Hallo und danke für deine Antwort!
Hier ist der Bericht des Virusscans mit dem Fund. Code:
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Samstag, 24. August 2013 17:54
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Avira Free Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Windows Vista (TM) Home Premium
Windowsversion : (Service Pack 2) [6.0.6002]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : EVI-PC
Versionsinformationen:
BUILD.DAT : 13.0.0.3885 54851 Bytes 01.08.2013 08:55:00
AVSCAN.EXE : 13.6.0.1722 634936 Bytes 02.07.2013 19:27:16
AVSCANRC.DLL : 13.6.0.1550 62520 Bytes 02.07.2013 19:27:16
LUKE.DLL : 13.6.0.1550 65080 Bytes 02.07.2013 19:27:47
AVSCPLR.DLL : 13.6.0.1712 92216 Bytes 02.07.2013 19:27:16
AVREG.DLL : 13.6.0.1550 247864 Bytes 02.07.2013 19:27:15
avlode.dll : 13.6.2.1704 449592 Bytes 02.07.2013 19:27:13
avlode.rdf : 13.0.1.40 26825 Bytes 24.08.2013 12:41:04
VBASE000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 18:26:27
VBASE001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 07:52:05
VBASE002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 14:43:02
VBASE003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 07:05:02
VBASE004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 14:36:53
VBASE005.VDF : 7.11.91.177 2048 Bytes 23.07.2013 14:36:54
VBASE006.VDF : 7.11.91.178 2048 Bytes 23.07.2013 14:36:54
VBASE007.VDF : 7.11.91.179 2048 Bytes 23.07.2013 14:36:54
VBASE008.VDF : 7.11.91.180 2048 Bytes 23.07.2013 14:36:54
VBASE009.VDF : 7.11.91.181 2048 Bytes 23.07.2013 14:36:54
VBASE010.VDF : 7.11.91.182 2048 Bytes 23.07.2013 14:36:54
VBASE011.VDF : 7.11.91.183 2048 Bytes 23.07.2013 14:36:54
VBASE012.VDF : 7.11.91.184 2048 Bytes 23.07.2013 14:36:54
VBASE013.VDF : 7.11.92.32 156160 Bytes 24.07.2013 12:44:19
VBASE014.VDF : 7.11.92.147 168960 Bytes 25.07.2013 17:57:41
VBASE015.VDF : 7.11.93.93 419328 Bytes 28.07.2013 09:57:48
VBASE016.VDF : 7.11.93.170 1403392 Bytes 29.07.2013 16:13:43
VBASE017.VDF : 7.11.94.31 222208 Bytes 31.07.2013 20:21:55
VBASE018.VDF : 7.11.94.141 273408 Bytes 03.08.2013 12:39:15
VBASE019.VDF : 7.11.94.203 200192 Bytes 04.08.2013 12:39:16
VBASE020.VDF : 7.11.95.8 1925632 Bytes 05.08.2013 12:39:20
VBASE021.VDF : 7.11.95.81 203776 Bytes 06.08.2013 12:39:21
VBASE022.VDF : 7.11.95.175 148480 Bytes 07.08.2013 12:39:22
VBASE023.VDF : 7.11.95.248 1224192 Bytes 09.08.2013 12:39:31
VBASE024.VDF : 7.11.96.43 861184 Bytes 10.08.2013 12:39:40
VBASE025.VDF : 7.11.97.50 1084416 Bytes 19.08.2013 12:39:50
VBASE026.VDF : 7.11.97.133 369664 Bytes 21.08.2013 12:39:54
VBASE027.VDF : 7.11.97.251 274432 Bytes 24.08.2013 12:39:58
VBASE028.VDF : 7.11.97.252 2048 Bytes 24.08.2013 12:39:58
VBASE029.VDF : 7.11.97.253 2048 Bytes 24.08.2013 12:39:59
VBASE030.VDF : 7.11.97.254 2048 Bytes 24.08.2013 12:40:00
VBASE031.VDF : 7.11.98.0 33280 Bytes 24.08.2013 12:40:01
Engineversion : 8.2.12.110
AEVDF.DLL : 8.1.3.4 102774 Bytes 16.06.2013 18:24:52
AESCRIPT.DLL : 8.1.4.144 512382 Bytes 24.08.2013 12:40:51
AESCN.DLL : 8.1.10.4 131446 Bytes 01.04.2013 18:23:58
AESBX.DLL : 8.2.16.26 1245560 Bytes 24.08.2013 12:40:57
AERDL.DLL : 8.2.0.128 688504 Bytes 16.06.2013 18:24:50
AEPACK.DLL : 8.3.2.24 749945 Bytes 22.06.2013 07:05:12
AEOFFICE.DLL : 8.1.2.76 205181 Bytes 24.08.2013 12:40:49
AEHEUR.DLL : 8.1.4.572 6115706 Bytes 24.08.2013 12:40:47
AEHELP.DLL : 8.1.27.4 266617 Bytes 29.06.2013 18:44:17
AEGEN.DLL : 8.1.7.12 442743 Bytes 24.08.2013 12:40:10
AEEXP.DLL : 8.4.1.52 299383 Bytes 24.08.2013 12:40:59
AEEMU.DLL : 8.1.3.2 393587 Bytes 29.07.2012 20:38:36
AECORE.DLL : 8.1.32.0 201081 Bytes 24.08.2013 12:40:05
AEBB.DLL : 8.1.1.4 53619 Bytes 07.11.2012 19:28:58
AVWINLL.DLL : 13.6.0.1550 23608 Bytes 02.07.2013 19:26:55
AVPREF.DLL : 13.6.0.1550 48184 Bytes 02.07.2013 19:27:14
AVREP.DLL : 13.6.0.1550 175672 Bytes 02.07.2013 19:27:15
AVARKT.DLL : 13.6.0.1626 258104 Bytes 02.07.2013 19:27:07
AVEVTLOG.DLL : 13.6.0.1550 164920 Bytes 02.07.2013 19:27:10
SQLITE3.DLL : 3.7.0.1 397704 Bytes 02.03.2013 07:05:53
AVSMTP.DLL : 13.6.0.1550 59960 Bytes 02.07.2013 19:27:17
NETNT.DLL : 13.6.0.1550 13368 Bytes 02.07.2013 19:27:47
RCIMAGE.DLL : 13.4.0.360 4780832 Bytes 02.03.2013 06:46:47
RCTEXT.DLL : 13.6.0.1624 67128 Bytes 02.07.2013 19:26:55
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\program files\avira\antivir desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: interaktiv
Sekundäre Aktion......................: ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:, D:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Datei Suchmodus.......................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Beginn des Suchlaufs: Samstag, 24. August 2013 17:54
Der Suchlauf über die Masterbootsektoren wird begonnen:
Masterbootsektor HD0
[INFO] Es wurde kein Virus gefunden!
Masterbootsektor HD1
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'C:\'
[INFO] Es wurde kein Virus gefunden!
