09 18:09 - 00000000 ____D () C:\FRST
2014-12-09 11:36 - 2014-12-09 11:36 - 02119680 _____ (Farbar) C:\Users\Kelmendi\Desktop\frst64.exe
2014-12-08 17:49 - 2014-12-09 14:07 - 00000000 ___HD () C:\Users\Public\Temp
2014-12-08 17:48 - 2014-12-08 17:48 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-12-08 17:47 - 2014-12-09 14:44 - 00003472 _____ () C:\Windows\System32\Tasks\ProPCCleaner_Popup
2014-12-08 17:47 - 2014-12-08 17:47 - 00003208 _____ () C:\Windows\System32\Tasks\ProPCCleaner_Start
2014-12-08 17:47 - 2014-12-08 17:47 - 00000000 ____D () C:\Users\Kelmendi\AppData\Local\Pro_PC_Cleaner
2014-12-08 17:46 - 2014-12-09 14:44 - 00000000 ____D () C:\Users\Kelmendi\Documents\ProPCCleaner
2014-12-08 17:45 - 2014-12-08 17:45 - 00003628 _____ () C:\Windows\System32\Tasks\omrUpdater
2014-12-08 17:45 - 2014-11-23 10:07 - 00060376 _____ (Cherimoya Ltd) C:\Windows\system32\Drivers\cherimoya.sys
2014-12-08 17:39 - 2014-12-08 17:48 - 00176552 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-12-08 17:39 - 2014-12-08 17:48 - 00176040 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-12-08 17:39 - 2014-12-08 17:48 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-08 17:38 - 2014-12-08 17:39 - 00005820 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_71-b14.log
2014-12-08 12:39 - 2014-12-08 12:39 - 00008293 _____ () C:\Users\Kelmendi\Documents\LADKH.odt
2014-12-07 13:10 - 2014-12-07 21:02 - 00000000 ____D () C:\Users\Kelmendi\Documents\GELD ZURÜCKHOLEN
2014-11-17 11:45 - 2014-11-17 11:45 - 00002517 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-11-17 11:45 - 2014-11-17 11:45 - 00000000 ____D () C:\Users\Kelmendi\AppData\Local\Skype
2014-11-17 11:45 - 2014-11-17 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-11-17 11:43 - 2014-11-17 11:44 - 26913384 _____ (Skype Technologies S.A.) C:\Users\Kelmendi\Downloads\SkypeSetupFull.exe
2014-11-13 20:36 - 2014-11-13 20:36 - 00280312 _____ () C:\Windows\Minidump\111314-41995-01.dmp

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-09 18:07 - 2012-11-24 21:42 - 00000000 ____D () C:\Users\Kelmendi\AppData\Local\CrashDumps
2014-12-09 18:05 - 2013-03-03 21:49 - 00000000 ____D () C:\Users\Kelmendi\AppData\Roaming\Spotify
2014-12-09 18:05 - 2012-10-06 16:37 - 00000000 ____D () C:\Users\Kelmendi\AppData\Roaming\Skype
2014-12-09 18:05 - 2012-06-24 09:52 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-09 18:04 - 2012-06-24 09:52 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-09 17:53 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-09 17:53 - 2009-07-14 05:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-09 17:50 - 2012-05-23 00:10 - 07059974 _____ () C:\Windows\system32\perfh007.dat
2014-12-09 17:50 - 2012-05-23 00:10 - 02178198 _____ () C:\Windows\system32\perfc007.dat
2014-12-09 17:50 - 2012-05-22 14:20 - 01505460 _____ () C:\Windows\WindowsUpdate.log
2014-12-09 17:50 - 2009-07-14 06:13 - 00004568 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-09 17:46 - 2014-09-26 15:57 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-12-09 17:46 - 2009-10-21 01:27 - 01227032 _____ () C:\Windows\PFRO.log
2014-12-09 17:46 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-09 17:46 - 2009-07-14 05:51 - 00241853 _____ () C:\Windows\setupact.log
2014-12-09 17:27 - 2013-10-30 08:10 - 00001132 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000UA.job
2014-12-09 17:22 - 2012-06-20 16:59 - 00000000 ____D () C:\Users\Kelmendi
2014-12-09 17:22 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-12-09 17:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-12-09 16:25 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Cursors
2014-12-09 15:57 - 2012-09-15 17:52 - 00000940 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000UA.job
2014-12-09 14:58 - 2012-07-14 18:09 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-09 14:57 - 2014-01-18 17:11 - 00000803 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-12-09 14:57 - 2012-07-14 18:09 - 00000815 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-12-09 14:27 - 2013-10-30 08:10 - 00001080 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000Core.job
2014-12-09 14:06 - 2013-03-03 21:50 - 00000000 ____D () C:\Users\Kelmendi\AppData\Local\Spotify
2014-12-08 17:48 - 2013-10-30 07:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-12-08 17:48 - 2013-10-30 07:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-08 17:48 - 2013-09-09 21:49 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-08 01:02 - 2012-05-22 14:52 - 00000000 ____D () C:\ProgramData\Temp
2014-12-07 21:02 - 2014-08-21 16:08 - 00000099 _____ () C:\Users\Public\LMDebug.log
2014-12-03 18:57 - 2012-09-15 17:52 - 00000918 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000Core.job
2014-12-02 13:35 - 2012-09-22 12:59 - 00000000 ____D () C:\Program Files (x86)\PhotoScape
2014-12-02 13:02 - 2012-10-18 18:01 - 00000000 ____D () C:\Users\Kelmendi\Documents\Flora
2014-11-17 11:45 - 2012-10-06 16:37 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-11-17 11:45 - 2012-10-06 16:37 - 00000000 ____D () C:\ProgramData\Skype
2014-11-13 20:36 - 2012-07-29 19:08 - 523256374 _____ () C:\Windows\MEMORY.DMP
2014-11-13 20:36 - 2012-07-29 19:08 - 00000000 ____D () C:\Windows\Minidump

