| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Google Chrome WTSAPI32.dll fehlerhaftWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
20.12.2014, 23:14
| #1 |
 |  Google Chrome WTSAPI32.dll fehlerhaft Hallo Leute, nachdem ich Emsisoft auf meinem Pc installiert hab und einen Suchlauf startete, fand dieser direkt Malware in Chrome und entferntete diese auch, seitdem aber erhalte ich immer eine Fehlermeldung in Chrome, dass eine Datei fehlerhaft sein soll und öffnet sich nicht. Erst nach mehreren malen funktioniert dann Chrome. Die Seite zum Virus: hxxp://blog.emsisoft.com/2014/06/18/emsisoft-malware-library/?found+Gen%3aVariant.Kazy.519551+(B) Geändert von Crounty (20.12.2014 um 23:22 Uhr) |
|
21.12.2014, 07:11
| #2 |
| /// the machine /// TB-Ausbilder    | Google Chrome WTSAPI32.dll fehlerhaft hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
21.12.2014, 14:40
| #3 |
| | Google Chrome WTSAPI32.dll fehlerhaft FRST Logfile:
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-12-2014
Ran by Issam276 (administrator) on CROUNTY on 21-12-2014 14:36:18
Running from C:\Users\Issam276\Desktop
Loaded Profile: Issam276 (Available profiles: Issam276 & Gast & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Internet Security\a2service.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
() C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Akamai Technologies, Inc.) C:\Users\Issam276\AppData\Local\Akamai\netsession_win.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Spotify Ltd) C:\Users\Issam276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Internet Security\a2guard.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Akamai Technologies, Inc.) C:\Users\Issam276\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Windows\SysWOW64\WinMsgBalloonServer.exe
() C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SndVol.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7204568 2013-12-28] (Realtek Semiconductor)
HKLM-x32\...\Run: [Turbo Key] => C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe [1874432 2009-11-24] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Cpu Level Up help] => C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe [887936 2009-12-28] ()
HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft internet security\a2guard.exe [4954576 2014-12-01] (Emsisoft GmbH)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Issam276\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-09-15] (AMD)
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Run: [Spotify Web Helper] => C:\Users\Issam276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-12] (Spotify Ltd)
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Policies\system: [EnableLUA] 0
HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30524520 2014-11-27] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
SearchScopes: HKU\S-1-5-21-1925287450-1312797874-627100175-1001 -> DefaultScope {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-flv
SearchScopes: HKU\S-1-5-21-1925287450-1312797874-627100175-1001 -> Backup.Old.DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233}
SearchScopes: HKU\S-1-5-21-1925287450-1312797874-627100175-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1925287450-1312797874-627100175-1001 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-flv
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{BF86312B-8016-42B1-B232-8DED504D4B33}: [NameServer] 81.173.194.68,212.117.68.10
FireFox:
========
FF ProfilePath: C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1925287450-1312797874-627100175-1001: facebook.com/fbDesktopPlugin -> C:\Users\Issam276\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF SearchPlugin: C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197\searchplugins\yahoo_ff.xml
FF Extension: Adblock Plus - C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-02-22]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF Extension: No Name - C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197\extensions\ascsurfingprotection@iobit.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR HomePage: Default -> https://www.google.de/
CHR StartupUrls: Default -> "https://www.google.de/"
CHR DefaultSearchKeyword: Default -> google.de_
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-12-07]
CHR Extension: (Google Präsentationen) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-01]
CHR Extension: (Google Docs) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-01]
CHR Extension: (Google Drive) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-01]
CHR Extension: (WOT) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-12-20]
CHR Extension: (MEGA) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2014-12-20]
CHR Extension: (YouTube) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-01]
CHR Extension: (Adblock Plus) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-12-01]
CHR Extension: (Google-Suche) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-01]
CHR Extension: (Google Tabellen) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-01]
CHR Extension: (League of Legends(LoL) For New Tab) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\hagfodkdlfpceodghmlnbjafkcdjnifd [2014-12-20]
CHR Extension: (Ghostery) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-12-19]
CHR Extension: (Google Wallet) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-01]
CHR Extension: (Google Mail) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-01]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Internet Security\a2service.exe [4907232 2014-12-01] (Emsisoft GmbH)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.) [File not signed]
R2 AMD_RAIDXpert; C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [122880 2009-12-15] (AMD) [File not signed]
S4 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [136616 2012-05-10] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-08-19] (ASUSTeK Computer Inc.) [File not signed]
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-09-25] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-01-05] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5405456 2014-11-12] (TeamViewer GmbH)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
S4 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [X]
S3 npggsvc; C:\Windows\system32\GameMon.des -service [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT INTERNET SECURITY\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Internet Security\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Internet Security\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Internet Security\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH)
S2 ANIO; C:\Windows\SysWOW64\ANIO.SYS [28205 2003-05-05] (Alpha Networks Inc.) [File not signed]
R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2009-03-06] ()
R2 AODDriver4.2.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [57472 2012-05-10] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2014-06-29] (The OpenVPN Project)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Internet Security\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
S3 cpuz130; No ImagePath
S3 dump_wmimmc; No ImagePath
R2 ESLWireAC; C:\Windows\system32\drivers\ESLWireACD.sys [160784 2012-12-17] (<Turtle Entertainment>)
S3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)
R3 fwndis; C:\Windows\System32\DRIVERS\fwndis64.sys [484952 2014-12-01] ()
R1 fwwfp; C:\Program Files (x86)\Emsisoft Internet Security\fwwfp764.sys [414424 2014-12-01] ()
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-01] (INCA Internet Co., Ltd.) [File not signed]
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [53760 2012-09-28] (Apple, Inc.) [File not signed]
S3 X6va008; No ImagePath
S3 X6va009; No ImagePath
S3 X6va012; No ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S3 netr28ux; system32\DRIVERS\netr28ux.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-21 14:36 - 2014-12-21 14:36 - 00022418 _____ () C:\Users\Issam276\Desktop\FRST.txt
2014-12-21 04:09 - 2014-12-21 04:09 - 05073240 _____ (Microsoft Corporation) C:\Users\Issam276\Downloads\vcredist_x86.exe
2014-12-21 04:00 - 2014-12-21 04:08 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\BoL
2014-12-21 03:56 - 2014-12-21 03:56 - 00000270 _____ () C:\Users\Issam276\Downloads\Relog.zip
2014-12-21 03:54 - 2014-12-21 03:54 - 00000157 _____ () C:\Users\Issam276\Downloads\doGout.rar
2014-12-21 03:52 - 2014-12-21 03:54 - 00000000 ____D () C:\Users\Issam276\Desktop\sadsdasda
2014-12-21 03:51 - 2014-12-21 03:52 - 11539006 _____ () C:\Users\Issam276\Downloads\Bot of Legends.rar
2014-12-21 01:22 - 2014-12-21 01:23 - 00031608 _____ () C:\Users\Issam276\Downloads\mwb_scan.zip
2014-12-21 01:01 - 2014-12-21 01:01 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-12-20 23:44 - 2014-12-20 23:44 - 00001132 _____ () C:\Users\Public\Desktop\Emsisoft Internet Security.lnk
2014-12-20 23:44 - 2014-12-20 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Internet Security
2014-12-20 23:43 - 2014-12-21 14:36 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Internet Security
2014-12-20 23:43 - 2014-12-01 16:55 - 00484952 _____ () C:\Windows\system32\Drivers\fwndis64.sys
2014-12-20 23:42 - 2014-12-20 23:42 - 00001710 _____ () C:\EamClean.log
2014-12-20 23:36 - 2014-12-20 23:36 - 04095448 _____ (BrightFort LLC ) C:\Users\Issam276\Downloads\spywareblastersetup50.exe
2014-12-20 23:36 - 2014-12-20 23:36 - 00448512 _____ (OldTimer Tools) C:\Users\Issam276\Downloads\TFC.exe
2014-12-20 23:36 - 2014-12-20 23:36 - 00448512 _____ (OldTimer Tools) C:\Users\Issam276\Desktop\TFC.exe
2014-12-20 23:18 - 2014-12-20 23:20 - 170332104 _____ (Emsisoft Ltd ) C:\Users\Issam276\Downloads\EmsisoftInternetSecuritySetup.exe
2014-12-20 23:10 - 2014-12-20 23:10 - 02122240 _____ (Farbar) C:\Users\Issam276\Downloads\FRST64.exe
2014-12-20 23:10 - 2014-12-20 23:10 - 02122240 _____ (Farbar) C:\Users\Issam276\Desktop\FRST64.exe
2014-12-20 22:48 - 2014-12-20 23:42 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-12-20 22:34 - 2014-12-20 22:34 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-12-20 22:33 - 2008-01-04 13:34 - 00011832 _____ () C:\Windows\SysWOW64\Drivers\AsInsHelp64.sys
2014-12-20 22:33 - 2008-01-04 13:34 - 00010216 _____ () C:\Windows\SysWOW64\Drivers\AsInsHelp32.sys
2014-12-20 22:12 - 2014-12-20 22:12 - 05718872 _____ (Microsoft Corporation) C:\Users\Issam276\Downloads\vcredist_x64 (2).exe
2014-12-20 22:11 - 2014-12-20 22:11 - 05718872 _____ (Microsoft Corporation) C:\Users\Issam276\Downloads\vcredist_x64 (1).exe
2014-12-20 22:08 - 2014-12-20 22:08 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-20 22:07 - 2014-12-20 22:07 - 07190152 _____ (Microsoft Corporation) C:\Users\Issam276\Downloads\vcredist_x64.exe
2014-12-20 21:51 - 2014-12-20 21:51 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-12-20 21:42 - 2014-12-20 21:42 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Issam276\Downloads\revosetup95.exe
2014-12-20 21:42 - 2014-12-20 21:42 - 00001270 _____ () C:\Users\Issam276\Desktop\Revo Uninstaller.lnk
2014-12-20 21:42 - 2014-12-20 21:42 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-12-20 21:40 - 2014-12-20 21:41 - 170178096 _____ (Emsisoft Ltd ) C:\Users\Issam276\Downloads\EmsisoftAntiMalwareSetup.exe
2014-12-19 17:31 - 2014-12-19 17:31 - 00985600 _____ () C:\Users\Issam276\Downloads\MicrosoftFixit50123.msi
2014-12-19 15:53 - 2014-12-19 15:53 - 00000000 ____D () C:\ComboFix
2014-12-13 22:22 - 2014-12-13 22:22 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Blizzard
2014-12-13 22:14 - 2014-12-13 22:22 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-12-13 22:14 - 2014-12-13 22:14 - 00001161 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-12-13 22:14 - 2014-12-13 22:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-12-13 13:17 - 2014-12-13 13:17 - 00000731 _____ () C:\Users\Issam276\mabast suckt.txt
2014-12-12 19:40 - 2014-12-12 19:40 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-12 17:42 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-12 17:42 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-12 17:42 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-12 17:42 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-12 17:42 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-12 17:42 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-12 17:42 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-12 17:42 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-12 17:42 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-12 17:42 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-12 16:26 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-12 16:26 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-12 16:26 - 2014-11-24 23:12 - 17874432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-12 16:26 - 2014-11-24 22:59 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-12 16:26 - 2014-11-24 22:54 - 10921984 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-12 16:26 - 2014-11-24 22:53 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-12 16:26 - 2014-11-24 22:47 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-12 16:26 - 2014-11-24 22:47 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-12 16:26 - 2014-11-24 22:45 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-12 16:26 - 2014-11-24 22:45 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-12-12 16:26 - 2014-11-24 22:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 02157056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-12 16:26 - 2014-11-24 22:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-12-12 16:26 - 2014-11-24 22:43 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-12 16:26 - 2014-11-24 22:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-12 16:26 - 2014-11-24 22:43 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-12-12 16:26 - 2014-11-24 22:42 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-12 16:26 - 2014-11-24 21:44 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-12 16:26 - 2014-11-24 21:41 - 12369920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-12 16:26 - 2014-11-24 21:40 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-12 16:26 - 2014-11-24 21:37 - 09740800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-12 16:26 - 2014-11-24 21:35 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-12 16:26 - 2014-11-24 21:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-12 16:26 - 2014-11-24 21:34 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-12 16:26 - 2014-11-24 21:34 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 01802752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-12 16:26 - 2014-11-24 21:33 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-12-12 16:26 - 2014-11-24 21:32 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-12 16:26 - 2014-11-24 21:32 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-12 16:26 - 2014-11-24 21:32 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-12 16:26 - 2014-11-24 21:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-12 16:26 - 2014-11-24 21:32 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-12 16:26 - 2014-11-24 21:32 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-12-12 16:26 - 2014-11-24 21:32 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-12-12 16:26 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-12 16:26 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-12 16:26 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-12 16:26 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-12 16:26 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-12 16:26 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-12 16:26 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-12 16:26 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-12 16:26 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-12 16:26 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-12 16:26 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-12 16:26 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-12 16:26 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-12 16:26 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-12 16:26 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-12 16:25 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-12 16:25 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-06 18:13 - 2014-12-06 18:13 - 00146183 _____ () C:\Users\Issam276\Downloads\YouTube-Unblocker-056.crx
2014-12-06 17:48 - 2014-12-08 14:45 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-12-06 17:48 - 2014-12-06 17:48 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Yahoo!
2014-12-06 17:43 - 2014-12-06 17:44 - 04998707 _____ () C:\Users\Issam276\Downloads\flvplayer_setup20_25.exe
2014-12-05 17:14 - 2014-12-05 17:14 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\xulrunner
2014-12-05 17:13 - 2014-12-05 17:13 - 10124389 _____ () C:\Users\Issam276\AppData\Roaming\xulrunner.zip
2014-12-04 16:29 - 2014-12-04 16:29 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Secunia PSI
2014-12-03 11:25 - 2014-12-03 11:30 - 441252901 _____ () C:\Users\Issam276\Downloads\League Of Legends.mp4
2014-12-01 21:34 - 2014-12-01 21:34 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Steganos
2014-11-30 23:30 - 2014-12-01 00:12 - 00000000 ____D () C:\zoek_backup
2014-11-30 23:30 - 2014-11-30 23:30 - 01294848 _____ () C:\Users\Issam276\Desktop\zoek.exe
2014-11-30 22:22 - 2014-12-05 17:28 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-30 21:10 - 2014-11-30 21:10 - 00031862 _____ () C:\ComboFix.txt
2014-11-30 20:47 - 2014-11-30 21:10 - 00000000 ____D () C:\Qoobox
2014-11-30 20:47 - 2014-11-30 21:08 - 00000000 ____D () C:\Windows\erdnt
2014-11-30 20:47 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-30 20:47 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-30 20:47 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-30 20:46 - 2014-12-19 15:52 - 05601641 ____R (Swearware) C:\Users\Issam276\Desktop\ComboFix.exe
2014-11-30 20:14 - 2014-12-21 14:26 - 00005820 _____ () C:\Windows\setupact.log
2014-11-30 20:14 - 2014-12-20 23:42 - 00996320 _____ () C:\Windows\PFRO.log
2014-11-30 20:14 - 2014-11-30 20:14 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-30 19:53 - 2014-11-19 16:25 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-11-30 19:50 - 2014-11-30 19:54 - 00001467 _____ () C:\Windows\SecuniaPackage.log
2014-11-30 19:41 - 2014-11-30 19:41 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-11-30 15:25 - 2014-11-30 15:25 - 00001174 _____ () C:\Users\Issam276\Desktop\Avast Internet Security License File.rar
2014-11-30 01:25 - 2014-11-30 01:25 - 01093536 _____ () C:\Users\Issam276\Documents\cc_20141130_012508.reg
2014-11-29 22:20 - 2014-11-29 22:20 - 00001049 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2014-11-29 18:05 - 2014-11-29 18:05 - 00000000 ____D () C:\Users\Issam276\Documents\Diablo III
2014-11-29 00:10 - 2014-11-29 18:04 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-11-29 00:10 - 2014-11-29 00:10 - 00001162 _____ () C:\Users\Public\Desktop\Diablo III.lnk
2014-11-29 00:10 - 2014-11-29 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2014-11-29 00:03 - 2014-12-16 20:30 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Battle.net
2014-11-29 00:03 - 2014-11-29 00:03 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Battle.net
2014-11-29 00:03 - 2014-11-29 00:03 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Blizzard Entertainment
2014-11-29 00:02 - 2014-12-13 22:14 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-11-29 00:02 - 2014-11-29 00:02 - 00001124 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-11-29 00:02 - 2014-11-29 00:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-21 14:36 - 2014-06-28 19:29 - 00000000 ____D () C:\FRST
2014-12-21 14:35 - 2014-07-04 02:28 - 01419370 _____ () C:\Windows\WindowsUpdate.log
2014-12-21 14:33 - 2013-02-22 18:07 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-21 14:28 - 2013-02-22 18:07 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-21 14:27 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-21 04:52 - 2012-06-29 19:50 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Skype
2014-12-21 04:31 - 2012-09-19 17:23 - 00000940 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1925287450-1312797874-627100175-1001UA.job
2014-12-21 04:27 - 2012-06-14 13:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-21 00:35 - 2014-09-06 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-12-21 00:00 - 2014-11-18 17:48 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\TERA
2014-12-20 23:50 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-20 23:50 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-20 23:48 - 2012-06-14 15:08 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\TS3Client
2014-12-20 23:42 - 2014-06-29 19:05 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-12-20 22:46 - 2013-07-10 17:40 - 00000000 ____D () C:\Users\DefaultAppPool
2014-12-20 22:36 - 2014-09-07 12:39 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-20 22:33 - 2012-06-14 14:10 - 00000000 ____D () C:\Windows\System32\Tasks\ASUS
2014-12-20 22:33 - 2012-06-14 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-12-20 22:33 - 2012-06-14 14:09 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-12-20 22:33 - 2012-06-12 10:08 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-20 22:24 - 2013-02-01 21:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee
2014-12-20 22:21 - 2012-09-02 16:31 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-20 22:17 - 2012-09-14 17:26 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Unity
2014-12-20 21:59 - 2012-06-22 13:27 - 00000000 ____D () C:\Program Files (x86)\D-Link
2014-12-20 21:50 - 2012-06-14 13:52 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\InfraRecorder
2014-12-20 19:31 - 2012-09-19 17:23 - 00000918 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1925287450-1312797874-627100175-1001Core.job
2014-12-19 22:33 - 2014-11-07 17:57 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Spotify
2014-12-19 15:23 - 2012-06-15 15:21 - 00000000 ____D () C:\Users\Issam276\Desktop\Alles
2014-12-18 22:16 - 2013-04-27 07:45 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Spotify
2014-12-15 16:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-13 14:36 - 2013-02-02 10:54 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-13 14:36 - 2012-06-29 19:50 - 00000000 ____D () C:\ProgramData\Skype
2014-12-13 13:17 - 2012-06-14 12:17 - 00000000 ____D () C:\Users\Issam276
2014-12-13 02:32 - 2013-02-22 18:08 - 00002181 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-12 19:40 - 2014-05-06 19:56 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-12 19:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-12 17:50 - 2013-08-21 23:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-12 17:43 - 2012-06-17 14:06 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-12 17:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-12 16:27 - 2013-08-23 11:40 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-12 16:27 - 2012-06-14 13:47 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-12 16:27 - 2012-06-14 13:47 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-06 17:40 - 2014-08-10 06:44 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Windows Live
2014-12-05 17:28 - 2014-06-28 16:36 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-05 17:28 - 2014-06-28 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-12-05 17:28 - 2014-06-28 16:36 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-12-01 21:50 - 2012-12-08 09:39 - 00066256 _____ () C:\Users\Issam276\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-01 21:48 - 2012-12-08 09:38 - 04913880 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-01 21:47 - 2012-09-25 18:21 - 00006178 _____ () C:\ProgramData\hpzinstall.log
2014-12-01 21:41 - 2012-09-25 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-12-01 21:38 - 2012-09-25 18:22 - 00000000 ____D () C:\Program Files (x86)\HP
2014-12-01 21:38 - 2012-09-25 18:21 - 00000000 ____D () C:\ProgramData\HP
2014-12-01 21:33 - 2013-02-22 16:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-01 00:13 - 2014-02-11 12:15 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Comodo
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-12-01 00:08 - 2014-02-14 17:14 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-12-01 00:08 - 2014-02-14 17:14 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-12-01 00:08 - 2013-06-26 12:08 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-12-01 00:08 - 2012-07-03 17:11 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Google
2014-11-30 23:59 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-11-30 23:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-11-30 22:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PLA
2014-11-30 21:10 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-11-30 21:02 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-11-30 20:13 - 2014-03-03 18:42 - 00000000 ____D () C:\AdwCleaner
2014-11-30 20:13 - 2014-03-03 17:37 - 00000000 ____D () C:\Windows\system32\log
2014-11-30 19:39 - 2012-11-18 14:41 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-30 19:39 - 2012-11-18 14:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-30 19:39 - 2012-06-14 13:52 - 00000000 ____D () C:\Program Files\WinRAR
2014-11-30 19:26 - 2014-08-31 20:00 - 00000000 ___RD () C:\Users\Issam276\Dropbox
2014-11-30 19:17 - 2014-08-31 19:58 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Dropbox
2014-11-30 19:16 - 2014-08-31 20:00 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-30 12:19 - 2014-11-01 20:28 - 00000000 ____D () C:\Users\Issam276\AppData\Local\osu!
2014-11-30 01:24 - 2012-06-27 18:39 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\TeamViewer
2014-11-30 01:24 - 2012-06-15 15:18 - 00000000 ____D () C:\Windows\Minidump
2014-11-29 22:20 - 2012-06-14 13:02 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-11-29 10:13 - 2013-01-25 19:07 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\.minecraft
2014-11-27 22:18 - 2011-04-12 08:43 - 00770468 _____ () C:\Windows\system32\perfh007.dat
2014-11-27 22:18 - 2011-04-12 08:43 - 00174528 _____ () C:\Windows\system32\perfc007.dat
2014-11-27 22:18 - 2009-07-14 06:13 - 01799304 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-24 14:04 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-21 06:14 - 2014-06-28 16:36 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-21 06:14 - 2014-06-28 16:36 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-21 06:14 - 2014-06-28 16:36 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
Files to move or delete:
====================
C:\Users\Issam276\jagex_cl_oldschool_LIVE.dat
C:\Users\Issam276\jagex_cl_runescape_LIVE.dat
C:\Users\Issam276\random.dat
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-15 16:36
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-12-2014
Ran by Issam276 at 2014-12-21 14:37:21
Running from C:\Users\Issam276\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Emsisoft Internet Security (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Internet Security (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
FW: Emsisoft Internet Security (Enabled) {BD3F5FCA-866B-1E2E-0A68-58900A751EA1}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AI Suite (HKLM-x32\...\{310BC5E2-31AF-49BB-904D-E71EB93645DC}) (Version: 1.06.22 - )
Akamai NetSession Interface (HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{2BFD590F-1D73-3533-E734-FDDAC3746E4A}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM-x32\...\{9C1FAB12-F426-432E-8579-75CAB60C69CF}) (Version: 4.2.0.0594 - Advanced Micro Devices, Inc.)
ANIO Service (HKLM-x32\...\{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}) (Version: - )
Application Profiles (HKLM-x32\...\{4ED980CB-C288-6A80-A3EA-AEECC543058B}) (Version: 2.0.4525.30280 - Advanced Micro Devices, Inc.)
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 7.18.03 - ASUSTeK Computer Inc.)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
ChrisPC DNS Switch 1.40 (HKLM-x32\...\{ECE17478-56C5-4280-AB67-AC2C2CAFA30F}_is1) (Version: - Chris P.C. srl)
Chris-PC Game Booster (HKLM-x32\...\Chris-PC Game Booster_is1) (Version: 2.00 - Chris P.C. srl)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dropbox (HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
Emsisoft Internet Security (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft Ltd)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 3.21.2.1 - Futuremark Corporation)
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HydraVision (x32 Version: 4.2.216.0 - Advanced Micro Devices, Inc.) Hidden
Java 7 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.9.11 - www.leaguereplays.com)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MTA:SA v1.4.0 (HKLM-x32\...\MTA:SA 1.4) (Version: v1.4.0 - Multi Theft Auto)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
osu! (HKLM-x32\...\{ba6599d0-1e00-4060-a455-55382b1c7008}) (Version: latest - ppy Pty Ltd)
PC Probe II (HKLM-x32\...\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}) (Version: 1.04.92 - ASUSTeK Computer Inc.)
RAIDXpert (HKLM-x32\...\InstallShield_{8B76B8E9-F773-4B75-A08C-120079EB765E}) (Version: 3.2.1540.10 - AMD)
RAIDXpert (x32 Version: 3.2.1540.10 - AMD) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6519 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.35436 Beta - TeamViewer)
Turbo Key (HKLM-x32\...\{B83F7FA5-3191-4E39-A1F2-8A9038BD0B04}) (Version: 1.01.03 - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WinSCP 4.3.8 (HKLM-x32\...\winscp3_is1) (Version: 4.3.8 - Martin Prikryl)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{3a022117-d6e3-4fcd-a8a2-d31ed64d8e1e}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
20-12-2014 21:54:28 Removed Façade
20-12-2014 21:57:41 Revo Uninstaller's restore point - D-Link Wireless G DWL-G122_DWA-110
20-12-2014 21:58:21 Removed ANIWZCS2 Service
20-12-2014 21:59:16 Entfernt D-Link Wireless G DWL-G122_DWA-110
20-12-2014 21:59:45 Revo Uninstaller's restore point - DayZ Commander
20-12-2014 22:00:06 Removed DayZ Commander
20-12-2014 22:04:49 Revo Uninstaller's restore point - Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
20-12-2014 22:08:24 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
20-12-2014 22:09:22 Revo Uninstaller's restore point - Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
20-12-2014 22:11:29 Revo Uninstaller's restore point - Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
20-12-2014 22:13:11 Revo Uninstaller's restore point - Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
20-12-2014 22:13:29 Removed Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
20-12-2014 22:16:58 Revo Uninstaller's restore point - Unity Web Player
20-12-2014 22:17:56 Revo Uninstaller's restore point - MorphVOX Junior
20-12-2014 22:18:13 Removed MorphVOX Junior
20-12-2014 22:19:51 Revo Uninstaller's restore point - Java 7 Update 71
20-12-2014 22:20:07 Removed Java 7 Update 71
20-12-2014 22:22:02 Revo Uninstaller's restore point - MorphVOX Pro
20-12-2014 22:22:18 Removed MorphVOX Pro
20-12-2014 22:24:45 Revo Uninstaller's restore point - AI Suite
20-12-2014 22:25:01 Entfernt AI Suite
20-12-2014 22:33:02 Installiert AI Suite
20-12-2014 22:34:09 Revo Uninstaller's restore point - System Requirements Lab CYRI
20-12-2014 22:34:50 Revo Uninstaller's restore point - System Requirements Lab CYRI
20-12-2014 22:35:54 Revo Uninstaller's restore point - The Binding of Isaac
20-12-2014 22:44:36 Revo Uninstaller's restore point - Avast Free Antivirus
20-12-2014 22:45:21 avast! antivirus system restore point
20-12-2014 23:44:15 Gerätetreiber-Paketinstallation: Emsisoft Netzwerkdienst
20-12-2014 23:54:52 Revo Uninstaller's restore point - Metin2
20-12-2014 23:57:45 Revo Uninstaller's restore point - TERA
21-12-2014 00:34:48 Revo Uninstaller's restore point - S.K.I.L.L. - Special Force 2
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-09-27 11:49 - 2014-11-30 21:02 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {002BC456-DB44-4F10-BC5B-16C0AE4B94E5} - System32\Tasks\{35A5A0DE-E4FD-4FCE-A133-406843CE3598} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {00442CFD-6F8A-4E25-B0F7-099CBAF166DD} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {07487D3F-27D3-4242-9986-5805088BC752} - System32\Tasks\{9CD2CBDC-9F17-4183-A776-3C3CDDB91238} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {094AD9FC-9A2A-4434-A267-67318F3AFB3C} - System32\Tasks\{C0BF0233-4710-4F22-B838-C53FD13B197E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {0D5CB102-9F0B-4BEF-9B7C-C8DD85A116EC} - System32\Tasks\{57FA110B-6E92-4EFD-98D9-19C15C00EF98} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {0E945E72-5D2C-4BEE-8169-B44EFAF0C579} - System32\Tasks\{CC321D73-229D-4CDF-9597-05F0B15F5904} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {181CF0AB-DAE3-4E35-A43E-6BCC9EA672F0} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1925287450-1312797874-627100175-1001UA => C:\Users\Issam276\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-19] (Facebook Inc.)
Task: {1B0FF44F-B3B3-4261-9E8C-07E83F04A8CE} - System32\Tasks\{97DA18F4-90B4-45A3-BC74-3C01B81E7603} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {1B9795BE-3E65-435B-A5B7-EE5DED837485} - System32\Tasks\{1DB90D4F-8D72-4AD5-8F36-5C4F0864AD9F} => C:\Program Files (x86)\Opera\Opera.exe
Task: {1D959856-47B4-4D86-A9FD-33900CD35ADF} - System32\Tasks\{D7E5FBB1-D0B1-4F1A-8742-47F989B83816} => C:\Program Files (x86)\Opera\Opera.exe
Task: {1EC122BA-C536-430F-8C35-6F86ECC39FF0} - System32\Tasks\{494A9B35-6058-4C19-A20A-E1DCE48F0786} => C:\Program Files (x86)\Opera\Opera.exe
Task: {217D3CDB-3FEF-4F4E-9156-02BFFFAAE60A} - System32\Tasks\{1CB8B36D-FC19-4546-8C7C-611AF21AD7E1} => pcalua.exe -a C:\ProgramData\Wizard101(DE)\Wizard101.exe -d C:\ProgramData\Wizard101(DE)
Task: {2572CB5E-1A7C-46F1-85B1-B62F4A17C417} - System32\Tasks\{1FBC4539-2901-4DDB-9D2F-862065494E88} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {260A62D5-8017-49B7-871D-68159B4FD231} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1925287450-1312797874-627100175-1001Core => C:\Users\Issam276\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-19] (Facebook Inc.)
Task: {27618943-30C4-4FBF-94B8-8ACB0A6F7E6D} - System32\Tasks\{0C9C72E9-00D2-49A6-8DF4-DAF367138BD8} => C:\Program Files (x86)\Opera\Opera.exe
Task: {2991A55D-1CD8-403C-B255-0C11A6C837E1} - System32\Tasks\{B261FD97-9C57-4F06-9AD3-4052FA220C1D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2B7A7CE2-981F-42D2-8492-CD5D1AF9E827} - System32\Tasks\{B4F0F2F1-B534-4A0D-9DF2-C38AE4C520E9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2CCD6124-8AE7-461C-BE80-4B62D3002340} - System32\Tasks\{3D7EEA60-2C2B-478A-9723-F829C43AC6E5} => C:\Program Files (x86)\Opera\Opera.exe
Task: {2CF1D8CF-0EA9-458A-85A8-561D147B6135} - System32\Tasks\{0B628F86-550A-486F-B114-58C62871B721} => C:\Program Files (x86)\Opera\Opera.exe
Task: {310CC0F8-C247-4599-ACFC-F3CD766E6AD5} - System32\Tasks\{FB8C4083-EF27-4416-85FA-D471CEDE5FB4} => C:\Program Files (x86)\Opera\Opera.exe
Task: {38FF6FD9-3BC6-4F09-959F-F2205181E561} - System32\Tasks\ASUS\Cpu Level Up Hook Lanunch => C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHookLaunch.exe [2009-12-28] ()
Task: {3B272214-852C-4330-841F-3F9FF4F9CB96} - System32\Tasks\{2B6CE963-FF84-494C-A826-01D80631B926} => C:\Program Files (x86)\Opera\Opera.exe
Task: {517D8EB9-77F1-497E-834A-D1FA240CE073} - System32\Tasks\{027A1301-659D-4B41-8A7F-040B74EBA95D} => C:\Program Files (x86)\Opera\Opera.exe
Task: {518389D1-8CCD-4B86-8F41-B077F9C9C618} - System32\Tasks\{EDDBD687-D415-4B69-927A-02931F7F1AAE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {51BFF5FC-5BC5-4DEE-9099-827B8BFB3632} - System32\Tasks\{8383930E-67E3-4379-A09D-4E59914B6389} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5244B6B7-C2C2-416A-8955-6F2586705863} - System32\Tasks\{54F5669B-1BD5-4394-89D5-A6EFBA584ACD} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5250B132-6E5B-47AC-BB16-E9815CC9A9C0} - System32\Tasks\{CAF62C3C-79A4-4066-B1CD-4E0DF30564F9} => pcalua.exe -a "C:\Program Files (x86)\Hotspot Shield\bin\HssInstaller.exe" -d "C:\Program Files (x86)\Hotspot Shield\bin"
Task: {52E12DE9-93B7-4E4B-85D1-DD2EDCEBE48A} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {562A50BF-2E54-45F4-9077-473F7A049562} - System32\Tasks\{6310026B-3E16-4E78-998C-7F30496D8899} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {571A9041-6AA5-4836-BA2B-534C9EB85DCE} - System32\Tasks\{D319D8AB-8433-493A-84FA-D1698EDEAFCE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {577E3FA9-79BA-4694-AE4C-9B609E38C0E9} - System32\Tasks\{DE38B5D4-C035-40D9-848C-B966145964A9} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5AEBC49C-BCC7-4EC1-8951-9B299633E773} - System32\Tasks\{9E9AC548-DCCB-4B5B-9EDB-0E52B9DE5627} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5BE38A7A-4925-497C-82F3-A330FC280BC4} - System32\Tasks\{949BCCD7-1397-41DE-9EF8-11EE2C0CE563} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5C099198-A578-4EEC-92B4-6417465170A1} - System32\Tasks\{41F9C8B0-D0DD-4377-9D24-69E831D0CF7A} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5C4A49C0-89DE-4238-8F91-64CFBFBAEE53} - System32\Tasks\{BB6E67DE-783D-4A31-8585-E7CAEC52E5AA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5F97C91C-7B67-4A52-9DD7-0E6FA102D424} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-22] (Google Inc.)