Bootsektor 'D:\'
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf nach versteckten Objekten wird begonnen.
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'mobsync.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '106' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '52' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '74' Modul(e) wurden durchsucht
Durchsuche Prozess 'sprtsvc.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'CNSEUPDT.EXE' - '32' Modul(e) wurden durchsucht
Durchsuche Prozess 'Apntex.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '71' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'HidFind.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnscfg.exe' - '31' Modul(e) wurden durchsucht
Durchsuche Prozess 'iPodService.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'WUDFHost.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '7' Modul(e) wurden durchsucht
Durchsuche Prozess 'updateWebConnect.exe' - '80' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'netsession_win.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'quickset.exe' - '83' Modul(e) wurden durchsucht
Durchsuche Prozess 'MDM.EXE' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'ehmsas.exe' - '21' Modul(e) wurden durchsucht
Durchsuche Prozess 'netsession_win.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'ehtray.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'jusched.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'mDNSResponder.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'BJMYPRT.EXE' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'CNSEMAIN.EXE' - '64' Modul(e) wurden durchsucht
Durchsuche Prozess 'opwareSE2.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'iTunesHelper.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'CCC.exe' - '169' Modul(e) wurden durchsucht
Durchsuche Prozess 'AppleMobileDeviceService.exe' - '65' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '59' Modul(e) wurden durchsucht
Durchsuche Prozess 'aestsrv.exe' - '5' Modul(e) wurden durchsucht
Durchsuche Prozess 'conime.exe' - '18' Modul(e) wurden durchsucht
Durchsuche Prozess 'PhotoshopElementsFileAgent.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '81' Modul(e) wurden durchsucht
Durchsuche Prozess 'MOM.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'sttray.exe' - '45' Modul(e) wurden durchsucht
Durchsuche Prozess 'sprtcmd.exe' - '67' Modul(e) wurden durchsucht
Durchsuche Prozess 'PCMService.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'DataSafeOnline.exe' - '113' Modul(e) wurden durchsucht
Durchsuche Prozess 'WebcamDell.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'Apoint.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'DellDock.exe' - '83' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '139' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '98' Modul(e) wurden durchsucht
Durchsuche Prozess 'Dwm.exe' - '38' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskeng.exe' - '49' Modul(e) wurden durchsucht
Durchsuche Prozess 'winzipersvc.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '92' Modul(e) wurden durchsucht
Durchsuche Prozess 'Ati2evxx.exe' - '34' Modul(e) wurden durchsucht
Durchsuche Prozess 'DockLogin.exe' - '28' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '88' Modul(e) wurden durchsucht
Durchsuche Prozess 'SLsvc.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'STacSV.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '153' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '121' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '69' Modul(e) wurden durchsucht
Durchsuche Prozess 'Ati2evxx.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '40' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '44' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '30' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsm.exe' - '22' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '33' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '14' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '2886' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\' <OS>
C:\Users\Evi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GTGQDWQF\Setup[1].exe
[0] Archivtyp: NSIS
--> ProgramFilesDir/WebConnectozr.exe
[FUND] Ist das Trojanische Pferd TR/Downloader.Gen2
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
[0] Archivtyp: Runtime Packed
--> C:\Users\Evi\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
[1] Archivtyp: Runtime Packed
--> C:\Users\Evi\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
[2] Archivtyp: Runtime Packed
--> C:\Users\Evi\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
[3] Archivtyp: Runtime Packed
--> C:\Users\Evi\AppData\Local\Temp\is1852162411\1124332_Setup.EXE
[4] Archivtyp: Runtime Packed
--> Object
[WARNUNG] Die Datei konnte nicht gelesen werden!