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-06 21:43

==================== End Of Log ============================

--- --- ---

--- --- ---

Und hier die Addition:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-12-2014
Ran by Kelmendi at 2014-12-09 18:09:52
Running from C:\Users\Kelmendi\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 2 (SP2) (x32 Version:  - Microsoft) Hidden
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.0.7029 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.0.7029 - CyberLink Corp.) Hidden
Acer Arcade Instant On (x32 Version: 3.0.20.1 - Acer) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.1.29 - NewTech Infosystems)
Acer Crystal Eye webcam Ver:1.1.88.610 (HKLM-x32\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.88.610 - Chicony Electronics Co.,Ltd.)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer PowerSmart Manager (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.06.3007 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.9.0715 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3000 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe PageMaker 7.0 (HKLM-x32\...\Adobe PageMaker 7.0) (Version: 7.0.1 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.05) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.05 - Adobe Systems Incorporated)
Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version:  - Oberon Media)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version:  - Oberon Media)
Apple Application Support (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI AVIVO64 Codecs (Version: 10.7.0.40804 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{C5304802-5E11-D74F-813E-BAABDD870774}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
Backup Manager Advance (x32 Version: 2.0.1.29 - NewTech Infosystems) Hidden
Benutzerhandbuch anzeigen (HKLM-x32\...\View User Guide) (Version: 3.60.43.0 - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
ccc-core-static (x32 Version: 2009.0804.2223.38385 - Ihr Firmenname) Hidden
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version:  - Oberon Media)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version:  - Oberon Media)
DesktopDock (HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\DesktopDock) (Version: 1.0.1.32 - DesktopDock)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
ENE CIR Receiver Driver (HKLM\...\5F4DD0919B4763856B77AD385DEEEFCDF01784A8) (Version: 2.7.3.519 - ENE)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version:  - Oberon Media)
First Class Flurry (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}) (Version:  - Oberon Media)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version:  - Oberon Media)
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version:  - Oberon Media)
ICQ7M (HKLM-x32\...\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}) (Version: 7.8 - ICQ)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3002 - Acer Incorporated)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.710 - Oracle)
Java 7 Update 9 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417009FF}) (Version: 7.0.90 - Oracle)
Java 8 Update 11 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218011FF}) (Version: 8.0.110 - Oracle Corporation)
Java SE Development Kit 7 Update 9 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170090}) (Version: 1.7.0.90 - Oracle)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.05.00 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.32.1 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.04 - Acer Inc.)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.10 - McAfee, Inc.)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM-x32\...\OMUI.de-de) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.40624.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.76.0 - Egis Technology Inc.)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.6.0.32 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6623 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6623 - NewTech Infosystems) Hidden
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 9.0.15.65 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version:  - PopCap Games)
Pro PC Cleaner (HKLM-x32\...\{C3060724-6AC7-4BEF-B516-4F6B1D90887D}) (Version: 2.5.5 - Pro PC Cleaner)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5918 - Realtek Semiconductor Corp.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.05.78 (28.06.2013) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.03.60.00(23.07.2013) - Samsung Electronics Co., Ltd.)
Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.60.40.3 - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.10 (14.02.2014) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.01.08.00 - Samsung Electronics Co., Ltd.) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Spotify (HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.2.0 - Synaptics Incorporated)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Vocup 1.4.3 (HKLM-x32\...\Vocup_is1) (Version: 1.4.3 - Florian Amstutz)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
Welt der Zahl 2 (HKLM-x32\...\Welt der Zahl 2) (Version:  - Bildungshaus Schulbuchverlage Westermann Schroedel Diesterweg Schöningh Winklers GmbH)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Zombie Invasion (HKLM-x32\...\ZombieInvasion) (Version: 2.7.50 - Time Lapse Solutions)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