Task: {60553E3D-46C1-4E1E-A947-FA9307DD2C8C} - System32\Tasks\{74F988AC-9E60-40C7-8D90-CFECFAEE92E1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {627CECAB-2B8F-4A2E-92B9-B140446FE0EC} - System32\Tasks\{90038331-2672-47E4-99D2-E9ECCB36DC14} => C:\Program Files (x86)\Opera\Opera.exe
Task: {6D6DF3D0-D45F-4F6F-B07C-E1FBBD6FD0B9} - System32\Tasks\{59008250-33FF-402A-82FD-577C388040C8} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {717B3FF7-1A14-47F6-8B46-91A57AD183CA} - System32\Tasks\{1FB7ED02-0BF3-4694-A643-44D549B5C376} => C:\Program Files (x86)\Opera\Opera.exe
Task: {722A80F7-B367-438E-82D6-607B2AAE2AD5} - System32\Tasks\{0D1B66EB-8E6C-4941-A849-C02CAA677C49} => C:\Program Files (x86)\Opera\Opera.exe
Task: {7352E960-C7B0-45FE-A83F-F87B5AA6E651} - System32\Tasks\{5F44ABCA-6526-4396-A179-A30F6651B4A5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {740EE1F2-3BC5-4CD5-B694-A5FE540D3E9E} - System32\Tasks\{F6171EAE-04B0-4030-B64B-4B9DF15D3273} => C:\Program Files (x86)\Opera\Opera.exe
Task: {76B86268-4206-4908-ADA8-A9FA15A4F610} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: {7A0C2EDE-2AF3-40D3-8E5E-AC91914B9348} - System32\Tasks\{36BD8F26-454A-45A7-98BC-D772130BD6D1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {7CBDBD19-6CA0-43C5-95A3-B5B0B50A01DB} - System32\Tasks\{B117D272-C5AF-4E62-9F8E-DA7E6CE8FF4E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {7EF615A3-395A-4B8F-AF0B-D79B49D3A554} - System32\Tasks\{064550D4-D75D-402D-AB32-91E23A58D5F4} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {821856F1-ED6B-4965-84E5-2519F0D73FB5} - System32\Tasks\{8424C4DF-A4EC-4B5B-814E-60CE8AB30940} => C:\Program Files (x86)\Opera\Opera.exe
Task: {82F5E65C-C34C-4E7A-BA2B-3EC5834D6E13} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12] (Adobe Systems Incorporated)
Task: {86715FE4-085D-43AB-A67D-906AB668D4A7} - System32\Tasks\{D1BFDBF2-DEA8-4BB9-8474-3A446710C951} => C:\Program Files (x86)\Opera\Opera.exe
Task: {878AA624-33EF-4ADA-BD3A-0D7BEA46656B} - System32\Tasks\{11EE2B2D-9A84-413C-B65A-30FADFE1F4C1} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8A24C11B-1434-4888-BB67-DA4035986E85} - System32\Tasks\{8F6BCC5D-9E79-4A90-A52C-B05FBD3A95EA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {8B9B1B73-C0C4-48B0-A910-7D63871A1890} - System32\Tasks\{CE6A2A80-3982-406F-916F-BF44A1FE93BE} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8C5EA5CA-2168-47C9-A8AD-8D8F8CD43494} - System32\Tasks\{3096790B-F753-40DE-BBBD-C96814C19276} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8D278482-A7C4-4259-B172-CD56F7F3242B} - System32\Tasks\{C307734E-4CEF-40E7-BB76-67E38AFE3245} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {8FB0CF65-18EC-4D9E-84EA-E0C2E70B609A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {9034EE4A-EF7C-4EBC-B8FB-59A0E30DCDCB} - System32\Tasks\{B7D832C7-A1D4-449B-AFB7-35A7D5308265} => C:\Program Files (x86)\Opera\Opera.exe
Task: {9173C9BE-02B5-4B2E-9CDD-85959BAC8FE8} - System32\Tasks\{AA084653-E62A-4321-85C7-E1F14B703E3B} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {92D5F453-D605-4376-BBAF-560DCBF5179E} - System32\Tasks\{08F83017-CD43-415F-BAC5-1B6099D399DE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {9455CECE-75DF-4B1C-8F1C-9D6F22BAF9EE} - System32\Tasks\{1C451F35-6BB4-4E64-9D44-83DA1235BD66} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {97E4E16D-3E9D-4441-B88C-F8DAD136D5AC} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {9B836882-C9AA-46BA-A2BA-B2FBC31A7D1B} - System32\Tasks\{402ED0EB-55E1-49BC-85FF-B611C38007C2} => C:\Program Files (x86)\Opera\Opera.exe
Task: {9DEE72AF-EDDE-4210-860C-D59F8CE425A5} - System32\Tasks\{FEE95010-E0AC-4F29-89EB-CC1D42B7322D} => C:\Program Files (x86)\Opera\Opera.exe
Task: {A0B271A8-0315-4B2F-8A8E-1D955B9A3912} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-22] (Google Inc.)
Task: {A5971EB2-865A-4144-B663-DC582061EE03} - System32\Tasks\{2EB349E6-0751-41BC-9F7E-301AC1E05B93} => C:\Program Files (x86)\Opera\Opera.exe
Task: {A6148E12-0291-4995-AF46-E06D84208F64} - System32\Tasks\{CE3CDE01-297E-4503-BDBC-F6BFCA06FC5A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A67DF276-6D87-4B90-9873-2A2EA8FCE1CB} - System32\Tasks\{F14CFAC1-DBF2-4360-95C4-B2F2F9DB35E4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {AA1BFF9B-0E49-4EB7-B267-2C7CB4A2ED1E} - System32\Tasks\{9276B961-43E2-4972-B3AD-25EACD24D008} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B1677E31-93D0-47CC-AC29-7D496732B34B} - System32\Tasks\{6933359E-E599-4364-BEFF-153E2C84ECF1} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B23234F8-1783-4601-B17A-A749DC43B32C} - System32\Tasks\{CF201C0D-902D-45EC-AB8B-441B32C49B96} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B39E32F9-A4EE-4F1C-AD43-1AFF1EC66810} - System32\Tasks\{520D24F2-56D5-4A8F-A89D-4396E1298D0E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B43C1327-9D38-4105-BA3A-C7AC2DC0A854} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {B4CB886A-F99C-4F83-B319-AC5B4339BAFC} - System32\Tasks\{74BC537C-1377-401A-9CBD-EC70A4E00FE6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B4D142B4-4AB8-4B95-912F-FA662BCB5F05} - System32\Tasks\{816E19F8-6746-42E8-825E-C00C9D8CFF94} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B4F576A8-5746-40C0-878D-8D298BD66F25} - System32\Tasks\{15AA7614-5DDE-4F02-8A19-A95EC0A1D51D} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B8266606-848E-4C36-BA78-1D86A62F2B77} - System32\Tasks\{24C3BC9D-CAFC-4292-BD2A-FFCF0B425D08} => C:\Program Files (x86)\Opera\Opera.exe
Task: {BB7D82FD-251B-4EF7-B078-D7DCE617D964} - System32\Tasks\{8FC938EB-7EAF-4A34-BC9D-AE2F5778B1B1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {BE835B87-3BC8-4D2F-98F4-08EA1738769B} - System32\Tasks\{9A921854-22BF-4FF6-917B-1529CCCD96DB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {BF14D3C2-045B-46CA-95BA-E54E71AA5EE8} - System32\Tasks\{FE9E2570-3D08-4423-AFC3-5C7948AE63B6} => C:\Program Files (x86)\Opera\Opera.exe
Task: {CBB4538C-70A1-4630-8661-5D84D95409E7} - System32\Tasks\{7A14CB27-EE0B-47F1-B055-77F01B48DBC9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {CE491649-14B0-4AE2-AF71-9B80E2717EDE} - System32\Tasks\{9A3B38A4-E24C-4CA3-836B-B69E7E5C4A8F} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D3A08372-F9B6-4E87-B367-CF2D04F990A2} - System32\Tasks\{C58F335D-256C-447C-8F92-0D21522B0AE2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D3ABB6D7-9F40-4E4A-B2B6-72AB46A050F7} - System32\Tasks\{83D83B71-6311-4584-B276-FEF554406168} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D51CC9D5-F8A0-48CA-AF21-4E3C1E57E18A} - System32\Tasks\{E3BA121A-6110-46E2-B350-F190E39F142A} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D55EA148-E054-4415-97C3-733D26CAD4E3} - System32\Tasks\{7B2D31C4-B94E-459C-9AB9-7BA5A6885752} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D68AFE80-D806-4B03-8AF8-0D69B8F3266F} - System32\Tasks\{C0804A57-189E-4D52-A8D5-914BE6EC38F9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D9F0C0DA-2D8C-45BC-8EB1-746DAD06A5AA} - System32\Tasks\{178B6CBE-CD97-4A87-A91B-79970D345AA5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {DE9B3A77-0437-4DAC-A2F6-1C4095755D50} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {DF647FC5-023B-433B-A122-FD19ECBBFB86} - System32\Tasks\{6B5908DA-E475-496F-9C03-92B7931F8B4E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E605C0CD-CF58-4517-9803-90D6F64981E6} - System32\Tasks\{CC42283F-627B-42E6-B065-74187AD2AC1E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E6FF23C5-E38B-446E-8E9D-335C6AF909D1} - System32\Tasks\{174B23CD-95AE-408F-A856-1370A9D536E1} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E709A72E-20A0-408C-8C71-C6281C3A9E2C} - System32\Tasks\{A7B59FCB-77B6-43A8-B48C-A4408A63A05C} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E966568A-61B6-46C0-81ED-FD8F48DFB1A5} - System32\Tasks\{3EF7DE06-5206-4DE0-8481-16D004F97BC7} => C:\Program Files (x86)\Opera\Opera.exe
Task: {EA7EC79F-EE05-40AC-A1AA-EF8F38EE1D94} - System32\Tasks\{0E7C6814-82A5-4652-86AF-0257E8E200B0} => C:\Program Files (x86)\Opera\Opera.exe
Task: {ED2C4059-C99A-478E-AFB7-A89311EE1AF3} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files (x86)\ASUS\AASP\1.01.12\AsLoader.exe [2010-01-13] (ASUSTeK Computer Inc.)
Task: {EE65A338-E67D-4F14-B674-5CBA24CD1AF1} - System32\Tasks\{3FE25692-2DF1-4C8A-83BD-5C0938957293} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F20A80F0-766A-4B7F-98DD-6229DA061883} - System32\Tasks\{6ABFC70E-5286-4F62-8D85-3DB5C7E96535} => C:\Program Files (x86)\Opera\Opera.exe
Task: {FAD1D3B7-6A37-47D3-839D-81888361D8DA} - System32\Tasks\{C4DCDE58-2889-4887-A3A8-759819CB3B00} => C:\Program Files (x86)\Opera\Opera.exe
Task: {FBD60A63-97EE-4455-A187-75DD221AC9B9} - System32\Tasks\{B55E87D1-7DD5-45F3-839C-11D9E63BACE7} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FDA4DAEA-5188-46B1-8E30-64BB76D227AC} - System32\Tasks\{EF6CA142-96C0-4D8A-B1B8-DF46DCB79231} => C:\Program Files (x86)\Opera\Opera.exe
Task: {FE7BAC5A-F911-419A-A23E-1A2FA331CB95} - System32\Tasks\{4C1D5CDD-8AE5-4025-923B-71D4C96C9F47} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FFBA2F6D-660A-4E9F-984C-78AD46ACDCD5} - System32\Tasks\{87B307EE-CC62-4781-8900-89C379B24C05} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1925287450-1312797874-627100175-1001Core.job => C:\Users\Issam276\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1925287450-1312797874-627100175-1001UA.job => C:\Users\Issam276\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-05-01 15:13 - 2014-05-01 15:13 - 00470016 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2013-03-28 21:31 - 2013-03-28 21:31 - 00210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-09-23 12:53 - 2012-09-23 12:53 - 00748544 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-09-23 12:53 - 2012-09-23 12:53 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2009-12-15 16:40 - 2009-12-15 16:40 - 00065536 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
2013-03-28 21:30 - 2013-03-28 21:30 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-07-10 10:29 - 2014-01-05 20:31 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2009-12-15 16:40 - 2009-12-15 16:40 - 00122880 _____ () C:\Windows\SysWOW64\WinMsgBalloonServer.exe
2009-12-15 16:41 - 2009-12-15 16:41 - 00139264 _____ () C:\Windows\SysWOW64\WinMsgBalloonClient.exe
2009-12-15 22:44 - 2009-12-15 22:44 - 00516096 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\libxml2.dll
2012-06-14 14:11 - 2009-04-29 13:24 - 00253952 _____ () C:\Program Files (x86)\ASUS\Turbo Key\pngio.dll
2012-06-14 14:11 - 2009-04-29 13:24 - 00208896 _____ () C:\Program Files (x86)\ASUS\Turbo Key\AiNap.dll
2012-06-14 14:11 - 2009-04-29 13:24 - 00008704 _____ () C:\Program Files (x86)\ASUS\Turbo Key\vvc.dll
2014-12-13 02:32 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-13 02:32 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-13 02:32 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-13 02:32 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: CGVPNCliService => 2
MSCONFIG\Services: EslWireHelper => 2
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: hshld => 2
MSCONFIG\Services: HssTrayService => 3
MSCONFIG\Services: HssWd => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LBTServ => 3
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: OkayFreedom VPN Starter Service => 2
MSCONFIG\Services: OverwolfUpdaterService => 3
MSCONFIG\Services: RalinkRegistryWriter => 2
MSCONFIG\Services: RalinkRegistryWriter64 => 2
MSCONFIG\Services: RaMediaServer => 2
MSCONFIG\Services: SearchAnonymizer => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer8 => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: Spotify => "C:\Users\Issam276\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Issam276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
========================= Accounts: ==========================
Administrator (S-1-5-21-1925287450-1312797874-627100175-500 - Administrator - Disabled)
Gast (S-1-5-21-1925287450-1312797874-627100175-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-1925287450-1312797874-627100175-1002 - Limited - Enabled)
Issam276 (S-1-5-21-1925287450-1312797874-627100175-1001 - Administrator - Enabled) => C:\Users\Issam276
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/21/2014 02:32:47 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Stream product id=0x0066): Streaming Failed
Error: (12/21/2014 02:32:17 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Too many failures while downloading ranges: 2
Error: (12/21/2014 02:29:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/21/2014 02:46:33 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm League of Legends.exe, Version 4.21.0.397 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 1110
Startzeit: 01d01cbeaaacc578
Endzeit: 185
Anwendungspfad: C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.71\deploy\League of Legends.exe
Berichts-ID:
Error: (12/20/2014 11:45:41 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Stream product id=0x0066): Streaming Failed
Error: (12/20/2014 11:44:24 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Too many failures while downloading ranges: 2
Error: (12/20/2014 11:43:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/20/2014 10:22:49 PM) (Source: MsiInstaller) (EventID: 11001) (User: Crounty)
Description: Product: MorphVOX Pro -- Error 1001. Error 1001. Beim Initialisieren der Installation ist eine Ausnahme aufgetreten:
System.IO.FileNotFoundException: Die Datei oder Assembly "file:///C:\Program Files (x86)\Screaming Bee\MorphVOX Pro\MorphDriverUninstall2.dll" oder eine Abhängigkeit davon wurde nicht gefunden. Das System kann die angegebene Datei nicht finden.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (12/20/2014 10:18:42 PM) (Source: MsiInstaller) (EventID: 11001) (User: Crounty)
Description: Product: MorphVOX Junior -- Error 1001. Error 1001. Beim Initialisieren der Installation ist eine Ausnahme aufgetreten:
System.IO.FileNotFoundException: Die Datei oder Assembly "file:///C:\Program Files (x86)\Screaming Bee\MorphVOX Junior\MorphDriverUninstall2.dll" oder eine Abhängigkeit davon wurde nicht gefunden. Das System kann die angegebene Datei nicht finden.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (12/20/2014 10:00:41 PM) (Source: MsiInstaller) (EventID: 11316) (User: Crounty)
Description: Product: DayZ Commander -- Error 1316. Das angegebene Konto ist bereits vorhanden.
System errors:
=============
Error: (12/21/2014 02:27:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/21/2014 02:27:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ANIO Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/20/2014 11:42:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/20/2014 11:42:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/20/2014 11:42:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ANIO Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/20/2014 11:37:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/20/2014 09:58:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ANIO Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/20/2014 02:25:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/20/2014 02:25:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ANIO Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/19/2014 10:54:59 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1053
Microsoft Office Sessions:
=========================
Error: (12/21/2014 02:32:47 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Stream product id=0x0066): Streaming Failed
Error: (12/21/2014 02:32:17 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Too many failures while downloading ranges: 2
Error: (12/21/2014 02:29:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/21/2014 02:46:33 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: League of Legends.exe4.21.0.397111001d01cbeaaacc578185C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.71\deploy\League of Legends.exe
Error: (12/20/2014 11:45:41 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Stream product id=0x0066): Streaming Failed
Error: (12/20/2014 11:44:24 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Too many failures while downloading ranges: 2
Error: (12/20/2014 11:43:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/20/2014 10:22:49 PM) (Source: MsiInstaller) (EventID: 11001) (User: Crounty)
Description: Product: MorphVOX Pro -- Error 1001. Error 1001. Beim Initialisieren der Installation ist eine Ausnahme aufgetreten:
System.IO.FileNotFoundException: Die Datei oder Assembly "file:///C:\Program Files (x86)\Screaming Bee\MorphVOX Pro\MorphDriverUninstall2.dll" oder eine Abhängigkeit davon wurde nicht gefunden. Das System kann die angegebene Datei nicht finden.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (12/20/2014 10:18:42 PM) (Source: MsiInstaller) (EventID: 11001) (User: Crounty)
Description: Product: MorphVOX Junior -- Error 1001. Error 1001. Beim Initialisieren der Installation ist eine Ausnahme aufgetreten:
System.IO.FileNotFoundException: Die Datei oder Assembly "file:///C:\Program Files (x86)\Screaming Bee\MorphVOX Junior\MorphDriverUninstall2.dll" oder eine Abhängigkeit davon wurde nicht gefunden. Das System kann die angegebene Datei nicht finden.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (12/20/2014 10:00:41 PM) (Source: MsiInstaller) (EventID: 11316) (User: Crounty)
Description: Product: DayZ Commander -- Error 1316. Das angegebene Konto ist bereits vorhanden.
(NULL)(NULL)(NULL)(NULL)(NULL)
CodeIntegrity Errors:
===================================
Date: 2014-11-30 20:57:24.409
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-11-30 20:57:24.253
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-29 09:37:48.936
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-29 09:37:48.935
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-29 09:37:48.934
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-29 09:37:48.916
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-29 09:37:48.915
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-29 09:37:48.913
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-28 19:42:21.884
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-28 19:42:21.883
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: AMD FX(tm)-4100 Quad-Core Processor
Percentage of memory in use: 38%
Total physical RAM: 8174.12 MB
Available physical RAM: 4993.23 MB
Total Pagefile: 16346.41 MB
Available Pagefile: 12697.74 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:921.75 GB) (Free:725.96 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B2544B2F)
Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27)
Partition 2: (Active) - (Size=921.7 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter Emsisoft Internet Security - Version 9.0
Letztes Update: 21.12.2014 01:12:30
Benutzerkonto: Crounty\Issam276
Scan Einstellungen:
Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\, Q:\
PUPs-Erkennung: An
Archiv Scan: An
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus
Scan Beginn: 21.12.2014 01:13:51
C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\jimkinmhioifhbgkpmindbifppbnhgii\7.2\uBm_xqmIEl4G.js.vir gefunden: Adware.MultiPlug.CY (B)
C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Roaming\OpenCandy\99FEAAB6906247F389DE3EB4D37B98D6\LinkuryInstaller.msi.vir -> (Embedded CAB) -> BrowserHelper.exe gefunden: Gen:Adware.Heur.bm1@gfQ3oyj (B)
C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Roaming\OpenCandy\99FEAAB6906247F389DE3EB4D37B98D6\LinkuryInstaller.msi.vir -> (Embedded EXE) gefunden: Gen:Adware.Heur.2q@@g5ht0ec (B)
C:\ProgramData\Kaspersky Lab\AVP14.0.0\QB\67cf0e2e67fd7107.klq -> (Quarantine-6) gefunden: Gen:Variant.Adware.BProtector.2 (B)
C:\ProgramData\Kaspersky Lab\AVP14.0.0\QB\695ac9ff29dd1d1d.klq -> (Quarantine-6) gefunden: Gen:Variant.Adware.BProtector.2 (B)
C:\ProgramData\Kaspersky Lab\AVP14.0.0\QB\76d48c65bcfc1037.klq -> (Quarantine-6) gefunden: Gen:Variant.Adware.BProtector.2 (B)
C:\ProgramData\Kaspersky Lab\AVP14.0.0\QB\8c6dc5017209b072.klq -> (Quarantine-6) gefunden: Gen:Variant.Adware.BProtector.2 (B)
C:\ProgramData\Kaspersky Lab\AVP14.0.0\QB\d4e5fae884251c95.klq -> (Quarantine-6) gefunden: Gen:Variant.Adware.BProtector.2 (B)
C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\File System\010\t\00\00000000 gefunden: Application.InstallAd (A)
C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\File System\010\t\00\00000001 gefunden: Application.InstallAd (A)
C:\Users\Issam276\Desktop\zoek.exe gefunden: Trojan.Generic.12189744 (B)
C:\Users\Issam276\vusr56ik69so\vdXFrjXse.CBB gefunden: Trojan.Ciusky.Gen.18 (B)
C:\zoek_backup\C_PROGRA~3_mlcalnbafllpekjinmmklpgcblhlaffh\mlcalnbafllpekjinmmklpgcblhlaffh.crx -> Y6jUEfM.js gefunden: Adware.MultiPlug.CY (B)
C:\zoek_backup\C_PROGRA~3_oeiclgdmiipmnmhjjoncbohblhelhmcd\oeiclgdmiipmnmhjjoncbohblhelhmcd.crx -> L9CC.js gefunden: Adware.MultiPlug.CY (B)
Gescannt 406945
Gefunden 14
Scan Ende: 21.12.2014 02:45:40
Scan Zeit: 1:31:49
C:\zoek_backup\C_PROGRA~3_oeiclgdmiipmnmhjjoncbohblhelhmcd\oeiclgdmiipmnmhjjoncbohblhelhmcd.crx Quarantäne Adware.MultiPlug.CY (B)
C:\zoek_backup\C_PROGRA~3_mlcalnbafllpekjinmmklpgcblhlaffh\mlcalnbafllpekjinmmklpgcblhlaffh.crx Quarantäne Adware.MultiPlug.CY (B)
C:\Users\Issam276\vusr56ik69so\vdXFrjXse.CBB Quarantäne Trojan.Ciusky.Gen.18 (B)
C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\File System\010\t\00\00000001 Quarantäne Application.InstallAd (A)
C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\File System\010\t\00\00000000 Quarantäne Application.InstallAd (A)
C:\ProgramData\Kaspersky Lab\AVP14.0.0\QB\d4e5fae884251c95.klq Quarantäne Gen:Variant.Adware.BProtector.2 (B)
C:\ProgramData\Kaspersky Lab\AVP14.0.0\QB\8c6dc5017209b072.klq Quarantäne Gen:Variant.Adware.BProtector.2 (B)
C:\ProgramData\Kaspersky Lab\AVP14.0.0\QB\76d48c65bcfc1037.klq Quarantäne Gen:Variant.Adware.BProtector.2 (B)
C:\ProgramData\Kaspersky Lab\AVP14.0.0\QB\695ac9ff29dd1d1d.klq Quarantäne Gen:Variant.Adware.BProtector.2 (B)
C:\ProgramData\Kaspersky Lab\AVP14.0.0\QB\67cf0e2e67fd7107.klq Quarantäne Gen:Variant.Adware.BProtector.2 (B)
C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Roaming\OpenCandy\99FEAAB6906247F389DE3EB4D37B98D6\LinkuryInstaller.msi.vir Quarantäne Gen:Adware.Heur.2q@@g5ht0ec (B)
C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\jimkinmhioifhbgkpmindbifppbnhgii\7.2\uBm_xqmIEl4G.js.vir Quarantäne Adware.MultiPlug.CY (B)
Quarantäne 12
Code:
ATTFilter Emsisoft Internet Security - Version 9.0
Letztes Update: 20.12.2014 23:46:44
Benutzerkonto: Crounty\Issam276
Scan Einstellungen:
Scan Methode: Smart Scan
Objekte: Rootkits, Speicher, Traces, C:\Windows\, C:\Program Files\, C:\Program Files (x86)\
PUPs-Erkennung: An
Archiv Scan: Aus
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus
Scan Beginn: 20.12.2014 23:47:46
Key: HKEY_USERS\.DEFAULT\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B} gefunden: Application.AdGenie (A)
Key: HKEY_USERS\S-1-5-20\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B} gefunden: Application.AdGenie (A)
Key: HKEY_USERS\.DEFAULT\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B} gefunden: Application.AdGenie (A)
Key: HKEY_USERS\S-1-5-19\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B} gefunden: Application.AdGenie (A)
Key: HKEY_USERS\S-1-5-20\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B} gefunden: Application.AdGenie (A)
Key: HKEY_USERS\S-1-5-18\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B} gefunden: Application.AdGenie (A)
Key: HKEY_USERS\.DEFAULT\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B} gefunden: Application.AdGenie (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{02478D38-C3F9-4EFB-9B51-7695ECA05670} gefunden: Application.BHO (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS gefunden: Setting.DisableRegistryTools (A)
Value: HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS gefunden: Setting.DisableRegistryTools (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\AU__RASAPI32 gefunden: Application.Win32.InstallExt (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\AU__RASMANCS gefunden: Application.Win32.InstallExt (A)
C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll gefunden: Gen:Adware.Heur.im9@gLahqXi (B)
Gescannt 335117
Gefunden 13
Scan Ende: 21.12.2014 01:01:04
Scan Zeit: 1:13:18
C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll Quarantäne Gen:Adware.Heur.im9@gLahqXi (B)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\AU__RASMANCS Quarantäne Application.Win32.InstallExt (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\AU__RASAPI32 Quarantäne Application.Win32.InstallExt (A)
Value: HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS Quarantäne Setting.DisableRegistryTools (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS Quarantäne Setting.DisableRegistryTools (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Quarantäne Application.BHO (A)
Key: HKEY_USERS\.DEFAULT\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B} Quarantäne Application.AdGenie (A)
Key: HKEY_USERS\S-1-5-20\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B} Quarantäne Application.AdGenie (A)
Key: HKEY_USERS\S-1-5-19\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B} Quarantäne Application.AdGenie (A)
Quarantäne 9
|
|
22.12.2014, 13:24
| #4 |
| /// the machine /// TB-Ausbilder | Google Chrome WTSAPI32.dll fehlerhaft Wer hat denn da schon mit Zoek rumgefixt? Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Revo Uninstaller - Download - Filepony damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren. Dann: https://support.google.com/chrome/answer/3296214?hl=de und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
23.12.2014, 17:37
| #5 |
| | Google Chrome WTSAPI32.dll fehlerhaft War schonmal hier und mir wurde empfohlen Zoek zu nutzen Code:
ATTFilter # AdwCleaner v4.106 - Bericht erstellt am 23/12/2014 um 17:10:22
# Aktualisiert 21/12/2014 von Xplode
# Database : 2014-12-21.4 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Issam276 - CROUNTY
# Gestartet von : C:\Users\Issam276\Desktop\AdwCleaner_4.106.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
***** [ Browser ] *****
-\\ Internet Explorer v0.0.0.0
-\\ Mozilla Firefox v30.0 (de)
-\\ Google Chrome v39.0.2171.95
*************************
AdwCleaner[R0].txt - [63604 octets] - [03/03/2014 18:43:08]
AdwCleaner[R1].txt - [92447 octets] - [03/03/2014 18:46:55]
AdwCleaner[R2].txt - [2001 octets] - [12/03/2014 18:44:14]
AdwCleaner[R3].txt - [25903 octets] - [10/05/2014 17:14:56]
AdwCleaner[R4].txt - [1892 octets] - [23/12/2014 17:05:15]
AdwCleaner[S0].txt - [79181 octets] - [03/03/2014 19:10:25]
AdwCleaner[S1].txt - [23644 octets] - [10/05/2014 18:38:24]
AdwCleaner[S2].txt - [1805 octets] - [23/12/2014 17:10:22]
########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1865 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Home Premium x64
Ran by Issam276 on 23.12.2014 at 17:13:16,98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.12.2014 at 17:22:02,85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-12-2014
Ran by Issam276 (administrator) on CROUNTY on 23-12-2014 17:34:33
Running from C:\Users\Issam276\Desktop
Loaded Profile: Issam276 (Available profiles: Issam276 & Gast & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Internet Security\a2service.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
() C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Akamai Technologies, Inc.) C:\Users\Issam276\AppData\Local\Akamai\netsession_win.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Spotify Ltd) C:\Users\Issam276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Akamai Technologies, Inc.) C:\Users\Issam276\AppData\Local\Akamai\netsession_win.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Internet Security\a2guard.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Windows\SysWOW64\WinMsgBalloonServer.exe
() C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.231\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.15\deploy\LoLPatcher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.123\deploy\LolClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7204568 2013-12-28] (Realtek Semiconductor)
HKLM-x32\...\Run: [Turbo Key] => C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe [1874432 2009-11-24] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Cpu Level Up help] => C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe [887936 2009-12-28] ()
HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft internet security\a2guard.exe [4954576 2014-12-01] (Emsisoft GmbH)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Issam276\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-09-15] (AMD)
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Run: [Spotify Web Helper] => C:\Users\Issam276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-12] (Spotify Ltd)
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Policies\system: [EnableLUA] 0
HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30524520 2014-11-27] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1925287450-1312797874-627100175-1001 -> Backup.Old.DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233}
SearchScopes: HKU\S-1-5-21-1925287450-1312797874-627100175-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1925287450-1312797874-627100175-1001 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-flv
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{BF86312B-8016-42B1-B232-8DED504D4B33}: [NameServer] 81.173.194.68,212.117.68.10
FireFox:
========
FF ProfilePath: C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197\searchplugins\yahoo_ff.xml
FF Extension: Adblock Plus - C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-02-22]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF Extension: No Name - C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197\extensions\ascsurfingprotection@iobit.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR HomePage: Default -> https://www.google.de/
CHR StartupUrls: Default -> "https://www.google.de/"
CHR DefaultSearchKeyword: Default -> google.de_
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-12-23]
CHR Extension: (Google Präsentationen) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-01]
CHR Extension: (Google Docs) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-01]
CHR Extension: (Google Drive) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-01]
CHR Extension: (WOT) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-12-23]
CHR Extension: (MEGA) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2014-12-23]
CHR Extension: (YouTube) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-01]
CHR Extension: (Adblock Plus) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-12-23]
CHR Extension: (Google-Suche) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-01]
CHR Extension: (Google Tabellen) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-01]
CHR Extension: (League of Legends(LoL) For New Tab) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\hagfodkdlfpceodghmlnbjafkcdjnifd [2014-12-23]
CHR Extension: (Ghostery) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-12-23]
CHR Extension: (Google Wallet) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-01]
CHR Extension: (Google Mail) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-01]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Internet Security\a2service.exe [4907232 2014-12-01] (Emsisoft GmbH)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.) [File not signed]
R2 AMD_RAIDXpert; C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [122880 2009-12-15] (AMD) [File not signed]
S4 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [136616 2012-05-10] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-08-19] (ASUSTeK Computer Inc.) [File not signed]
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-09-25] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-01-05] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5405456 2014-11-12] (TeamViewer GmbH)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
S4 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [X]
S3 npggsvc; C:\Windows\system32\GameMon.des -service [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT INTERNET SECURITY\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Internet Security\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Internet Security\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Internet Security\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH)
S2 ANIO; C:\Windows\SysWOW64\ANIO.SYS [28205 2003-05-05] (Alpha Networks Inc.) [File not signed]
R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2009-03-06] ()
R2 AODDriver4.2.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [57472 2012-05-10] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2014-06-29] (The OpenVPN Project)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Internet Security\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
S3 cpuz130; No ImagePath
S3 dump_wmimmc; No ImagePath
R2 ESLWireAC; C:\Windows\system32\drivers\ESLWireACD.sys [160784 2012-12-17] (<Turtle Entertainment>)
S3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)
R3 fwndis; C:\Windows\System32\DRIVERS\fwndis64.sys [484952 2014-12-01] ()
R1 fwwfp; C:\Program Files (x86)\Emsisoft Internet Security\fwwfp764.sys [414424 2014-12-01] ()
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-01] (INCA Internet Co., Ltd.) [File not signed]
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [53760 2012-09-28] (Apple, Inc.) [File not signed]
S3 X6va008; No ImagePath
S3 X6va009; No ImagePath
S3 X6va012; No ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S3 netr28ux; system32\DRIVERS\netr28ux.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-23 17:31 - 2014-12-23 17:31 - 00002253 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-23 17:31 - 2014-12-23 17:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-23 17:30 - 2014-12-23 17:30 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-12-23 17:30 - 2014-12-23 17:30 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-12-23 17:30 - 2014-12-23 17:30 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-23 17:30 - 2014-12-23 17:30 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-23 17:24 - 2014-12-23 17:25 - 00880784 _____ (Google Inc.) C:\Users\Issam276\Downloads\ChromeSetup.exe
2014-12-23 17:23 - 2014-12-23 17:24 - 00040936 _____ () C:\Users\Issam276\Desktop\Addition.txt
2014-12-23 17:22 - 2014-12-23 17:22 - 00000698 _____ () C:\Users\Issam276\Desktop\JRT.txt
2014-12-23 17:13 - 2014-12-23 17:13 - 00000000 ____D () C:\Windows\ERUNT
2014-12-23 17:12 - 2014-12-23 17:12 - 01707646 _____ (Thisisu) C:\Users\Issam276\Downloads\JRT.exe
2014-12-23 17:04 - 2014-12-23 17:03 - 02173952 _____ () C:\Users\Issam276\Desktop\AdwCleaner_4.106.exe
2014-12-23 17:03 - 2014-12-23 17:03 - 02173952 _____ () C:\Users\Issam276\Downloads\AdwCleaner_4.106.exe
2014-12-22 00:22 - 2014-12-22 00:22 - 02666496 _____ () C:\Users\Issam276\Downloads\IPCamAdapter.msi
2014-12-22 00:00 - 2014-12-22 00:00 - 00167296 _____ (Gibson Research Corp.) C:\Users\Issam276\Downloads\DNSBench.exe
2014-12-21 21:19 - 2014-12-21 21:19 - 00001613 _____ () C:\Users\Public\Desktop\League of Legends.lnk
2014-12-21 21:19 - 2014-12-21 21:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-12-21 21:13 - 2014-12-21 21:13 - 30668968 _____ (Riot Games) C:\Users\Issam276\Downloads\LeagueofLegends_EUW_Installer_9_15_2014.exe
2014-12-21 16:19 - 2014-12-21 16:18 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-21 16:16 - 2014-12-21 16:16 - 00638376 _____ (Oracle Corporation) C:\Users\Issam276\Downloads\jre-8u25-windows-i586-iftw.exe
2014-12-21 16:10 - 2014-12-21 16:10 - 00852505 _____ () C:\Users\Issam276\Downloads\SecurityCheck.exe
2014-12-21 14:36 - 2014-12-23 17:34 - 00020634 _____ () C:\Users\Issam276\Desktop\FRST.txt
2014-12-21 04:09 - 2014-12-21 04:09 - 05073240 _____ (Microsoft Corporation) C:\Users\Issam276\Downloads\vcredist_x86.exe
2014-12-21 04:00 - 2014-12-21 04:08 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\BoL
2014-12-21 03:56 - 2014-12-21 03:56 - 00000270 _____ () C:\Users\Issam276\Downloads\Relog.zip
2014-12-21 03:54 - 2014-12-21 03:54 - 00000157 _____ () C:\Users\Issam276\Downloads\doGout.rar
2014-12-21 03:52 - 2014-12-21 03:54 - 00000000 ____D () C:\Users\Issam276\Desktop\sadsdasda
2014-12-21 03:51 - 2014-12-21 03:52 - 11539006 _____ () C:\Users\Issam276\Downloads\Bot of Legends.rar
2014-12-21 01:22 - 2014-12-21 01:23 - 00031608 _____ () C:\Users\Issam276\Downloads\mwb_scan.zip
2014-12-21 01:01 - 2014-12-21 01:01 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-12-20 23:44 - 2014-12-20 23:44 - 00001132 _____ () C:\Users\Public\Desktop\Emsisoft Internet Security.lnk
2014-12-20 23:44 - 2014-12-20 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Internet Security
2014-12-20 23:43 - 2014-12-23 17:32 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Internet Security
2014-12-20 23:43 - 2014-12-01 16:55 - 00484952 _____ () C:\Windows\system32\Drivers\fwndis64.sys
2014-12-20 23:42 - 2014-12-20 23:42 - 00001710 _____ () C:\EamClean.log
2014-12-20 23:36 - 2014-12-20 23:36 - 04095448 _____ (BrightFort LLC ) C:\Users\Issam276\Downloads\spywareblastersetup50.exe
2014-12-20 23:36 - 2014-12-20 23:36 - 00448512 _____ (OldTimer Tools) C:\Users\Issam276\Downloads\TFC.exe
2014-12-20 23:36 - 2014-12-20 23:36 - 00448512 _____ (OldTimer Tools) C:\Users\Issam276\Desktop\TFC.exe
2014-12-20 23:18 - 2014-12-20 23:20 - 170332104 _____ (Emsisoft Ltd ) C:\Users\Issam276\Downloads\EmsisoftInternetSecuritySetup.exe
2014-12-20 23:10 - 2014-12-20 23:10 - 02122240 _____ (Farbar) C:\Users\Issam276\Downloads\FRST64.exe
2014-12-20 23:10 - 2014-12-20 23:10 - 02122240 _____ (Farbar) C:\Users\Issam276\Desktop\FRST64.exe
2014-12-20 22:48 - 2014-12-20 23:42 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-12-20 22:34 - 2014-12-20 22:34 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-12-20 22:33 - 2008-01-04 13:34 - 00011832 _____ () C:\Windows\SysWOW64\Drivers\AsInsHelp64.sys
2014-12-20 22:33 - 2008-01-04 13:34 - 00010216 _____ () C:\Windows\SysWOW64\Drivers\AsInsHelp32.sys
2014-12-20 22:12 - 2014-12-20 22:12 - 05718872 _____ (Microsoft Corporation) C:\Users\Issam276\Downloads\vcredist_x64 (2).exe
2014-12-20 22:11 - 2014-12-20 22:11 - 05718872 _____ (Microsoft Corporation) C:\Users\Issam276\Downloads\vcredist_x64 (1).exe
2014-12-20 22:08 - 2014-12-20 22:08 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-20 22:07 - 2014-12-20 22:07 - 07190152 _____ (Microsoft Corporation) C:\Users\Issam276\Downloads\vcredist_x64.exe
2014-12-20 21:51 - 2014-12-20 21:51 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-12-20 21:42 - 2014-12-20 21:42 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Issam276\Downloads\revosetup95.exe
2014-12-20 21:42 - 2014-12-20 21:42 - 00001270 _____ () C:\Users\Issam276\Desktop\Revo Uninstaller.lnk
2014-12-20 21:42 - 2014-12-20 21:42 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-12-20 21:40 - 2014-12-20 21:41 - 170178096 _____ (Emsisoft Ltd ) C:\Users\Issam276\Downloads\EmsisoftAntiMalwareSetup.exe
2014-12-19 17:31 - 2014-12-19 17:31 - 00985600 _____ () C:\Users\Issam276\Downloads\MicrosoftFixit50123.msi
2014-12-19 15:53 - 2014-12-19 15:53 - 00000000 ____D () C:\ComboFix
2014-12-13 22:22 - 2014-12-13 22:22 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Blizzard
2014-12-13 22:14 - 2014-12-13 22:22 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-12-13 22:14 - 2014-12-13 22:14 - 00001161 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-12-13 22:14 - 2014-12-13 22:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-12-13 13:17 - 2014-12-13 13:17 - 00000731 _____ () C:\Users\Issam276\mabast suckt.txt
2014-12-12 19:40 - 2014-12-12 19:40 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-12 17:42 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-12 17:42 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-12 17:42 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-12 17:42 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-12 17:42 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-12 17:42 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-12 17:42 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-12 17:42 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-12 17:42 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-12 17:42 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-12 16:26 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-12 16:26 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-12 16:26 - 2014-11-24 23:12 - 17874432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-12 16:26 - 2014-11-24 22:59 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-12 16:26 - 2014-11-24 22:54 - 10921984 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-12 16:26 - 2014-11-24 22:53 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-12 16:26 - 2014-11-24 22:47 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-12 16:26 - 2014-11-24 22:47 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-12 16:26 - 2014-11-24 22:45 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-12 16:26 - 2014-11-24 22:45 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-12-12 16:26 - 2014-11-24 22:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 02157056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-12 16:26 - 2014-11-24 22:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-12-12 16:26 - 2014-11-24 22:43 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-12 16:26 - 2014-11-24 22:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-12 16:26 - 2014-11-24 22:43 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-12-12 16:26 - 2014-11-24 22:42 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-12 16:26 - 2014-11-24 21:44 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-12 16:26 - 2014-11-24 21:41 - 12369920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-12 16:26 - 2014-11-24 21:40 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-12 16:26 - 2014-11-24 21:37 - 09740800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-12 16:26 - 2014-11-24 21:35 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-12 16:26 - 2014-11-24 21:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-12 16:26 - 2014-11-24 21:34 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-12 16:26 - 2014-11-24 21:34 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 01802752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-12 16:26 - 2014-11-24 21:33 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-12-12 16:26 - 2014-11-24 21:32 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-12 16:26 - 2014-11-24 21:32 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-12 16:26 - 2014-11-24 21:32 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-12 16:26 - 2014-11-24 21:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-12 16:26 - 2014-11-24 21:32 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-12 16:26 - 2014-11-24 21:32 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-12-12 16:26 - 2014-11-24 21:32 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-12-12 16:26 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-12 16:26 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-12 16:26 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-12 16:26 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-12 16:26 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-12 16:26 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-12 16:26 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-12 16:26 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-12 16:26 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-12 16:26 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-12 16:26 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-12 16:26 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-12 16:26 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-12 16:26 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-12 16:26 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-12 16:25 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-12 16:25 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-06 18:13 - 2014-12-06 18:13 - 00146183 _____ () C:\Users\Issam276\Downloads\YouTube-Unblocker-056.crx
2014-12-06 17:48 - 2014-12-08 14:45 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-12-06 17:48 - 2014-12-06 17:48 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Yahoo!