C:\Users\Evi\AppData\Local\Temp\is1852162411\1124332_Setup.EXE
[WARNUNG] Die Datei konnte nicht gelesen werden!
Beginne mit der Suche in 'D:\' <RECOVERY>
Beginne mit der Desinfektion:
C:\Users\Evi\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GTGQDWQF\Setup[1].exe
[FUND] Ist das Trojanische Pferd TR/Downloader.Gen2
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5505a0d4.qua' verschoben!
Ende des Suchlaufs: Samstag, 24. August 2013 21:00
Benötigte Zeit: 2:16:22 Stunde(n)
Der Suchlauf wurde vollständig durchgeführt.
33396 Verzeichnisse wurden überprüft
561681 Dateien wurden geprüft
1 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
1 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
561680 Dateien ohne Befall
4552 Archive wurden durchsucht
2 Warnungen
1 Hinweise
650408 Objekte wurden beim Rootkitscan durchsucht
0 Versteckte Objekte wurden gefunden
Hier das AdwCleaner RO-File:
AdwCleaner Logfile: Code:
# AdwCleaner v3.000 - Report created 24/08/2013 at 17:34:56
# Updated 20/08/2013 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : Evi - EVI-PC
# Running from : C:\Users\Evi\Documents\Martin\adwcleaner_3.0.exe
# Option : Scan
***** [ Services ] *****
Service Found : BrowserDefendert
Service Found : WajamUpdater
Service Found : WsysSvc
***** [ Files / Folders ] *****
File Found : C:\END
File Found : C:\Program Files\Mozilla Firefox\searchplugins\qvo6.xml
File Found : C:\Users\Evi\AppData\Local\Temp\Uninstall.exe
File Found : C:\Users\Evi\AppData\Roaming\Mozilla\Firefox\Profiles\prn9f8fr.default\bProtector_extensions.rdf
File Found : C:\Users\Evi\AppData\Roaming\Mozilla\Firefox\Profiles\prn9f8fr.default\bprotector_extensions.sqlite
File Found : C:\Users\Evi\AppData\Roaming\Mozilla\Firefox\Profiles\prn9f8fr.default\bprotector_prefs.js
File Found : C:\Users\Evi\AppData\Roaming\Mozilla\Firefox\Profiles\prn9f8fr.default\user.js
File Found : C:\Windows\System32\Tasks\BrowserDefendert
File Found : C:\Windows\System32\Tasks\Dealply
File Found : C:\Windows\System32\Tasks\DealPlyUpdate
File Found : C:\Windows\System32\Tasks\EPUpdater
File Found : C:\Windows\Tasks\Dealply.job
Folder Found : C:\Users\Evi\AppData\Roaming\Mozilla\Firefox\Profiles\prn9f8fr.default\Extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}(30)
Folder Found : C:\Users\Evi\AppData\Roaming\Mozilla\Firefox\Profiles\prn9f8fr.default\Extensions\ffxtlbr@delta.com
Folder Found C:\Program Files\DealPly
Folder Found C:\Program Files\DealPlyLive
Folder Found C:\Program Files\delta
Folder Found C:\Program Files\Wajam
Folder Found C:\ProgramData\APN
Folder Found C:\ProgramData\Babylon
Folder Found C:\ProgramData\BrowserDefender
Folder Found C:\ProgramData\DealPlyLive
Folder Found C:\ProgramData\eSafe
Folder Found C:\Users\Evi\AppData\Local\DealPlyLive
Folder Found C:\Users\Evi\AppData\Local\Temp\eIntaller
Folder Found C:\Users\Evi\AppData\Roaming\BabSolution
Folder Found C:\Users\Evi\AppData\Roaming\Babylon
Folder Found C:\Users\Evi\AppData\Roaming\DealPly
Folder Found C:\Users\Evi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
Folder Found C:\Users\Evi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Folder Found C:\Users\Evi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Folder Found C:\Users\Evi\AppData\Roaming\Mozilla\Firefox\Profiles\prn9f8fr.default\Conduit
Folder Found C:\Users\Evi\AppData\Roaming\Mozilla\Firefox\Profiles\prn9f8fr.default\CT2438727
***** [ Shortcuts ] *****
Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST9320320AS_5SX3RKE9XXXX5SX3RKE9&ts=1377348501 )
Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox (Abgesicherter Modus).lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST9320320AS_5SX3RKE9XXXX5SX3RKE9&ts=1377348501 )
Shortcut Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST9320320AS_5SX3RKE9XXXX5SX3RKE9&ts=1377348501 )
Shortcut Found : C:\Users\Evi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST9320320AS_5SX3RKE9XXXX5SX3RKE9&ts=1377348501 )
Shortcut Found : C:\Users\Evi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST9320320AS_5SX3RKE9XXXX5SX3RKE9&ts=1377348501 )
Shortcut Found : C:\Users\Evi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST9320320AS_5SX3RKE9XXXX5SX3RKE9&ts=1377348501 )
Shortcut Found : C:\Users\Evi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk ( hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST9320320AS_5SX3RKE9XXXX5SX3RKE9&ts=1377348501 )
***** [ Registry ] *****
Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command [(Default)] - C:\Program Files\Mozilla Firefox\firefox.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST9320320AS_5SX3RKE9XXXX5SX3RKE9&ts=1377348501
Data Found : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command [(Default)] - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST9320320AS_5SX3RKE9XXXX5SX3RKE9&ts=1377348501
Data Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\browse~1\261562~1.220\{c16c1~1\browse~1.dll
Key Found : HKCU\Software\BabSolution
Key Found : HKCU\Software\d2d9dbbc39e945
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\DataMngr_Toolbar
Key Found : HKCU\Software\DealPly
Key Found : HKCU\Software\Delta
Key Found : HKCU\Software\InstallCore
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Key Found : HKCU\Software\Wajam
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Found : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Found : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Key Found : HKLM\SOFTWARE\Classes\CLSID\{0D89DE71-3D99-4288-84DC-F18F1047A7D8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1E0C9B2A-6447-452C-B012-2314A0C29412}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{34A8CEB6-89BB-49F1-B5E4-0D0D6C21F3B1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3A4DBD3A-98CC-41CE-AD21-352D42B6F754}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4F8A50F6-69DE-4BE3-A33A-A1079B9AC0DB}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{501CB57A-D4E2-4855-96AD-EDB0A9083395}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{83ABA270-8390-4CA6-AE48-FC089F55629E}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8B218A5F-1A3D-4347-94EF-A79575EB8094}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{C536F080-57B7-46D6-8894-C647553F2889}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FFCC53E6-2655-47FC-A89B-54E8D7F305D1}