08-12-2014 16:38:17 Installed Java 7 Update 71
08-12-2014 16:48:14 Installed Java 8 Update 11
09-12-2014 13:21:12 Revo Uninstaller's restore point - Ask Toolbar
09-12-2014 13:24:41 Revo Uninstaller's restore point - Browsers Apps
09-12-2014 13:26:37 Revo Uninstaller's restore point - Delta toolbar  
09-12-2014 13:27:40 Revo Uninstaller's restore point - Happy Lyrics
09-12-2014 13:28:25 Revo Uninstaller's restore point - Iminent
09-12-2014 13:29:20 Revo Uninstaller's restore point - Plus-HD-1.8
09-12-2014 13:31:45 Revo Uninstaller's restore point - Remote Desktop Access (VuuPC)
09-12-2014 13:33:19 Revo Uninstaller's restore point - videos MediaPlay-Air
09-12-2014 13:34:21 Revo Uninstaller's restore point - webssearches uninstall
09-12-2014 13:35:37 Revo Uninstaller's restore point - WindowsMangerProtect20.0.0.502
09-12-2014 15:59:48 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-12-09 17:00 - 00000840 ____A C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1       localhost 
::1             localhost 

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {085E2D7B-1061-4D77-B272-8D6B74F43473} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000Core => C:\Users\Kelmendi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-15] (Facebook Inc.)
Task: {1A8D429E-B1B8-41C5-AE3C-3F83F042222B} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {354588CB-B8F5-4C11-952F-E159A8F25DD1} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
Task: {57FA8763-96FA-4403-9BE4-B98F963BC3F9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000Core => C:\Users\Kelmendi\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-30] (Google Inc.)
Task: {601A189D-14BE-4512-920E-B5C89F08D3F5} - System32\Tasks\McQcModifier-5c47-a7b0 => C:\ProgramData\McQcModifier-5c47-a7b0\McQcModifier-5c47-a7b0.cmd [2009-08-29] ()
Task: {664B581A-259B-4A79-B318-0F4193CEB2C2} - \Adobe Flash Player Updater No Task File <==== ATTENTION
Task: {76D46D9D-14F0-4E05-A945-C9848230A2BB} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {7D2E27B9-90CB-45BF-9E6A-AA9339FF49CB} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe
Task: {87662F65-50CF-47A5-B85B-01DC51293793} - System32\Tasks\omrUpdater => C:\Program Files\shopperz\custer.bat
Task: {A383AAD1-64C8-44B4-B7D9-F7E41C8C847B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-24] (Google Inc.)
Task: {ABFF2DBA-FFED-4475-9CC7-8B785B477FE8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000UA => C:\Users\Kelmendi\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-30] (Google Inc.)
Task: {C1B104F0-2DD4-432F-8E96-D962E14373CF} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files (x86)\Pro PC Cleaner\Splash.exe
Task: {EC6158F2-6E0A-4A38-BD7A-1F65122B38F1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000UA => C:\Users\Kelmendi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-15] (Facebook Inc.)
Task: {FA567ED5-7F7E-4E15-B136-ED114E728B86} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-24] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000Core.job => C:\Users\Kelmendi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000UA.job => C:\Users\Kelmendi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000Core.job => C:\Users\Kelmendi\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000UA.job => C:\Users\Kelmendi\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-08-21 16:04 - 2014-01-23 10:00 - 00034304 _____ () C:\Windows\System32\ssm4mlm.dll
2012-05-22 14:37 - 2012-05-22 14:37 - 00200704 _____ () C:\Windows\PLFSetI.exe
2012-03-09 08:58 - 2012-03-09 08:58 - 00462712 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-03-09 08:58 - 2012-03-09 08:58 - 00057208 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2009-07-29 12:10 - 2009-07-29 12:10 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2012-05-22 14:24 - 2012-05-22 14:24 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2009-02-03 01:33 - 2009-02-03 01:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 01:55 - 2008-09-29 01:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2014-12-09 14:32 - 2014-12-09 14:33 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\Users\Kelmendi\Downloads\Bewerbung für ein Schülerpraktikum-Diellza Kelmendi.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3793236011-1497448259-2661613126-500 - Administrator - Disabled)
Besa (S-1-5-21-3793236011-1497448259-2661613126-1001 - Limited - Enabled) => C:\Users\Besa
Guest (S-1-5-21-3793236011-1497448259-2661613126-501 - Limited - Disabled)
Kelmendi (S-1-5-21-3793236011-1497448259-2661613126-1000 - Administrator - Enabled) => C:\Users\Kelmendi

==================== Faulty Device Manager Devices =============

Name: avkmgr
Description: avkmgr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: avkmgr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: avnetflt
Description: avnetflt
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: avnetflt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: avipbb
Description: avipbb
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: avipbb
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/09/2014 06:09:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -583.

Error: (12/09/2014 06:09:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -583.

Error: (12/09/2014 06:09:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -583.

Error: (12/09/2014 06:09:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -583.

Error: (12/09/2014 06:09:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -583.

Error: (12/09/2014 06:09:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -583.

Error: (12/09/2014 06:09:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -583.

Error: (12/09/2014 06:09:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -583.