2014-12-06 17:43 - 2014-12-06 17:44 - 04998707 _____ () C:\Users\Issam276\Downloads\flvplayer_setup20_25.exe
2014-12-05 17:14 - 2014-12-05 17:14 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\xulrunner
2014-12-05 17:13 - 2014-12-05 17:13 - 10124389 _____ () C:\Users\Issam276\AppData\Roaming\xulrunner.zip
2014-12-04 16:29 - 2014-12-04 16:29 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Secunia PSI
2014-12-03 11:25 - 2014-12-03 11:30 - 441252901 _____ () C:\Users\Issam276\Downloads\League Of Legends.mp4
2014-12-01 21:34 - 2014-12-01 21:34 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Steganos
2014-11-30 23:30 - 2014-12-01 00:12 - 00000000 ____D () C:\zoek_backup
2014-11-30 23:30 - 2014-11-30 23:30 - 01294848 _____ () C:\Users\Issam276\Desktop\zoek.exe
2014-11-30 22:22 - 2014-12-05 17:28 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-30 21:10 - 2014-11-30 21:10 - 00031862 _____ () C:\ComboFix.txt
2014-11-30 20:47 - 2014-11-30 21:10 - 00000000 ____D () C:\Qoobox
2014-11-30 20:47 - 2014-11-30 21:08 - 00000000 ____D () C:\Windows\erdnt
2014-11-30 20:47 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-30 20:47 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-30 20:47 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-30 20:46 - 2014-12-19 15:52 - 05601641 ____R (Swearware) C:\Users\Issam276\Desktop\ComboFix.exe
2014-11-30 20:14 - 2014-12-23 17:11 - 00997672 _____ () C:\Windows\PFRO.log
2014-11-30 20:14 - 2014-12-23 17:11 - 00006660 _____ () C:\Windows\setupact.log
2014-11-30 20:14 - 2014-11-30 20:14 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-30 19:53 - 2014-11-19 16:25 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-11-30 19:50 - 2014-11-30 19:54 - 00001467 _____ () C:\Windows\SecuniaPackage.log
2014-11-30 19:41 - 2014-11-30 19:41 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-11-30 15:25 - 2014-11-30 15:25 - 00001174 _____ () C:\Users\Issam276\Desktop\Avast Internet Security License File.rar
2014-11-30 01:25 - 2014-11-30 01:25 - 01093536 _____ () C:\Users\Issam276\Documents\cc_20141130_012508.reg
2014-11-29 22:20 - 2014-11-29 22:20 - 00001049 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2014-11-29 18:05 - 2014-11-29 18:05 - 00000000 ____D () C:\Users\Issam276\Documents\Diablo III
2014-11-29 00:10 - 2014-11-29 18:04 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-11-29 00:10 - 2014-11-29 00:10 - 00001162 _____ () C:\Users\Public\Desktop\Diablo III.lnk
2014-11-29 00:10 - 2014-11-29 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2014-11-29 00:03 - 2014-12-16 20:30 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Battle.net
2014-11-29 00:03 - 2014-11-29 00:03 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Battle.net
2014-11-29 00:03 - 2014-11-29 00:03 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Blizzard Entertainment
2014-11-29 00:02 - 2014-12-13 22:14 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-11-29 00:02 - 2014-11-29 00:02 - 00001124 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-11-29 00:02 - 2014-11-29 00:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-23 17:34 - 2014-06-28 19:29 - 00000000 ____D () C:\FRST
2014-12-23 17:32 - 2012-06-14 15:08 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\TS3Client
2014-12-23 17:31 - 2013-02-22 18:07 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-23 17:27 - 2012-06-14 13:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-23 17:21 - 2012-06-15 15:21 - 00000000 ____D () C:\Users\Issam276\Desktop\Alles
2014-12-23 17:19 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-23 17:19 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-23 17:15 - 2014-07-04 02:28 - 01524381 _____ () C:\Windows\WindowsUpdate.log
2014-12-23 17:11 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-23 17:10 - 2014-03-03 18:42 - 00000000 ____D () C:\AdwCleaner
2014-12-23 03:40 - 2014-11-07 17:57 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Spotify
2014-12-22 03:57 - 2012-06-29 19:50 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Skype
2014-12-21 21:19 - 2014-05-11 10:31 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Riot Games
2014-12-21 19:31 - 2012-09-19 17:23 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Facebook
2014-12-21 18:15 - 2012-06-12 10:08 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-21 17:06 - 2011-04-12 08:43 - 00770016 _____ () C:\Windows\system32\perfh007.dat
2014-12-21 17:06 - 2011-04-12 08:43 - 00174334 _____ () C:\Windows\system32\perfc007.dat
2014-12-21 17:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-12-21 17:05 - 2012-09-22 13:39 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\SoftGrid Client
2014-12-21 17:01 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-21 16:51 - 2012-10-03 08:30 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\HpUpdate
2014-12-21 16:51 - 2012-09-25 18:22 - 00000000 ____D () C:\Program Files (x86)\HP
2014-12-21 16:22 - 2013-08-23 11:40 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-21 16:22 - 2012-06-21 17:01 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Adobe
2014-12-21 16:22 - 2012-06-14 13:47 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-21 16:22 - 2012-06-14 13:47 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-21 00:35 - 2014-09-06 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-12-21 00:00 - 2014-11-18 17:48 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\TERA
2014-12-20 23:42 - 2014-06-29 19:05 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-12-20 22:46 - 2013-07-10 17:40 - 00000000 ____D () C:\Users\DefaultAppPool
2014-12-20 22:36 - 2014-09-07 12:39 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-20 22:33 - 2012-06-14 14:10 - 00000000 ____D () C:\Windows\System32\Tasks\ASUS
2014-12-20 22:33 - 2012-06-14 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-12-20 22:33 - 2012-06-14 14:09 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-12-20 22:24 - 2013-02-01 21:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee
2014-12-20 22:21 - 2012-09-02 16:31 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-20 22:17 - 2012-09-14 17:26 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Unity
2014-12-20 21:59 - 2012-06-22 13:27 - 00000000 ____D () C:\Program Files (x86)\D-Link
2014-12-20 21:50 - 2012-06-14 13:52 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\InfraRecorder
2014-12-18 22:16 - 2013-04-27 07:45 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Spotify
2014-12-15 16:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-13 14:36 - 2013-02-02 10:54 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-13 14:36 - 2012-06-29 19:50 - 00000000 ____D () C:\ProgramData\Skype
2014-12-13 13:17 - 2012-06-14 12:17 - 00000000 ____D () C:\Users\Issam276
2014-12-12 19:40 - 2014-05-06 19:56 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-12 19:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-12 17:50 - 2013-08-21 23:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-12 17:43 - 2012-06-17 14:06 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-12 17:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-06 17:40 - 2014-08-10 06:44 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Windows Live
2014-12-05 17:28 - 2014-06-28 16:36 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-05 17:28 - 2014-06-28 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-12-05 17:28 - 2014-06-28 16:36 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-12-01 21:50 - 2012-12-08 09:39 - 00066256 _____ () C:\Users\Issam276\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-01 21:48 - 2012-12-08 09:38 - 04913880 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-01 21:47 - 2012-09-25 18:21 - 00006178 _____ () C:\ProgramData\hpzinstall.log
2014-12-01 21:38 - 2012-09-25 18:21 - 00000000 ____D () C:\ProgramData\HP
2014-12-01 21:33 - 2013-02-22 16:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-01 00:13 - 2014-02-11 12:15 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Comodo
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-12-01 00:08 - 2014-02-14 17:14 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-12-01 00:08 - 2014-02-14 17:14 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-12-01 00:08 - 2013-06-26 12:08 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-12-01 00:08 - 2012-07-03 17:11 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Google
2014-11-30 23:59 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-11-30 23:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-11-30 22:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PLA
2014-11-30 21:10 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-11-30 21:02 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-11-30 20:13 - 2014-03-03 17:37 - 00000000 ____D () C:\Windows\system32\log
2014-11-30 19:39 - 2012-11-18 14:41 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-30 19:39 - 2012-11-18 14:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-30 19:39 - 2012-06-14 13:52 - 00000000 ____D () C:\Program Files\WinRAR
2014-11-30 19:26 - 2014-08-31 20:00 - 00000000 ___RD () C:\Users\Issam276\Dropbox
2014-11-30 19:17 - 2014-08-31 19:58 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Dropbox
2014-11-30 19:16 - 2014-08-31 20:00 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-30 12:19 - 2014-11-01 20:28 - 00000000 ____D () C:\Users\Issam276\AppData\Local\osu!
2014-11-30 01:24 - 2012-06-27 18:39 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\TeamViewer
2014-11-30 01:24 - 2012-06-15 15:18 - 00000000 ____D () C:\Windows\Minidump
2014-11-29 22:20 - 2012-06-14 13:02 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-11-29 10:13 - 2013-01-25 19:07 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\.minecraft
2014-11-27 22:18 - 2009-07-14 06:13 - 01799304 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-24 14:04 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
Files to move or delete:
====================
C:\Users\Issam276\jagex_cl_oldschool_LIVE.dat
C:\Users\Issam276\jagex_cl_runescape_LIVE.dat
C:\Users\Issam276\random.dat
Some content of TEMP:
====================
C:\Users\Issam276\AppData\Local\Temp\Quarantine.exe
C:\Users\Issam276\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-15 16:36
==================== End Of Log ============================
--- --- --- --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-12-2014
Ran by Issam276 at 2014-12-23 17:35:00
Running from C:\Users\Issam276\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Emsisoft Internet Security (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Internet Security (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
FW: Emsisoft Internet Security (Enabled) {BD3F5FCA-866B-1E2E-0A68-58900A751EA1}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AI Suite (HKLM-x32\...\{310BC5E2-31AF-49BB-904D-E71EB93645DC}) (Version: 1.06.22 - )
Akamai NetSession Interface (HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{2BFD590F-1D73-3533-E734-FDDAC3746E4A}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM-x32\...\{9C1FAB12-F426-432E-8579-75CAB60C69CF}) (Version: 4.2.0.0594 - Advanced Micro Devices, Inc.)
ANIO Service (HKLM-x32\...\{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}) (Version: - )
Application Profiles (HKLM-x32\...\{4ED980CB-C288-6A80-A3EA-AEECC543058B}) (Version: 2.0.4525.30280 - Advanced Micro Devices, Inc.)
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 7.18.03 - ASUSTeK Computer Inc.)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Chris-PC Game Booster (HKLM-x32\...\Chris-PC Game Booster_is1) (Version: 2.00 - Chris P.C. srl)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dropbox (HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
Emsisoft Internet Security (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft Ltd)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HydraVision (x32 Version: 4.2.216.0 - Advanced Micro Devices, Inc.) Hidden
Java 7 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MTA:SA v1.4.0 (HKLM-x32\...\MTA:SA 1.4) (Version: v1.4.0 - Multi Theft Auto)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
osu! (HKLM-x32\...\{ba6599d0-1e00-4060-a455-55382b1c7008}) (Version: latest - ppy Pty Ltd)
PC Probe II (HKLM-x32\...\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}) (Version: 1.04.92 - ASUSTeK Computer Inc.)
RAIDXpert (HKLM-x32\...\InstallShield_{8B76B8E9-F773-4B75-A08C-120079EB765E}) (Version: 3.2.1540.10 - AMD)
RAIDXpert (x32 Version: 3.2.1540.10 - AMD) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6519 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.35436 Beta - TeamViewer)
Turbo Key (HKLM-x32\...\{B83F7FA5-3191-4E39-A1F2-8A9038BD0B04}) (Version: 1.01.03 - )
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WinSCP 4.3.8 (HKLM-x32\...\winscp3_is1) (Version: 4.3.8 - Martin Prikryl)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{3a022117-d6e3-4fcd-a8a2-d31ed64d8e1e}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
21-12-2014 18:15:32 Revo Uninstaller's restore point - Futuremark SystemInfo
21-12-2014 21:13:15 Revo Uninstaller's restore point - League of Legends
21-12-2014 21:13:34 Removed League of Legends
21-12-2014 21:18:29 Revo Uninstaller's restore point - LOLReplay
21-12-2014 21:18:35 Installed League of Legends
21-12-2014 21:19:13 DirectX wurde installiert
21-12-2014 21:50:17 Revo Uninstaller's restore point - ChrisPC DNS Switch 1.40
22-12-2014 00:22:17 Installed IP Camera Adapter
23-12-2014 17:25:24 Revo Uninstaller's restore point - Google Chrome
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-09-27 11:49 - 2014-11-30 21:02 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {002BC456-DB44-4F10-BC5B-16C0AE4B94E5} - System32\Tasks\{35A5A0DE-E4FD-4FCE-A133-406843CE3598} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {00442CFD-6F8A-4E25-B0F7-099CBAF166DD} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {07487D3F-27D3-4242-9986-5805088BC752} - System32\Tasks\{9CD2CBDC-9F17-4183-A776-3C3CDDB91238} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {094AD9FC-9A2A-4434-A267-67318F3AFB3C} - System32\Tasks\{C0BF0233-4710-4F22-B838-C53FD13B197E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {0D5CB102-9F0B-4BEF-9B7C-C8DD85A116EC} - System32\Tasks\{57FA110B-6E92-4EFD-98D9-19C15C00EF98} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {0E945E72-5D2C-4BEE-8169-B44EFAF0C579} - System32\Tasks\{CC321D73-229D-4CDF-9597-05F0B15F5904} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {1B0FF44F-B3B3-4261-9E8C-07E83F04A8CE} - System32\Tasks\{97DA18F4-90B4-45A3-BC74-3C01B81E7603} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {1B9795BE-3E65-435B-A5B7-EE5DED837485} - System32\Tasks\{1DB90D4F-8D72-4AD5-8F36-5C4F0864AD9F} => C:\Program Files (x86)\Opera\Opera.exe
Task: {1D959856-47B4-4D86-A9FD-33900CD35ADF} - System32\Tasks\{D7E5FBB1-D0B1-4F1A-8742-47F989B83816} => C:\Program Files (x86)\Opera\Opera.exe
Task: {1EC122BA-C536-430F-8C35-6F86ECC39FF0} - System32\Tasks\{494A9B35-6058-4C19-A20A-E1DCE48F0786} => C:\Program Files (x86)\Opera\Opera.exe
Task: {217D3CDB-3FEF-4F4E-9156-02BFFFAAE60A} - System32\Tasks\{1CB8B36D-FC19-4546-8C7C-611AF21AD7E1} => pcalua.exe -a C:\ProgramData\Wizard101(DE)\Wizard101.exe -d C:\ProgramData\Wizard101(DE)
Task: {2572CB5E-1A7C-46F1-85B1-B62F4A17C417} - System32\Tasks\{1FBC4539-2901-4DDB-9D2F-862065494E88} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {27618943-30C4-4FBF-94B8-8ACB0A6F7E6D} - System32\Tasks\{0C9C72E9-00D2-49A6-8DF4-DAF367138BD8} => C:\Program Files (x86)\Opera\Opera.exe
Task: {2991A55D-1CD8-403C-B255-0C11A6C837E1} - System32\Tasks\{B261FD97-9C57-4F06-9AD3-4052FA220C1D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2B7A7CE2-981F-42D2-8492-CD5D1AF9E827} - System32\Tasks\{B4F0F2F1-B534-4A0D-9DF2-C38AE4C520E9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2CCD6124-8AE7-461C-BE80-4B62D3002340} - System32\Tasks\{3D7EEA60-2C2B-478A-9723-F829C43AC6E5} => C:\Program Files (x86)\Opera\Opera.exe
Task: {2CF1D8CF-0EA9-458A-85A8-561D147B6135} - System32\Tasks\{0B628F86-550A-486F-B114-58C62871B721} => C:\Program Files (x86)\Opera\Opera.exe
Task: {310CC0F8-C247-4599-ACFC-F3CD766E6AD5} - System32\Tasks\{FB8C4083-EF27-4416-85FA-D471CEDE5FB4} => C:\Program Files (x86)\Opera\Opera.exe
Task: {38FF6FD9-3BC6-4F09-959F-F2205181E561} - System32\Tasks\ASUS\Cpu Level Up Hook Lanunch => C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHookLaunch.exe [2009-12-28] ()
Task: {3B272214-852C-4330-841F-3F9FF4F9CB96} - System32\Tasks\{2B6CE963-FF84-494C-A826-01D80631B926} => C:\Program Files (x86)\Opera\Opera.exe
Task: {4D020374-93EC-4337-92A7-F01F2B25AB76} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-23] (Google Inc.)
Task: {517D8EB9-77F1-497E-834A-D1FA240CE073} - System32\Tasks\{027A1301-659D-4B41-8A7F-040B74EBA95D} => C:\Program Files (x86)\Opera\Opera.exe
Task: {518389D1-8CCD-4B86-8F41-B077F9C9C618} - System32\Tasks\{EDDBD687-D415-4B69-927A-02931F7F1AAE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {51BFF5FC-5BC5-4DEE-9099-827B8BFB3632} - System32\Tasks\{8383930E-67E3-4379-A09D-4E59914B6389} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5244B6B7-C2C2-416A-8955-6F2586705863} - System32\Tasks\{54F5669B-1BD5-4394-89D5-A6EFBA584ACD} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5250B132-6E5B-47AC-BB16-E9815CC9A9C0} - System32\Tasks\{CAF62C3C-79A4-4066-B1CD-4E0DF30564F9} => pcalua.exe -a "C:\Program Files (x86)\Hotspot Shield\bin\HssInstaller.exe" -d "C:\Program Files (x86)\Hotspot Shield\bin"
Task: {52E12DE9-93B7-4E4B-85D1-DD2EDCEBE48A} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
Task: {562A50BF-2E54-45F4-9077-473F7A049562} - System32\Tasks\{6310026B-3E16-4E78-998C-7F30496D8899} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {571A9041-6AA5-4836-BA2B-534C9EB85DCE} - System32\Tasks\{D319D8AB-8433-493A-84FA-D1698EDEAFCE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {577E3FA9-79BA-4694-AE4C-9B609E38C0E9} - System32\Tasks\{DE38B5D4-C035-40D9-848C-B966145964A9} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5AEBC49C-BCC7-4EC1-8951-9B299633E773} - System32\Tasks\{9E9AC548-DCCB-4B5B-9EDB-0E52B9DE5627} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5BE38A7A-4925-497C-82F3-A330FC280BC4} - System32\Tasks\{949BCCD7-1397-41DE-9EF8-11EE2C0CE563} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5C099198-A578-4EEC-92B4-6417465170A1} - System32\Tasks\{41F9C8B0-D0DD-4377-9D24-69E831D0CF7A} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5C4A49C0-89DE-4238-8F91-64CFBFBAEE53} - System32\Tasks\{BB6E67DE-783D-4A31-8585-E7CAEC52E5AA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {60553E3D-46C1-4E1E-A947-FA9307DD2C8C} - System32\Tasks\{74F988AC-9E60-40C7-8D90-CFECFAEE92E1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {627CECAB-2B8F-4A2E-92B9-B140446FE0EC} - System32\Tasks\{90038331-2672-47E4-99D2-E9ECCB36DC14} => C:\Program Files (x86)\Opera\Opera.exe
Task: {6D6DF3D0-D45F-4F6F-B07C-E1FBBD6FD0B9} - System32\Tasks\{59008250-33FF-402A-82FD-577C388040C8} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {717B3FF7-1A14-47F6-8B46-91A57AD183CA} - System32\Tasks\{1FB7ED02-0BF3-4694-A643-44D549B5C376} => C:\Program Files (x86)\Opera\Opera.exe
Task: {722A80F7-B367-438E-82D6-607B2AAE2AD5} - System32\Tasks\{0D1B66EB-8E6C-4941-A849-C02CAA677C49} => C:\Program Files (x86)\Opera\Opera.exe
Task: {7352E960-C7B0-45FE-A83F-F87B5AA6E651} - System32\Tasks\{5F44ABCA-6526-4396-A179-A30F6651B4A5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {740EE1F2-3BC5-4CD5-B694-A5FE540D3E9E} - System32\Tasks\{F6171EAE-04B0-4030-B64B-4B9DF15D3273} => C:\Program Files (x86)\Opera\Opera.exe
Task: {7461D4F0-EA41-4211-B75D-45216A8E1438} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-23] (Google Inc.)
Task: {76B86268-4206-4908-ADA8-A9FA15A4F610} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: {7A0C2EDE-2AF3-40D3-8E5E-AC91914B9348} - System32\Tasks\{36BD8F26-454A-45A7-98BC-D772130BD6D1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {7CBDBD19-6CA0-43C5-95A3-B5B0B50A01DB} - System32\Tasks\{B117D272-C5AF-4E62-9F8E-DA7E6CE8FF4E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {7EF615A3-395A-4B8F-AF0B-D79B49D3A554} - System32\Tasks\{064550D4-D75D-402D-AB32-91E23A58D5F4} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {821856F1-ED6B-4965-84E5-2519F0D73FB5} - System32\Tasks\{8424C4DF-A4EC-4B5B-814E-60CE8AB30940} => C:\Program Files (x86)\Opera\Opera.exe
Task: {82F5E65C-C34C-4E7A-BA2B-3EC5834D6E13} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-21] (Adobe Systems Incorporated)
Task: {86715FE4-085D-43AB-A67D-906AB668D4A7} - System32\Tasks\{D1BFDBF2-DEA8-4BB9-8474-3A446710C951} => C:\Program Files (x86)\Opera\Opera.exe
Task: {878AA624-33EF-4ADA-BD3A-0D7BEA46656B} - System32\Tasks\{11EE2B2D-9A84-413C-B65A-30FADFE1F4C1} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8A24C11B-1434-4888-BB67-DA4035986E85} - System32\Tasks\{8F6BCC5D-9E79-4A90-A52C-B05FBD3A95EA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {8B9B1B73-C0C4-48B0-A910-7D63871A1890} - System32\Tasks\{CE6A2A80-3982-406F-916F-BF44A1FE93BE} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8C5EA5CA-2168-47C9-A8AD-8D8F8CD43494} - System32\Tasks\{3096790B-F753-40DE-BBBD-C96814C19276} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8D278482-A7C4-4259-B172-CD56F7F3242B} - System32\Tasks\{C307734E-4CEF-40E7-BB76-67E38AFE3245} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {8FB0CF65-18EC-4D9E-84EA-E0C2E70B609A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {9034EE4A-EF7C-4EBC-B8FB-59A0E30DCDCB} - System32\Tasks\{B7D832C7-A1D4-449B-AFB7-35A7D5308265} => C:\Program Files (x86)\Opera\Opera.exe
Task: {9173C9BE-02B5-4B2E-9CDD-85959BAC8FE8} - System32\Tasks\{AA084653-E62A-4321-85C7-E1F14B703E3B} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {92D5F453-D605-4376-BBAF-560DCBF5179E} - System32\Tasks\{08F83017-CD43-415F-BAC5-1B6099D399DE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {9455CECE-75DF-4B1C-8F1C-9D6F22BAF9EE} - System32\Tasks\{1C451F35-6BB4-4E64-9D44-83DA1235BD66} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {97E4E16D-3E9D-4441-B88C-F8DAD136D5AC} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {9B836882-C9AA-46BA-A2BA-B2FBC31A7D1B} - System32\Tasks\{402ED0EB-55E1-49BC-85FF-B611C38007C2} => C:\Program Files (x86)\Opera\Opera.exe
Task: {9DEE72AF-EDDE-4210-860C-D59F8CE425A5} - System32\Tasks\{FEE95010-E0AC-4F29-89EB-CC1D42B7322D} => C:\Program Files (x86)\Opera\Opera.exe
Task: {A5971EB2-865A-4144-B663-DC582061EE03} - System32\Tasks\{2EB349E6-0751-41BC-9F7E-301AC1E05B93} => C:\Program Files (x86)\Opera\Opera.exe
Task: {A6148E12-0291-4995-AF46-E06D84208F64} - System32\Tasks\{CE3CDE01-297E-4503-BDBC-F6BFCA06FC5A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A67DF276-6D87-4B90-9873-2A2EA8FCE1CB} - System32\Tasks\{F14CFAC1-DBF2-4360-95C4-B2F2F9DB35E4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {AA1BFF9B-0E49-4EB7-B267-2C7CB4A2ED1E} - System32\Tasks\{9276B961-43E2-4972-B3AD-25EACD24D008} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B1677E31-93D0-47CC-AC29-7D496732B34B} - System32\Tasks\{6933359E-E599-4364-BEFF-153E2C84ECF1} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B23234F8-1783-4601-B17A-A749DC43B32C} - System32\Tasks\{CF201C0D-902D-45EC-AB8B-441B32C49B96} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B39E32F9-A4EE-4F1C-AD43-1AFF1EC66810} - System32\Tasks\{520D24F2-56D5-4A8F-A89D-4396E1298D0E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B43C1327-9D38-4105-BA3A-C7AC2DC0A854} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {B4CB886A-F99C-4F83-B319-AC5B4339BAFC} - System32\Tasks\{74BC537C-1377-401A-9CBD-EC70A4E00FE6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B4D142B4-4AB8-4B95-912F-FA662BCB5F05} - System32\Tasks\{816E19F8-6746-42E8-825E-C00C9D8CFF94} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B4F576A8-5746-40C0-878D-8D298BD66F25} - System32\Tasks\{15AA7614-5DDE-4F02-8A19-A95EC0A1D51D} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B8266606-848E-4C36-BA78-1D86A62F2B77} - System32\Tasks\{24C3BC9D-CAFC-4292-BD2A-FFCF0B425D08} => C:\Program Files (x86)\Opera\Opera.exe
Task: {BB7D82FD-251B-4EF7-B078-D7DCE617D964} - System32\Tasks\{8FC938EB-7EAF-4A34-BC9D-AE2F5778B1B1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {BE835B87-3BC8-4D2F-98F4-08EA1738769B} - System32\Tasks\{9A921854-22BF-4FF6-917B-1529CCCD96DB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {BF14D3C2-045B-46CA-95BA-E54E71AA5EE8} - System32\Tasks\{FE9E2570-3D08-4423-AFC3-5C7948AE63B6} => C:\Program Files (x86)\Opera\Opera.exe
Task: {CBB4538C-70A1-4630-8661-5D84D95409E7} - System32\Tasks\{7A14CB27-EE0B-47F1-B055-77F01B48DBC9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {CE491649-14B0-4AE2-AF71-9B80E2717EDE} - System32\Tasks\{9A3B38A4-E24C-4CA3-836B-B69E7E5C4A8F} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D3A08372-F9B6-4E87-B367-CF2D04F990A2} - System32\Tasks\{C58F335D-256C-447C-8F92-0D21522B0AE2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D3ABB6D7-9F40-4E4A-B2B6-72AB46A050F7} - System32\Tasks\{83D83B71-6311-4584-B276-FEF554406168} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D51CC9D5-F8A0-48CA-AF21-4E3C1E57E18A} - System32\Tasks\{E3BA121A-6110-46E2-B350-F190E39F142A} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D55EA148-E054-4415-97C3-733D26CAD4E3} - System32\Tasks\{7B2D31C4-B94E-459C-9AB9-7BA5A6885752} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D68AFE80-D806-4B03-8AF8-0D69B8F3266F} - System32\Tasks\{C0804A57-189E-4D52-A8D5-914BE6EC38F9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D9F0C0DA-2D8C-45BC-8EB1-746DAD06A5AA} - System32\Tasks\{178B6CBE-CD97-4A87-A91B-79970D345AA5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {DE9B3A77-0437-4DAC-A2F6-1C4095755D50} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {DF647FC5-023B-433B-A122-FD19ECBBFB86} - System32\Tasks\{6B5908DA-E475-496F-9C03-92B7931F8B4E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E605C0CD-CF58-4517-9803-90D6F64981E6} - System32\Tasks\{CC42283F-627B-42E6-B065-74187AD2AC1E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E6FF23C5-E38B-446E-8E9D-335C6AF909D1} - System32\Tasks\{174B23CD-95AE-408F-A856-1370A9D536E1} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E709A72E-20A0-408C-8C71-C6281C3A9E2C} - System32\Tasks\{A7B59FCB-77B6-43A8-B48C-A4408A63A05C} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E966568A-61B6-46C0-81ED-FD8F48DFB1A5} - System32\Tasks\{3EF7DE06-5206-4DE0-8481-16D004F97BC7} => C:\Program Files (x86)\Opera\Opera.exe
Task: {EA7EC79F-EE05-40AC-A1AA-EF8F38EE1D94} - System32\Tasks\{0E7C6814-82A5-4652-86AF-0257E8E200B0} => C:\Program Files (x86)\Opera\Opera.exe
Task: {ED2C4059-C99A-478E-AFB7-A89311EE1AF3} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files (x86)\ASUS\AASP\1.01.12\AsLoader.exe [2010-01-13] (ASUSTeK Computer Inc.)