Key Found : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickCtrl.9
Key Found : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine
Key Found : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\DealPlyLive.Update3WebControl.3
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync.1.0
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass.1
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass.1
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CredentialDialogMachine
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CredentialDialogMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher.1.0
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService.1.0
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachine
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachine.1.0
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachineFallback
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachineFallback.1.0
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebSvc
Key Found : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebSvc.1.0
Key Found : HKLM\SOFTWARE\Classes\delta.deltaappCore
Key Found : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Key Found : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Key Found : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Key Found : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Key Found : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Found : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Found : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Key Found : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Key Found : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Found : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Found : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Found : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Found : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Found : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Found : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Found : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Found : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Found : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Found : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Found : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Found : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Found : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Key Found : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Key Found : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Key Found : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Key Found : HKLM\SOFTWARE\d2d9dbbc39e945
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\Software\DealPly
Key Found : HKLM\Software\Delta
Key Found : HKLM\Software\delta-homesSoftware
Key Found : HKLM\Software\eSafeSecControl
Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Key Found : HKLM\Software\InstallIQ
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\BrowserDefendert
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\Dealply
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\DealPlyUpdate
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\EPUpdater
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\BrowserDefendert
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\Dealply
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\DealPlyUpdate
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\EPUpdater
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BrowserDefendert
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dealply
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\DealPlyUpdate
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EPUpdater
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Key Found : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3
Key Found : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9
Key Found : HKLM\Software\qvo6Software
Key Found : HKLM\Software\V9
Key Found : HKLM\Software\Wajam
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Found : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NTRedirect]
Value Found : HKCU\Software\Mozilla\Firefox\Extensions [{5A95A9E0-59DD-4314-BD84-4D18CA83A0E2}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16502
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST9320320AS_5SX3RKE9XXXX5SX3RKE9&ts=1377348501
Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST9320320AS_5SX3RKE9XXXX5SX3RKE9&ts=1377348501
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page] - hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST9320320AS_5SX3RKE9XXXX5SX3RKE9&ts=1377348501
Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL] - hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&from=cor&uid=ST9320320AS_5SX3RKE9XXXX5SX3RKE9&ts=1377348501
-\\ Mozilla Firefox v10.0.2 (de)
[ File : C:\Users\Evi\AppData\Roaming\Mozilla\Firefox\Profiles\prn9f8fr.default\prefs.js ]
Line Found : user_pref("CT2438727.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Found : user_pref("CT2438727.CTID", "CT2438727");
Line Found : user_pref("CT2438727.CurrentServerDate", "30-5-2010");
Line Found : user_pref("CT2438727.DialogsAlignMode", "LTR");
Line Found : user_pref("CT2438727.FirstServerDate", "20-5-2010");
Line Found : user_pref("CT2438727.FirstTime", true);
Line Found : user_pref("CT2438727.FirstTimeFF3", true);
Line Found : user_pref("CT2438727.GroupingServerCheckInterval", 1440);
Line Found : user_pref("CT2438727.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Found : user_pref("CT2438727.Initialize", true);
Line Found : user_pref("CT2438727.InitializeCommonPrefs", true);
Line Found : user_pref("CT2438727.InstalledDate", "Thu May 20 2010 13:14:24 GMT+0200");
Line Found : user_pref("CT2438727.IsGrouping", false);