Error: (12/09/2014 06:09:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -583.

Error: (12/09/2014 06:09:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -583.


System errors:
=============
Error: (12/09/2014 06:05:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 5 Mal passiert.

Error: (12/09/2014 06:05:37 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147217025.

Error: (12/09/2014 05:49:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 4 Mal passiert.

Error: (12/09/2014 05:49:48 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147217025.

Error: (12/09/2014 05:48:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update Service (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (12/09/2014 05:48:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update Service (gupdate) erreicht.

Error: (12/09/2014 05:48:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.

Error: (12/09/2014 05:48:07 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147217025.

Error: (12/09/2014 05:47:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/09/2014 05:47:32 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147217025.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-04-24 15:11:28.294
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-04-24 15:11:28.294
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-02 19:04:40.841
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-02 19:04:40.837
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-02 19:04:36.369
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-02 19:04:36.365
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-02 19:03:43.795
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-02 19:03:43.787
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-02 18:12:42.108
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-02 18:12:42.100
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Percentage of memory in use: 43%
Total physical RAM: 4086.77 MB
Available physical RAM: 2313.43 MB
Total Pagefile: 8171.7 MB
Available Pagefile: 6169.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:220.5 GB) (Free:76.74 GB) NTFS
Drive d: (DATA) (Fixed) (Total:221.16 GB) (Free:221.02 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2BBDCA29)
Partition 1: (Not Active) - (Size=20.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=3.5 GB) - (Type=12)
Partition 3: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=441.7 GB) - (Type=OF Extended)

==================== End Of Log ============================

flora27 · 09.12.2014, 18:24

Und hier die Addition:

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-12-2014
Ran by Kelmendi at 2014-12-09 18:09:52
Running from C:\Users\Kelmendi\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 2 (SP2) (x32 Version:  - Microsoft) Hidden
Acer Arcade Deluxe (HKLM-x32\...\InstallShield_{2637C347-9DAD-11D6-9EA2-00055D0CA761}) (Version: 3.0.7029 - CyberLink Corp.)
Acer Arcade Deluxe (x32 Version: 3.0.7029 - CyberLink Corp.) Hidden
Acer Arcade Instant On (x32 Version: 3.0.20.1 - Acer) Hidden
Acer Backup Manager (HKLM-x32\...\InstallShield_{30075A70-B5D2-440B-AFA3-FB2021740121}) (Version: 2.0.1.29 - NewTech Infosystems)
Acer Crystal Eye webcam Ver:1.1.88.610 (HKLM-x32\...\{D0ACE89D-EC7F-470F-80BE-4C98ED366B32}) (Version: 1.1.88.610 - Chicony Electronics Co.,Ltd.)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3005 - Acer Incorporated)
Acer GameZone Console (HKLM-x32\...\{8ed9688e-4f79-4308-91ca-f1c37ca142b4}_is1) (Version: 5.1.0.2 - Oberon Media, Inc.)
Acer GridVista (HKLM-x32\...\GridVista) (Version: 3.01.0730 - Acer Inc.)
Acer PowerSmart Manager (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.06.3007 - Acer Incorporated)
Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.02.3006 - Acer Incorporated)
Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.9.0715 - Acer Incorporated)
Acer VCM (HKLM-x32\...\{047F790A-7A2A-4B6A-AD02-38092BA63DAC}) (Version: 4.05.3000 - Acer Incorporated)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe PageMaker 7.0 (HKLM-x32\...\Adobe PageMaker 7.0) (Version: 7.0.1 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.05) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.05 - Adobe Systems Incorporated)
Alice Greenfingers (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version:  - Oberon Media)
Amazonia (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11273477}) (Version:  - Oberon Media)
Apple Application Support (HKLM-x32\...\{45C56AA7-ED1B-4800-A97F-EDDF3F3520B1}) (Version: 2.3.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI AVIVO64 Codecs (Version: 10.7.0.40804 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{C5304802-5E11-D74F-813E-BAABDD870774}) (Version: 3.0.732.0 - ATI Technologies, Inc.)
Backup Manager Advance (x32 Version: 2.0.1.29 - NewTech Infosystems) Hidden
Benutzerhandbuch anzeigen (HKLM-x32\...\View User Guide) (Version: 3.60.43.0 - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
ccc-core-static (x32 Version: 2009.0804.2223.38385 - Ihr Firmenname) Hidden
Chicken Invaders 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110209593}) (Version:  - Oberon Media)
Common Desktop Agent (Version: 1.62.0 - OEM) Hidden
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Dairy Dash (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version:  - Oberon Media)
DesktopDock (HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\DesktopDock) (Version: 1.0.1.32 - DesktopDock)
Dream Day First Home (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113832110}) (Version:  - Oberon Media)
eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)
ENE CIR Receiver Driver (HKLM\...\5F4DD0919B4763856B77AD385DEEEFCDF01784A8) (Version: 2.7.3.519 - ENE)
eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)
eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Farm Frenzy 2 (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version:  - Oberon Media)
First Class Flurry (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115208410}) (Version:  - Oberon Media)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.4805.320 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.22.3 - Google Inc.) Hidden
Granny In Paradise (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-110551697}) (Version:  - Oberon Media)
Heroes of Hellas (HKLM-x32\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-113786380}) (Version:  - Oberon Media)
ICQ7M (HKLM-x32\...\{781B39EC-2E18-41FC-9B00-B84E4FFCA85F}) (Version: 7.8 - ICQ)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3002 - Acer Incorporated)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
iTunes (HKLM\...\{0225AD21-F3E2-4916-BFF3-65D3F9052582}) (Version: 11.0.2.26 - Apple Inc.)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.710 - Oracle)
Java 7 Update 9 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417009FF}) (Version: 7.0.90 - Oracle)
Java 8 Update 11 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218011FF}) (Version: 8.0.110 - Oracle Corporation)
Java SE Development Kit 7 Update 9 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170090}) (Version: 1.7.0.90 - Oracle)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.05.00 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.32.1 - JMicron Technology Corp.)
Junk Mail filter update (x32 Version: 14.0.8089.726 - Microsoft Corporation) Hidden
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.04 - Acer Inc.)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.10 - McAfee, Inc.)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - German/Deutsch (HKLM-x32\...\OMUI.de-de) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (German) (HKLM-x32\...\{95120000-00AF-0407-0000-0000000FF1CE}) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM-x32\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft Silverlight (HKLM-x32\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 3.0.40624.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MyWinLocker (HKLM-x32\...\{68301905-2DEA-41CE-A4D4-E8B443B099BA}) (Version: 3.1.76.0 - Egis Technology Inc.)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.6.0.32 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.627 - NewTech Infosystems)
NTI Backup Now Standard (x32 Version: 5.1.2.627 - NewTech Infosystems) Hidden
NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6623 - NewTech Infosystems)
NTI Media Maker 8 (x32 Version: 8.0.12.6623 - NewTech Infosystems) Hidden
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 9.0.15.65 - Electronic Arts, Inc.)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )
Plants vs. Zombies (HKLM-x32\...\Plants vs. Zombies) (Version:  - PopCap Games)
Pro PC Cleaner (HKLM-x32\...\{C3060724-6AC7-4BEF-B516-4F6B1D90887D}) (Version: 2.5.5 - Pro PC Cleaner)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5918 - Realtek Semiconductor Corp.)
Samsung Easy Document Creator (HKLM-x32\...\Samsung Easy Document Creator) (Version: 1.05.78 (28.06.2013) - Samsung Electronics Co., Ltd.)
Samsung Easy Printer Manager (HKLM-x32\...\Samsung Easy Printer Manager) (Version: 1.03.60.00(23.07.2013) - Samsung Electronics Co., Ltd.)
Samsung Easy Wireless Setup (HKLM-x32\...\Easy Wireless Setup) (Version: 3.60.40.3 - Samsung Electronics Co., Ltd.)
Samsung M2070 Series (HKLM-x32\...\Samsung M2070 Series) (Version: 1.10 (14.02.2014) - Samsung Electronics Co., Ltd.)
Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version: 1.01.00:04(2013-04-22) - Samsung Electronics Co., Ltd.)
Samsung Scan Process Machine (x32 Version: 1.01.08.00 - Samsung Electronics Co., Ltd.) Hidden
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
SNS Upload for Easy Document Creator (HKLM-x32\...\{B6B5F07C-88D5-49D3-A1A7-A6D4BC37DCCC}) (Version: 1.0.0 - Samsung Electronics Co.,Ltd)
Spotify (HKU\S-1-5-21-3793236011-1497448259-2661613126-1000\...\Spotify) (Version: 0.9.14.13.gba5645ad - Spotify AB)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.2.0 - Synaptics Incorporated)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
Vocup 1.4.3 (HKLM-x32\...\Vocup_is1) (Version: 1.4.3 - Florian Amstutz)
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.00.3008 - Acer Incorporated)
Welt der Zahl 2 (HKLM-x32\...\Welt der Zahl 2) (Version:  - Bildungshaus Schulbuchverlage Westermann Schroedel Diesterweg Schöningh Winklers GmbH)
Windows Live Anmelde-Assistent (HKLM-x32\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Zombie Invasion (HKLM-x32\...\ZombieInvasion) (Version: 2.7.50 - Time Lapse Solutions)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