Task: {EE65A338-E67D-4F14-B674-5CBA24CD1AF1} - System32\Tasks\{3FE25692-2DF1-4C8A-83BD-5C0938957293} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F20A80F0-766A-4B7F-98DD-6229DA061883} - System32\Tasks\{6ABFC70E-5286-4F62-8D85-3DB5C7E96535} => C:\Program Files (x86)\Opera\Opera.exe
Task: {FAD1D3B7-6A37-47D3-839D-81888361D8DA} - System32\Tasks\{C4DCDE58-2889-4887-A3A8-759819CB3B00} => C:\Program Files (x86)\Opera\Opera.exe
Task: {FBD60A63-97EE-4455-A187-75DD221AC9B9} - System32\Tasks\{B55E87D1-7DD5-45F3-839C-11D9E63BACE7} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FDA4DAEA-5188-46B1-8E30-64BB76D227AC} - System32\Tasks\{EF6CA142-96C0-4D8A-B1B8-DF46DCB79231} => C:\Program Files (x86)\Opera\Opera.exe
Task: {FE7BAC5A-F911-419A-A23E-1A2FA331CB95} - System32\Tasks\{4C1D5CDD-8AE5-4025-923B-71D4C96C9F47} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FFBA2F6D-660A-4E9F-984C-78AD46ACDCD5} - System32\Tasks\{87B307EE-CC62-4781-8900-89C379B24C05} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2009-12-15 16:40 - 2009-12-15 16:40 - 00065536 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
2012-07-10 10:29 - 2014-01-05 20:31 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-03-28 21:30 - 2013-03-28 21:30 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2009-12-15 16:40 - 2009-12-15 16:40 - 00122880 _____ () C:\Windows\SysWOW64\WinMsgBalloonServer.exe
2009-12-15 16:41 - 2009-12-15 16:41 - 00139264 _____ () C:\Windows\SysWOW64\WinMsgBalloonClient.exe
2014-05-01 15:13 - 2014-05-01 15:13 - 00470016 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2012-12-17 17:14 - 2012-12-17 17:14 - 00954848 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
2014-01-21 16:54 - 2014-12-21 21:19 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2014-12-21 21:19 - 2014-12-21 21:19 - 02465272 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.231\deploy\LoLLauncher.exe
2014-12-21 21:20 - 2014-12-21 21:20 - 04214776 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.15\deploy\LoLPatcher.exe
2014-12-21 21:27 - 2014-12-21 21:27 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.123\deploy\LolClient.exe
2014-02-28 10:14 - 2014-02-28 10:14 - 00173568 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-02-27 15:51 - 2014-02-27 15:51 - 01080832 _____ () C:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 15:51 - 2014-02-27 15:51 - 00833024 _____ () C:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-02-28 14:07 - 2014-08-10 11:33 - 00102344 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-02-28 14:07 - 2014-08-10 11:33 - 00108488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-02-27 15:51 - 2014-02-27 15:51 - 00030208 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 15:51 - 2014-02-27 15:51 - 00233984 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-02-28 14:10 - 2014-08-10 11:33 - 00134088 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\appscanner_plugin.dll
2014-02-28 14:10 - 2014-08-10 11:33 - 00563656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-02-28 14:10 - 2014-08-10 11:33 - 00265160 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\lua_plugin.dll
2014-02-28 14:10 - 2014-08-10 11:33 - 00579016 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-02-28 14:10 - 2014-08-10 11:33 - 00029640 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\test_plugin.dll
2014-02-27 15:51 - 2014-02-27 15:51 - 00159232 _____ () C:\Program Files\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2009-12-15 22:44 - 2009-12-15 22:44 - 00516096 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\libxml2.dll
2012-06-14 14:11 - 2009-04-29 13:24 - 00253952 _____ () C:\Program Files (x86)\ASUS\Turbo Key\pngio.dll
2012-06-14 14:11 - 2009-04-29 13:24 - 00208896 _____ () C:\Program Files (x86)\ASUS\Turbo Key\AiNap.dll
2012-06-14 14:11 - 2009-04-29 13:24 - 00008704 _____ () C:\Program Files (x86)\ASUS\Turbo Key\vvc.dll
2014-12-21 21:20 - 2014-12-21 21:20 - 01628152 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.15\deploy\RiotLauncher.dll
2014-05-01 15:15 - 2014-05-01 15:15 - 00463360 _____ () C:\ProgramData\MEGAsync\ShellExtX32.dll
2014-12-21 21:23 - 2014-12-21 21:23 - 04774248 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.123\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2014-12-21 21:23 - 2014-12-21 21:23 - 16032616 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.123\deploy\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
2014-12-23 17:31 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-23 17:31 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-23 17:31 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-23 17:31 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: CGVPNCliService => 2
MSCONFIG\Services: EslWireHelper => 2
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: hshld => 2
MSCONFIG\Services: HssTrayService => 3
MSCONFIG\Services: HssWd => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LBTServ => 3
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: OkayFreedom VPN Starter Service => 2
MSCONFIG\Services: OverwolfUpdaterService => 3
MSCONFIG\Services: RalinkRegistryWriter => 2
MSCONFIG\Services: RalinkRegistryWriter64 => 2
MSCONFIG\Services: RaMediaServer => 2
MSCONFIG\Services: SearchAnonymizer => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer8 => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: Spotify => "C:\Users\Issam276\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Issam276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
========================= Accounts: ==========================
Administrator (S-1-5-21-1925287450-1312797874-627100175-500 - Administrator - Disabled)
Gast (S-1-5-21-1925287450-1312797874-627100175-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-1925287450-1312797874-627100175-1002 - Limited - Enabled)
Issam276 (S-1-5-21-1925287450-1312797874-627100175-1001 - Administrator - Enabled) => C:\Users\Issam276
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
CodeIntegrity Errors:
===================================
Date: 2014-11-30 20:57:24.409
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-11-30 20:57:24.253
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-29 09:37:48.936
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-29 09:37:48.935
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-29 09:37:48.934
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-29 09:37:48.916
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-29 09:37:48.915
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-29 09:37:48.913
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-28 19:42:21.884
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-28 19:42:21.883
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: AMD FX(tm)-4100 Quad-Core Processor
Percentage of memory in use: 37%
Total physical RAM: 8174.12 MB
Available physical RAM: 5123.04 MB
Total Pagefile: 16346.41 MB
Available Pagefile: 12714.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:921.75 GB) (Free:731.9 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B2544B2F)
Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27)
Partition 2: (Active) - (Size=921.7 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
24.12.2014, 17:22
| #6 |
| /// the machine /// TB-Ausbilder | Google Chrome WTSAPI32.dll fehlerhaftESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ --> Google Chrome WTSAPI32.dll fehlerhaft |
|
25.12.2014, 17:54
| #7 |
| | Google Chrome WTSAPI32.dll fehlerhaft Sorry, dass ich davon nicht mehr ausführen konnte, hab leider das Problem, dass der PC direkt einen Bluescreen kriegt wenn der den Desktop nach dem start geladen hat. Der abgesicherte Modus geht jedoch Hier der Link zum Foto davon: hxxp://img5.fotos-hochladen.net/uploads/20141225151755s4j0pyf1ia.jpg Ok hab mir mal über den abgesicherten modus Bluescreenview geholt und hab dann folgendes rausbekommen: Code:
ATTFilter 122514-28392-01.dmp 25.12.2014 15:18:14 DRIVER_IRQL_NOT_LESS_OR_EQUAL 0x000000d1 fffffac8`b9d4b04c 00000000`00000002 00000000`00000000 fffff880`04ae26a2 fwndis64.sys fwndis64.sys+36a2 x64 ntoskrnl.exe+75bc0 C:\Windows\Minidump\122514-28392-01.dmp 4 15 7601 279.552 25.12.2014 15:19:44
Code:
ATTFilter fwndis64.sys fwndis64.sys+36a2 fffff880`04adf000 fffff880`04b58000 0x00079000 0x549958e6 23.12.2014 12:58:30
ntoskrnl.exe ntoskrnl.exe+f20d4 fffff800`0344d000 fffff800`03a32000 0x005e5000 0x531590fb 04.03.2014 09:38:19 Microsoft® Windows® Operating System NT Kernel & System 6.1.7601.18409 (win7sp1_gdr.140303-2144) Microsoft Corporation C:\Windows\system32\ntoskrnl.exe
hal.dll fffff800`03404000 fffff800`0344d000 0x00049000 0x4ce7c669 20.11.2010 14:00:25
kdcom.dll fffff800`00bb5000 fffff800`00bbf000 0x0000a000 0x4d4d8061 05.02.2011 17:52:49
mcupdate_AuthenticAMD.dll fffff880`00c5a000 fffff880`00c67000 0x0000d000 0x4a5bdf65 14.07.2009 02:29:09
PSHED.dll fffff880`00c67000 fffff880`00c7b000 0x00014000 0x4a5be027 14.07.2009 02:32:23 Betriebssystem Microsoft® Windows® Plattformspezifischer Hardwarefehlertreiber 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\PSHED.dll
CLFS.SYS fffff880`00c7b000 fffff880`00cd9000 0x0005e000 0x4a5bc11d 14.07.2009 00:19:57
CI.dll fffff880`00cd9000 fffff880`00d99000 0x000c0000 0x4ce7c944 20.11.2010 14:12:36
Wdf01000.sys fffff880`00ec4000 fffff880`00f86000 0x000c2000 0x51c51641 22.06.2013 04:13:05
WDFLDR.SYS fffff880`00f86000 fffff880`00f96000 0x00010000 0x5010ab70 26.07.2012 03:29:04
ACPI.sys fffff880`00f96000 fffff880`00fed000 0x00057000 0x4ce79294 20.11.2010 10:19:16
WMILIB.SYS fffff880`00fed000 fffff880`00ff6000 0x00009000 0x4a5bc117 14.07.2009 00:19:51
msisadrv.sys fffff880`00ff6000 fffff880`01000000 0x0000a000 0x4a5bc0fe 14.07.2009 00:19:26
pci.sys fffff880`00e00000 fffff880`00e33000 0x00033000 0x4ce7928f 20.11.2010 10:19:11
vdrvroot.sys fffff880`00e33000 fffff880`00e40000 0x0000d000 0x4a5bcadb 14.07.2009 01:01:31
partmgr.sys fffff880`00e40000 fffff880`00e55000 0x00015000 0x4f641bc1 17.03.2012 06:06:09
volmgr.sys fffff880`00e55000 fffff880`00e6a000 0x00015000 0x4ce792a0 20.11.2010 10:19:28
volmgrx.sys fffff880`00d99000 fffff880`00df5000 0x0005c000 0x4ce792eb 20.11.2010 10:20:43
pciide.sys fffff880`00e6a000 fffff880`00e71000 0x00007000 0x4a5bc115 14.07.2009 00:19:49
PCIIDEX.SYS fffff880`00e71000 fffff880`00e81000 0x00010000 0x4a5bc114 14.07.2009 00:19:48
mountmgr.sys fffff880`00e81000 fffff880`00e9b000 0x0001a000 0x4ce79299 20.11.2010 10:19:21
atapi.sys fffff880`00e9b000 fffff880`00ea4000 0x00009000 0x4a5bc113 14.07.2009 00:19:47
ataport.SYS fffff880`00c00000 fffff880`00c2a000 0x0002a000 0x51fef9b5 05.08.2013 02:02:45
amd_sata.sys fffff880`00ea4000 fffff880`00ebc000 0x00018000 0x5077e774 12.10.2012 10:48:36
storport.sys fffff880`0108c000 fffff880`010f0000 0x00064000 0x52f04432 04.02.2014 02:36:50
amd_xata.sys fffff880`010f0000 fffff880`010fe000 0x0000e000 0x5077e777 12.10.2012 10:48:39
amdsata.sys fffff880`010fe000 fffff880`0111c000 0x0001e000 0x4ba2c91d 19.03.2010 01:45:17
amdxata.sys fffff880`0111c000 fffff880`01127000 0x0000b000 0x4ba3a3ca 19.03.2010 17:18:18
fltmgr.sys fffff880`01127000 fffff880`01173000 0x0004c000 0x4ce7929c 20.11.2010 10:19:24
fileinfo.sys fffff880`01173000 fffff880`01187000 0x00014000 0x4a5bc481 14.07.2009 00:34:25
Ntfs.sys fffff880`01254000 fffff880`013fd000 0x001a9000 0x52e1be8a 24.01.2014 02:14:50
msrpc.sys fffff880`01187000 fffff880`011e5000 0x0005e000 0x4ce79334 20.11.2010 10:21:56
ksecdd.sys fffff880`01200000 fffff880`0121b000 0x0001b000 0x5348920e 12.04.2014 02:08:30
cng.sys fffff880`01000000 fffff880`01072000 0x00072000 0x50194fb7 01.08.2012 16:48:07
pcw.sys fffff880`0121b000 fffff880`0122c000 0x00011000 0x4a5bc0ff 14.07.2009 00:19:27
Fs_Rec.sys fffff880`0122c000 fffff880`01236000 0x0000a000 0x4f4eefd2 01.03.2012 04:41:06
ndis.sys fffff880`01486000 fffff880`01578000 0x000f2000 0x5034f6b2 22.08.2012 16:11:46
NETIO.SYS fffff880`01578000 fffff880`015d8000 0x00060000 0x5294760d 26.11.2013 11:21:01
ksecpkg.sys fffff880`01400000 fffff880`0142c000 0x0002c000 0x543c7790 14.10.2014 02:08:32
tcpip.sys fffff880`01601000 fffff880`01800000 0x001ff000 0x533f5bd4 05.04.2014 02:26:44
fwpkclnt.sys fffff880`0142c000 fffff880`01475000 0x00049000 0x533f5b09 05.04.2014 02:23:21
volsnap.sys fffff880`0184c000 fffff880`01898000 0x0004c000 0x4ce792c8 20.11.2010 10:20:08
spldr.sys fffff880`01898000 fffff880`018a0000 0x00008000 0x4a0858bb 11.05.2009 17:56:27
rdyboost.sys fffff880`018a0000 fffff880`018da000 0x0003a000 0x4ce7982e 20.11.2010 10:43:10
mup.sys fffff880`018da000 fffff880`018ec000 0x00012000 0x4a5bc201 14.07.2009 00:23:45
hwpolicy.sys fffff880`018ec000 fffff880`018f5000 0x00009000 0x4ce7927e 20.11.2010 10:18:54
fvevol.sys fffff880`018f5000 fffff880`0192f000 0x0003a000 0x5100a65c 24.01.2013 04:11:24
disk.sys fffff880`0192f000 fffff880`01945000 0x00016000 0x4a5bc11d 14.07.2009 00:19:57
CLASSPNP.SYS fffff880`01945000 fffff880`01975000 0x00030000 0x4ce7929b 20.11.2010 10:19:23
cdrom.sys fffff880`019ab000 fffff880`019d5000 0x0002a000 0x4ce79298 20.11.2010 10:19:20
a2dix64.sys fffff880`019d5000 fffff880`019e4000 0x0000f000 0x5221c6af 31.08.2013 11:34:23
Null.SYS fffff880`019e4000 fffff880`019ed000 0x00009000 0x4a5bc109 14.07.2009 00:19:37
Beep.SYS fffff880`019ed000 fffff880`019f4000 0x00007000 0x4a5bca8d 14.07.2009 01:00:13
vga.sys fffff880`01800000 fffff880`0180e000 0x0000e000 0x4a5bc587 14.07.2009 00:38:47
VIDEOPRT.SYS fffff880`0180e000 fffff880`01833000 0x00025000 0x4a5bc58b 14.07.2009 00:38:51
watchdog.sys fffff880`01833000 fffff880`01843000 0x00010000 0x4a5bc53f 14.07.2009 00:37:35
RDPCDD.sys fffff880`01843000 fffff880`0184c000 0x00009000 0x4a5bce62 14.07.2009 01:16:34
rdpencdd.sys fffff880`019f4000 fffff880`019fd000 0x00009000 0x4a5bce62 14.07.2009 01:16:34
rdprefmp.sys fffff880`01475000 fffff880`0147e000 0x00009000 0x4a5bce63 14.07.2009 01:16:35
Msfs.SYS fffff880`015d8000 fffff880`015e3000 0x0000b000 0x4a5bc113 14.07.2009 00:19:47
Npfs.SYS fffff880`015e3000 fffff880`015f4000 0x00011000 0x4a5bc114 14.07.2009 00:19:48
tdx.sys fffff880`00c2a000 fffff880`00c4c000 0x00022000 0x54616a72 11.11.2014 02:46:26
TDI.SYS fffff880`01236000 fffff880`01243000 0x0000d000 0x4ce7933e 20.11.2010 10:22:06
afd.sys fffff880`03a7c000 fffff880`03b05000 0x00089000 0x5388291c 30.05.2014 07:45:48
netbt.sys fffff880`03b05000 fffff880`03b4a000 0x00045000 0x4ce79386 20.11.2010 10:23:18
ws2ifsl.sys fffff880`03b4a000 fffff880`03b55000 0x0000b000 0x4a5bccf9 14.07.2009 01:10:33
wfplwf.sys fffff880`03b55000 fffff880`03b5e000 0x00009000 0x4a5bccb6 14.07.2009 01:09:26
pacer.sys fffff880`03b5e000 fffff880`03b84000 0x00026000 0x4ce7a862 20.11.2010 11:52:18
anodlwfx.sys fffff880`03b84000 fffff880`03b8d000 0x00009000 0x49b0f680 06.03.2009 11:10:08
vwififlt.sys fffff880`03b8d000 fffff880`03ba3000 0x00016000 0x4a5bcc3a 14.07.2009 01:07:22
hssdrv6.sys fffff880`03ba3000 fffff880`03bbd000 0x0001a000 0x5376cad1 17.05.2014 03:34:57
netbios.sys fffff880`03bbd000 fffff880`03bcc000 0x0000f000 0x4a5bccb6 14.07.2009 01:09:26
serial.sys fffff880`03bcc000 fffff880`03be9000 0x0001d000 0x4a5bcaa8 14.07.2009 01:00:40
wanarp.sys fffff880`03a00000 fffff880`03a1b000 0x0001b000 0x4ce7a874 20.11.2010 11:52:36
termdd.sys fffff880`03a1b000 fffff880`03a2f000 0x00014000 0x4ce7ab0c 20.11.2010 12:03:40
rdbss.sys fffff880`03c27000 fffff880`03c78000 0x00051000 0x4ce79497 20.11.2010 10:27:51
nsiproxy.sys fffff880`03c78000 fffff880`03c84000 0x0000c000 0x4a5bc15e 14.07.2009 00:21:02
mssmbios.sys fffff880`03c84000 fffff880`03c8f000 0x0000b000 0x4a5bc3be 14.07.2009 00:31:10
fwwfp764.sys fffff880`03c8f000 fffff880`03cf7000 0x00068000 0x54995909 23.12.2014 12:59:05
discache.sys fffff880`03cf7000 fffff880`03d06000 0x0000f000 0x4a5bc52e 14.07.2009 00:37:18
dfsc.sys fffff880`03d06000 fffff880`03d24000 0x0001e000 0x4ce79447 20.11.2010 10:26:31
blbdrive.sys fffff880`03d24000 fffff880`03d35000 0x00011000 0x4a5bc4df 14.07.2009 00:35:59
AsUpIO.sys fffff880`03d35000 fffff880`03d3b000 0x00006000 0x4a515fb2 06.07.2009 03:21:38 C:\Windows\system32\drivers\AsUpIO.sys
AsIO.sys fffff880`03d3b000 fffff880`03d41000 0x00006000 0x4c7325fe 24.08.2010 02:53:02 C:\Windows\system32\drivers\AsIO.sys
a2util64.sys fffff880`03d41000 fffff880`03d4b000 0x0000a000 0x537059be 12.05.2014 06:18:54
a2ddax64.sys fffff880`03d4b000 fffff880`03d55000 0x0000a000 0x51396c04 08.03.2013 05:41:40
tunnel.sys fffff880`03d55000 fffff880`03d7b000 0x00026000 0x4ce7a846 20.11.2010 11:51:50
amdppm.sys fffff880`03d7b000 fffff880`03d90000 0x00015000 0x4a5bc0fd 14.07.2009 00:19:25
atikmpag.sys fffff880`042cd000 fffff880`0436b000 0x0009e000 0x52311556 12.09.2013 02:13:58
atikmdag.sys fffff880`1100c000 fffff880`11c8c000 0x00c80000 0x52312203 12.09.2013 03:08:03
dxgkrnl.sys fffff880`11c8c000 fffff880`11d81000 0x000f5000 0x539e411c 16.06.2014 01:58:04
dxgmms1.sys fffff880`11d81000 fffff880`11dc7000 0x00046000 0x5164dc13 10.04.2013 04:27:15
HDAudBus.sys fffff880`11dc7000 fffff880`11deb000 0x00024000 0x4ce7a65e 20.11.2010 11:43:42
Rt64win7.sys fffff880`04852000 fffff880`0492c000 0x000da000 0x521c41ce 27.08.2013 07:06:06
usbohci.sys fffff880`0492c000 fffff880`04937000 0x0000b000 0x52954db5 27.11.2013 02:41:09
USBPORT.SYS fffff880`04937000 fffff880`0498d000 0x00056000 0x52954db7 27.11.2013 02:41:11
usbfilter.sys fffff880`0498d000 fffff880`0499e000 0x00011000 0x503d6ff0 29.08.2012 02:27:12
usbehci.sys fffff880`0499e000 fffff880`049b0000 0x00012000 0x52954db7 27.11.2013 02:41:11
parport.sys fffff880`049b0000 fffff880`049cd000 0x0001d000 0x4a5bcaa8 14.07.2009 01:00:40
ASACPI.sys fffff880`049cd000 fffff880`049d5000 0x00008000 0x4a5e9f11 16.07.2009 04:31:29
serenum.sys fffff880`049d5000 fffff880`049e1000 0x0000c000 0x4a5bcaa1 14.07.2009 01:00:33
wmiacpi.sys fffff880`049e1000 fffff880`049ea000 0x00009000 0x4a5bc3b6 14.07.2009 00:31:02
CompositeBus.sys fffff880`049ea000 fffff880`049fa000 0x00010000 0x4ce7a3ed 20.11.2010 11:33:17
ScreamingBAudio64.sys fffff880`04800000 fffff880`0480e000 0x0000e000 0x4c2ce468 01.07.2010 19:54:32
portcls.sys fffff880`0480e000 fffff880`0484b000 0x0003d000 0x524e1b82 04.10.2013 02:36:02
drmk.sys fffff880`0436b000 fffff880`0438d000 0x00022000 0x524e24fe 04.10.2013 03:16:30
ks.sys fffff880`0438d000 fffff880`043d0000 0x00043000 0x4ce7a3f3 20.11.2010 11:33:23
ksthunk.sys fffff880`0484b000 fffff880`04850200 0x00005200 0x4a5bca93 14.07.2009 01:00:19
AgileVpn.sys fffff880`043d0000 fffff880`043e6000 0x00016000 0x4a5bccf0 14.07.2009 01:10:24
rasl2tp.sys fffff880`04200000 fffff880`04224000 0x00024000 0x4ce7a872 20.11.2010 11:52:34
ndistapi.sys fffff880`11deb000 fffff880`11df7000 0x0000c000 0x4a5bccd8 14.07.2009 01:10:00
ndiswan.sys fffff880`04224000 fffff880`04253000 0x0002f000 0x4ce7a870 20.11.2010 11:52:32
raspppoe.sys fffff880`04253000 fffff880`0426e000 0x0001b000 0x4a5bcce9 14.07.2009 01:10:17
raspptp.sys fffff880`0426e000 fffff880`0428f000 0x00021000 0x4ce7a86f 20.11.2010 11:52:31
rassstp.sys fffff880`0428f000 fffff880`042a9000 0x0001a000 0x4a5bccf1 14.07.2009 01:10:25
taphss6.sys fffff880`042a9000 fffff880`042b7000 0x0000e000 0x5376b077 17.05.2014 01:42:31
kbdclass.sys fffff880`04b58000 fffff880`04b67000 0x0000f000 0x4a5bc116 14.07.2009 00:19:50
mouclass.sys fffff880`04b67000 fffff880`04b76000 0x0000f000 0x4a5bc116 14.07.2009 00:19:50
swenum.sys fffff880`04b76000 fffff880`04b77480 0x00001480 0x4a5bca92 14.07.2009 01:00:18
amdiox64.sys fffff880`04b78000 fffff880`04b8c000 0x00014000 0x4b7d5a21 18.02.2010 16:17:53
umbus.sys fffff880`04b8c000 fffff880`04b9e000 0x00012000 0x4ce7a695 20.11.2010 11:44:37
usbhub.sys fffff880`04b9e000 fffff880`04bf8000 0x0005a000 0x52954dd0 27.11.2013 02:41:36
NDProxy.SYS fffff880`04a00000 fffff880`04a15000 0x00015000 0x4ce7a864 20.11.2010 11:52:20
AtihdW76.sys fffff880`04a15000 fffff880`04a31000 0x0001c000 0x511d60fd 14.02.2013 23:11:09
RTKVHD64.sys fffff880`05c5b000 fffff880`05fe2500 0x00387500 0x5278d8fd 05.11.2013 12:39:41
win32k.sys fffff960`000d0000 fffff960`003f2000 0x00322000 0x00000000
Dxapi.sys fffff880`05fe3000 fffff880`05fef000 0x0000c000 0x4a5bc574 14.07.2009 00:38:28
crashdmp.sys fffff880`05fef000 fffff880`05ffd000 0x0000e000 0x4a5bcabd 14.07.2009 01:01:01
dump_dumpata.sys fffff880`05c00000 fffff880`05c0c000 0x0000c000 0x4a5bc113 14.07.2009 00:19:47
dump_atapi.sys fffff880`05c0c000 fffff880`05c15000 0x00009000 0x4a5bc113 14.07.2009 00:19:47
dump_dumpfve.sys fffff880`05c15000 fffff880`05c28000 0x00013000 0x4a5bc18f 14.07.2009 00:21:51
hidusb.sys fffff880`05c28000 fffff880`05c36000 0x0000e000 0x4ce7a665 20.11.2010 11:43:49
HIDCLASS.SYS fffff880`05c36000 fffff880`05c4f000 0x00019000 0x51d3a2f1 03.07.2013 05:05:05
HIDPARSE.SYS fffff880`05c4f000 fffff880`05c57080 0x00008080 0x51d3a2f0 03.07.2013 05:05:04
USBD.SYS fffff880`05c58000 fffff880`05c59e80 0x00001e80 0x52954daf 27.11.2013 02:41:03
mouhid.sys fffff880`04a31000 fffff880`04a3e000 0x0000d000 0x4a5bca94 14.07.2009 01:00:20
kbdhid.sys fffff880`04a3e000 fffff880`04a4c000 0x0000e000 0x4ce7a3f5 20.11.2010 11:33:25
monitor.sys fffff880`04a4c000 fffff880`04a5a000 0x0000e000 0x4a5bc58c 14.07.2009 00:38:52
TSDDD.dll fffff960`005c0000 fffff960`005ca000 0x0000a000 0x00000000
cdd.dll fffff960`00710000 fffff960`00737000 0x00027000 0x00000000
ATMFD.DLL fffff960`00980000 fffff960`009e1000 0x00061000 0x00000000 Adobe Type Manager Windows NT OpenType/Type 1 Font Driver 5.1 Build 238 Adobe Systems Incorporated C:\Windows\system32\ATMFD.DLL
luafv.sys fffff880`04a5a000 fffff880`04a7d000 0x00023000 0x4a5bc295 14.07.2009 00:26:13
lltdio.sys fffff880`04a7d000 fffff880`04a92000 0x00015000 0x4a5bcc92 14.07.2009 01:08:50
nwifi.sys fffff880`03d90000 fffff880`03de3000 0x00053000 0x4a5bcc3b 14.07.2009 01:07:23
ndisuio.sys fffff880`04a92000 fffff880`04aa5000 0x00013000 0x4ce7a7e0 20.11.2010 11:50:08
rspndr.sys fffff880`04aa5000 fffff880`04abd000 0x00018000 0x4a5bcc92 14.07.2009 01:08:50
HTTP.sys fffff880`07461000 fffff880`0752a000 0x000c9000 0x4ce793ce 20.11.2010 10:24:30
bowser.sys fffff880`0752a000 fffff880`07548000 0x0001e000 0x4d649328 23.02.2011 05:55:04
mpsdrv.sys fffff880`07548000 fffff880`07560000 0x00018000 0x4a5bcc79 14.07.2009 01:08:25
mrxsmb.sys fffff880`07560000 fffff880`0758d000 0x0002d000 0x4db78226 27.04.2011 03:40:38
mrxsmb10.sys fffff880`0758d000 fffff880`075db000 0x0004e000 0x4e17c104 09.07.2011 03:46:28
mrxsmb20.sys fffff880`075db000 fffff880`075ff000 0x00024000 0x4db781e9 27.04.2011 03:39:37
AODDriver2.sys fffff880`07400000 fffff880`07432000 0x00032000 0x4f7d6499 05.04.2012 10:23:37
AODDriver2.sys fffff880`03a2f000 fffff880`03a61000 0x00032000 0x4f8e24b3 18.04.2012 03:19:31
ESLWireACD.sys fffff880`07e36000 fffff880`07ee0000 0x000aa000 0x508119ff 19.10.2012 10:14:39
Code:
ATTFilter ==================================================
Dump File : 122514-28392-01.dmp
Crash Time : 25.12.2014 15:18:14
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x000000d1
Parameter 1 : fffffac8`b9d4b04c
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000000
Parameter 4 : fffff880`04ae26a2
Caused By Driver : fwndis64.sys
Caused By Address : fwndis64.sys+36a2
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+75bc0
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\122514-28392-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 279.552
Dump File Time : 25.12.2014 15:19:44
==================================================
Eset musste ich vorzeitig beenden, als dieser bei ca. 99% an einer leeren Datei hängen blieb Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=167cf204ebe24941b0a714f886f19d1c
# engine=18861
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-06-24 02:26:59
# local_time=2014-06-24 04:26:59 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1292 16777213 100 100 14081 35094441 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 2207 155249869 0 0
# scanned=40374
# found=22
# cleaned=0
# scan_time=446
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir"
sh=37D61F35EF511D7329202EA9E64B34A3A2733621 ft=1 fh=c71c001146429c75 vn="a variant of Win32/Toolbar.CrossRider.H potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-bho.dll.vir"
sh=16B4E7716034DAA8D51DF6933A1487521BAFD576 ft=1 fh=c71c00116f2f2486 vn="probably a variant of Win32/Toolbar.CrossRider.H potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-buttonutil.dll.vir"
sh=13C4E4530579D27AC735D69EB2D02C3143219550 ft=1 fh=4f6371db0a407d38 vn="a variant of Win32/Toolbar.CrossRider.I potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-buttonutil.exe.vir"
sh=0BE9B64B77D6993C208E74AD3EED09045EE1D8F0 ft=1 fh=711bf31f462ed090 vn="a variant of Win64/Toolbar.Crossrider.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-buttonutil64.dll.vir"
sh=A809AC1B09E64A27EC24867BBEF73E1F87F03649 ft=1 fh=4f6371db28b3513d vn="a variant of Win64/Toolbar.Crossrider.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-buttonutil64.exe.vir"
sh=C7180FFA47C505D779731E8DE951C27325483719 ft=1 fh=98f706846ae8387b vn="a variant of Win32/Toolbar.CrossRider.J potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-codedownloader.exe.vir"
sh=CD404C84FB05E5CD7CEE04070B84F96E31A52388 ft=1 fh=9ba1eca12ec55543 vn="a variant of Win32/Toolbar.CrossRider.I potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-helper.exe.vir"
sh=F5FB4CE2BDF7D2EFB02E98E3B5BDA31817E37C48 ft=1 fh=c71c0011cb1ed606 vn="a variant of Win32/SProtector.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MagniPic\assistant.dll.vir"
sh=EDF1A87DEB46CAC58EEFF284F6B253F3A9420587 ft=1 fh=c71c001121b25b01 vn="Win32/AdWare.MultiPlug.N application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MagniPic\iQ5FoM4WlA.dll.vir"
sh=03C058349D803B8A000FD4E20BE2E081176641A6 ft=1 fh=c71c00113f6bc66f vn="Win64/Adware.MultiPlug.A application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MagniPic\iQ5FoM4WlA.x64.dll.vir"
sh=67D59D15A734F2B41373F1CAF8347D199215D42C ft=1 fh=86e026dc2bf78850 vn="a variant of Win32/Mobogenie.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\New_UpdateMoboGenie.exe.vir"
sh=FA1F72CB2B306C4DEB45392C63EB10857682154B ft=1 fh=937c9ad3b66761c3 vn="Win32/Packed.ScrambleWrapper.H potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PutLockerDownloader.com\ptlextsetup.exe.vir"
sh=4269ACDD607F43005F345EA5604026FEBFD17193 ft=1 fh=c71c00117f8f9250 vn="a variant of Win32/AdWare.MultiPlug.K.gen application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\TubeAdBlocker\nnJYt.exe.vir"
sh=E0B8C7584C2F978C46B398FC66E33A30194FA7DF ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhaknhgbchodnaijihojhahebjgdekdb\1.5\Zvgp4Q_FrrLr.js.vir"
sh=748E90CBB284A00D9E9396B9EE387AC5905FF8D1 ft=1 fh=ab95f3a7820679d6 vn="a variant of Win32/Mobogenie.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DaemonProcess.exe.vir"
sh=D0E5E11ACDD3E7AF720794C6AD722169570CA169 ft=1 fh=afc8ab45c959803b vn="a variant of Win32/Mobogenie.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\Mobogenie.exe.vir"
sh=67D59D15A734F2B41373F1CAF8347D199215D42C ft=1 fh=86e026dc2bf78850 vn="a variant of Win32/Mobogenie.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\New_UpdateMoboGenie.exe.vir"
sh=05C3D3349BEA6B6DDD293DB9F60B492CFC90112C ft=1 fh=c23f98680dc9e474 vn="a variant of Win32/Complitly.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Roaming\Complitly\Complitly.dll.vir"
sh=154B5B1384246942A81D2EACA90E36A49FCEAC21 ft=1 fh=ff2f13d3f4dcaba0 vn="a variant of Win32/PredictAd.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Roaming\Complitly\KeepMeUpdated.exe.vir"
sh=124D2DB8310706C1102EB05FD35013EE01B28FC3 ft=1 fh=9e3d2ffc645885da vn="a variant of Win64/Complitly.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Roaming\Complitly\64\Complitly64.dll.vir"
sh=154B5B1384246942A81D2EACA90E36A49FCEAC21 ft=1 fh=ff2f13d3f4dcaba0 vn="a variant of Win32/PredictAd.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Roaming\Complitly\64\KeepMeUpdated.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=167cf204ebe24941b0a714f886f19d1c
# engine=21362
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-02 04:56:32
# local_time=2014-12-02 05:56:32 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 94 153821 156954 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 153860 169169242 0 0
# scanned=354815
# found=104
# cleaned=0
# scan_time=8890
sh=9B28F35A352DE4C5512BC252EBC813DBEB26BC61 ft=1 fh=d37c366403454630 vn="MSIL/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyPC Backup\DEL_MyPC Backup.exe.vir"
sh=C2EC3C4E860FAD724D7A086E6BB3E4701FACAF6D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\background.js.vir"
sh=51866AD7FC44825C2009A915F539C24D44E9F99B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\background.unit.js.vir"
sh=9AC5C4CB8FE1DC5A04042EAAB72096AB2A10CBF2 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\SOAP.js.vir"
sh=891BA5F7795F8C841BD652A2FB6DFE615DED2077 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\lib\config.js.vir"
sh=2E0FDE228693F5433F4104E6679EA3ACAF9074DF ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\lib\context.js.vir"
sh=E3C3DBAF88CEF9B5AB6D0D9006BF153582DA926B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\lib\tinifying.js.vir"
sh=74DC8DA7B53D4836822C0D695FA64A588CF0C5B7 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.min.js.vir"
sh=A7138ECAD617D8E249516239F82F038AEC2C7102 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.translations.js.vir"
sh=CC4C5BB54E8A79425341EC5FA3F76B2D5FA584FE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.unit.js.vir"
sh=01B364112DB8E2852EFA984F97ADC1CF58590A62 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.vars.js.vir"
sh=61BD120563C9011610F822D74ADB3728F6842EBD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\abril.js.vir"
sh=BCC36801E2A4087A4EDE7BD72DA43A9D6572B310 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\amazon.js.vir"
sh=55920C7FB630C966D1CD1807DBE49DD3D7977A16 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\aol.js.vir"
sh=071DADD326560EB569FC2EDD199B57E3DCA733DC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ask.js.vir"
sh=4DF142B28BE3758A2BDC2B7339FE07938255B5AE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\autoscout24.js.vir"
sh=1F382CFFAE0ED064F2A20A0E1CD58561C0CB03BE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\autosottocosto.js.vir"
sh=E40658861F9B0924BC566820C199087AA70A12DD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\baixaki.js.vir"
sh=0B29F17180B65440157142503C7B8FB0AA2C0BAE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\bomnegocio.js.vir"
sh=270D3179983ACB96D36FE0B0F6F90F2F39CD93B6 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\chip.js.vir"
sh=7CA24925C54F35FEC2636310E63B8F9445E398B8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ciao.js.vir"
sh=2805F50D550F54E8320E7CC3F8261011A4B1D708 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\conduit.js.vir"
sh=8AE23C218C8C5C7FDE4ACEC6EC03E2532F93B3D1 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\corriere.js.vir"
sh=3F04F3EF28DCA81FE7035524F4E00266F6A99418 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\craigslist.js.vir"
sh=E4B31A0CBBCB21F765D8E39D6995774769E1D1C5 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\dailymotion.js.vir"
sh=5A6801A81DA721A31FFC89FC1ACB7253435857D9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\default_adapter.js.vir"
sh=B080E7B72E779B4DBB0D9EFF6BA25324AAF6732E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\delta-search.js.vir"
sh=12B0F6486BCD558F1DF654BB43B4BD82C4189982 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\diretta.js.vir"
sh=28DE4A412DAA395D5B72CDC473E69CBAAB6A0629 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ebay.js.vir"
sh=FEE5CDB15AF9B3F80F14E7F4AF03611610FEF53A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ehow.js.vir"
sh=43E70ABC3C2100D2B3E405623A15404D177137BE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\elmundo.js.vir"
sh=0C94AB2CDEFD7AAAFBBBCE8076390756A2060EBE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\elpais.js.vir"
sh=25A6B2263F57114BF9C38998821E72CBA16DEC34 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\facebook.js.vir"
sh=F747128DEB18A507F8D59FACA9A68A1FF3581244 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\foxsports.js.vir"
sh=B2B7D6908BEC80B648B3716AD09D9816E7DE21C9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\friv.js.vir"
sh=44DE2938DEFE8A034DBB19FB905717FABD914478 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\funutilities.js.vir"
sh=A3BF510881F25E55B23943E87C5B47945EDB5733 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\globo.js.vir"
sh=D59A428609E09512F5C524D13046BC4474E43633 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\gmx.js.vir"
sh=16B7B5FD445FCF5E0F7B9743A1CEC1D12EACCF76 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\go.js.vir"
sh=25CEEE5D0F63AFB5AD9D359618746FB3FA925049 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\google.js.vir"
sh=6FE54305ACDF1F37D65F846A09AAF2AE610B52E4 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\gumtree.js.vir"
sh=15F0642FA9891E81FEFB5EA9F8345F5C1E988A09 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\huffingtonpost.js.vir"
sh=EB007BD6CF9DE9D145721AB1B42C4A6A49F3AD26 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ilmeteo.js.vir"
sh=27E667BAE43C7A31330B12FD5B78F1C97DC4DCF2 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\imdb.js.vir"
sh=D8F06AC4F0B4CF4CA4EBDC56B5C6F23D74B1351D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\inbox.js.vir"
sh=5D09C1440CE775837E5F58040E3B3DA5861C7F2D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\indeed.js.vir"
sh=A4E13E1C85F9C090C7A5530AC4D8939F928D2426 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\instagram.js.vir"
sh=8DA76B1679E8AD4F80F08BE4371902E1FB69A04B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\jappy.js.vir"
sh=3AD210DFBC9BB4B90769240B57325E62AA67A0FC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\leboncoin.js.vir"
sh=8BDD182DA8610E6AE7B4DA2CD3A7C8522FE9FDD9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\libero.js.vir"
sh=1E1F26D3E48C3E972C75F8ADA49335B3BFE796CA ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\live.js.vir"
sh=0DA42755F29D7FCC9B02DF1AAE846B28FC83ABEC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\marca.js.vir"
sh=F03C5032CA21A97A475F612044FF910AEA97F98D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mediaset.js.vir"
sh=5E561234265C05C72EDF14FE2A1C8D830F518726 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mercadolivre.js.vir"
sh=3287EDFE107F42BD54464354F7EDD0D5EC1F62BD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\milanuncios.js.vir"
sh=7C16F8FEDEE0D02E5CD2D16384924D1DE7CA85F8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\msn.js.vir"
sh=56FD8F01CBA6F2AC7175247C9E2EA54DA5CBEAB8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mundoanuncio.js.vir"
sh=AAA91E6A3E08FD24A0462853FF90AE67D64A10FB ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\netlog.js.vir"
sh=EA8E9609F9746A6D089057B1ABC2CB5B87ADB56C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\nirvam.js.vir"
sh=6932E76E73E9171D15052538CEC919832B24495A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\okcupid.js.vir"
sh=8E05B6DE79ED0DB5161E08D7C84E44D346A34223 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\olx.js.vir"
sh=717CC4F0E41AC53700E82CE4150428EDCED00F2C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\orange.js.vir"
sh=6FE05930F5495CBDAF254E3A722F298042D59188 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pagesjaunes.js.vir"
sh=27653CA2D9A8C542EA7B30EC1B1D3EDCC8FDA44A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\photobucket.js.vir"
sh=B34BCC1E3592F30FADA8B4783167EFC6FD6B163B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pinterest.js.vir"
sh=B5F8A49604BB9BB9AE06A12B0458AEFA5868A395 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pof.js.vir"
sh=582536F3328D7D253FF3FB556BAA2D86B9D4D17B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\repubblica.js.vir"
sh=77BAC2C1AF3BD54E7F3E4F40624EE936D67BAC1C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\roblox.js.vir"
sh=05B58255C0C2E4D9B28DC1E4C254138D76F25E14 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\segundamano.js.vir"