Line Found : user_pref("CT2438727.IsMulticommunity", false);
Line Found : user_pref("CT2438727.IsOpenThankYouPage", true);
Line Found : user_pref("CT2438727.IsOpenUninstallPage", true);
Line Found : user_pref("CT2438727.LanguagePackLastCheckTime", "Sun May 30 2010 15:58:56 GMT+0200");
Line Found : user_pref("CT2438727.LanguagePackReloadIntervalMM", 1440);
Line Found : user_pref("CT2438727.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Found : user_pref("CT2438727.LastLogin_2.5.8.6", "Sun May 30 2010 15:58:54 GMT+0200");
Line Found : user_pref("CT2438727.LatestVersion", "2.1.0.18");
Line Found : user_pref("CT2438727.Locale", "en");
Line Found : user_pref("CT2438727.LoginCache", 4);
Line Found : user_pref("CT2438727.MCDetectTooltipHeight", "83");
Line Found : user_pref("CT2438727.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Found : user_pref("CT2438727.MCDetectTooltipWidth", "295");
Line Found : user_pref("CT2438727.SHRINK_TOOLBAR", 1);
Line Found : user_pref("CT2438727.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2438727&octid=EB_ORIGINAL_CTID&SearchSource=1");
Line Found : user_pref("CT2438727.SearchFromAddressBarIsInit", true);
Line Found : user_pref("CT2438727.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2438727&q=");
Line Found : user_pref("CT2438727.SearchInNewTabEnabled", true);
Line Found : user_pref("CT2438727.SearchInNewTabIntervalMM", 1440);
Line Found : user_pref("CT2438727.SearchInNewTabLastCheckTime", "Sun May 30 2010 15:58:53 GMT+0200");
Line Found : user_pref("CT2438727.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Line Found : user_pref("CT2438727.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
Line Found : user_pref("CT2438727.SettingsCheckIntervalMin", 120);
Line Found : user_pref("CT2438727.SettingsLastCheckTime", "Sun May 30 2010 15:58:53 GMT+0200");
Line Found : user_pref("CT2438727.SettingsLastUpdate", "1272193463");
Line Found : user_pref("CT2438727.ThirdPartyComponentsInterval", 504);
Line Found : user_pref("CT2438727.ThirdPartyComponentsLastCheck", "Thu May 20 2010 13:14:17 GMT+0200");
Line Found : user_pref("CT2438727.ThirdPartyComponentsLastUpdate", "1269281492");
Line Found : user_pref("CT2438727.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112");
Line Found : user_pref("CT2438727.UserID", "UN46555004255406126");
Line Found : user_pref("CT2438727.ValidationData_Toolbar", 2);
Line Found : user_pref("CT2438727.alertChannelId", "832836");
Line Found : user_pref("CT2438727.clientLogIsEnabled", false);
Line Found : user_pref("CT2438727.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Found : user_pref("CT2438727.myStuffEnabled", true);
Line Found : user_pref("CT2438727.myStuffPublihserMinWidth", 400);
Line Found : user_pref("CT2438727.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Found : user_pref("CT2438727.myStuffServiceIntervalMM", 1440);
Line Found : user_pref("CT2438727.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Found : user_pref("CT2438727.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Found : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "data:text/plain,keyword.URL=hxxp://de.search.yahoo.com/search?ei=UTF-8&fr=ffpro-nb&p=");
Line Found : user_pref("CommunityToolbar.ToolbarsList", "CT2438727");
Line Found : user_pref("CommunityToolbar.ToolbarsList2", "CT2438727");
Line Found : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Line Found : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun May 30 2010 15:58:52 GMT+0200");
Line Found : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Found : user_pref("CommunityToolbar.alert.locale", "en");
Line Found : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Line Found : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun May 30 2010 15:58:52 GMT+0200");
Line Found : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1234796400");
Line Found : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Line Found : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Found : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Line Found : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Line Found : user_pref("CommunityToolbar.alert.userId", "{e54e6196-4431-43a9-89f8-004ec07115a2}");
Line Found : user_pref("browser.newtab.url", "hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=F47200215DE6CA60&affID=119357&tsp=4984");
Line Found : user_pref("browser.search.defaultenginename", "qvo6");
Line Found : user_pref("browser.search.order.1", "qvo6");
Line Found : user_pref("extensions.delta.admin", false);
Line Found : user_pref("extensions.delta.aflt", "babsst");
Line Found : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Found : user_pref("extensions.delta.autoRvrt", "false");
Line Found : user_pref("extensions.delta.dfltLng", "de");
Line Found : user_pref("extensions.delta.excTlbr", false);
Line Found : user_pref("extensions.delta.ffxUnstlRst", true);
Line Found : user_pref("extensions.delta.id", "f472855400000000000000215de6ca60");
Line Found : user_pref("extensions.delta.instlDay", "15941");
Line Found : user_pref("extensions.delta.instlRef", "sst");
Line Found : user_pref("extensions.delta.newTab", false);
Line Found : user_pref("extensions.delta.prdct", "delta");
Line Found : user_pref("extensions.delta.prtnrId", "delta");
Line Found : user_pref("extensions.delta.rvrt", "false");
Line Found : user_pref("extensions.delta.smplGrp", "none");
Line Found : user_pref("extensions.delta.tlbrId", "base");
Line Found : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Found : user_pref("extensions.delta.vrsn", "1.8.24.6");
Line Found : user_pref("extensions.delta.vrsnTs", "1.8.24.614:46:01");
Line Found : user_pref("extensions.delta.vrsni", "1.8.24.6");
Line Found : user_pref("extensions.delta_i.babExt", "");
Line Found : user_pref("extensions.delta_i.babTrack", "affID=119357&tsp=4984");
Line Found : user_pref("extensions.delta_i.srcExt", "ss");
Line Found : user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"descriptor\":\"c:\\\\Windows\\\\Microsoft.NET\\\\Framework\\\\v3.5\\\\W[...]