08-12-2014 16:38:17 Installed Java 7 Update 71
08-12-2014 16:48:14 Installed Java 8 Update 11
09-12-2014 13:21:12 Revo Uninstaller's restore point - Ask Toolbar
09-12-2014 13:24:41 Revo Uninstaller's restore point - Browsers Apps
09-12-2014 13:26:37 Revo Uninstaller's restore point - Delta toolbar  
09-12-2014 13:27:40 Revo Uninstaller's restore point - Happy Lyrics
09-12-2014 13:28:25 Revo Uninstaller's restore point - Iminent
09-12-2014 13:29:20 Revo Uninstaller's restore point - Plus-HD-1.8
09-12-2014 13:31:45 Revo Uninstaller's restore point - Remote Desktop Access (VuuPC)
09-12-2014 13:33:19 Revo Uninstaller's restore point - videos MediaPlay-Air
09-12-2014 13:34:21 Revo Uninstaller's restore point - webssearches uninstall
09-12-2014 13:35:37 Revo Uninstaller's restore point - WindowsMangerProtect20.0.0.502
09-12-2014 15:59:48 zoek.exe restore point

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-12-09 17:00 - 00000840 ____A C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1       localhost 
::1             localhost 

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {085E2D7B-1061-4D77-B272-8D6B74F43473} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000Core => C:\Users\Kelmendi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-15] (Facebook Inc.)
Task: {1A8D429E-B1B8-41C5-AE3C-3F83F042222B} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {354588CB-B8F5-4C11-952F-E159A8F25DD1} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\WSCStub.exe [2014-09-21] (Symantec Corporation)
Task: {57FA8763-96FA-4403-9BE4-B98F963BC3F9} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000Core => C:\Users\Kelmendi\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-30] (Google Inc.)
Task: {601A189D-14BE-4512-920E-B5C89F08D3F5} - System32\Tasks\McQcModifier-5c47-a7b0 => C:\ProgramData\McQcModifier-5c47-a7b0\McQcModifier-5c47-a7b0.cmd [2009-08-29] ()
Task: {664B581A-259B-4A79-B318-0F4193CEB2C2} - \Adobe Flash Player Updater No Task File <==== ATTENTION
Task: {76D46D9D-14F0-4E05-A945-C9848230A2BB} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Norton Internet Security\Engine\21.6.0.32\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {7D2E27B9-90CB-45BF-9E6A-AA9339FF49CB} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe
Task: {87662F65-50CF-47A5-B85B-01DC51293793} - System32\Tasks\omrUpdater => C:\Program Files\shopperz\custer.bat
Task: {A383AAD1-64C8-44B4-B7D9-F7E41C8C847B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-24] (Google Inc.)
Task: {ABFF2DBA-FFED-4475-9CC7-8B785B477FE8} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000UA => C:\Users\Kelmendi\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-30] (Google Inc.)
Task: {C1B104F0-2DD4-432F-8E96-D962E14373CF} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files (x86)\Pro PC Cleaner\Splash.exe
Task: {EC6158F2-6E0A-4A38-BD7A-1F65122B38F1} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000UA => C:\Users\Kelmendi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-15] (Facebook Inc.)
Task: {FA567ED5-7F7E-4E15-B136-ED114E728B86} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-06-24] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000Core.job => C:\Users\Kelmendi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000UA.job => C:\Users\Kelmendi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000Core.job => C:\Users\Kelmendi\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3793236011-1497448259-2661613126-1000UA.job => C:\Users\Kelmendi\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-08-21 16:04 - 2014-01-23 10:00 - 00034304 _____ () C:\Windows\System32\ssm4mlm.dll
2012-05-22 14:37 - 2012-05-22 14:37 - 00200704 _____ () C:\Windows\PLFSetI.exe
2012-03-09 08:58 - 2012-03-09 08:58 - 00462712 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
2012-03-09 08:58 - 2012-03-09 08:58 - 00057208 _____ () C:\Program Files\Common Files\Common Desktop Agent\CDASrvPS.dll
2009-07-29 12:10 - 2009-07-29 12:10 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2012-05-22 14:24 - 2012-05-22 14:24 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2009-02-03 01:33 - 2009-02-03 01:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll
2008-09-29 01:55 - 2008-09-29 01:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll
2014-12-09 14:32 - 2014-12-09 14:33 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\Users\Kelmendi\Downloads\Bewerbung für ein Schülerpraktikum-Diellza Kelmendi.eml:OECustomProperty

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


========================= Accounts: ==========================

Administrator (S-1-5-21-3793236011-1497448259-2661613126-500 - Administrator - Disabled)
Besa (S-1-5-21-3793236011-1497448259-2661613126-1001 - Limited - Enabled) => C:\Users\Besa
Guest (S-1-5-21-3793236011-1497448259-2661613126-501 - Limited - Disabled)
Kelmendi (S-1-5-21-3793236011-1497448259-2661613126-1000 - Administrator - Enabled) => C:\Users\Kelmendi

==================== Faulty Device Manager Devices =============

Name: avkmgr
Description: avkmgr
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: avkmgr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: avnetflt
Description: avnetflt
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: avnetflt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Ethernet-Controller
Description: Ethernet-Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: avipbb
Description: avipbb
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: avipbb
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/09/2014 06:09:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -583.

Error: (12/09/2014 06:09:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -583.

Error: (12/09/2014 06:09:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -583.

Error: (12/09/2014 06:09:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -583.

Error: (12/09/2014 06:09:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -583.