sh=29C2BD733E33AC33433DF6F180524C931ACD8FB2 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\sfr.js.vir"
sh=003D9DC3AC3B890014F8A9184AC79B41AA02CE5F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\shopping.js.vir"
sh=B3399BAC685AC2DB00C8BF73787722CB37C52F9F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\skyrock.js.vir"
sh=0C8FD62D3A1464E8987BE463BF2ECB09B887397B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\spiegel.js.vir"
sh=273E29401D827883A2841293AB86970DB150211D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\subito.js.vir"
sh=492F666790E7E80B87CD6D7734D65EBF7453C758 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\t-online.js.vir"
sh=6436DF7125F4ECE8773E0EC7695BCE863C94C2BB ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tagged.js.vir"
sh=EF5B3DA829CFA21C8DE4E47B451BA654E1828C9D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\terra.js.vir"
sh=6E4BFE2B03FA0D3BE7747A45508F2891161B5CC9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tiscali.js.vir"
sh=B5A821672054FDADFBA8F67402445E028FF8AD50 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tripadvisor.js.vir"
sh=65F5D2CCE61D4BD156608FBECF0FB967734D83FC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\twitpic.js.vir"
sh=3A85F938570568A286C33D328740BAFC4FB73045 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\twitter.js.vir"
sh=DCD0A0C6E3AA56687A1719F5D364E1763A6E4A81 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\uol.js.vir"
sh=149DA3B16316B14C6297C1C52CF0049180185271 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\v9.js.vir"
sh=FC7BB8C266DCF99268F4235F7983F1F130991DA4 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\virgilio.js.vir"
sh=412A4635278002E8EF719CABC22126417A508FFC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\voila.js.vir"
sh=FC821B9B1DA7646182685D4A70350534A3838E3F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\walmart.js.vir"
sh=BBE95AE4E0F8DC7571869344180B8140F38FC2DC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\weather.js.vir"
sh=010560C39E506B0E2431760D6DFC39ADD61D128E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\web.js.vir"
sh=2A75280C8C5789E6BE74220F53BBBAE04E523E6B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\yahoo.js.vir"
sh=4C69F4B1969C916367D64C9046F480B157C43993 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\yelp.js.vir"
sh=7DCF3B4AB444CB8B66645655E5DB9857870C9DCC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\youtube.js.vir"
sh=4FB0DAB41986A8701720A2C60F898B70CC25F3E0 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\services\bhp.js.vir"
sh=26133A64F47E90C8535CE111BAD8C35C9FA562B0 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\services\favlinks.js.vir"
sh=EBF01B3EC4607AEB707184674F723440272D4EF5 ft=0 fh=0000000000000000 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.1.32.zip.vir"
sh=A703E83DC6447E84E8582B80A3DBF6C03B77D04A ft=0 fh=0000000000000000 vn="Variante von Android/Mobserv.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk.vir"
sh=E85C421E9C435E8C2116E56EC1B2A927BA0092CC ft=1 fh=19660ba49630fd55 vn="Variante von Win64/TrojanDownloader.Agent.F Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\GFilterSvc.exe.vir"
sh=558C365776AD71C812363E30D7880CF564028A06 ft=1 fh=e10f04e359590fdb vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=B9276CCB99D02DF2AB5E3B289230782ACE0901CE ft=0 fh=0000000000000000 vn="JS/GFilter.A Trojaner" ac=I fn="C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\eilgiifgoafnjpmdmdkafdnghcfghkpe\2.1_0\g.js"
sh=6B671BC420C26DD44428397D39B13402CC19BCF9 ft=1 fh=65859fa78065d607 vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\File System\010\t\00\00000000"
sh=6B671BC420C26DD44428397D39B13402CC19BCF9 ft=1 fh=65859fa78065d607 vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\File System\010\t\00\00000001"
sh=FF273D0017363755214FA5CD888C2C2D54721700 ft=1 fh=0089eae0191970f8 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\assembly\GAC\Microsoft.VisualStudio.OLE.Interop\7.1.40304.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.OLE.Interop.dll"
sh=A70EFAB5F2D2D83AD2B7E0304169C73F6D0EC700 ft=1 fh=011924ad9c4ebdbf vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll"
sh=6BF9D715657523581D681EED88C7D864C1DE178B ft=0 fh=0000000000000000 vn="JS/GFilter.A Trojaner" ac=I fn="C:\Windows\Installer\{DCDF7E9A-228E-4B24-95B3-A928C685FD36}\cfgkdnomfdapcmmpoincemjabefgjblljrx"
sh=4F414B59FCABC57B249BCE7AF4E35F0E84143DD2 ft=1 fh=93556752e2e6958d vn="NSIS/TrojanDownloader.Adload.Y Trojaner" ac=I fn="C:\zoek_backup\C_Users_Issam276_Downloads_HDVidCodec.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=167cf204ebe24941b0a714f886f19d1c
# engine=21704
# end=stopped
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-25 04:50:16
# local_time=2014-12-25 05:50:16 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 7719 171156066 0 0
# compatibility_mode_1='Emsisoft Internet Security'
# compatibility_mode=16643 16777214 100 100 6398 220768504 0 0
# scanned=349438
# found=99
# cleaned=0
# scan_time=5639
sh=9B28F35A352DE4C5512BC252EBC813DBEB26BC61 ft=1 fh=d37c366403454630 vn="MSIL/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyPC Backup\DEL_MyPC Backup.exe.vir"
sh=C2EC3C4E860FAD724D7A086E6BB3E4701FACAF6D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\background.js.vir"
sh=51866AD7FC44825C2009A915F539C24D44E9F99B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\background.unit.js.vir"
sh=9AC5C4CB8FE1DC5A04042EAAB72096AB2A10CBF2 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\SOAP.js.vir"
sh=891BA5F7795F8C841BD652A2FB6DFE615DED2077 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\lib\config.js.vir"
sh=2E0FDE228693F5433F4104E6679EA3ACAF9074DF ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\lib\context.js.vir"
sh=E3C3DBAF88CEF9B5AB6D0D9006BF153582DA926B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\lib\tinifying.js.vir"
sh=74DC8DA7B53D4836822C0D695FA64A588CF0C5B7 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.min.js.vir"
sh=A7138ECAD617D8E249516239F82F038AEC2C7102 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.translations.js.vir"
sh=CC4C5BB54E8A79425341EC5FA3F76B2D5FA584FE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.unit.js.vir"
sh=01B364112DB8E2852EFA984F97ADC1CF58590A62 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.vars.js.vir"
sh=61BD120563C9011610F822D74ADB3728F6842EBD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\abril.js.vir"
sh=BCC36801E2A4087A4EDE7BD72DA43A9D6572B310 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\amazon.js.vir"
sh=55920C7FB630C966D1CD1807DBE49DD3D7977A16 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\aol.js.vir"
sh=071DADD326560EB569FC2EDD199B57E3DCA733DC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ask.js.vir"
sh=4DF142B28BE3758A2BDC2B7339FE07938255B5AE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\autoscout24.js.vir"
sh=1F382CFFAE0ED064F2A20A0E1CD58561C0CB03BE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\autosottocosto.js.vir"
sh=E40658861F9B0924BC566820C199087AA70A12DD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\baixaki.js.vir"
sh=0B29F17180B65440157142503C7B8FB0AA2C0BAE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\bomnegocio.js.vir"
sh=270D3179983ACB96D36FE0B0F6F90F2F39CD93B6 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\chip.js.vir"
sh=7CA24925C54F35FEC2636310E63B8F9445E398B8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ciao.js.vir"
sh=2805F50D550F54E8320E7CC3F8261011A4B1D708 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\conduit.js.vir"
sh=8AE23C218C8C5C7FDE4ACEC6EC03E2532F93B3D1 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\corriere.js.vir"
sh=3F04F3EF28DCA81FE7035524F4E00266F6A99418 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\craigslist.js.vir"
sh=E4B31A0CBBCB21F765D8E39D6995774769E1D1C5 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\dailymotion.js.vir"
sh=5A6801A81DA721A31FFC89FC1ACB7253435857D9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\default_adapter.js.vir"
sh=B080E7B72E779B4DBB0D9EFF6BA25324AAF6732E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\delta-search.js.vir"
sh=12B0F6486BCD558F1DF654BB43B4BD82C4189982 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\diretta.js.vir"
sh=28DE4A412DAA395D5B72CDC473E69CBAAB6A0629 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ebay.js.vir"
sh=FEE5CDB15AF9B3F80F14E7F4AF03611610FEF53A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ehow.js.vir"
sh=43E70ABC3C2100D2B3E405623A15404D177137BE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\elmundo.js.vir"
sh=0C94AB2CDEFD7AAAFBBBCE8076390756A2060EBE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\elpais.js.vir"
sh=25A6B2263F57114BF9C38998821E72CBA16DEC34 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\facebook.js.vir"
sh=F747128DEB18A507F8D59FACA9A68A1FF3581244 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\foxsports.js.vir"
sh=B2B7D6908BEC80B648B3716AD09D9816E7DE21C9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\friv.js.vir"
sh=44DE2938DEFE8A034DBB19FB905717FABD914478 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\funutilities.js.vir"
sh=A3BF510881F25E55B23943E87C5B47945EDB5733 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\globo.js.vir"
sh=D59A428609E09512F5C524D13046BC4474E43633 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\gmx.js.vir"
sh=16B7B5FD445FCF5E0F7B9743A1CEC1D12EACCF76 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\go.js.vir"
sh=25CEEE5D0F63AFB5AD9D359618746FB3FA925049 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\google.js.vir"
sh=6FE54305ACDF1F37D65F846A09AAF2AE610B52E4 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\gumtree.js.vir"
sh=15F0642FA9891E81FEFB5EA9F8345F5C1E988A09 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\huffingtonpost.js.vir"
sh=EB007BD6CF9DE9D145721AB1B42C4A6A49F3AD26 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ilmeteo.js.vir"
sh=27E667BAE43C7A31330B12FD5B78F1C97DC4DCF2 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\imdb.js.vir"
sh=D8F06AC4F0B4CF4CA4EBDC56B5C6F23D74B1351D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\inbox.js.vir"
sh=5D09C1440CE775837E5F58040E3B3DA5861C7F2D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\indeed.js.vir"
sh=A4E13E1C85F9C090C7A5530AC4D8939F928D2426 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\instagram.js.vir"
sh=8DA76B1679E8AD4F80F08BE4371902E1FB69A04B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\jappy.js.vir"
sh=3AD210DFBC9BB4B90769240B57325E62AA67A0FC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\leboncoin.js.vir"
sh=8BDD182DA8610E6AE7B4DA2CD3A7C8522FE9FDD9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\libero.js.vir"
sh=1E1F26D3E48C3E972C75F8ADA49335B3BFE796CA ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\live.js.vir"
sh=0DA42755F29D7FCC9B02DF1AAE846B28FC83ABEC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\marca.js.vir"
sh=F03C5032CA21A97A475F612044FF910AEA97F98D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mediaset.js.vir"
sh=5E561234265C05C72EDF14FE2A1C8D830F518726 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mercadolivre.js.vir"
sh=3287EDFE107F42BD54464354F7EDD0D5EC1F62BD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\milanuncios.js.vir"
sh=7C16F8FEDEE0D02E5CD2D16384924D1DE7CA85F8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\msn.js.vir"
sh=56FD8F01CBA6F2AC7175247C9E2EA54DA5CBEAB8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mundoanuncio.js.vir"
sh=AAA91E6A3E08FD24A0462853FF90AE67D64A10FB ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\netlog.js.vir"
sh=EA8E9609F9746A6D089057B1ABC2CB5B87ADB56C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\nirvam.js.vir"
sh=6932E76E73E9171D15052538CEC919832B24495A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\okcupid.js.vir"
sh=8E05B6DE79ED0DB5161E08D7C84E44D346A34223 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\olx.js.vir"
sh=717CC4F0E41AC53700E82CE4150428EDCED00F2C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\orange.js.vir"
sh=6FE05930F5495CBDAF254E3A722F298042D59188 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pagesjaunes.js.vir"
sh=27653CA2D9A8C542EA7B30EC1B1D3EDCC8FDA44A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\photobucket.js.vir"
sh=B34BCC1E3592F30FADA8B4783167EFC6FD6B163B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pinterest.js.vir"
sh=B5F8A49604BB9BB9AE06A12B0458AEFA5868A395 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pof.js.vir"
sh=582536F3328D7D253FF3FB556BAA2D86B9D4D17B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\repubblica.js.vir"
sh=77BAC2C1AF3BD54E7F3E4F40624EE936D67BAC1C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\roblox.js.vir"
sh=05B58255C0C2E4D9B28DC1E4C254138D76F25E14 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\segundamano.js.vir"
sh=29C2BD733E33AC33433DF6F180524C931ACD8FB2 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\sfr.js.vir"
sh=003D9DC3AC3B890014F8A9184AC79B41AA02CE5F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\shopping.js.vir"
sh=B3399BAC685AC2DB00C8BF73787722CB37C52F9F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\skyrock.js.vir"
sh=0C8FD62D3A1464E8987BE463BF2ECB09B887397B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\spiegel.js.vir"
sh=273E29401D827883A2841293AB86970DB150211D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\subito.js.vir"
sh=492F666790E7E80B87CD6D7734D65EBF7453C758 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\t-online.js.vir"
sh=6436DF7125F4ECE8773E0EC7695BCE863C94C2BB ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tagged.js.vir"
sh=EF5B3DA829CFA21C8DE4E47B451BA654E1828C9D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\terra.js.vir"
sh=6E4BFE2B03FA0D3BE7747A45508F2891161B5CC9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tiscali.js.vir"
sh=B5A821672054FDADFBA8F67402445E028FF8AD50 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tripadvisor.js.vir"
sh=65F5D2CCE61D4BD156608FBECF0FB967734D83FC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\twitpic.js.vir"
sh=3A85F938570568A286C33D328740BAFC4FB73045 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\twitter.js.vir"
sh=DCD0A0C6E3AA56687A1719F5D364E1763A6E4A81 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\uol.js.vir"
sh=149DA3B16316B14C6297C1C52CF0049180185271 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\v9.js.vir"
sh=FC7BB8C266DCF99268F4235F7983F1F130991DA4 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\virgilio.js.vir"
sh=412A4635278002E8EF719CABC22126417A508FFC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\voila.js.vir"
sh=FC821B9B1DA7646182685D4A70350534A3838E3F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\walmart.js.vir"
sh=BBE95AE4E0F8DC7571869344180B8140F38FC2DC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\weather.js.vir"
sh=010560C39E506B0E2431760D6DFC39ADD61D128E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\web.js.vir"
sh=2A75280C8C5789E6BE74220F53BBBAE04E523E6B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\yahoo.js.vir"
sh=4C69F4B1969C916367D64C9046F480B157C43993 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\yelp.js.vir"
sh=7DCF3B4AB444CB8B66645655E5DB9857870C9DCC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\youtube.js.vir"
sh=4FB0DAB41986A8701720A2C60F898B70CC25F3E0 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\services\bhp.js.vir"
sh=26133A64F47E90C8535CE111BAD8C35C9FA562B0 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\services\favlinks.js.vir"
sh=E85C421E9C435E8C2116E56EC1B2A927BA0092CC ft=1 fh=19660ba49630fd55 vn="Variante von Win64/TrojanDownloader.Agent.F Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\GFilterSvc.exe.vir"
sh=558C365776AD71C812363E30D7880CF564028A06 ft=1 fh=e10f04e359590fdb vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=B9276CCB99D02DF2AB5E3B289230782ACE0901CE ft=0 fh=0000000000000000 vn="JS/GFilter.A Trojaner" ac=I fn="C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\eilgiifgoafnjpmdmdkafdnghcfghkpe\2.1_0\g.js"
sh=FF273D0017363755214FA5CD888C2C2D54721700 ft=1 fh=0089eae0191970f8 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\assembly\GAC\Microsoft.VisualStudio.OLE.Interop\7.1.40304.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.OLE.Interop.dll"
sh=4F414B59FCABC57B249BCE7AF4E35F0E84143DD2 ft=1 fh=93556752e2e6958d vn="NSIS/TrojanDownloader.Adload.Y Trojaner" ac=I fn="C:\zoek_backup\C_Users_Issam276_Downloads_HDVidCodec.exe.vir"
sh=740982CE3B3E4BD08C1CBD5FC8CFEB982F1D4E05 ft=1 fh=af8c0585c052e303 vn="Win32/InstalleRex.T evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_PROGRA~3_InstallMate\{891AB449-A3D6-BE99-5C72-EBF452F996BF}\_Setupx.dll"
Code:
ATTFilter Results of screen317's Security Check version 0.99.93
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Emsisoft Internet Security
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
JavaFX 2.1.1
Java 8 Update 25
Java version 32-bit out of Date!
Adobe Flash Player 15.0.0.246 Flash Player out of Date!
Adobe Reader XI
Google Chrome (39.0.2171.95)
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
|
|
25.12.2014, 20:40
| #8 |
| | Google Chrome WTSAPI32.dll fehlerhaft FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-12-2014
Ran by Issam276 (administrator) on CROUNTY on 25-12-2014 18:01:12
Running from C:\Users\Issam276\Desktop
Loaded Profile: Issam276 (Available profiles: Issam276 & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7204568 2013-12-28] (Realtek Semiconductor)
HKLM-x32\...\Run: [Turbo Key] => C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe [1874432 2009-11-24] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Cpu Level Up help] => C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe [887936 2009-12-28] ()
HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft internet security\a2guard.exe [4974176 2014-12-25] (Emsisoft GmbH)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Issam276\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-09-15] (AMD)
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Run: [Spotify Web Helper] => C:\Users\Issam276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-12] (Spotify Ltd)
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Run: [GoogleChromeAutoLaunch_0106D596D6B01A359AD12FA4DA46D292] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Policies\system: [EnableLUA] 0
HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30524520 2014-11-27] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1925287450-1312797874-627100175-1001 -> Backup.Old.DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233}
SearchScopes: HKU\S-1-5-21-1925287450-1312797874-627100175-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1925287450-1312797874-627100175-1001 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-flv
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{BF86312B-8016-42B1-B232-8DED504D4B33}: [NameServer] 81.173.194.68,212.117.68.10
FireFox:
========
FF ProfilePath: C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197\searchplugins\yahoo_ff.xml
FF Extension: Adblock Plus - C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-02-22]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF Extension: No Name - C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197\extensions\ascsurfingprotection@iobit.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR HomePage: Default -> https://www.google.de/
CHR StartupUrls: Default -> "https://www.google.de/"
CHR DefaultSearchKeyword: Default -> google.de_
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-12-23]
CHR Extension: (Google Präsentationen) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-01]
CHR Extension: (Google Docs) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-01]
CHR Extension: (Google Drive) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-01]
CHR Extension: (WOT) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-12-23]
CHR Extension: (MEGA) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2014-12-23]
CHR Extension: (YouTube) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-01]
CHR Extension: (Adblock Plus) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-12-23]
CHR Extension: (Google-Suche) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-01]
CHR Extension: (Google Tabellen) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-01]
CHR Extension: (League of Legends(LoL) For New Tab) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\hagfodkdlfpceodghmlnbjafkcdjnifd [2014-12-23]
CHR Extension: (Ghostery) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-12-23]
CHR Extension: (Google Wallet) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-01]
CHR Extension: (Google Mail) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-01]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Internet Security\a2service.exe [4918032 2014-12-25] (Emsisoft GmbH)
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.) [File not signed]
S2 AMD_RAIDXpert; C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [122880 2009-12-15] (AMD) [File not signed]
S4 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [136616 2012-05-10] ()
S2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-08-19] (ASUSTeK Computer Inc.) [File not signed]
S2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-09-25] () [File not signed]
S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-01-05] ()
S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5405456 2014-11-12] (TeamViewer GmbH)
S2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
S4 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [X]
S3 npggsvc; C:\Windows\system32\GameMon.des -service [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT INTERNET SECURITY\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH)
S1 A2DDA; C:\Program Files (x86)\Emsisoft Internet Security\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
S1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Internet Security\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
S1 a2util; C:\Program Files (x86)\Emsisoft Internet Security\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH)
S2 ANIO; C:\Windows\SysWOW64\ANIO.SYS [28205 2003-05-05] (Alpha Networks Inc.) [File not signed]
R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2009-03-06] ()
S2 AODDriver4.2.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [57472 2012-05-10] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
S1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2014-06-29] (The OpenVPN Project)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)
S3 cleanhlp; C:\Program Files (x86)\Emsisoft Internet Security\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
S3 cpuz130; No ImagePath
S3 dump_wmimmc; No ImagePath
S2 ESLWireAC; C:\Windows\system32\drivers\ESLWireACD.sys [160784 2012-12-17] (<Turtle Entertainment>)
S3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)
R3 fwndis; C:\Windows\System32\DRIVERS\fwndis64.sys [491632 2014-12-25] ()
S1 fwwfp; C:\Program Files (x86)\Emsisoft Internet Security\fwwfp764.sys [414424 2014-12-25] ()
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-01] (INCA Internet Co., Ltd.) [File not signed]
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [53760 2012-09-28] (Apple, Inc.) [File not signed]
S3 X6va008; No ImagePath
S3 X6va009; No ImagePath
S3 X6va012; No ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S3 netr28ux; system32\DRIVERS\netr28ux.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-25 17:56 - 2014-12-25 17:57 - 00051169 _____ () C:\Users\Issam276\Desktop\Addition.txt
2014-12-25 17:39 - 2014-12-25 17:39 - 00001892 _____ () C:\Users\Issam276\Desktop\bluescreen.txt
2014-12-25 16:45 - 2014-12-25 16:52 - 125683715 _____ (Realtek Semiconductor Corp.) C:\Users\Issam276\Downloads\64bit_Win7_Win8_Win81_R275.exe
2014-12-25 16:31 - 2014-12-25 16:31 - 00000000 ____D () C:\Windows\LastGood
2014-12-25 16:31 - 2014-08-27 07:10 - 00942808 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-12-25 16:31 - 2014-08-27 07:10 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-12-25 16:29 - 2014-12-25 16:29 - 00581632 ____H (radio42) C:\Users\Issam276\Downloads\Bass.Net.dll
2014-12-25 16:29 - 2014-12-25 16:29 - 00105528 ____H (Un4seen Developments) C:\Users\Issam276\Downloads\Bass.dll
2014-12-25 16:24 - 2014-12-25 16:24 - 03123224 _____ (Easeware ) C:\Users\Issam276\Downloads\DriverEasy_480_Setup.exe
2014-12-25 16:24 - 2014-12-25 16:24 - 00000933 _____ () C:\Users\Public\Desktop\DriverEasy.lnk
2014-12-25 16:24 - 2014-12-25 16:24 - 00000412 _____ () C:\Windows\Tasks\DriverEasy Scheduled Scan.job
2014-12-25 16:24 - 2014-12-25 16:24 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Easeware
2014-12-25 16:24 - 2014-12-25 16:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverEasy
2014-12-25 15:41 - 2014-12-25 15:41 - 02347384 _____ (ESET) C:\Users\Issam276\Downloads\esetsmartinstaller_deu.exe
2014-12-25 15:41 - 2014-12-25 15:41 - 00852505 _____ () C:\Users\Issam276\Downloads\SecurityCheck (1).exe
2014-12-25 15:37 - 2014-12-25 15:37 - 00141480 _____ () C:\Users\Issam276\Downloads\bluescreenview_setup.exe
2014-12-25 15:37 - 2014-12-25 15:37 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView
2014-12-25 15:37 - 2014-12-25 15:37 - 00000000 ____D () C:\Program Files (x86)\NirSoft
2014-12-25 15:19 - 2014-12-25 15:19 - 00279552 _____ () C:\Windows\Minidump\122514-28392-01.dmp
2014-12-25 15:17 - 2014-12-25 15:19 - 461110785 _____ () C:\Windows\MEMORY.DMP
2014-12-25 15:17 - 2014-12-25 15:17 - 00275424 _____ () C:\Windows\Minidump\122514-32401-01.dmp
2014-12-23 21:20 - 2014-12-24 01:08 - 00000000 ____D () C:\Users\Issam276\Desktop\lelel3
2014-12-23 17:31 - 2014-12-23 17:31 - 00002253 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-23 17:31 - 2014-12-23 17:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-23 17:30 - 2014-12-25 15:18 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-23 17:30 - 2014-12-25 03:35 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-23 17:30 - 2014-12-23 17:30 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-12-23 17:30 - 2014-12-23 17:30 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-12-23 17:24 - 2014-12-23 17:25 - 00880784 _____ (Google Inc.) C:\Users\Issam276\Downloads\ChromeSetup.exe
2014-12-23 17:22 - 2014-12-23 17:22 - 00000698 _____ () C:\Users\Issam276\Desktop\JRT.txt
2014-12-23 17:13 - 2014-12-23 17:13 - 00000000 ____D () C:\Windows\ERUNT
2014-12-23 17:12 - 2014-12-23 17:12 - 01707646 _____ (Thisisu) C:\Users\Issam276\Downloads\JRT.exe
2014-12-23 17:04 - 2014-12-23 17:03 - 02173952 _____ () C:\Users\Issam276\Desktop\AdwCleaner_4.106.exe
2014-12-23 17:03 - 2014-12-23 17:03 - 02173952 _____ () C:\Users\Issam276\Downloads\AdwCleaner_4.106.exe
2014-12-22 00:00 - 2014-12-22 00:00 - 00167296 _____ (Gibson Research Corp.) C:\Users\Issam276\Downloads\DNSBench.exe
2014-12-21 21:19 - 2014-12-21 21:19 - 00001613 _____ () C:\Users\Public\Desktop\League of Legends.lnk
2014-12-21 21:19 - 2014-12-21 21:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-12-21 21:13 - 2014-12-21 21:13 - 30668968 _____ (Riot Games) C:\Users\Issam276\Downloads\LeagueofLegends_EUW_Installer_9_15_2014.exe
2014-12-21 16:19 - 2014-12-21 16:18 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-21 16:16 - 2014-12-21 16:16 - 00638376 _____ (Oracle Corporation) C:\Users\Issam276\Downloads\jre-8u25-windows-i586-iftw.exe
2014-12-21 16:10 - 2014-12-21 16:10 - 00852505 _____ () C:\Users\Issam276\Downloads\SecurityCheck.exe
2014-12-21 14:36 - 2014-12-25 18:01 - 00018049 _____ () C:\Users\Issam276\Desktop\FRST.txt
2014-12-21 04:09 - 2014-12-21 04:09 - 05073240 _____ (Microsoft Corporation) C:\Users\Issam276\Downloads\vcredist_x86.exe
2014-12-21 04:00 - 2014-12-25 02:46 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\BoL
2014-12-21 03:56 - 2014-12-21 03:56 - 00000270 _____ () C:\Users\Issam276\Downloads\Relog.zip
2014-12-21 03:54 - 2014-12-21 03:54 - 00000157 _____ () C:\Users\Issam276\Downloads\doGout.rar
2014-12-21 03:52 - 2014-12-23 21:20 - 00000000 ____D () C:\Users\Issam276\Desktop\sadsdasda
2014-12-21 03:51 - 2014-12-21 03:52 - 11539006 _____ () C:\Users\Issam276\Downloads\Bot of Legends.rar
2014-12-21 01:22 - 2014-12-21 01:23 - 00031608 _____ () C:\Users\Issam276\Downloads\mwb_scan.zip
2014-12-21 01:01 - 2014-12-21 01:01 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-12-20 23:44 - 2014-12-20 23:44 - 00001132 _____ () C:\Users\Public\Desktop\Emsisoft Internet Security.lnk
2014-12-20 23:44 - 2014-12-20 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Internet Security
2014-12-20 23:43 - 2014-12-25 16:03 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Internet Security
2014-12-20 23:43 - 2014-12-25 01:05 - 00491632 _____ () C:\Windows\system32\Drivers\fwndis64.sys
2014-12-20 23:42 - 2014-12-20 23:42 - 00001710 _____ () C:\EamClean.log
2014-12-20 23:36 - 2014-12-20 23:36 - 04095448 _____ (BrightFort LLC ) C:\Users\Issam276\Downloads\spywareblastersetup50.exe
2014-12-20 23:36 - 2014-12-20 23:36 - 00448512 _____ (OldTimer Tools) C:\Users\Issam276\Downloads\TFC.exe
2014-12-20 23:36 - 2014-12-20 23:36 - 00448512 _____ (OldTimer Tools) C:\Users\Issam276\Desktop\TFC.exe
2014-12-20 23:10 - 2014-12-20 23:10 - 02122240 _____ (Farbar) C:\Users\Issam276\Downloads\FRST64.exe
2014-12-20 23:10 - 2014-12-20 23:10 - 02122240 _____ (Farbar) C:\Users\Issam276\Desktop\FRST64.exe
2014-12-20 22:48 - 2014-12-20 23:42 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-12-20 22:34 - 2014-12-20 22:34 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-12-20 22:33 - 2008-01-04 13:34 - 00011832 _____ () C:\Windows\SysWOW64\Drivers\AsInsHelp64.sys
2014-12-20 22:33 - 2008-01-04 13:34 - 00010216 _____ () C:\Windows\SysWOW64\Drivers\AsInsHelp32.sys
2014-12-20 22:12 - 2014-12-20 22:12 - 05718872 _____ (Microsoft Corporation) C:\Users\Issam276\Downloads\vcredist_x64 (2).exe
2014-12-20 22:11 - 2014-12-20 22:11 - 05718872 _____ (Microsoft Corporation) C:\Users\Issam276\Downloads\vcredist_x64 (1).exe
2014-12-20 22:08 - 2014-12-20 22:08 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-20 22:07 - 2014-12-20 22:07 - 07190152 _____ (Microsoft Corporation) C:\Users\Issam276\Downloads\vcredist_x64.exe
2014-12-20 21:51 - 2014-12-20 21:51 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-12-20 21:42 - 2014-12-20 21:42 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Issam276\Downloads\revosetup95.exe
2014-12-20 21:42 - 2014-12-20 21:42 - 00001270 _____ () C:\Users\Issam276\Desktop\Revo Uninstaller.lnk
2014-12-20 21:42 - 2014-12-20 21:42 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-12-19 15:53 - 2014-12-19 15:53 - 00000000 ____D () C:\ComboFix
2014-12-13 22:22 - 2014-12-13 22:22 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Blizzard
2014-12-13 22:14 - 2014-12-13 22:22 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-12-13 22:14 - 2014-12-13 22:14 - 00001161 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-12-13 22:14 - 2014-12-13 22:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-12-13 13:17 - 2014-12-13 13:17 - 00000731 _____ () C:\Users\Issam276\mabast suckt.txt
2014-12-12 19:40 - 2014-12-12 19:40 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-12 17:42 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-12 17:42 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-12 17:42 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-12 17:42 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-12 17:42 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-12 17:42 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-12 17:42 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-12 17:42 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-12 17:42 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-12 17:42 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-12 16:26 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-12 16:26 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-12 16:26 - 2014-11-24 23:12 - 17874432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-12 16:26 - 2014-11-24 22:59 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-12 16:26 - 2014-11-24 22:54 - 10921984 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-12 16:26 - 2014-11-24 22:53 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-12 16:26 - 2014-11-24 22:47 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-12 16:26 - 2014-11-24 22:47 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-12 16:26 - 2014-11-24 22:45 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-12 16:26 - 2014-11-24 22:45 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-12-12 16:26 - 2014-11-24 22:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 02157056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-12 16:26 - 2014-11-24 22:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-12-12 16:26 - 2014-11-24 22:43 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-12 16:26 - 2014-11-24 22:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-12 16:26 - 2014-11-24 22:43 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-12-12 16:26 - 2014-11-24 22:42 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-12 16:26 - 2014-11-24 21:44 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-12 16:26 - 2014-11-24 21:41 - 12369920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-12 16:26 - 2014-11-24 21:40 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-12 16:26 - 2014-11-24 21:37 - 09740800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-12 16:26 - 2014-11-24 21:35 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-12 16:26 - 2014-11-24 21:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-12 16:26 - 2014-11-24 21:34 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-12 16:26 - 2014-11-24 21:34 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 01802752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-12 16:26 - 2014-11-24 21:33 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-12-12 16:26 - 2014-11-24 21:32 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-12 16:26 - 2014-11-24 21:32 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-12 16:26 - 2014-11-24 21:32 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-12 16:26 - 2014-11-24 21:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-12 16:26 - 2014-11-24 21:32 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-12 16:26 - 2014-11-24 21:32 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-12-12 16:26 - 2014-11-24 21:32 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-12-12 16:26 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-12 16:26 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-12 16:26 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-12 16:26 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-12 16:26 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-12 16:26 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-12 16:26 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-12 16:26 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-12 16:26 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-12 16:26 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-12 16:26 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-12 16:26 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-12 16:26 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-12 16:26 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-12 16:26 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-12 16:25 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-12 16:25 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-06 18:13 - 2014-12-06 18:13 - 00146183 _____ () C:\Users\Issam276\Downloads\YouTube-Unblocker-056.crx
2014-12-06 17:48 - 2014-12-08 14:45 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-12-06 17:48 - 2014-12-06 17:48 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Yahoo!