Line Found : user_pref("extensions.wajam.affiliate_id", "8523");
Line Found : user_pref("extensions.wajam.firstrun", "false");
Line Found : user_pref("extensions.wajam.log_send_info", "false");
Line Found : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21087\",\"supported_sites\":{\"google\":{\"patterns\":[\"^hxxp\\\\:\\/\\/www\\\\.google\\\\..{2,3}(|\\\\\\/ig|\\\\\\/firefox)\",\"[...]
Line Found : user_pref("extensions.wajam.no_trace", "false");
Line Found : user_pref("extensions.wajam.server_current_mapping_version", "0.21087");
Line Found : user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'W[...]
Line Found : user_pref("extensions.wajam.supported_sites.google.wajam_google_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';[...]
Line Found : user_pref("extensions.wajam.supported_sites.yahoo.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';window['[...]
Line Found : user_pref("extensions.wajam.trace_log", "1377351555685 - processInstallationUpgrade - version set to : 1.26\n1377351555685 - processBrowserLoad - Bad mappingListJsonString: null\n1377351561281 - proce[...]
Line Found : user_pref("extensions.wajam.unique_id", "C643BBC3AEF1FF46A20D9B6FC66B3AD6");
Line Found : user_pref("extensions.wajam.user_current_mapping_version", "0");
Line Found : user_pref("extensions.wajam.version", "1.26");
Line Found : user_pref("peterstoolbar_tool.variablepartnercontent_23a", "op%2509PC%252CELE%252CUNT%252CTEL%2509t-online-shop.de%250AP%2509f52f86621ab59ae5%2509Talkline%2509TEL%2509talkline.de%250AP%2509c529201846f[...]
Line Found : user_pref("peterstoolbar_tool.variablepartnercontent_23b", "op%2509PC%252CELE%252CUNT%252CTEL%2509t-online-shop.de%250AP%2509f52f86621ab59ae5%2509Talkline%2509TEL%2509talkline.de%250AP%2509c529201846f[...]
Line Found : user_pref("peterstoolbar_tool.variablepartnercontent_26a", "orld%2520of%2520Sweets%2509EST%2509worldofsweets.de%250AP%250939f5a26befeeef6b%2509W%25FCstenrot%2509FIN%2509wuestenrotdirect.de%250AP%25098[...]
Line Found : user_pref("peterstoolbar_tool.variablepartnercontent_26b", "orld%2520of%2520Sweets%2509EST%2509worldofsweets.de%250AP%250939f5a26befeeef6b%2509W%25FCstenrot%2509FIN%2509wuestenrotdirect.de%250AP%25098[...]
*************************
AdwCleaner[R0].txt - [28898 octets] - [24/08/2013 17:34:56]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [28959 octets] ##########
--- --- ---
Und das AwdCleaner SO-File:
AdwCleaner Logfile: Code:
# AdwCleaner v3.000 - Report created 24/08/2013 at 17:36:22
# Updated 20/08/2013 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
# Username : Evi - EVI-PC
# Running from : C:\Users\Evi\Documents\Martin\adwcleaner_3.0.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : BrowserDefendert
Service Deleted : WajamUpdater
Service Deleted : WsysSvc
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\APN
Folder Deleted : C:\ProgramData\Babylon
[!] Folder Deleted : C:\ProgramData\BrowserDefender
Folder Deleted : C:\ProgramData\DealPlyLive
Folder Deleted : C:\ProgramData\eSafe
Folder Deleted : C:\Program Files\DealPly
Folder Deleted : C:\Program Files\DealPlyLive
Folder Deleted : C:\Program Files\delta
Folder Deleted : C:\Program Files\Wajam
Folder Deleted : C:\Users\Evi\AppData\Local\DealPlyLive
Folder Deleted : C:\Users\Evi\AppData\Local\Temp\eIntaller
Folder Deleted : C:\Users\Evi\AppData\Roaming\BabSolution
Folder Deleted : C:\Users\Evi\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Evi\AppData\Roaming\DealPly
Folder Deleted : C:\Users\Evi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserDefender
Folder Deleted : C:\Users\Evi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly
Folder Deleted : C:\Users\Evi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wajam
Folder Deleted : C:\Users\Evi\AppData\Roaming\Mozilla\Firefox\Profiles\prn9f8fr.default\Conduit
Folder Deleted : C:\Users\Evi\AppData\Roaming\Mozilla\Firefox\Profiles\prn9f8fr.default\CT2438727
Folder Deleted : C:\Users\Evi\AppData\Roaming\Mozilla\Firefox\Profiles\prn9f8fr.default\Extensions\ffxtlbr@delta.com
Folder Deleted : C:\Users\Evi\AppData\Roaming\Mozilla\Firefox\Profiles\prn9f8fr.default\Extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822}(30)
File Deleted : C:\END
File Deleted : C:\Users\Evi\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\qvo6.xml
File Deleted : C:\Users\Evi\AppData\Roaming\Mozilla\Firefox\Profiles\prn9f8fr.default\bProtector_extensions.rdf
File Deleted : C:\Users\Evi\AppData\Roaming\Mozilla\Firefox\Profiles\prn9f8fr.default\bprotector_extensions.sqlite
File Deleted : C:\Users\Evi\AppData\Roaming\Mozilla\Firefox\Profiles\prn9f8fr.default\bprotector_prefs.js
File Deleted : C:\Users\Evi\AppData\Roaming\Mozilla\Firefox\Profiles\prn9f8fr.default\user.js
File Deleted : C:\Windows\System32\Tasks\BrowserDefendert
File Deleted : C:\Windows\Tasks\Dealply.job
File Deleted : C:\Windows\System32\Tasks\Dealply
File Deleted : C:\Windows\System32\Tasks\DealPlyUpdate