Error: (12/09/2014 06:09:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -583.

Error: (12/09/2014 06:09:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -583.

Error: (12/09/2014 06:09:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -583.

Error: (12/09/2014 06:09:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -583.

Error: (12/09/2014 06:09:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
Description: Vom Kryptografiedienst konnte die Katalogdatenbank nicht initialisiert werden. "ESENT"-Fehler: -583.


System errors:
=============
Error: (12/09/2014 06:05:37 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 5 Mal passiert.

Error: (12/09/2014 06:05:37 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147217025.

Error: (12/09/2014 05:49:48 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 4 Mal passiert.

Error: (12/09/2014 05:49:48 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147217025.

Error: (12/09/2014 05:48:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update Service (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (12/09/2014 05:48:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update Service (gupdate) erreicht.

Error: (12/09/2014 05:48:07 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.

Error: (12/09/2014 05:48:07 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147217025.

Error: (12/09/2014 05:47:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/09/2014 05:47:32 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Der Dienst "Windows Search" wurde mit folgendem dienstspezifischem Fehler beendet: %%-2147217025.


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2013-04-24 15:11:28.294
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2013-04-24 15:11:28.294
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-02 19:04:40.841
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-02 19:04:40.837
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-02 19:04:36.369
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-02 19:04:36.365
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-02 19:03:43.795
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-02 19:03:43.787
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-02 18:12:42.108
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2012-11-02 18:12:42.100
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume4\Windows\System32\drivers\usbaapl64.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i7 CPU Q 720 @ 1.60GHz
Percentage of memory in use: 43%
Total physical RAM: 4086.77 MB
Available physical RAM: 2313.43 MB
Total Pagefile: 8171.7 MB
Available Pagefile: 6169.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:220.5 GB) (Free:76.74 GB) NTFS
Drive d: (DATA) (Fixed) (Total:221.16 GB) (Free:221.02 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 2BBDCA29)
Partition 1: (Not Active) - (Size=20.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=3.5 GB) - (Type=12)
Partition 3: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=441.7 GB) - (Type=OF Extended)

==================== End Of Log ============================

deeprybka · 09.12.2014, 19:19

Zitat:

Zitat von flora27

es öffnen sich übrigens schon mal endlich keine tabs mehr und ich werde von Werbung nicht mehr so überflutet, danke!

Gerne!

Dafür bist Du ja zu uns gekommen.

Dann machen wir gleich noch ESET (dauert länger): Bitte weiter genau die Anweisungen befolgen (so wie bisher, prima Mitarbeit!

) und Funde nicht von ESET löschen lassen.

Schritt 1

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

flora27 · 10.12.2014, 20:23

Oh man, gut, dass ich stündlich nachschaue, ob du geantwortet hast, und nicht checke, dass du schon lange auf der zweiten Seite geantwortet hast

Also, leider ist irgendein Problem aufgetreten - schon beim Starten von dem Programm, habs dann neu gedownloadet und jetzt kam das - siehe Anhang.

Irgendein Ratschlag, was ich jetzt machen soll?

deeprybka · 11.12.2014, 14:30

Ok. Dann nehmen wir eine Alternative:

Lade Dir bitte von hier

Emsisoft Emergency Kit herunter.

Bitte installiere das Programm in den vorgegebenen Pfad.
Starte das Programm durch Doppelklick der Desktopverknüpfung.
Das EEK ist nach dem Laden der Malwaresignaturen für den Scan bereit.
Folge nun bitte der bebilderten Bildanleitung zu Emergency Kit, entferne alle Funde und poste am Ende des Scans bzw. der Bereinigung das Log.

flora27 · 13.12.2014, 01:01

Hallo Jürgen, hier der LOG.
Eine Frage, muss ich mir Gedanken machen, wenn da steht: 15 gefundene Objekte aber nur 12 entfernte Objekte?

Code:

ATTFilter

Emsisoft Emergency Kit - Version 9.0
Letztes Update: 12.12.2014 23:35:14
Benutzerkonto: Kelmendi-PC\Kelmendi

Scan Einstellungen:

Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\, D:\

PUPs-Erkennung: An
Archiv Scan: An
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus

Scan Beginn:	12.12.2014 23:36:40
Key: HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1001\SOFTWARE\PROXY 	gefunden: Trojan.Win32.Poison (A)
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\nengine.dll.vir 	gefunden: Adware.Win32.Agent (A)
C:\AdwCleaner\Quarantine\C\Users\Kelmendi\AppData\Local\Browse Safe\gpedit.exe.vir 	gefunden: Application.Generic.759075 (B)
C:\AdwCleaner\Quarantine\C\Users\Kelmendi\AppData\Local\Browse Safe\SoftwareDetector.exe.vir 	gefunden: Application.Generic.760668 (B)
C:\AdwCleaner\Quarantine\C\Users\Kelmendi\AppData\Local\genienext\nengine.dll.vir 	gefunden: Adware.Win32.Agent (A)
C:\AdwCleaner\Quarantine\C\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffhfoagmjcnkolneahbpagjcjjaeofbg\1.26.17_0\extensionData\plugins\177.js.vir 	gefunden: Adware.JS.Agent.Q (B)
C:\AdwCleaner\Quarantine\C\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\iklgpchfbohgmghgfagediakopecfmbm\1.26.67_0\extensionData\plugins\177.js.vir 	gefunden: Adware.JS.Agent.Q (B)
C:\AdwCleaner\Quarantine\C\Users\Kelmendi\AppData\Local\Temp\Smartbar\Installer.msi.vir -> (Embedded EXE) -> (CAB Sfx o) -> spbl.dll 	gefunden: Application.Generic.855107 (B)
C:\AdwCleaner\Quarantine\C\Users\Kelmendi\AppData\Local\Temp\Smartbar\Installer.msi.vir -> (Embedded EXE) -> (CAB Sfx o) -> srbs.dll 	gefunden: Application.Generic.814906 (B)
C:\AdwCleaner\Quarantine\C\Users\Kelmendi\AppData\Local\Temp\Smartbar\Installer.msi.vir -> (Embedded EXE) -> (CAB Sfx o) -> srbu.dll 	gefunden: Application.Generic.806260 (B)
C:\AdwCleaner\Quarantine\C\Users\Kelmendi\AppData\Local\Temp\Smartbar\Installer.msi.vir -> (Embedded EXE) -> (CAB Sfx o) -> Proxy.Lib.dll 	gefunden: Application.Generic.945868 (B)
C:\AdwCleaner\Quarantine\C\Users\Kelmendi\AppData\Roaming\newnext.me\nengine.dll.vir 	gefunden: Adware.Win32.Agent (A)
C:\AdwCleaner\Quarantine\C\Users\Kelmendi\AppData\Roaming\OpenCandy\46141D48D82D4F4393ED21E4D4B7A877\LatestDLMgr.exe.vir 	gefunden: Application.Win32.InstallAd (A)
C:\AdwCleaner\Quarantine\C\Users\Kelmendi\AppData\Roaming\OpenCandy\B2FD127B50304037A99A706533115DCF\LatestDLMgr.exe.vir 	gefunden: Application.Win32.InstallAd (A)
C:\AdwCleaner\Quarantine\C\Windows\rcore.exe.vir 	gefunden: Trojan.GenericKD.2017783 (B)

Gescannt	268134
Gefunden	15

Scan Ende:	13.12.2014 00:58:53
Scan Zeit:	1:22:13

C:\AdwCleaner\Quarantine\C\Windows\rcore.exe.vir	Quarantäne Trojan.GenericKD.2017783 (B)
C:\AdwCleaner\Quarantine\C\Users\Kelmendi\AppData\Roaming\OpenCandy\B2FD127B50304037A99A706533115DCF\LatestDLMgr.exe.vir	Quarantäne Application.Win32.InstallAd (A)
C:\AdwCleaner\Quarantine\C\Users\Kelmendi\AppData\Roaming\OpenCandy\46141D48D82D4F4393ED21E4D4B7A877\LatestDLMgr.exe.vir	Quarantäne Application.Win32.InstallAd (A)
C:\AdwCleaner\Quarantine\C\Users\Kelmendi\AppData\Roaming\newnext.me\nengine.dll.vir	Quarantäne Adware.Win32.Agent (A)
C:\AdwCleaner\Quarantine\C\Users\Kelmendi\AppData\Local\Temp\Smartbar\Installer.msi.vir	Quarantäne Application.Generic.945868 (B)
C:\AdwCleaner\Quarantine\C\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\iklgpchfbohgmghgfagediakopecfmbm\1.26.67_0\extensionData\plugins\177.js.vir	Quarantäne Adware.JS.Agent.Q (B)
C:\AdwCleaner\Quarantine\C\Users\Kelmendi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ffhfoagmjcnkolneahbpagjcjjaeofbg\1.26.17_0\extensionData\plugins\177.js.vir	Quarantäne Adware.JS.Agent.Q (B)
C:\AdwCleaner\Quarantine\C\Users\Kelmendi\AppData\Local\genienext\nengine.dll.vir	Quarantäne Adware.Win32.Agent (A)
C:\AdwCleaner\Quarantine\C\Users\Kelmendi\AppData\Local\Browse Safe\SoftwareDetector.exe.vir	Quarantäne Application.Generic.760668 (B)
C:\AdwCleaner\Quarantine\C\Users\Kelmendi\AppData\Local\Browse Safe\gpedit.exe.vir	Quarantäne Application.Generic.759075 (B)
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\nengine.dll.vir	Quarantäne Adware.Win32.Agent (A)
Key: HKEY_USERS\S-1-5-21-3793236011-1497448259-2661613126-1001\SOFTWARE\PROXY	Quarantäne Trojan.Win32.Poison (A)

Quarantäne	12

Vielen lieben Dank!