2014-12-06 17:43 - 2014-12-06 17:44 - 04998707 _____ () C:\Users\Issam276\Downloads\flvplayer_setup20_25.exe
2014-12-05 17:14 - 2014-12-05 17:14 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\xulrunner
2014-12-05 17:13 - 2014-12-05 17:13 - 10124389 _____ () C:\Users\Issam276\AppData\Roaming\xulrunner.zip
2014-12-04 16:29 - 2014-12-04 16:29 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Secunia PSI
2014-12-03 11:25 - 2014-12-03 11:30 - 441252901 _____ () C:\Users\Issam276\Downloads\League Of Legends.mp4
2014-12-01 21:34 - 2014-12-01 21:34 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Steganos
2014-11-30 23:30 - 2014-11-30 23:30 - 01294848 _____ () C:\Users\Issam276\Desktop\zoek.exe
2014-11-30 22:22 - 2014-12-05 17:28 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-30 21:10 - 2014-11-30 21:10 - 00031862 _____ () C:\ComboFix.txt
2014-11-30 20:47 - 2014-11-30 21:10 - 00000000 ____D () C:\Qoobox
2014-11-30 20:47 - 2014-11-30 21:08 - 00000000 ____D () C:\Windows\erdnt
2014-11-30 20:47 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-30 20:47 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-30 20:47 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-30 20:46 - 2014-12-19 15:52 - 05601641 ____R (Swearware) C:\Users\Issam276\Desktop\ComboFix.exe
2014-11-30 20:14 - 2014-12-25 15:31 - 01001196 _____ () C:\Windows\PFRO.log
2014-11-30 20:14 - 2014-12-25 15:17 - 00007780 _____ () C:\Windows\setupact.log
2014-11-30 20:14 - 2014-11-30 20:14 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-30 19:53 - 2014-11-19 16:25 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-11-30 19:50 - 2014-11-30 19:54 - 00001467 _____ () C:\Windows\SecuniaPackage.log
2014-11-30 19:41 - 2014-11-30 19:41 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-11-30 15:25 - 2014-11-30 15:25 - 00001174 _____ () C:\Users\Issam276\Desktop\Avast Internet Security License File.rar
2014-11-30 01:25 - 2014-11-30 01:25 - 01093536 _____ () C:\Users\Issam276\Documents\cc_20141130_012508.reg
2014-11-29 22:20 - 2014-11-29 22:20 - 00001049 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2014-11-29 18:05 - 2014-11-29 18:05 - 00000000 ____D () C:\Users\Issam276\Documents\Diablo III
2014-11-29 00:10 - 2014-11-29 18:04 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-11-29 00:10 - 2014-11-29 00:10 - 00001162 _____ () C:\Users\Public\Desktop\Diablo III.lnk
2014-11-29 00:10 - 2014-11-29 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2014-11-29 00:03 - 2014-12-16 20:30 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Battle.net
2014-11-29 00:03 - 2014-11-29 00:03 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Battle.net
2014-11-29 00:03 - 2014-11-29 00:03 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Blizzard Entertainment
2014-11-29 00:02 - 2014-12-13 22:14 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-11-29 00:02 - 2014-11-29 00:02 - 00001124 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-11-29 00:02 - 2014-11-29 00:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-25 18:01 - 2014-06-28 19:29 - 00000000 ____D () C:\FRST
2014-12-25 16:59 - 2012-06-15 15:21 - 00000000 ____D () C:\Users\Issam276\Desktop\Alles
2014-12-25 16:43 - 2014-07-04 02:28 - 01546615 _____ () C:\Windows\WindowsUpdate.log
2014-12-25 16:31 - 2012-06-14 13:30 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-12-25 15:19 - 2012-06-15 15:18 - 00000000 ____D () C:\Windows\Minidump
2014-12-25 15:17 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-25 04:30 - 2012-06-14 15:08 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\TS3Client
2014-12-25 04:27 - 2012-06-14 13:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-25 01:03 - 2012-06-29 19:50 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Skype
2014-12-23 23:32 - 2014-11-07 17:57 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Spotify
2014-12-23 19:45 - 2014-09-07 12:39 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-23 17:31 - 2013-02-22 18:07 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-23 17:19 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-23 17:19 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-23 17:10 - 2014-03-03 18:42 - 00000000 ____D () C:\AdwCleaner
2014-12-21 21:19 - 2014-05-11 10:31 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Riot Games
2014-12-21 19:31 - 2012-09-19 17:23 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Facebook
2014-12-21 18:15 - 2012-06-12 10:08 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-21 17:06 - 2011-04-12 08:43 - 00770016 _____ () C:\Windows\system32\perfh007.dat
2014-12-21 17:06 - 2011-04-12 08:43 - 00174334 _____ () C:\Windows\system32\perfc007.dat
2014-12-21 17:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-12-21 17:05 - 2012-09-22 13:39 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\SoftGrid Client
2014-12-21 17:01 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-21 16:51 - 2012-10-03 08:30 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\HpUpdate
2014-12-21 16:51 - 2012-09-25 18:22 - 00000000 ____D () C:\Program Files (x86)\HP
2014-12-21 16:22 - 2013-08-23 11:40 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-21 16:22 - 2012-06-21 17:01 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Adobe
2014-12-21 16:22 - 2012-06-14 13:47 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-21 16:22 - 2012-06-14 13:47 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-21 00:35 - 2014-09-06 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-12-21 00:00 - 2014-11-18 17:48 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\TERA
2014-12-20 23:42 - 2014-06-29 19:05 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-12-20 22:46 - 2013-07-10 17:40 - 00000000 ____D () C:\Users\DefaultAppPool
2014-12-20 22:33 - 2012-06-14 14:10 - 00000000 ____D () C:\Windows\System32\Tasks\ASUS
2014-12-20 22:33 - 2012-06-14 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-12-20 22:33 - 2012-06-14 14:09 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-12-20 22:24 - 2013-02-01 21:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee
2014-12-20 22:21 - 2012-09-02 16:31 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-20 22:17 - 2012-09-14 17:26 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Unity
2014-12-20 21:59 - 2012-06-22 13:27 - 00000000 ____D () C:\Program Files (x86)\D-Link
2014-12-20 21:50 - 2012-06-14 13:52 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\InfraRecorder
2014-12-18 22:16 - 2013-04-27 07:45 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Spotify
2014-12-15 16:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-13 14:36 - 2013-02-02 10:54 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-13 14:36 - 2012-06-29 19:50 - 00000000 ____D () C:\ProgramData\Skype
2014-12-13 13:17 - 2012-06-14 12:17 - 00000000 ____D () C:\Users\Issam276
2014-12-12 19:40 - 2014-05-06 19:56 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-12 19:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-12 17:50 - 2013-08-21 23:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-12 17:43 - 2012-06-17 14:06 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-12 17:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-06 17:40 - 2014-08-10 06:44 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Windows Live
2014-12-05 17:28 - 2014-06-28 16:36 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-05 17:28 - 2014-06-28 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-12-05 17:28 - 2014-06-28 16:36 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-12-01 21:50 - 2012-12-08 09:39 - 00066256 _____ () C:\Users\Issam276\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-01 21:48 - 2012-12-08 09:38 - 04913880 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-01 21:47 - 2012-09-25 18:21 - 00006178 _____ () C:\ProgramData\hpzinstall.log
2014-12-01 21:38 - 2012-09-25 18:21 - 00000000 ____D () C:\ProgramData\HP
2014-12-01 21:33 - 2013-02-22 16:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-01 00:13 - 2014-02-11 12:15 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Comodo
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-12-01 00:08 - 2014-02-14 17:14 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-12-01 00:08 - 2014-02-14 17:14 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-12-01 00:08 - 2013-06-26 12:08 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-12-01 00:08 - 2012-07-03 17:11 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Google
2014-11-30 23:59 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-11-30 23:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-11-30 22:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PLA
2014-11-30 21:10 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-11-30 21:02 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-11-30 20:13 - 2014-03-03 17:37 - 00000000 ____D () C:\Windows\system32\log
2014-11-30 19:39 - 2012-11-18 14:41 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-30 19:39 - 2012-11-18 14:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-30 19:39 - 2012-06-14 13:52 - 00000000 ____D () C:\Program Files\WinRAR
2014-11-30 19:26 - 2014-08-31 20:00 - 00000000 ___RD () C:\Users\Issam276\Dropbox
2014-11-30 19:17 - 2014-08-31 19:58 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Dropbox
2014-11-30 19:16 - 2014-08-31 20:00 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-30 12:19 - 2014-11-01 20:28 - 00000000 ____D () C:\Users\Issam276\AppData\Local\osu!
2014-11-30 01:24 - 2012-06-27 18:39 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\TeamViewer
2014-11-29 22:20 - 2012-06-14 13:02 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-11-29 10:13 - 2013-01-25 19:07 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\.minecraft
2014-11-27 22:18 - 2009-07-14 06:13 - 01799304 _____ () C:\Windows\system32\PerfStringBackup.INI
Files to move or delete:
====================
C:\Users\Issam276\jagex_cl_oldschool_LIVE.dat
C:\Users\Issam276\jagex_cl_runescape_LIVE.dat
C:\Users\Issam276\random.dat
Some content of TEMP:
====================
C:\Users\Issam276\AppData\Local\Temp\Quarantine.exe
C:\Users\Issam276\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-15 16:36
==================== End Of Log ============================
--- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-12-2014
Ran by Issam276 at 2014-12-25 18:01:33
Running from C:\Users\Issam276\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Emsisoft Internet Security (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Internet Security (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
FW: Emsisoft Internet Security (Disabled) {BD3F5FCA-866B-1E2E-0A68-58900A751EA1}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AI Suite (HKLM-x32\...\{310BC5E2-31AF-49BB-904D-E71EB93645DC}) (Version: 1.06.22 - )
Akamai NetSession Interface (HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{2BFD590F-1D73-3533-E734-FDDAC3746E4A}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM-x32\...\{9C1FAB12-F426-432E-8579-75CAB60C69CF}) (Version: 4.2.0.0594 - Advanced Micro Devices, Inc.)
ANIO Service (HKLM-x32\...\{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}) (Version: - )
Application Profiles (HKLM-x32\...\{4ED980CB-C288-6A80-A3EA-AEECC543058B}) (Version: 2.0.4525.30280 - Advanced Micro Devices, Inc.)
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 7.18.03 - ASUSTeK Computer Inc.)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version: - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Chris-PC Game Booster (HKLM-x32\...\Chris-PC Game Booster_is1) (Version: 2.00 - Chris P.C. srl)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version: - Valve)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
DriverEasy 4.8.0 (HKLM\...\DriverEasy_is1) (Version: 4.8.0.0 - Easeware)
Dropbox (HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
Emsisoft Internet Security (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft Ltd)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
HydraVision (x32 Version: 4.2.216.0 - Advanced Micro Devices, Inc.) Hidden
Java 7 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version: - Valve)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MEGAsync (HKLM-x32\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MTA:SA v1.4.0 (HKLM-x32\...\MTA:SA 1.4) (Version: v1.4.0 - Multi Theft Auto)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version: - )
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
osu! (HKLM-x32\...\{ba6599d0-1e00-4060-a455-55382b1c7008}) (Version: latest - ppy Pty Ltd)
PC Probe II (HKLM-x32\...\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}) (Version: 1.04.92 - ASUSTeK Computer Inc.)
RAIDXpert (HKLM-x32\...\InstallShield_{8B76B8E9-F773-4B75-A08C-120079EB765E}) (Version: 3.2.1540.10 - AMD)
RAIDXpert (x32 Version: 3.2.1540.10 - AMD) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.90.826.2014 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6519 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.35436 Beta - TeamViewer)
Turbo Key (HKLM-x32\...\{B83F7FA5-3191-4E39-A1F2-8A9038BD0B04}) (Version: 1.01.03 - )
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WinSCP 4.3.8 (HKLM-x32\...\winscp3_is1) (Version: 4.3.8 - Martin Prikryl)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{3a022117-d6e3-4fcd-a8a2-d31ed64d8e1e}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
21-12-2014 18:15:32 Revo Uninstaller's restore point - Futuremark SystemInfo
21-12-2014 21:13:15 Revo Uninstaller's restore point - League of Legends
21-12-2014 21:13:34 Removed League of Legends
21-12-2014 21:18:29 Revo Uninstaller's restore point - LOLReplay
21-12-2014 21:18:35 Installed League of Legends
21-12-2014 21:19:13 DirectX wurde installiert
21-12-2014 21:50:17 Revo Uninstaller's restore point - ChrisPC DNS Switch 1.40
22-12-2014 00:22:17 Installed IP Camera Adapter
23-12-2014 17:25:24 Revo Uninstaller's restore point - Google Chrome
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2014-09-27 11:49 - 2014-11-30 21:02 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {002BC456-DB44-4F10-BC5B-16C0AE4B94E5} - System32\Tasks\{35A5A0DE-E4FD-4FCE-A133-406843CE3598} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {00442CFD-6F8A-4E25-B0F7-099CBAF166DD} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {07487D3F-27D3-4242-9986-5805088BC752} - System32\Tasks\{9CD2CBDC-9F17-4183-A776-3C3CDDB91238} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {094AD9FC-9A2A-4434-A267-67318F3AFB3C} - System32\Tasks\{C0BF0233-4710-4F22-B838-C53FD13B197E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {0D5CB102-9F0B-4BEF-9B7C-C8DD85A116EC} - System32\Tasks\{57FA110B-6E92-4EFD-98D9-19C15C00EF98} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {0E945E72-5D2C-4BEE-8169-B44EFAF0C579} - System32\Tasks\{CC321D73-229D-4CDF-9597-05F0B15F5904} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {1B0FF44F-B3B3-4261-9E8C-07E83F04A8CE} - System32\Tasks\{97DA18F4-90B4-45A3-BC74-3C01B81E7603} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {1B9795BE-3E65-435B-A5B7-EE5DED837485} - System32\Tasks\{1DB90D4F-8D72-4AD5-8F36-5C4F0864AD9F} => C:\Program Files (x86)\Opera\Opera.exe
Task: {1D959856-47B4-4D86-A9FD-33900CD35ADF} - System32\Tasks\{D7E5FBB1-D0B1-4F1A-8742-47F989B83816} => C:\Program Files (x86)\Opera\Opera.exe
Task: {1EC122BA-C536-430F-8C35-6F86ECC39FF0} - System32\Tasks\{494A9B35-6058-4C19-A20A-E1DCE48F0786} => C:\Program Files (x86)\Opera\Opera.exe
Task: {217D3CDB-3FEF-4F4E-9156-02BFFFAAE60A} - System32\Tasks\{1CB8B36D-FC19-4546-8C7C-611AF21AD7E1} => pcalua.exe -a C:\ProgramData\Wizard101(DE)\Wizard101.exe -d C:\ProgramData\Wizard101(DE)
Task: {2572CB5E-1A7C-46F1-85B1-B62F4A17C417} - System32\Tasks\{1FBC4539-2901-4DDB-9D2F-862065494E88} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {27618943-30C4-4FBF-94B8-8ACB0A6F7E6D} - System32\Tasks\{0C9C72E9-00D2-49A6-8DF4-DAF367138BD8} => C:\Program Files (x86)\Opera\Opera.exe
Task: {2991A55D-1CD8-403C-B255-0C11A6C837E1} - System32\Tasks\{B261FD97-9C57-4F06-9AD3-4052FA220C1D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2B7A7CE2-981F-42D2-8492-CD5D1AF9E827} - System32\Tasks\{B4F0F2F1-B534-4A0D-9DF2-C38AE4C520E9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2CCD6124-8AE7-461C-BE80-4B62D3002340} - System32\Tasks\{3D7EEA60-2C2B-478A-9723-F829C43AC6E5} => C:\Program Files (x86)\Opera\Opera.exe
Task: {2CF1D8CF-0EA9-458A-85A8-561D147B6135} - System32\Tasks\{0B628F86-550A-486F-B114-58C62871B721} => C:\Program Files (x86)\Opera\Opera.exe
Task: {310CC0F8-C247-4599-ACFC-F3CD766E6AD5} - System32\Tasks\{FB8C4083-EF27-4416-85FA-D471CEDE5FB4} => C:\Program Files (x86)\Opera\Opera.exe
Task: {38FF6FD9-3BC6-4F09-959F-F2205181E561} - System32\Tasks\ASUS\Cpu Level Up Hook Lanunch => C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHookLaunch.exe [2009-12-28] ()
Task: {3B272214-852C-4330-841F-3F9FF4F9CB96} - System32\Tasks\{2B6CE963-FF84-494C-A826-01D80631B926} => C:\Program Files (x86)\Opera\Opera.exe
Task: {4D020374-93EC-4337-92A7-F01F2B25AB76} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-23] (Google Inc.)
Task: {517D8EB9-77F1-497E-834A-D1FA240CE073} - System32\Tasks\{027A1301-659D-4B41-8A7F-040B74EBA95D} => C:\Program Files (x86)\Opera\Opera.exe
Task: {518389D1-8CCD-4B86-8F41-B077F9C9C618} - System32\Tasks\{EDDBD687-D415-4B69-927A-02931F7F1AAE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {51BFF5FC-5BC5-4DEE-9099-827B8BFB3632} - System32\Tasks\{8383930E-67E3-4379-A09D-4E59914B6389} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5244B6B7-C2C2-416A-8955-6F2586705863} - System32\Tasks\{54F5669B-1BD5-4394-89D5-A6EFBA584ACD} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5250B132-6E5B-47AC-BB16-E9815CC9A9C0} - System32\Tasks\{CAF62C3C-79A4-4066-B1CD-4E0DF30564F9} => pcalua.exe -a "C:\Program Files (x86)\Hotspot Shield\bin\HssInstaller.exe" -d "C:\Program Files (x86)\Hotspot Shield\bin"
Task: {52E12DE9-93B7-4E4B-85D1-DD2EDCEBE48A} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
Task: {562A50BF-2E54-45F4-9077-473F7A049562} - System32\Tasks\{6310026B-3E16-4E78-998C-7F30496D8899} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {571A9041-6AA5-4836-BA2B-534C9EB85DCE} - System32\Tasks\{D319D8AB-8433-493A-84FA-D1698EDEAFCE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {577E3FA9-79BA-4694-AE4C-9B609E38C0E9} - System32\Tasks\{DE38B5D4-C035-40D9-848C-B966145964A9} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5AEBC49C-BCC7-4EC1-8951-9B299633E773} - System32\Tasks\{9E9AC548-DCCB-4B5B-9EDB-0E52B9DE5627} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5BE38A7A-4925-497C-82F3-A330FC280BC4} - System32\Tasks\{949BCCD7-1397-41DE-9EF8-11EE2C0CE563} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5C099198-A578-4EEC-92B4-6417465170A1} - System32\Tasks\{41F9C8B0-D0DD-4377-9D24-69E831D0CF7A} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5C4A49C0-89DE-4238-8F91-64CFBFBAEE53} - System32\Tasks\{BB6E67DE-783D-4A31-8585-E7CAEC52E5AA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {60553E3D-46C1-4E1E-A947-FA9307DD2C8C} - System32\Tasks\{74F988AC-9E60-40C7-8D90-CFECFAEE92E1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {627CECAB-2B8F-4A2E-92B9-B140446FE0EC} - System32\Tasks\{90038331-2672-47E4-99D2-E9ECCB36DC14} => C:\Program Files (x86)\Opera\Opera.exe
Task: {6D6DF3D0-D45F-4F6F-B07C-E1FBBD6FD0B9} - System32\Tasks\{59008250-33FF-402A-82FD-577C388040C8} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {717B3FF7-1A14-47F6-8B46-91A57AD183CA} - System32\Tasks\{1FB7ED02-0BF3-4694-A643-44D549B5C376} => C:\Program Files (x86)\Opera\Opera.exe
Task: {722A80F7-B367-438E-82D6-607B2AAE2AD5} - System32\Tasks\{0D1B66EB-8E6C-4941-A849-C02CAA677C49} => C:\Program Files (x86)\Opera\Opera.exe
Task: {7352E960-C7B0-45FE-A83F-F87B5AA6E651} - System32\Tasks\{5F44ABCA-6526-4396-A179-A30F6651B4A5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {740EE1F2-3BC5-4CD5-B694-A5FE540D3E9E} - System32\Tasks\{F6171EAE-04B0-4030-B64B-4B9DF15D3273} => C:\Program Files (x86)\Opera\Opera.exe
Task: {7461D4F0-EA41-4211-B75D-45216A8E1438} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-23] (Google Inc.)
Task: {76B86268-4206-4908-ADA8-A9FA15A4F610} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: {7A0C2EDE-2AF3-40D3-8E5E-AC91914B9348} - System32\Tasks\{36BD8F26-454A-45A7-98BC-D772130BD6D1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {7CBDBD19-6CA0-43C5-95A3-B5B0B50A01DB} - System32\Tasks\{B117D272-C5AF-4E62-9F8E-DA7E6CE8FF4E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {7EF615A3-395A-4B8F-AF0B-D79B49D3A554} - System32\Tasks\{064550D4-D75D-402D-AB32-91E23A58D5F4} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {821856F1-ED6B-4965-84E5-2519F0D73FB5} - System32\Tasks\{8424C4DF-A4EC-4B5B-814E-60CE8AB30940} => C:\Program Files (x86)\Opera\Opera.exe
Task: {82F5E65C-C34C-4E7A-BA2B-3EC5834D6E13} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-21] (Adobe Systems Incorporated)
Task: {86715FE4-085D-43AB-A67D-906AB668D4A7} - System32\Tasks\{D1BFDBF2-DEA8-4BB9-8474-3A446710C951} => C:\Program Files (x86)\Opera\Opera.exe
Task: {878AA624-33EF-4ADA-BD3A-0D7BEA46656B} - System32\Tasks\{11EE2B2D-9A84-413C-B65A-30FADFE1F4C1} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8A24C11B-1434-4888-BB67-DA4035986E85} - System32\Tasks\{8F6BCC5D-9E79-4A90-A52C-B05FBD3A95EA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {8B9B1B73-C0C4-48B0-A910-7D63871A1890} - System32\Tasks\{CE6A2A80-3982-406F-916F-BF44A1FE93BE} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8C5EA5CA-2168-47C9-A8AD-8D8F8CD43494} - System32\Tasks\{3096790B-F753-40DE-BBBD-C96814C19276} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8D278482-A7C4-4259-B172-CD56F7F3242B} - System32\Tasks\{C307734E-4CEF-40E7-BB76-67E38AFE3245} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {8FB0CF65-18EC-4D9E-84EA-E0C2E70B609A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {9034EE4A-EF7C-4EBC-B8FB-59A0E30DCDCB} - System32\Tasks\{B7D832C7-A1D4-449B-AFB7-35A7D5308265} => C:\Program Files (x86)\Opera\Opera.exe
Task: {9173C9BE-02B5-4B2E-9CDD-85959BAC8FE8} - System32\Tasks\{AA084653-E62A-4321-85C7-E1F14B703E3B} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {92D5F453-D605-4376-BBAF-560DCBF5179E} - System32\Tasks\{08F83017-CD43-415F-BAC5-1B6099D399DE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {9455CECE-75DF-4B1C-8F1C-9D6F22BAF9EE} - System32\Tasks\{1C451F35-6BB4-4E64-9D44-83DA1235BD66} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {97E4E16D-3E9D-4441-B88C-F8DAD136D5AC} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {9B836882-C9AA-46BA-A2BA-B2FBC31A7D1B} - System32\Tasks\{402ED0EB-55E1-49BC-85FF-B611C38007C2} => C:\Program Files (x86)\Opera\Opera.exe
Task: {9DEE72AF-EDDE-4210-860C-D59F8CE425A5} - System32\Tasks\{FEE95010-E0AC-4F29-89EB-CC1D42B7322D} => C:\Program Files (x86)\Opera\Opera.exe
Task: {A5971EB2-865A-4144-B663-DC582061EE03} - System32\Tasks\{2EB349E6-0751-41BC-9F7E-301AC1E05B93} => C:\Program Files (x86)\Opera\Opera.exe
Task: {A6148E12-0291-4995-AF46-E06D84208F64} - System32\Tasks\{CE3CDE01-297E-4503-BDBC-F6BFCA06FC5A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A67DF276-6D87-4B90-9873-2A2EA8FCE1CB} - System32\Tasks\{F14CFAC1-DBF2-4360-95C4-B2F2F9DB35E4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {AA1BFF9B-0E49-4EB7-B267-2C7CB4A2ED1E} - System32\Tasks\{9276B961-43E2-4972-B3AD-25EACD24D008} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B1677E31-93D0-47CC-AC29-7D496732B34B} - System32\Tasks\{6933359E-E599-4364-BEFF-153E2C84ECF1} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B23234F8-1783-4601-B17A-A749DC43B32C} - System32\Tasks\{CF201C0D-902D-45EC-AB8B-441B32C49B96} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B39E32F9-A4EE-4F1C-AD43-1AFF1EC66810} - System32\Tasks\{520D24F2-56D5-4A8F-A89D-4396E1298D0E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B43C1327-9D38-4105-BA3A-C7AC2DC0A854} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {B4CB886A-F99C-4F83-B319-AC5B4339BAFC} - System32\Tasks\{74BC537C-1377-401A-9CBD-EC70A4E00FE6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B4D142B4-4AB8-4B95-912F-FA662BCB5F05} - System32\Tasks\{816E19F8-6746-42E8-825E-C00C9D8CFF94} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B4F576A8-5746-40C0-878D-8D298BD66F25} - System32\Tasks\{15AA7614-5DDE-4F02-8A19-A95EC0A1D51D} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B8266606-848E-4C36-BA78-1D86A62F2B77} - System32\Tasks\{24C3BC9D-CAFC-4292-BD2A-FFCF0B425D08} => C:\Program Files (x86)\Opera\Opera.exe
Task: {BB7D82FD-251B-4EF7-B078-D7DCE617D964} - System32\Tasks\{8FC938EB-7EAF-4A34-BC9D-AE2F5778B1B1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {BE835B87-3BC8-4D2F-98F4-08EA1738769B} - System32\Tasks\{9A921854-22BF-4FF6-917B-1529CCCD96DB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {BF14D3C2-045B-46CA-95BA-E54E71AA5EE8} - System32\Tasks\{FE9E2570-3D08-4423-AFC3-5C7948AE63B6} => C:\Program Files (x86)\Opera\Opera.exe
Task: {CBB4538C-70A1-4630-8661-5D84D95409E7} - System32\Tasks\{7A14CB27-EE0B-47F1-B055-77F01B48DBC9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {CE491649-14B0-4AE2-AF71-9B80E2717EDE} - System32\Tasks\{9A3B38A4-E24C-4CA3-836B-B69E7E5C4A8F} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D3A08372-F9B6-4E87-B367-CF2D04F990A2} - System32\Tasks\{C58F335D-256C-447C-8F92-0D21522B0AE2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D3ABB6D7-9F40-4E4A-B2B6-72AB46A050F7} - System32\Tasks\{83D83B71-6311-4584-B276-FEF554406168} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D51CC9D5-F8A0-48CA-AF21-4E3C1E57E18A} - System32\Tasks\{E3BA121A-6110-46E2-B350-F190E39F142A} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D55EA148-E054-4415-97C3-733D26CAD4E3} - System32\Tasks\{7B2D31C4-B94E-459C-9AB9-7BA5A6885752} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D68AFE80-D806-4B03-8AF8-0D69B8F3266F} - System32\Tasks\{C0804A57-189E-4D52-A8D5-914BE6EC38F9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D9F0C0DA-2D8C-45BC-8EB1-746DAD06A5AA} - System32\Tasks\{178B6CBE-CD97-4A87-A91B-79970D345AA5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {DE9B3A77-0437-4DAC-A2F6-1C4095755D50} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {DF647FC5-023B-433B-A122-FD19ECBBFB86} - System32\Tasks\{6B5908DA-E475-496F-9C03-92B7931F8B4E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E605C0CD-CF58-4517-9803-90D6F64981E6} - System32\Tasks\{CC42283F-627B-42E6-B065-74187AD2AC1E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E6FF23C5-E38B-446E-8E9D-335C6AF909D1} - System32\Tasks\{174B23CD-95AE-408F-A856-1370A9D536E1} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E709A72E-20A0-408C-8C71-C6281C3A9E2C} - System32\Tasks\{A7B59FCB-77B6-43A8-B48C-A4408A63A05C} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E966568A-61B6-46C0-81ED-FD8F48DFB1A5} - System32\Tasks\{3EF7DE06-5206-4DE0-8481-16D004F97BC7} => C:\Program Files (x86)\Opera\Opera.exe
Task: {EA7EC79F-EE05-40AC-A1AA-EF8F38EE1D94} - System32\Tasks\{0E7C6814-82A5-4652-86AF-0257E8E200B0} => C:\Program Files (x86)\Opera\Opera.exe
Task: {ED2C4059-C99A-478E-AFB7-A89311EE1AF3} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files (x86)\ASUS\AASP\1.01.12\AsLoader.exe [2010-01-13] (ASUSTeK Computer Inc.)
Task: {EE65A338-E67D-4F14-B674-5CBA24CD1AF1} - System32\Tasks\{3FE25692-2DF1-4C8A-83BD-5C0938957293} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F20A80F0-766A-4B7F-98DD-6229DA061883} - System32\Tasks\{6ABFC70E-5286-4F62-8D85-3DB5C7E96535} => C:\Program Files (x86)\Opera\Opera.exe
Task: {FAD1D3B7-6A37-47D3-839D-81888361D8DA} - System32\Tasks\{C4DCDE58-2889-4887-A3A8-759819CB3B00} => C:\Program Files (x86)\Opera\Opera.exe
Task: {FBD60A63-97EE-4455-A187-75DD221AC9B9} - System32\Tasks\{B55E87D1-7DD5-45F3-839C-11D9E63BACE7} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FDA4DAEA-5188-46B1-8E30-64BB76D227AC} - System32\Tasks\{EF6CA142-96C0-4D8A-B1B8-DF46DCB79231} => C:\Program Files (x86)\Opera\Opera.exe
Task: {FE7BAC5A-F911-419A-A23E-1A2FA331CB95} - System32\Tasks\{4C1D5CDD-8AE5-4025-923B-71D4C96C9F47} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FFBA2F6D-660A-4E9F-984C-78AD46ACDCD5} - System32\Tasks\{87B307EE-CC62-4781-8900-89C379B24C05} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-05-01 15:13 - 2014-05-01 15:13 - 00470016 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2012-12-17 17:14 - 2012-12-17 17:14 - 00954848 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
2014-05-01 15:15 - 2014-05-01 15:15 - 00463360 _____ () C:\ProgramData\MEGAsync\ShellExtX32.dll
2014-12-23 17:31 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-23 17:31 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-25 15:38 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-12-25 15:38 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: CGVPNCliService => 2
MSCONFIG\Services: EslWireHelper => 2
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: hshld => 2
MSCONFIG\Services: HssTrayService => 3
MSCONFIG\Services: HssWd => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LBTServ => 3
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: OkayFreedom VPN Starter Service => 2
MSCONFIG\Services: OverwolfUpdaterService => 3
MSCONFIG\Services: RalinkRegistryWriter => 2
MSCONFIG\Services: RalinkRegistryWriter64 => 2
MSCONFIG\Services: RaMediaServer => 2
MSCONFIG\Services: SearchAnonymizer => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer8 => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
MSCONFIG\startupreg: Spotify => "C:\Users\Issam276\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Issam276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent
========================= Accounts: ==========================
Administrator (S-1-5-21-1925287450-1312797874-627100175-500 - Administrator - Disabled)
Gast (S-1-5-21-1925287450-1312797874-627100175-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-1925287450-1312797874-627100175-1002 - Limited - Enabled)
Issam276 (S-1-5-21-1925287450-1312797874-627100175-1001 - Administrator - Enabled) => C:\Users\Issam276
==================== Faulty Device Manager Devices =============
Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/25/2014 05:51:58 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (12/25/2014 04:44:02 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\wbem\wmiprvse.exe; Beschreibung = Installed AMD PCI IDE Controller.zip by DriverEasy; Fehler = 0x8007043c).