File Deleted : C:\Windows\System32\Tasks\EPUpdater
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox (Abgesicherter Modus).lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\Evi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Evi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Evi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Evi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
***** [ Registry ] *****
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{5A95A9E0-59DD-4314-BD84-4D18CA83A0E2}]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\priam_bho.DLL
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickCtrl.9
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLive.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLive.Update3WebControl.3
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\DealPlyLiveUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamBHO.1
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader
Key Deleted : HKLM\SOFTWARE\Classes\wajam.WajamDownloader.1
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [NTRedirect]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=3
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@tools.dpliveupdate.com/DealPlyLive Update;version=9
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WajamUpdater
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKCU\Software\d2d9dbbc39e945
Key Deleted : HKLM\SOFTWARE\d2d9dbbc39e945
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FAEE6D5-34F4-42AA-8025-3FD8F3EC4634}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0D89DE71-3D99-4288-84DC-F18F1047A7D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1E0C9B2A-6447-452C-B012-2314A0C29412}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{34A8CEB6-89BB-49F1-B5E4-0D0D6C21F3B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3A4DBD3A-98CC-41CE-AD21-352D42B6F754}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4F8A50F6-69DE-4BE3-A33A-A1079B9AC0DB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{501CB57A-D4E2-4855-96AD-EDB0A9083395}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5D64294B-1341-4FE7-B6D8-7C36828D4DD5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6FF2C4DD-77A4-4BB5-BA4C-B42DEFBF9137}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80FABB17-63AF-4655-9F07-B6509EE37AF2}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83ABA270-8390-4CA6-AE48-FC089F55629E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8B218A5F-1A3D-4347-94EF-A79575EB8094}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9BDB5E09-4BBA-4422-8C2B-529B281C32B8}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C536F080-57B7-46D6-8894-C647553F2889}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA5D945F-E738-4D0B-A0B5-25AC51C64659}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F48FC5B2-094A-44C7-B48C-289738C9582D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F7698761-4ABA-45C2-A5BB-D2163922C725}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFCC53E6-2655-47FC-A89B-54E8D7F305D1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431532BD-0AE1-4ABC-BE8C-919F3D1332E2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{095BFD3C-4602-4FE1-96F1-AEFAFBFD067D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7A6995D-6EE1-4FD1-A258-49395D5BF99C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F1796B2-BEC6-427B-B734-F9C75ED94A80}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C338DDB-19FC-4C1F-B74D-6931EE55F7A1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C536F080-57B7-46D6-8894-C647553F2889}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\DealPly
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\InstallCore
Key Deleted : HKCU\Software\Wajam
Key Deleted : HKLM\Software\DataMngr
Key Deleted : HKLM\Software\DealPly
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\Software\delta-homesSoftware
Key Deleted : HKLM\Software\eSafeSecControl
Key Deleted : HKLM\Software\InstallIQ
Key Deleted : HKLM\Software\qvo6Software
Key Deleted : HKLM\Software\V9
Key Deleted : HKLM\Software\Wajam
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Wajam
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~2\browse~1\261562~1.220\{c16c1~1\browse~1.dll
***** [ Browsers ] *****
-\\ Internet Explorer v9.0.8112.16502
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
-\\ Mozilla Firefox v10.0.2 (de)
[ File : C:\Users\Evi\AppData\Roaming\Mozilla\Firefox\Profiles\prn9f8fr.default\prefs.js ]
Line Deleted : user_pref("CT2438727.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
Line Deleted : user_pref("CT2438727.CTID", "CT2438727");
Line Deleted : user_pref("CT2438727.CurrentServerDate", "30-5-2010");
Line Deleted : user_pref("CT2438727.DialogsAlignMode", "LTR");
Line Deleted : user_pref("CT2438727.FirstServerDate", "20-5-2010");
Line Deleted : user_pref("CT2438727.FirstTime", true);
Line Deleted : user_pref("CT2438727.FirstTimeFF3", true);