Error: (12/25/2014 04:35:05 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (12/25/2014 04:31:09 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Users\Issam276\AppData\Local\Temp\Rar$EXa0.743\Install_Win7_7090_11252014\setup.exe ; Beschreibung = Installiert Realtek Ethernet Controller Driver; Fehler = 0x8007043c).
Error: (12/25/2014 03:32:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/25/2014 03:21:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/25/2014 01:06:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: a2service.exe, Version: 9.0.0.4783, Zeitstempel: 0x5474cf54
Name des fehlerhaften Moduls: fw32.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x54694215
Ausnahmecode: 0xc0000005
Fehleroffset: 0x72bc477d
ID des fehlerhaften Prozesses: 0x434
Startzeit der fehlerhaften Anwendung: 0xa2service.exe0
Pfad der fehlerhaften Anwendung: a2service.exe1
Pfad des fehlerhaften Moduls: a2service.exe2
Berichtskennung: a2service.exe3
Error: (12/23/2014 09:20:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BoL Studio.exe, Version: 0.0.0.0, Zeitstempel: 0x53ebcd62
Name des fehlerhaften Moduls: BoL Studio.exe, Version: 0.0.0.0, Zeitstempel: 0x53ebcd62
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000cf4f
ID des fehlerhaften Prozesses: 0x1678
Startzeit der fehlerhaften Anwendung: 0xBoL Studio.exe0
Pfad der fehlerhaften Anwendung: BoL Studio.exe1
Pfad des fehlerhaften Moduls: BoL Studio.exe2
Berichtskennung: BoL Studio.exe3
Error: (12/23/2014 07:26:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SpotifyWebHelper.exe, Version: 0.9.15.27, Zeitstempel: 0x54803b75
Name des fehlerhaften Moduls: SpotifyWebHelper.exe, Version: 0.9.15.27, Zeitstempel: 0x54803b75
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00012397
ID des fehlerhaften Prozesses: 0xb70
Startzeit der fehlerhaften Anwendung: 0xSpotifyWebHelper.exe0
Pfad der fehlerhaften Anwendung: SpotifyWebHelper.exe1
Pfad des fehlerhaften Moduls: SpotifyWebHelper.exe2
Berichtskennung: SpotifyWebHelper.exe3
System errors:
=============
Error: (12/25/2014 05:52:21 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084defragsvc{D20A3293-3341-4AE8-9AAF-8E397CB63C34}
Error: (12/25/2014 04:32:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (12/25/2014 04:32:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (12/25/2014 04:32:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (12/25/2014 04:32:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (12/25/2014 04:32:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (12/25/2014 04:32:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (12/25/2014 04:32:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (12/25/2014 04:32:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (12/25/2014 04:32:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Microsoft Office Sessions:
=========================
Error: (12/25/2014 05:51:58 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
Error: (12/25/2014 04:44:02 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\wbem\wmiprvse.exeInstalled AMD PCI IDE Controller.zip by DriverEasy0x8007043c
Error: (12/25/2014 04:35:05 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Issam276\Downloads\esetsmartinstaller_deu.exe
Error: (12/25/2014 04:31:09 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Users\Issam276\AppData\Local\Temp\Rar$EXa0.743\Install_Win7_7090_11252014\setup.exe Installiert Realtek Ethernet Controller Driver0x8007043c
Error: (12/25/2014 03:32:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/25/2014 03:21:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/25/2014 01:06:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: a2service.exe9.0.0.47835474cf54fw32.dll_unloaded0.0.0.054694215c000000572bc477d43401d01ecb15711921C:\Program Files (x86)\Emsisoft Internet Security\a2service.exefw32.dlld459cba0-8bc9-11e4-bc70-5404a612ad7a
Error: (12/23/2014 09:20:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: BoL Studio.exe0.0.0.053ebcd62BoL Studio.exe0.0.0.053ebcd62c00004090000cf4f167801d01eedb7174746C:\Users\Issam276\Desktop\sadsdasda\BoL Studio.exeC:\Users\Issam276\Desktop\sadsdasda\BoL Studio.exe11e2d658-8ae1-11e4-bc70-5404a612ad7a
Error: (12/23/2014 07:26:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SpotifyWebHelper.exe0.9.15.2754803b75SpotifyWebHelper.exe0.9.15.2754803b75c000000500012397b7001d01ecb221fced9C:\Users\Issam276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exeC:\Users\Issam276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe41edc2fc-8ad1-11e4-bc70-5404a612ad7a
CodeIntegrity Errors:
===================================
Date: 2014-11-30 20:57:24.409
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-11-30 20:57:24.253
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-06-29 09:37:48.936
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-29 09:37:48.935
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-29 09:37:48.934
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-29 09:37:48.916
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-29 09:37:48.915
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-29 09:37:48.913
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-28 19:42:21.884
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2014-06-28 19:42:21.883
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Memory info ===========================
Processor: AMD FX(tm)-4100 Quad-Core Processor
Percentage of memory in use: 23%
Total physical RAM: 8174.12 MB
Available physical RAM: 6219.1 MB
Total Pagefile: 16346.41 MB
Available Pagefile: 14682.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:921.75 GB) (Free:734.52 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B2544B2F)
Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27)
Partition 2: (Active) - (Size=921.7 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Code:
ATTFilter fwndis64.sys fwndis64.sys+3b2a fffff880`02c00000 fffff880`02c79000 0x00079000 0x549958e6 23.12.2014 12:58:30
ntoskrnl.exe ntoskrnl.exe+f20d4 fffff800`0340e000 fffff800`039f3000 0x005e5000 0x531590fb 04.03.2014 09:38:19 Microsoft® Windows® Operating System NT Kernel & System 6.1.7601.18409 (win7sp1_gdr.140303-2144) Microsoft Corporation C:\Windows\system32\ntoskrnl.exe
hal.dll fffff800`039f3000 fffff800`03a3c000 0x00049000 0x4ce7c669 20.11.2010 14:00:25
kdcom.dll fffff800`00bb3000 fffff800`00bbd000 0x0000a000 0x4d4d8061 05.02.2011 17:52:49
mcupdate_AuthenticAMD.dll fffff880`00c75000 fffff880`00c82000 0x0000d000 0x4a5bdf65 14.07.2009 02:29:09
PSHED.dll fffff880`00c82000 fffff880`00c96000 0x00014000 0x4a5be027 14.07.2009 02:32:23 Betriebssystem Microsoft® Windows® Plattformspezifischer Hardwarefehlertreiber 6.1.7600.16385 (win7_rtm.090713-1255) Microsoft Corporation C:\Windows\system32\PSHED.dll
CLFS.SYS fffff880`00c96000 fffff880`00cf4000 0x0005e000 0x4a5bc11d 14.07.2009 00:19:57
CI.dll fffff880`00cf4000 fffff880`00db4000 0x000c0000 0x4ce7c944 20.11.2010 14:12:36
Wdf01000.sys fffff880`00e05000 fffff880`00ec7000 0x000c2000 0x51c51641 22.06.2013 04:13:05
WDFLDR.SYS fffff880`00ec7000 fffff880`00ed7000 0x00010000 0x5010ab70 26.07.2012 03:29:04
ACPI.sys fffff880`00ed7000 fffff880`00f2e000 0x00057000 0x4ce79294 20.11.2010 10:19:16
WMILIB.SYS fffff880`00f2e000 fffff880`00f37000 0x00009000 0x4a5bc117 14.07.2009 00:19:51
msisadrv.sys fffff880`00f37000 fffff880`00f41000 0x0000a000 0x4a5bc0fe 14.07.2009 00:19:26
pci.sys fffff880`00f41000 fffff880`00f74000 0x00033000 0x4ce7928f 20.11.2010 10:19:11
vdrvroot.sys fffff880`00f74000 fffff880`00f81000 0x0000d000 0x4a5bcadb 14.07.2009 01:01:31
partmgr.sys fffff880`00f81000 fffff880`00f96000 0x00015000 0x4f641bc1 17.03.2012 06:06:09
volmgr.sys fffff880`00f96000 fffff880`00fab000 0x00015000 0x4ce792a0 20.11.2010 10:19:28
volmgrx.sys fffff880`00c00000 fffff880`00c5c000 0x0005c000 0x4ce792eb 20.11.2010 10:20:43
pciide.sys fffff880`00fab000 fffff880`00fb2000 0x00007000 0x4a5bc115 14.07.2009 00:19:49
PCIIDEX.SYS fffff880`00fb2000 fffff880`00fc2000 0x00010000 0x4a5bc114 14.07.2009 00:19:48
mountmgr.sys fffff880`00fc2000 fffff880`00fdc000 0x0001a000 0x4ce79299 20.11.2010 10:19:21
atapi.sys fffff880`00fdc000 fffff880`00fe5000 0x00009000 0x4a5bc113 14.07.2009 00:19:47
ataport.SYS fffff880`00db4000 fffff880`00dde000 0x0002a000 0x51fef9b5 05.08.2013 02:02:45
amd_sata.sys fffff880`00fe5000 fffff880`00ffd000 0x00018000 0x5077e774 12.10.2012 10:48:36
storport.sys fffff880`010df000 fffff880`01143000 0x00064000 0x52f04432 04.02.2014 02:36:50
amd_xata.sys fffff880`01143000 fffff880`01151000 0x0000e000 0x5077e777 12.10.2012 10:48:39
amdsata.sys fffff880`01151000 fffff880`0116f000 0x0001e000 0x4ba2c91d 19.03.2010 01:45:17
amdxata.sys fffff880`0116f000 fffff880`0117a000 0x0000b000 0x4ba3a3ca 19.03.2010 17:18:18
fltmgr.sys fffff880`0117a000 fffff880`011c6000 0x0004c000 0x4ce7929c 20.11.2010 10:19:24
fileinfo.sys fffff880`011c6000 fffff880`011da000 0x00014000 0x4a5bc481 14.07.2009 00:34:25
Ntfs.sys fffff880`0124d000 fffff880`013f6000 0x001a9000 0x52e1be8a 24.01.2014 02:14:50
msrpc.sys fffff880`01000000 fffff880`0105e000 0x0005e000 0x4ce79334 20.11.2010 10:21:56
ksecdd.sys fffff880`01200000 fffff880`0121b000 0x0001b000 0x5348920e 12.04.2014 02:08:30
cng.sys fffff880`0105e000 fffff880`010d0000 0x00072000 0x50194fb7 01.08.2012 16:48:07
pcw.sys fffff880`0121b000 fffff880`0122c000 0x00011000 0x4a5bc0ff 14.07.2009 00:19:27
Fs_Rec.sys fffff880`0122c000 fffff880`01236000 0x0000a000 0x4f4eefd2 01.03.2012 04:41:06
ndis.sys fffff880`014c9000 fffff880`015bb000 0x000f2000 0x5034f6b2 22.08.2012 16:11:46
NETIO.SYS fffff880`01400000 fffff880`01460000 0x00060000 0x5294760d 26.11.2013 11:21:01
ksecpkg.sys fffff880`01460000 fffff880`0148c000 0x0002c000 0x543c7790 14.10.2014 02:08:32
tcpip.sys fffff880`01601000 fffff880`01800000 0x001ff000 0x533f5bd4 05.04.2014 02:26:44
fwpkclnt.sys fffff880`0182c000 fffff880`01875000 0x00049000 0x533f5b09 05.04.2014 02:23:21
volsnap.sys fffff880`01875000 fffff880`018c1000 0x0004c000 0x4ce792c8 20.11.2010 10:20:08
spldr.sys fffff880`018c1000 fffff880`018c9000 0x00008000 0x4a0858bb 11.05.2009 17:56:27
rdyboost.sys fffff880`018c9000 fffff880`01903000 0x0003a000 0x4ce7982e 20.11.2010 10:43:10
mup.sys fffff880`01903000 fffff880`01915000 0x00012000 0x4a5bc201 14.07.2009 00:23:45
hwpolicy.sys fffff880`01915000 fffff880`0191e000 0x00009000 0x4ce7927e 20.11.2010 10:18:54
fvevol.sys fffff880`0191e000 fffff880`01958000 0x0003a000 0x5100a65c 24.01.2013 04:11:24
disk.sys fffff880`01958000 fffff880`0196e000 0x00016000 0x4a5bc11d 14.07.2009 00:19:57
CLASSPNP.SYS fffff880`0196e000 fffff880`0199e000 0x00030000 0x4ce7929b 20.11.2010 10:19:23
cdrom.sys fffff880`019d4000 fffff880`019fe000 0x0002a000 0x4ce79298 20.11.2010 10:19:20
a2dix64.sys fffff880`01800000 fffff880`0180f000 0x0000f000 0x5221c6af 31.08.2013 11:34:23
Null.SYS fffff880`0180f000 fffff880`01818000 0x00009000 0x4a5bc109 14.07.2009 00:19:37
Beep.SYS fffff880`01818000 fffff880`0181f000 0x00007000 0x4a5bca8d 14.07.2009 01:00:13
vga.sys fffff880`0148c000 fffff880`0149a000 0x0000e000 0x4a5bc587 14.07.2009 00:38:47
VIDEOPRT.SYS fffff880`0149a000 fffff880`014bf000 0x00025000 0x4a5bc58b 14.07.2009 00:38:51
watchdog.sys fffff880`015bb000 fffff880`015cb000 0x00010000 0x4a5bc53f 14.07.2009 00:37:35
RDPCDD.sys fffff880`0181f000 fffff880`01828000 0x00009000 0x4a5bce62 14.07.2009 01:16:34
rdpencdd.sys fffff880`015cb000 fffff880`015d4000 0x00009000 0x4a5bce62 14.07.2009 01:16:34
rdprefmp.sys fffff880`015d4000 fffff880`015dd000 0x00009000 0x4a5bce63 14.07.2009 01:16:35
Msfs.SYS fffff880`015dd000 fffff880`015e8000 0x0000b000 0x4a5bc113 14.07.2009 00:19:47
Npfs.SYS fffff880`015e8000 fffff880`015f9000 0x00011000 0x4a5bc114 14.07.2009 00:19:48
tdx.sys fffff880`011da000 fffff880`011fc000 0x00022000 0x54616a72 11.11.2014 02:46:26
TDI.SYS fffff880`01236000 fffff880`01243000 0x0000d000 0x4ce7933e 20.11.2010 10:22:06
afd.sys fffff880`03eb7000 fffff880`03f40000 0x00089000 0x5388291c 30.05.2014 07:45:48
netbt.sys fffff880`03f40000 fffff880`03f85000 0x00045000 0x4ce79386 20.11.2010 10:23:18
ws2ifsl.sys fffff880`03f85000 fffff880`03f90000 0x0000b000 0x4a5bccf9 14.07.2009 01:10:33
wfplwf.sys fffff880`03f90000 fffff880`03f99000 0x00009000 0x4a5bccb6 14.07.2009 01:09:26
pacer.sys fffff880`03f99000 fffff880`03fbf000 0x00026000 0x4ce7a862 20.11.2010 11:52:18
anodlwfx.sys fffff880`03fbf000 fffff880`03fc8000 0x00009000 0x49b0f680 06.03.2009 11:10:08
vwififlt.sys fffff880`03fc8000 fffff880`03fde000 0x00016000 0x4a5bcc3a 14.07.2009 01:07:22
hssdrv6.sys fffff880`03fde000 fffff880`03ff8000 0x0001a000 0x5376cad1 17.05.2014 03:34:57
netbios.sys fffff880`03e00000 fffff880`03e0f000 0x0000f000 0x4a5bccb6 14.07.2009 01:09:26
serial.sys fffff880`03e0f000 fffff880`03e2c000 0x0001d000 0x4a5bcaa8 14.07.2009 01:00:40
wanarp.sys fffff880`03e2c000 fffff880`03e47000 0x0001b000 0x4ce7a874 20.11.2010 11:52:36
termdd.sys fffff880`03e47000 fffff880`03e5b000 0x00014000 0x4ce7ab0c 20.11.2010 12:03:40
rdbss.sys fffff880`03e5b000 fffff880`03eac000 0x00051000 0x4ce79497 20.11.2010 10:27:51
nsiproxy.sys fffff880`010d0000 fffff880`010dc000 0x0000c000 0x4a5bc15e 14.07.2009 00:21:02
mssmbios.sys fffff880`03eac000 fffff880`03eb7000 0x0000b000 0x4a5bc3be 14.07.2009 00:31:10
fwwfp764.sys fffff880`0426c000 fffff880`042d4000 0x00068000 0x54995909 23.12.2014 12:59:05
discache.sys fffff880`042d4000 fffff880`042e3000 0x0000f000 0x4a5bc52e 14.07.2009 00:37:18
dfsc.sys fffff880`042e3000 fffff880`04301000 0x0001e000 0x4ce79447 20.11.2010 10:26:31
blbdrive.sys fffff880`04301000 fffff880`04312000 0x00011000 0x4a5bc4df 14.07.2009 00:35:59
AsUpIO.sys fffff880`04312000 fffff880`04318000 0x00006000 0x4a515fb2 06.07.2009 03:21:38 C:\Windows\system32\drivers\AsUpIO.sys
AsIO.sys fffff880`04318000 fffff880`0431e000 0x00006000 0x4c7325fe 24.08.2010 02:53:02 C:\Windows\system32\drivers\AsIO.sys
a2util64.sys fffff880`0431e000 fffff880`04328000 0x0000a000 0x537059be 12.05.2014 06:18:54
a2ddax64.sys fffff880`04328000 fffff880`04332000 0x0000a000 0x51396c04 08.03.2013 05:41:40
tunnel.sys fffff880`04332000 fffff880`04358000 0x00026000 0x4ce7a846 20.11.2010 11:51:50
amdppm.sys fffff880`04358000 fffff880`0436d000 0x00015000 0x4a5bc0fd 14.07.2009 00:19:25
atikmpag.sys fffff880`0446d000 fffff880`0450b000 0x0009e000 0x52311556 12.09.2013 02:13:58
atikmdag.sys fffff880`11071000 fffff880`11cf1000 0x00c80000 0x52312203 12.09.2013 03:08:03
dxgkrnl.sys fffff880`11cf1000 fffff880`11de6000 0x000f5000 0x539e411c 16.06.2014 01:58:04
dxgmms1.sys fffff880`11000000 fffff880`11046000 0x00046000 0x5164dc13 10.04.2013 04:27:15
HDAudBus.sys fffff880`11046000 fffff880`1106a000 0x00024000 0x4ce7a65e 20.11.2010 11:43:42
Rt64win7.sys fffff880`0450b000 fffff880`045f4000 0x000e9000 0x53fc2790 26.08.2014 07:22:08
usbohci.sys fffff880`11de6000 fffff880`11df1000 0x0000b000 0x52954db5 27.11.2013 02:41:09
USBPORT.SYS fffff880`04400000 fffff880`04456000 0x00056000 0x52954db7 27.11.2013 02:41:11
usbfilter.sys fffff880`04456000 fffff880`04467000 0x00011000 0x503d6ff0 29.08.2012 02:27:12
usbehci.sys fffff880`0436d000 fffff880`0437f000 0x00012000 0x52954db7 27.11.2013 02:41:11
parport.sys fffff880`0437f000 fffff880`0439c000 0x0001d000 0x4a5bcaa8 14.07.2009 01:00:40
ASACPI.sys fffff880`11df1000 fffff880`11df9000 0x00008000 0x4a5e9f11 16.07.2009 04:31:29
serenum.sys fffff880`045f4000 fffff880`04600000 0x0000c000 0x4a5bcaa1 14.07.2009 01:00:33
wmiacpi.sys fffff880`0439c000 fffff880`043a5000 0x00009000 0x4a5bc3b6 14.07.2009 00:31:02
CompositeBus.sys fffff880`043a5000 fffff880`043b5000 0x00010000 0x4ce7a3ed 20.11.2010 11:33:17
ScreamingBAudio64.sys fffff880`043b5000 fffff880`043c3000 0x0000e000 0x4c2ce468 01.07.2010 19:54:32
portcls.sys fffff880`043c3000 fffff880`04400000 0x0003d000 0x524e1b82 04.10.2013 02:36:02
drmk.sys fffff880`04200000 fffff880`04222000 0x00022000 0x524e24fe 04.10.2013 03:16:30
ks.sys fffff880`04222000 fffff880`04265000 0x00043000 0x4ce7a3f3 20.11.2010 11:33:23
ksthunk.sys fffff880`11df9000 fffff880`11dfe200 0x00005200 0x4a5bca93 14.07.2009 01:00:19
AgileVpn.sys fffff880`00dde000 fffff880`00df4000 0x00016000 0x4a5bccf0 14.07.2009 01:10:24
rasl2tp.sys fffff880`02cfd000 fffff880`02d21000 0x00024000 0x4ce7a872 20.11.2010 11:52:34
ndistapi.sys fffff880`02d21000 fffff880`02d2d000 0x0000c000 0x4a5bccd8 14.07.2009 01:10:00
ndiswan.sys fffff880`02d2d000 fffff880`02d5c000 0x0002f000 0x4ce7a870 20.11.2010 11:52:32
raspppoe.sys fffff880`02d5c000 fffff880`02d77000 0x0001b000 0x4a5bcce9 14.07.2009 01:10:17
raspptp.sys fffff880`02d77000 fffff880`02d98000 0x00021000 0x4ce7a86f 20.11.2010 11:52:31
rassstp.sys fffff880`02d98000 fffff880`02db2000 0x0001a000 0x4a5bccf1 14.07.2009 01:10:25
taphss6.sys fffff880`02db2000 fffff880`02dc0000 0x0000e000 0x5376b077 17.05.2014 01:42:31
kbdclass.sys fffff880`02c79000 fffff880`02c88000 0x0000f000 0x4a5bc116 14.07.2009 00:19:50
mouclass.sys fffff880`02c88000 fffff880`02c97000 0x0000f000 0x4a5bc116 14.07.2009 00:19:50
swenum.sys fffff880`02c97000 fffff880`02c98480 0x00001480 0x4a5bca92 14.07.2009 01:00:18
amdiox64.sys fffff880`02c99000 fffff880`02cad000 0x00014000 0x4b7d5a21 18.02.2010 16:17:53
umbus.sys fffff880`02cad000 fffff880`02cbf000 0x00012000 0x4ce7a695 20.11.2010 11:44:37
usbhub.sys fffff880`05667000 fffff880`056c1000 0x0005a000 0x52954dd0 27.11.2013 02:41:36
NDProxy.SYS fffff880`056c1000 fffff880`056d6000 0x00015000 0x4ce7a864 20.11.2010 11:52:20
AtihdW76.sys fffff880`056d6000 fffff880`056f2000 0x0001c000 0x511d60fd 14.02.2013 23:11:09
RTKVHD64.sys fffff880`05e46000 fffff880`061cd500 0x00387500 0x5278d8fd 05.11.2013 12:39:41
win32k.sys fffff960`000b0000 fffff960`003d2000 0x00322000 0x00000000
Dxapi.sys fffff880`061ce000 fffff880`061da000 0x0000c000 0x4a5bc574 14.07.2009 00:38:28
crashdmp.sys fffff880`061da000 fffff880`061e8000 0x0000e000 0x4a5bcabd 14.07.2009 01:01:01
dump_dumpata.sys fffff880`061e8000 fffff880`061f4000 0x0000c000 0x4a5bc113 14.07.2009 00:19:47
dump_atapi.sys fffff880`061f4000 fffff880`061fd000 0x00009000 0x4a5bc113 14.07.2009 00:19:47
dump_dumpfve.sys fffff880`05e00000 fffff880`05e13000 0x00013000 0x4a5bc18f 14.07.2009 00:21:51
hidusb.sys fffff880`05e13000 fffff880`05e21000 0x0000e000 0x4ce7a665 20.11.2010 11:43:49
HIDCLASS.SYS fffff880`05e21000 fffff880`05e3a000 0x00019000 0x51d3a2f1 03.07.2013 05:05:05
HIDPARSE.SYS fffff880`05e3a000 fffff880`05e42080 0x00008080 0x51d3a2f0 03.07.2013 05:05:04
USBD.SYS fffff880`05e43000 fffff880`05e44e80 0x00001e80 0x52954daf 27.11.2013 02:41:03
mouhid.sys fffff880`056f2000 fffff880`056ff000 0x0000d000 0x4a5bca94 14.07.2009 01:00:20
kbdhid.sys fffff880`056ff000 fffff880`0570d000 0x0000e000 0x4ce7a3f5 20.11.2010 11:33:25
monitor.sys fffff880`0570d000 fffff880`0571b000 0x0000e000 0x4a5bc58c 14.07.2009 00:38:52
TSDDD.dll fffff960`004a0000 fffff960`004aa000 0x0000a000 0x00000000
cdd.dll fffff960`00610000 fffff960`00637000 0x00027000 0x00000000
ATMFD.DLL fffff960`00940000 fffff960`009a1000 0x00061000 0x00000000 Adobe Type Manager Windows NT OpenType/Type 1 Font Driver 5.1 Build 238 Adobe Systems Incorporated C:\Windows\system32\ATMFD.DLL
luafv.sys fffff880`0571b000 fffff880`0573e000 0x00023000 0x4a5bc295 14.07.2009 00:26:13
lltdio.sys fffff880`0573e000 fffff880`05753000 0x00015000 0x4a5bcc92 14.07.2009 01:08:50
nwifi.sys fffff880`05753000 fffff880`057a6000 0x00053000 0x4a5bcc3b 14.07.2009 01:07:23
ndisuio.sys fffff880`057a6000 fffff880`057b9000 0x00013000 0x4ce7a7e0 20.11.2010 11:50:08
rspndr.sys fffff880`057b9000 fffff880`057d1000 0x00018000 0x4a5bcc92 14.07.2009 01:08:50
HTTP.sys fffff880`06233000 fffff880`062fc000 0x000c9000 0x4ce793ce 20.11.2010 10:24:30
bowser.sys fffff880`062fc000 fffff880`0631a000 0x0001e000 0x4d649328 23.02.2011 05:55:04
mpsdrv.sys fffff880`0631a000 fffff880`06332000 0x00018000 0x4a5bcc79 14.07.2009 01:08:25
mrxsmb.sys fffff880`06332000 fffff880`0635f000 0x0002d000 0x4db78226 27.04.2011 03:40:38
mrxsmb10.sys fffff880`0635f000 fffff880`063ad000 0x0004e000 0x4e17c104 09.07.2011 03:46:28
mrxsmb20.sys fffff880`063ad000 fffff880`063d1000 0x00024000 0x4db781e9 27.04.2011 03:39:37
AODDriver2.sys fffff880`06200000 fffff880`06232000 0x00032000 0x4f7d6499 05.04.2012 10:23:37
AODDriver2.sys fffff880`05600000 fffff880`05632000 0x00032000 0x4f8e24b3 18.04.2012 03:19:31
Code:
ATTFilter ==================================================
Dump File : 122514-29078-01.dmp
Crash Time : 25.12.2014 18:07:11
Bug Check String : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code : 0x000000d1
Parameter 1 : fffffa80`15e00000
Parameter 2 : 00000000`00000002
Parameter 3 : 00000000`00000000
Parameter 4 : fffff880`02c03b2a
Caused By Driver : fwndis64.sys
Caused By Address : fwndis64.sys+3b2a
File Description :
Product Name :
Company :
File Version :
Processor : x64
Crash Address : ntoskrnl.exe+75bc0
Stack Address 1 :
Stack Address 2 :
Stack Address 3 :
Computer Name :
Full Path : C:\Windows\Minidump\122514-29078-01.dmp
Processors Count : 4
Major Version : 15
Minor Version : 7601
Dump File Size : 279.552
Dump File Time : 25.12.2014 18:08:21
==================================================
Edit: Problem mit dem Bluescreen behoben, lag tatsächlich an Chrome. Hab nach Chromes Installation Pc neugestartet und plötzlich kam kein Bluescreen mehr. Soll ich jetzt Eset, Securitycheck und FRST wiederholen? Ok, nochmal einen Bluescreen gekriegt. Entweder fwndis64.sys+36a2 oder fwndis64.sys+3b2a Es lag an Emsisoft. Wusste es von anfang an, wollte es aber nicht glauben. Nachdem ich einen Systemwiederherstellungspunkt genutzt hatte und ich noch immer Bluescreens gekriegt hab, hab ich Emsisoft runtergehauen und voilà! Keine Bluescreens mehr. Ich werd Emsisoft wieder installieren, wenn ich noch immer Probleme hab, werde ich nen anderen Anti Virus suchen müssen Geändert von Crounty (25.12.2014 um 18:29 Uhr) |
|
26.12.2014, 01:38
| #9 |
| | Google Chrome WTSAPI32.dll fehlerhaftCode:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=167cf204ebe24941b0a714f886f19d1c
# engine=18861
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-06-24 02:26:59
# local_time=2014-06-24 04:26:59 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1292 16777213 100 100 14081 35094441 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 2207 155249869 0 0
# scanned=40374
# found=22
# cleaned=0
# scan_time=446
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir"
sh=37D61F35EF511D7329202EA9E64B34A3A2733621 ft=1 fh=c71c001146429c75 vn="a variant of Win32/Toolbar.CrossRider.H potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-bho.dll.vir"
sh=16B4E7716034DAA8D51DF6933A1487521BAFD576 ft=1 fh=c71c00116f2f2486 vn="probably a variant of Win32/Toolbar.CrossRider.H potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-buttonutil.dll.vir"
sh=13C4E4530579D27AC735D69EB2D02C3143219550 ft=1 fh=4f6371db0a407d38 vn="a variant of Win32/Toolbar.CrossRider.I potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-buttonutil.exe.vir"
sh=0BE9B64B77D6993C208E74AD3EED09045EE1D8F0 ft=1 fh=711bf31f462ed090 vn="a variant of Win64/Toolbar.Crossrider.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-buttonutil64.dll.vir"
sh=A809AC1B09E64A27EC24867BBEF73E1F87F03649 ft=1 fh=4f6371db28b3513d vn="a variant of Win64/Toolbar.Crossrider.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-buttonutil64.exe.vir"
sh=C7180FFA47C505D779731E8DE951C27325483719 ft=1 fh=98f706846ae8387b vn="a variant of Win32/Toolbar.CrossRider.J potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-codedownloader.exe.vir"
sh=CD404C84FB05E5CD7CEE04070B84F96E31A52388 ft=1 fh=9ba1eca12ec55543 vn="a variant of Win32/Toolbar.CrossRider.I potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-helper.exe.vir"
sh=F5FB4CE2BDF7D2EFB02E98E3B5BDA31817E37C48 ft=1 fh=c71c0011cb1ed606 vn="a variant of Win32/SProtector.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MagniPic\assistant.dll.vir"
sh=EDF1A87DEB46CAC58EEFF284F6B253F3A9420587 ft=1 fh=c71c001121b25b01 vn="Win32/AdWare.MultiPlug.N application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MagniPic\iQ5FoM4WlA.dll.vir"
sh=03C058349D803B8A000FD4E20BE2E081176641A6 ft=1 fh=c71c00113f6bc66f vn="Win64/Adware.MultiPlug.A application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MagniPic\iQ5FoM4WlA.x64.dll.vir"
sh=67D59D15A734F2B41373F1CAF8347D199215D42C ft=1 fh=86e026dc2bf78850 vn="a variant of Win32/Mobogenie.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\New_UpdateMoboGenie.exe.vir"
sh=FA1F72CB2B306C4DEB45392C63EB10857682154B ft=1 fh=937c9ad3b66761c3 vn="Win32/Packed.ScrambleWrapper.H potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PutLockerDownloader.com\ptlextsetup.exe.vir"
sh=4269ACDD607F43005F345EA5604026FEBFD17193 ft=1 fh=c71c00117f8f9250 vn="a variant of Win32/AdWare.MultiPlug.K.gen application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\TubeAdBlocker\nnJYt.exe.vir"
sh=E0B8C7584C2F978C46B398FC66E33A30194FA7DF ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhaknhgbchodnaijihojhahebjgdekdb\1.5\Zvgp4Q_FrrLr.js.vir"
sh=748E90CBB284A00D9E9396B9EE387AC5905FF8D1 ft=1 fh=ab95f3a7820679d6 vn="a variant of Win32/Mobogenie.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DaemonProcess.exe.vir"
sh=D0E5E11ACDD3E7AF720794C6AD722169570CA169 ft=1 fh=afc8ab45c959803b vn="a variant of Win32/Mobogenie.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\Mobogenie.exe.vir"
sh=67D59D15A734F2B41373F1CAF8347D199215D42C ft=1 fh=86e026dc2bf78850 vn="a variant of Win32/Mobogenie.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\New_UpdateMoboGenie.exe.vir"
sh=05C3D3349BEA6B6DDD293DB9F60B492CFC90112C ft=1 fh=c23f98680dc9e474 vn="a variant of Win32/Complitly.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Roaming\Complitly\Complitly.dll.vir"
sh=154B5B1384246942A81D2EACA90E36A49FCEAC21 ft=1 fh=ff2f13d3f4dcaba0 vn="a variant of Win32/PredictAd.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Roaming\Complitly\KeepMeUpdated.exe.vir"
sh=124D2DB8310706C1102EB05FD35013EE01B28FC3 ft=1 fh=9e3d2ffc645885da vn="a variant of Win64/Complitly.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Roaming\Complitly\64\Complitly64.dll.vir"
sh=154B5B1384246942A81D2EACA90E36A49FCEAC21 ft=1 fh=ff2f13d3f4dcaba0 vn="a variant of Win32/PredictAd.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Roaming\Complitly\64\KeepMeUpdated.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=167cf204ebe24941b0a714f886f19d1c
# engine=21362
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-02 04:56:32
# local_time=2014-12-02 05:56:32 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 94 153821 156954 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 153860 169169242 0 0
# scanned=354815
# found=104
# cleaned=0
# scan_time=8890
sh=9B28F35A352DE4C5512BC252EBC813DBEB26BC61 ft=1 fh=d37c366403454630 vn="MSIL/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyPC Backup\DEL_MyPC Backup.exe.vir"
sh=C2EC3C4E860FAD724D7A086E6BB3E4701FACAF6D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\background.js.vir"
sh=51866AD7FC44825C2009A915F539C24D44E9F99B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\background.unit.js.vir"
sh=9AC5C4CB8FE1DC5A04042EAAB72096AB2A10CBF2 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\SOAP.js.vir"
sh=891BA5F7795F8C841BD652A2FB6DFE615DED2077 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\lib\config.js.vir"
sh=2E0FDE228693F5433F4104E6679EA3ACAF9074DF ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\lib\context.js.vir"
sh=E3C3DBAF88CEF9B5AB6D0D9006BF153582DA926B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\lib\tinifying.js.vir"
sh=74DC8DA7B53D4836822C0D695FA64A588CF0C5B7 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.min.js.vir"
sh=A7138ECAD617D8E249516239F82F038AEC2C7102 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.translations.js.vir"
sh=CC4C5BB54E8A79425341EC5FA3F76B2D5FA584FE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.unit.js.vir"
sh=01B364112DB8E2852EFA984F97ADC1CF58590A62 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.vars.js.vir"
sh=61BD120563C9011610F822D74ADB3728F6842EBD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\abril.js.vir"
sh=BCC36801E2A4087A4EDE7BD72DA43A9D6572B310 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\amazon.js.vir"
sh=55920C7FB630C966D1CD1807DBE49DD3D7977A16 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\aol.js.vir"
sh=071DADD326560EB569FC2EDD199B57E3DCA733DC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ask.js.vir"
sh=4DF142B28BE3758A2BDC2B7339FE07938255B5AE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\autoscout24.js.vir"
sh=1F382CFFAE0ED064F2A20A0E1CD58561C0CB03BE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\autosottocosto.js.vir"
sh=E40658861F9B0924BC566820C199087AA70A12DD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\baixaki.js.vir"
sh=0B29F17180B65440157142503C7B8FB0AA2C0BAE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\bomnegocio.js.vir"
sh=270D3179983ACB96D36FE0B0F6F90F2F39CD93B6 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\chip.js.vir"
sh=7CA24925C54F35FEC2636310E63B8F9445E398B8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ciao.js.vir"
sh=2805F50D550F54E8320E7CC3F8261011A4B1D708 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\conduit.js.vir"
sh=8AE23C218C8C5C7FDE4ACEC6EC03E2532F93B3D1 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\corriere.js.vir"
sh=3F04F3EF28DCA81FE7035524F4E00266F6A99418 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\craigslist.js.vir"
sh=E4B31A0CBBCB21F765D8E39D6995774769E1D1C5 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\dailymotion.js.vir"
sh=5A6801A81DA721A31FFC89FC1ACB7253435857D9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\default_adapter.js.vir"
sh=B080E7B72E779B4DBB0D9EFF6BA25324AAF6732E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\delta-search.js.vir"
sh=12B0F6486BCD558F1DF654BB43B4BD82C4189982 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\diretta.js.vir"
sh=28DE4A412DAA395D5B72CDC473E69CBAAB6A0629 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ebay.js.vir"
sh=FEE5CDB15AF9B3F80F14E7F4AF03611610FEF53A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ehow.js.vir"
sh=43E70ABC3C2100D2B3E405623A15404D177137BE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\elmundo.js.vir"
sh=0C94AB2CDEFD7AAAFBBBCE8076390756A2060EBE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\elpais.js.vir"
sh=25A6B2263F57114BF9C38998821E72CBA16DEC34 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\facebook.js.vir"
sh=F747128DEB18A507F8D59FACA9A68A1FF3581244 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\foxsports.js.vir"
sh=B2B7D6908BEC80B648B3716AD09D9816E7DE21C9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\friv.js.vir"
sh=44DE2938DEFE8A034DBB19FB905717FABD914478 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\funutilities.js.vir"
sh=A3BF510881F25E55B23943E87C5B47945EDB5733 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\globo.js.vir"
sh=D59A428609E09512F5C524D13046BC4474E43633 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\gmx.js.vir"
sh=16B7B5FD445FCF5E0F7B9743A1CEC1D12EACCF76 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\go.js.vir"
sh=25CEEE5D0F63AFB5AD9D359618746FB3FA925049 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\google.js.vir"
sh=6FE54305ACDF1F37D65F846A09AAF2AE610B52E4 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\gumtree.js.vir"
sh=15F0642FA9891E81FEFB5EA9F8345F5C1E988A09 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\huffingtonpost.js.vir"
sh=EB007BD6CF9DE9D145721AB1B42C4A6A49F3AD26 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ilmeteo.js.vir"
sh=27E667BAE43C7A31330B12FD5B78F1C97DC4DCF2 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\imdb.js.vir"
sh=D8F06AC4F0B4CF4CA4EBDC56B5C6F23D74B1351D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\inbox.js.vir"
sh=5D09C1440CE775837E5F58040E3B3DA5861C7F2D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\indeed.js.vir"
sh=A4E13E1C85F9C090C7A5530AC4D8939F928D2426 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\instagram.js.vir"
sh=8DA76B1679E8AD4F80F08BE4371902E1FB69A04B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\jappy.js.vir"
sh=3AD210DFBC9BB4B90769240B57325E62AA67A0FC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\leboncoin.js.vir"
sh=8BDD182DA8610E6AE7B4DA2CD3A7C8522FE9FDD9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\libero.js.vir"
sh=1E1F26D3E48C3E972C75F8ADA49335B3BFE796CA ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\live.js.vir"
sh=0DA42755F29D7FCC9B02DF1AAE846B28FC83ABEC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\marca.js.vir"
sh=F03C5032CA21A97A475F612044FF910AEA97F98D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mediaset.js.vir"
sh=5E561234265C05C72EDF14FE2A1C8D830F518726 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mercadolivre.js.vir"
sh=3287EDFE107F42BD54464354F7EDD0D5EC1F62BD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\milanuncios.js.vir"
sh=7C16F8FEDEE0D02E5CD2D16384924D1DE7CA85F8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\msn.js.vir"
sh=56FD8F01CBA6F2AC7175247C9E2EA54DA5CBEAB8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mundoanuncio.js.vir"
sh=AAA91E6A3E08FD24A0462853FF90AE67D64A10FB ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\netlog.js.vir"
sh=EA8E9609F9746A6D089057B1ABC2CB5B87ADB56C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\nirvam.js.vir"
sh=6932E76E73E9171D15052538CEC919832B24495A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\okcupid.js.vir"
sh=8E05B6DE79ED0DB5161E08D7C84E44D346A34223 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\olx.js.vir"
sh=717CC4F0E41AC53700E82CE4150428EDCED00F2C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\orange.js.vir"
sh=6FE05930F5495CBDAF254E3A722F298042D59188 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pagesjaunes.js.vir"
sh=27653CA2D9A8C542EA7B30EC1B1D3EDCC8FDA44A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\photobucket.js.vir"
sh=B34BCC1E3592F30FADA8B4783167EFC6FD6B163B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pinterest.js.vir"
sh=B5F8A49604BB9BB9AE06A12B0458AEFA5868A395 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pof.js.vir"
sh=582536F3328D7D253FF3FB556BAA2D86B9D4D17B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\repubblica.js.vir"
sh=77BAC2C1AF3BD54E7F3E4F40624EE936D67BAC1C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\roblox.js.vir"
sh=05B58255C0C2E4D9B28DC1E4C254138D76F25E14 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\segundamano.js.vir"
sh=29C2BD733E33AC33433DF6F180524C931ACD8FB2 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\sfr.js.vir"
sh=003D9DC3AC3B890014F8A9184AC79B41AA02CE5F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\shopping.js.vir"
sh=B3399BAC685AC2DB00C8BF73787722CB37C52F9F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\skyrock.js.vir"
sh=0C8FD62D3A1464E8987BE463BF2ECB09B887397B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\spiegel.js.vir"
sh=273E29401D827883A2841293AB86970DB150211D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\subito.js.vir"
sh=492F666790E7E80B87CD6D7734D65EBF7453C758 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\t-online.js.vir"
sh=6436DF7125F4ECE8773E0EC7695BCE863C94C2BB ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tagged.js.vir"
sh=EF5B3DA829CFA21C8DE4E47B451BA654E1828C9D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\terra.js.vir"
sh=6E4BFE2B03FA0D3BE7747A45508F2891161B5CC9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tiscali.js.vir"
sh=B5A821672054FDADFBA8F67402445E028FF8AD50 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tripadvisor.js.vir"
sh=65F5D2CCE61D4BD156608FBECF0FB967734D83FC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\twitpic.js.vir"
sh=3A85F938570568A286C33D328740BAFC4FB73045 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\twitter.js.vir"
sh=DCD0A0C6E3AA56687A1719F5D364E1763A6E4A81 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\uol.js.vir"
sh=149DA3B16316B14C6297C1C52CF0049180185271 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\v9.js.vir"
sh=FC7BB8C266DCF99268F4235F7983F1F130991DA4 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\virgilio.js.vir"
sh=412A4635278002E8EF719CABC22126417A508FFC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\voila.js.vir"
sh=FC821B9B1DA7646182685D4A70350534A3838E3F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\walmart.js.vir"
sh=BBE95AE4E0F8DC7571869344180B8140F38FC2DC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\weather.js.vir"
sh=010560C39E506B0E2431760D6DFC39ADD61D128E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\web.js.vir"
sh=2A75280C8C5789E6BE74220F53BBBAE04E523E6B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\yahoo.js.vir"
sh=4C69F4B1969C916367D64C9046F480B157C43993 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\yelp.js.vir"
sh=7DCF3B4AB444CB8B66645655E5DB9857870C9DCC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\youtube.js.vir"
sh=4FB0DAB41986A8701720A2C60F898B70CC25F3E0 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\services\bhp.js.vir"
sh=26133A64F47E90C8535CE111BAD8C35C9FA562B0 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\services\favlinks.js.vir"
sh=EBF01B3EC4607AEB707184674F723440272D4EF5 ft=0 fh=0000000000000000 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.1.32.zip.vir"
sh=A703E83DC6447E84E8582B80A3DBF6C03B77D04A ft=0 fh=0000000000000000 vn="Variante von Android/Mobserv.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk.vir"
sh=E85C421E9C435E8C2116E56EC1B2A927BA0092CC ft=1 fh=19660ba49630fd55 vn="Variante von Win64/TrojanDownloader.Agent.F Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\GFilterSvc.exe.vir"
sh=558C365776AD71C812363E30D7880CF564028A06 ft=1 fh=e10f04e359590fdb vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=B9276CCB99D02DF2AB5E3B289230782ACE0901CE ft=0 fh=0000000000000000 vn="JS/GFilter.A Trojaner" ac=I fn="C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\eilgiifgoafnjpmdmdkafdnghcfghkpe\2.1_0\g.js"
sh=6B671BC420C26DD44428397D39B13402CC19BCF9 ft=1 fh=65859fa78065d607 vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\File System\010\t\00\00000000"
sh=6B671BC420C26DD44428397D39B13402CC19BCF9 ft=1 fh=65859fa78065d607 vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\File System\010\t\00\00000001"
sh=FF273D0017363755214FA5CD888C2C2D54721700 ft=1 fh=0089eae0191970f8 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\assembly\GAC\Microsoft.VisualStudio.OLE.Interop\7.1.40304.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.OLE.Interop.dll"
sh=A70EFAB5F2D2D83AD2B7E0304169C73F6D0EC700 ft=1 fh=011924ad9c4ebdbf vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll"
sh=6BF9D715657523581D681EED88C7D864C1DE178B ft=0 fh=0000000000000000 vn="JS/GFilter.A Trojaner" ac=I fn="C:\Windows\Installer\{DCDF7E9A-228E-4B24-95B3-A928C685FD36}\cfgkdnomfdapcmmpoincemjabefgjblljrx"
sh=4F414B59FCABC57B249BCE7AF4E35F0E84143DD2 ft=1 fh=93556752e2e6958d vn="NSIS/TrojanDownloader.Adload.Y Trojaner" ac=I fn="C:\zoek_backup\C_Users_Issam276_Downloads_HDVidCodec.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=167cf204ebe24941b0a714f886f19d1c
# engine=21704
# end=stopped
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-25 04:50:16
# local_time=2014-12-25 05:50:16 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 7719 171156066 0 0
# compatibility_mode_1='Emsisoft Internet Security'
# compatibility_mode=16643 16777214 100 100 6398 220768504 0 0
# scanned=349438
# found=99
# cleaned=0
# scan_time=5639
sh=9B28F35A352DE4C5512BC252EBC813DBEB26BC61 ft=1 fh=d37c366403454630 vn="MSIL/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyPC Backup\DEL_MyPC Backup.exe.vir"
sh=C2EC3C4E860FAD724D7A086E6BB3E4701FACAF6D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\background.js.vir"
sh=51866AD7FC44825C2009A915F539C24D44E9F99B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\background.unit.js.vir"
sh=9AC5C4CB8FE1DC5A04042EAAB72096AB2A10CBF2 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\SOAP.js.vir"
sh=891BA5F7795F8C841BD652A2FB6DFE615DED2077 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\lib\config.js.vir"
sh=2E0FDE228693F5433F4104E6679EA3ACAF9074DF ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\lib\context.js.vir"
sh=E3C3DBAF88CEF9B5AB6D0D9006BF153582DA926B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\lib\tinifying.js.vir"
sh=74DC8DA7B53D4836822C0D695FA64A588CF0C5B7 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.min.js.vir"
sh=A7138ECAD617D8E249516239F82F038AEC2C7102 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.translations.js.vir"
sh=CC4C5BB54E8A79425341EC5FA3F76B2D5FA584FE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.unit.js.vir"
sh=01B364112DB8E2852EFA984F97ADC1CF58590A62 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.vars.js.vir"
sh=61BD120563C9011610F822D74ADB3728F6842EBD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\abril.js.vir"
sh=BCC36801E2A4087A4EDE7BD72DA43A9D6572B310 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\amazon.js.vir"
sh=55920C7FB630C966D1CD1807DBE49DD3D7977A16 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\aol.js.vir"
sh=071DADD326560EB569FC2EDD199B57E3DCA733DC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ask.js.vir"
sh=4DF142B28BE3758A2BDC2B7339FE07938255B5AE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\autoscout24.js.vir"
sh=1F382CFFAE0ED064F2A20A0E1CD58561C0CB03BE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\autosottocosto.js.vir"
sh=E40658861F9B0924BC566820C199087AA70A12DD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\baixaki.js.vir"
sh=0B29F17180B65440157142503C7B8FB0AA2C0BAE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\bomnegocio.js.vir"
sh=270D3179983ACB96D36FE0B0F6F90F2F39CD93B6 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\chip.js.vir"
sh=7CA24925C54F35FEC2636310E63B8F9445E398B8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ciao.js.vir"
sh=2805F50D550F54E8320E7CC3F8261011A4B1D708 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\conduit.js.vir"
sh=8AE23C218C8C5C7FDE4ACEC6EC03E2532F93B3D1 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\corriere.js.vir"
sh=3F04F3EF28DCA81FE7035524F4E00266F6A99418 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\craigslist.js.vir"
sh=E4B31A0CBBCB21F765D8E39D6995774769E1D1C5 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\dailymotion.js.vir"
sh=5A6801A81DA721A31FFC89FC1ACB7253435857D9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\default_adapter.js.vir"
sh=B080E7B72E779B4DBB0D9EFF6BA25324AAF6732E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\delta-search.js.vir"
sh=12B0F6486BCD558F1DF654BB43B4BD82C4189982 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\diretta.js.vir"
sh=28DE4A412DAA395D5B72CDC473E69CBAAB6A0629 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ebay.js.vir"
sh=FEE5CDB15AF9B3F80F14E7F4AF03611610FEF53A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ehow.js.vir"
sh=43E70ABC3C2100D2B3E405623A15404D177137BE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\elmundo.js.vir"
sh=0C94AB2CDEFD7AAAFBBBCE8076390756A2060EBE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\elpais.js.vir"
sh=25A6B2263F57114BF9C38998821E72CBA16DEC34 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\facebook.js.vir"
sh=F747128DEB18A507F8D59FACA9A68A1FF3581244 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\foxsports.js.vir"
sh=B2B7D6908BEC80B648B3716AD09D9816E7DE21C9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\friv.js.vir"
sh=44DE2938DEFE8A034DBB19FB905717FABD914478 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\funutilities.js.vir"
sh=A3BF510881F25E55B23943E87C5B47945EDB5733 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\globo.js.vir"
sh=D59A428609E09512F5C524D13046BC4474E43633 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\gmx.js.vir"
sh=16B7B5FD445FCF5E0F7B9743A1CEC1D12EACCF76 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\go.js.vir"
sh=25CEEE5D0F63AFB5AD9D359618746FB3FA925049 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\google.js.vir"
sh=6FE54305ACDF1F37D65F846A09AAF2AE610B52E4 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\gumtree.js.vir"
sh=15F0642FA9891E81FEFB5EA9F8345F5C1E988A09 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\huffingtonpost.js.vir"
sh=EB007BD6CF9DE9D145721AB1B42C4A6A49F3AD26 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ilmeteo.js.vir"
sh=27E667BAE43C7A31330B12FD5B78F1C97DC4DCF2 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\imdb.js.vir"
sh=D8F06AC4F0B4CF4CA4EBDC56B5C6F23D74B1351D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\inbox.js.vir"
sh=5D09C1440CE775837E5F58040E3B3DA5861C7F2D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\indeed.js.vir"
sh=A4E13E1C85F9C090C7A5530AC4D8939F928D2426 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\instagram.js.vir"
sh=8DA76B1679E8AD4F80F08BE4371902E1FB69A04B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\jappy.js.vir"
sh=3AD210DFBC9BB4B90769240B57325E62AA67A0FC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\leboncoin.js.vir"
sh=8BDD182DA8610E6AE7B4DA2CD3A7C8522FE9FDD9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\libero.js.vir"
sh=1E1F26D3E48C3E972C75F8ADA49335B3BFE796CA ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\live.js.vir"
sh=0DA42755F29D7FCC9B02DF1AAE846B28FC83ABEC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\marca.js.vir"
sh=F03C5032CA21A97A475F612044FF910AEA97F98D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mediaset.js.vir"
sh=5E561234265C05C72EDF14FE2A1C8D830F518726 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mercadolivre.js.vir"
sh=3287EDFE107F42BD54464354F7EDD0D5EC1F62BD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\milanuncios.js.vir"
sh=7C16F8FEDEE0D02E5CD2D16384924D1DE7CA85F8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\msn.js.vir"
sh=56FD8F01CBA6F2AC7175247C9E2EA54DA5CBEAB8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mundoanuncio.js.vir"
sh=AAA91E6A3E08FD24A0462853FF90AE67D64A10FB ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\netlog.js.vir"
sh=EA8E9609F9746A6D089057B1ABC2CB5B87ADB56C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\nirvam.js.vir"
sh=6932E76E73E9171D15052538CEC919832B24495A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\okcupid.js.vir"
sh=8E05B6DE79ED0DB5161E08D7C84E44D346A34223 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\olx.js.vir"
sh=717CC4F0E41AC53700E82CE4150428EDCED00F2C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\orange.js.vir"
sh=6FE05930F5495CBDAF254E3A722F298042D59188 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pagesjaunes.js.vir"
sh=27653CA2D9A8C542EA7B30EC1B1D3EDCC8FDA44A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\photobucket.js.vir"
sh=B34BCC1E3592F30FADA8B4783167EFC6FD6B163B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pinterest.js.vir"
sh=B5F8A49604BB9BB9AE06A12B0458AEFA5868A395 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pof.js.vir"
sh=582536F3328D7D253FF3FB556BAA2D86B9D4D17B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\repubblica.js.vir"
sh=77BAC2C1AF3BD54E7F3E4F40624EE936D67BAC1C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\roblox.js.vir"
sh=05B58255C0C2E4D9B28DC1E4C254138D76F25E14 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\segundamano.js.vir"
sh=29C2BD733E33AC33433DF6F180524C931ACD8FB2 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\sfr.js.vir"
sh=003D9DC3AC3B890014F8A9184AC79B41AA02CE5F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\shopping.js.vir"
sh=B3399BAC685AC2DB00C8BF73787722CB37C52F9F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\skyrock.js.vir"
sh=0C8FD62D3A1464E8987BE463BF2ECB09B887397B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\spiegel.js.vir"
sh=273E29401D827883A2841293AB86970DB150211D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\subito.js.vir"
sh=492F666790E7E80B87CD6D7734D65EBF7453C758 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\t-online.js.vir"
sh=6436DF7125F4ECE8773E0EC7695BCE863C94C2BB ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tagged.js.vir"
sh=EF5B3DA829CFA21C8DE4E47B451BA654E1828C9D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\terra.js.vir"
sh=6E4BFE2B03FA0D3BE7747A45508F2891161B5CC9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tiscali.js.vir"
sh=B5A821672054FDADFBA8F67402445E028FF8AD50 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tripadvisor.js.vir"
sh=65F5D2CCE61D4BD156608FBECF0FB967734D83FC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\twitpic.js.vir"
sh=3A85F938570568A286C33D328740BAFC4FB73045 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\twitter.js.vir"
sh=DCD0A0C6E3AA56687A1719F5D364E1763A6E4A81 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\uol.js.vir"
sh=149DA3B16316B14C6297C1C52CF0049180185271 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\v9.js.vir"
sh=FC7BB8C266DCF99268F4235F7983F1F130991DA4 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\virgilio.js.vir"
sh=412A4635278002E8EF719CABC22126417A508FFC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\voila.js.vir"
sh=FC821B9B1DA7646182685D4A70350534A3838E3F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\walmart.js.vir"
sh=BBE95AE4E0F8DC7571869344180B8140F38FC2DC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\weather.js.vir"
sh=010560C39E506B0E2431760D6DFC39ADD61D128E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\web.js.vir"
sh=2A75280C8C5789E6BE74220F53BBBAE04E523E6B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\yahoo.js.vir"
sh=4C69F4B1969C916367D64C9046F480B157C43993 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\yelp.js.vir"
sh=7DCF3B4AB444CB8B66645655E5DB9857870C9DCC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\youtube.js.vir"
sh=4FB0DAB41986A8701720A2C60F898B70CC25F3E0 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\services\bhp.js.vir"
sh=26133A64F47E90C8535CE111BAD8C35C9FA562B0 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\services\favlinks.js.vir"
sh=E85C421E9C435E8C2116E56EC1B2A927BA0092CC ft=1 fh=19660ba49630fd55 vn="Variante von Win64/TrojanDownloader.Agent.F Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\GFilterSvc.exe.vir"
sh=558C365776AD71C812363E30D7880CF564028A06 ft=1 fh=e10f04e359590fdb vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=B9276CCB99D02DF2AB5E3B289230782ACE0901CE ft=0 fh=0000000000000000 vn="JS/GFilter.A Trojaner" ac=I fn="C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\eilgiifgoafnjpmdmdkafdnghcfghkpe\2.1_0\g.js"
sh=FF273D0017363755214FA5CD888C2C2D54721700 ft=1 fh=0089eae0191970f8 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\assembly\GAC\Microsoft.VisualStudio.OLE.Interop\7.1.40304.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.OLE.Interop.dll"
sh=4F414B59FCABC57B249BCE7AF4E35F0E84143DD2 ft=1 fh=93556752e2e6958d vn="NSIS/TrojanDownloader.Adload.Y Trojaner" ac=I fn="C:\zoek_backup\C_Users_Issam276_Downloads_HDVidCodec.exe.vir"
sh=740982CE3B3E4BD08C1CBD5FC8CFEB982F1D4E05 ft=1 fh=af8c0585c052e303 vn="Win32/InstalleRex.T evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_PROGRA~3_InstallMate\{891AB449-A3D6-BE99-5C72-EBF452F996BF}\_Setupx.dll"
ESETSmartInstaller@High as downloader log:
Can not open internet# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=167cf204ebe24941b0a714f886f19d1c
# engine=21707
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-25 10:26:24
# local_time=2014-12-25 11:26:24 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 7587 171176234 0 0
# compatibility_mode_1='Emsisoft Internet Security'
# compatibility_mode=16643 16777213 100 100 5572 220788672 0 0
# scanned=342354
# found=84
# cleaned=45
# scan_time=5546
sh=717CC4F0E41AC53700E82CE4150428EDCED00F2C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\orange.js.vir"
sh=6FE05930F5495CBDAF254E3A722F298042D59188 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pagesjaunes.js.vir"
sh=27653CA2D9A8C542EA7B30EC1B1D3EDCC8FDA44A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\photobucket.js.vir"
sh=B34BCC1E3592F30FADA8B4783167EFC6FD6B163B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pinterest.js.vir"
sh=B5F8A49604BB9BB9AE06A12B0458AEFA5868A395 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pof.js.vir"
sh=582536F3328D7D253FF3FB556BAA2D86B9D4D17B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\repubblica.js.vir"
sh=77BAC2C1AF3BD54E7F3E4F40624EE936D67BAC1C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\roblox.js.vir"
sh=05B58255C0C2E4D9B28DC1E4C254138D76F25E14 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\segundamano.js.vir"
sh=29C2BD733E33AC33433DF6F180524C931ACD8FB2 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\sfr.js.vir"
sh=003D9DC3AC3B890014F8A9184AC79B41AA02CE5F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\shopping.js.vir"
sh=B3399BAC685AC2DB00C8BF73787722CB37C52F9F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\skyrock.js.vir"
sh=0C8FD62D3A1464E8987BE463BF2ECB09B887397B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\spiegel.js.vir"
sh=273E29401D827883A2841293AB86970DB150211D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\subito.js.vir"
sh=492F666790E7E80B87CD6D7734D65EBF7453C758 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\t-online.js.vir"
sh=6436DF7125F4ECE8773E0EC7695BCE863C94C2BB ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tagged.js.vir"
sh=EF5B3DA829CFA21C8DE4E47B451BA654E1828C9D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\terra.js.vir"
sh=6E4BFE2B03FA0D3BE7747A45508F2891161B5CC9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tiscali.js.vir"
sh=B5A821672054FDADFBA8F67402445E028FF8AD50 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tripadvisor.js.vir"
sh=65F5D2CCE61D4BD156608FBECF0FB967734D83FC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\twitpic.js.vir"
sh=3A85F938570568A286C33D328740BAFC4FB73045 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\twitter.js.vir"
sh=DCD0A0C6E3AA56687A1719F5D364E1763A6E4A81 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\uol.js.vir"
sh=149DA3B16316B14C6297C1C52CF0049180185271 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\v9.js.vir"
sh=FC7BB8C266DCF99268F4235F7983F1F130991DA4 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\virgilio.js.vir"
sh=412A4635278002E8EF719CABC22126417A508FFC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\voila.js.vir"
sh=FC821B9B1DA7646182685D4A70350534A3838E3F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\walmart.js.vir"
sh=BBE95AE4E0F8DC7571869344180B8140F38FC2DC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\weather.js.vir"
sh=010560C39E506B0E2431760D6DFC39ADD61D128E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\web.js.vir"
sh=2A75280C8C5789E6BE74220F53BBBAE04E523E6B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\yahoo.js.vir"
sh=4C69F4B1969C916367D64C9046F480B157C43993 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\yelp.js.vir"
sh=7DCF3B4AB444CB8B66645655E5DB9857870C9DCC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\youtube.js.vir"
sh=4FB0DAB41986A8701720A2C60F898B70CC25F3E0 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\services\bhp.js.vir"
sh=26133A64F47E90C8535CE111BAD8C35C9FA562B0 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\services\favlinks.js.vir"
sh=E85C421E9C435E8C2116E56EC1B2A927BA0092CC ft=1 fh=19660ba49630fd55 vn="Variante von Win64/TrojanDownloader.Agent.F Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\GFilterSvc.exe.vir"
sh=558C365776AD71C812363E30D7880CF564028A06 ft=1 fh=e10f04e359590fdb vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=B9276CCB99D02DF2AB5E3B289230782ACE0901CE ft=0 fh=0000000000000000 vn="JS/GFilter.A Trojaner" ac=I fn="C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\eilgiifgoafnjpmdmdkafdnghcfghkpe\2.1_0\g.js"
sh=C95AD7AC212CF5AC3CC9473722203383E1CEF22B ft=1 fh=716698975c4da313 vn="Variante von Win32/InstallCore.TL evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Issam276\AppData\Local\Temp\ICReinstall_64bit_Win7_Win8_Win81_R275_CB-DL-Manager.exe"
sh=C95AD7AC212CF5AC3CC9473722203383E1CEF22B ft=1 fh=716698975c4da313 vn="Variante von Win32/InstallCore.TL evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Issam276\Downloads\64bit_Win7_Win8_Win81_R275_CB-DL-Manager.exe"
sh=FF273D0017363755214FA5CD888C2C2D54721700 ft=1 fh=0089eae0191970f8 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\assembly\GAC\Microsoft.VisualStudio.OLE.Interop\7.1.40304.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.OLE.Interop.dll"
sh=740982CE3B3E4BD08C1CBD5FC8CFEB982F1D4E05 ft=1 fh=af8c0585c052e303 vn="Win32/InstalleRex.T evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_PROGRA~3_InstallMate\{891AB449-A3D6-BE99-5C72-EBF452F996BF}\_Setupx.dll"
sh=1F382CFFAE0ED064F2A20A0E1CD58561C0CB03BE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\autosottocosto.js.vir"
sh=E40658861F9B0924BC566820C199087AA70A12DD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\baixaki.js.vir"
sh=0B29F17180B65440157142503C7B8FB0AA2C0BAE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\bomnegocio.js.vir"
sh=270D3179983ACB96D36FE0B0F6F90F2F39CD93B6 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\chip.js.vir"
sh=7CA24925C54F35FEC2636310E63B8F9445E398B8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ciao.js.vir"
sh=2805F50D550F54E8320E7CC3F8261011A4B1D708 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\conduit.js.vir"
sh=8AE23C218C8C5C7FDE4ACEC6EC03E2532F93B3D1 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\corriere.js.vir"
sh=3F04F3EF28DCA81FE7035524F4E00266F6A99418 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\craigslist.js.vir"
sh=E4B31A0CBBCB21F765D8E39D6995774769E1D1C5 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\dailymotion.js.vir"
sh=5A6801A81DA721A31FFC89FC1ACB7253435857D9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\default_adapter.js.vir"
sh=B080E7B72E779B4DBB0D9EFF6BA25324AAF6732E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\delta-search.js.vir"
sh=12B0F6486BCD558F1DF654BB43B4BD82C4189982 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\diretta.js.vir"
sh=28DE4A412DAA395D5B72CDC473E69CBAAB6A0629 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ebay.js.vir"
sh=FEE5CDB15AF9B3F80F14E7F4AF03611610FEF53A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ehow.js.vir"
sh=43E70ABC3C2100D2B3E405623A15404D177137BE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\elmundo.js.vir"
sh=0C94AB2CDEFD7AAAFBBBCE8076390756A2060EBE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\elpais.js.vir"
sh=25A6B2263F57114BF9C38998821E72CBA16DEC34 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\facebook.js.vir"
sh=F747128DEB18A507F8D59FACA9A68A1FF3581244 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\foxsports.js.vir"
sh=B2B7D6908BEC80B648B3716AD09D9816E7DE21C9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\friv.js.vir"
sh=44DE2938DEFE8A034DBB19FB905717FABD914478 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\funutilities.js.vir"
sh=A3BF510881F25E55B23943E87C5B47945EDB5733 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\globo.js.vir"
sh=D59A428609E09512F5C524D13046BC4474E43633 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\gmx.js.vir"
sh=16B7B5FD445FCF5E0F7B9743A1CEC1D12EACCF76 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\go.js.vir"
sh=25CEEE5D0F63AFB5AD9D359618746FB3FA925049 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\google.js.vir"
sh=6FE54305ACDF1F37D65F846A09AAF2AE610B52E4 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\gumtree.js.vir"
sh=15F0642FA9891E81FEFB5EA9F8345F5C1E988A09 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\huffingtonpost.js.vir"
sh=EB007BD6CF9DE9D145721AB1B42C4A6A49F3AD26 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ilmeteo.js.vir"
sh=27E667BAE43C7A31330B12FD5B78F1C97DC4DCF2 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\imdb.js.vir"
sh=D8F06AC4F0B4CF4CA4EBDC56B5C6F23D74B1351D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\inbox.js.vir"
sh=5D09C1440CE775837E5F58040E3B3DA5861C7F2D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\indeed.js.vir"
sh=A4E13E1C85F9C090C7A5530AC4D8939F928D2426 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\instagram.js.vir"
sh=8DA76B1679E8AD4F80F08BE4371902E1FB69A04B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\jappy.js.vir"
sh=3AD210DFBC9BB4B90769240B57325E62AA67A0FC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\leboncoin.js.vir"
sh=8BDD182DA8610E6AE7B4DA2CD3A7C8522FE9FDD9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\libero.js.vir"
sh=1E1F26D3E48C3E972C75F8ADA49335B3BFE796CA ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\live.js.vir"
sh=0DA42755F29D7FCC9B02DF1AAE846B28FC83ABEC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\marca.js.vir"
sh=F03C5032CA21A97A475F612044FF910AEA97F98D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mediaset.js.vir"
sh=5E561234265C05C72EDF14FE2A1C8D830F518726 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mercadolivre.js.vir"
sh=3287EDFE107F42BD54464354F7EDD0D5EC1F62BD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\milanuncios.js.vir"
sh=7C16F8FEDEE0D02E5CD2D16384924D1DE7CA85F8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\msn.js.vir"
sh=56FD8F01CBA6F2AC7175247C9E2EA54DA5CBEAB8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mundoanuncio.js.vir"
sh=AAA91E6A3E08FD24A0462853FF90AE67D64A10FB ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\netlog.js.vir"
sh=EA8E9609F9746A6D089057B1ABC2CB5B87ADB56C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\nirvam.js.vir"
sh=6932E76E73E9171D15052538CEC919832B24495A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\okcupid.js.vir"
sh=8E05B6DE79ED0DB5161E08D7C84E44D346A34223 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\olx.js.vir"
|
|
26.12.2014, 19:12
| #10 |
| /// the machine /// TB-Ausbilder | Google Chrome WTSAPI32.dll fehlerhaft Chrome muss jetzt trotzdem nochmal runter, das Profil ist komplett für die Tonne. Revo Uninstaller - Download - Filepony damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren. Dann: https://support.google.com/chrome/answer/3296214?hl=de Was ist nun aktueller Stand an Problemen?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.12.2014, 03:51
| #11 |
| | Google Chrome WTSAPI32.dll fehlerhaft Keine Probleme mehr, danke für deine Hilfe |
|
27.12.2014, 19:28
| #12 |
| /// the machine /// TB-Ausbilder | Google Chrome WTSAPI32.dll fehlerhaft Fertig Die Reihenfolge ist hier entscheidend.
Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun Hier noch ein paar Tipps zur Absicherung deines Systems. Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
Anti- Viren Software
Zusätzlicher Schutz
Sicheres Browsen
Alternative Browser Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
Performance Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC Halte dich fern von jedlichen Registry Cleanern. Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links Miekemoes Blogspot ( MVP ) Bill Castner ( MVP ) Don'ts
Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Google Chrome WTSAPI32.dll fehlerhaft |
| akamai, bonjour, browser, combofix, computer, flash player, google, home, iexplore.exe, installation, kaspersky, malware, mozilla, problem, realtek, registry, scan, security, software, stick, system, teamspeak, usb, virus, windows |
Linear-Darstellung