Line Deleted : user_pref("CT2438727.GroupingServerCheckInterval", 1440);
Line Deleted : user_pref("CT2438727.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
Line Deleted : user_pref("CT2438727.Initialize", true);
Line Deleted : user_pref("CT2438727.InitializeCommonPrefs", true);
Line Deleted : user_pref("CT2438727.InstalledDate", "Thu May 20 2010 13:14:24 GMT+0200");
Line Deleted : user_pref("CT2438727.IsGrouping", false);
Line Deleted : user_pref("CT2438727.IsMulticommunity", false);
Line Deleted : user_pref("CT2438727.IsOpenThankYouPage", true);
Line Deleted : user_pref("CT2438727.IsOpenUninstallPage", true);
Line Deleted : user_pref("CT2438727.LanguagePackLastCheckTime", "Sun May 30 2010 15:58:56 GMT+0200");
Line Deleted : user_pref("CT2438727.LanguagePackReloadIntervalMM", 1440);
Line Deleted : user_pref("CT2438727.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx");
Line Deleted : user_pref("CT2438727.LastLogin_2.5.8.6", "Sun May 30 2010 15:58:54 GMT+0200");
Line Deleted : user_pref("CT2438727.LatestVersion", "2.1.0.18");
Line Deleted : user_pref("CT2438727.Locale", "en");
Line Deleted : user_pref("CT2438727.LoginCache", 4);
Line Deleted : user_pref("CT2438727.MCDetectTooltipHeight", "83");
Line Deleted : user_pref("CT2438727.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
Line Deleted : user_pref("CT2438727.MCDetectTooltipWidth", "295");
Line Deleted : user_pref("CT2438727.SHRINK_TOOLBAR", 1);
Line Deleted : user_pref("CT2438727.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2438727&octid=EB_ORIGINAL_CTID&SearchSource=1");
Line Deleted : user_pref("CT2438727.SearchFromAddressBarIsInit", true);
Line Deleted : user_pref("CT2438727.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2438727&q=");
Line Deleted : user_pref("CT2438727.SearchInNewTabEnabled", true);
Line Deleted : user_pref("CT2438727.SearchInNewTabIntervalMM", 1440);
Line Deleted : user_pref("CT2438727.SearchInNewTabLastCheckTime", "Sun May 30 2010 15:58:53 GMT+0200");
Line Deleted : user_pref("CT2438727.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2438727.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
Line Deleted : user_pref("CT2438727.SettingsCheckIntervalMin", 120);
Line Deleted : user_pref("CT2438727.SettingsLastCheckTime", "Sun May 30 2010 15:58:53 GMT+0200");
Line Deleted : user_pref("CT2438727.SettingsLastUpdate", "1272193463");
Line Deleted : user_pref("CT2438727.ThirdPartyComponentsInterval", 504);
Line Deleted : user_pref("CT2438727.ThirdPartyComponentsLastCheck", "Thu May 20 2010 13:14:17 GMT+0200");
Line Deleted : user_pref("CT2438727.ThirdPartyComponentsLastUpdate", "1269281492");
Line Deleted : user_pref("CT2438727.TrusteLinkUrl", "hxxp://www.truste.org/pvr.php?page=validate&softwareProgramId=101&sealid=112");
Line Deleted : user_pref("CT2438727.UserID", "UN46555004255406126");
Line Deleted : user_pref("CT2438727.ValidationData_Toolbar", 2);
Line Deleted : user_pref("CT2438727.alertChannelId", "832836");
Line Deleted : user_pref("CT2438727.clientLogIsEnabled", false);
Line Deleted : user_pref("CT2438727.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
Line Deleted : user_pref("CT2438727.myStuffEnabled", true);
Line Deleted : user_pref("CT2438727.myStuffPublihserMinWidth", 400);
Line Deleted : user_pref("CT2438727.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID");
Line Deleted : user_pref("CT2438727.myStuffServiceIntervalMM", 1440);
Line Deleted : user_pref("CT2438727.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT");
Line Deleted : user_pref("CT2438727.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
Line Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "data:text/plain,keyword.URL=hxxp://de.search.yahoo.com/search?ei=UTF-8&fr=ffpro-nb&p=");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2438727");
Line Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2438727");
Line Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
Line Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun May 30 2010 15:58:52 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com");
Line Deleted : user_pref("CommunityToolbar.alert.locale", "en");
Line Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
Line Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun May 30 2010 15:58:52 GMT+0200");
Line Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1234796400");
Line Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
Line Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com");
Line Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false);
Line Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
Line Deleted : user_pref("CommunityToolbar.alert.userId", "{e54e6196-4431-43a9-89f8-004ec07115a2}");
Line Deleted : user_pref("browser.newtab.url", "hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=F47200215DE6CA60&affID=119357&tsp=4984");
Line Deleted : user_pref("browser.search.defaultenginename", "qvo6");
Line Deleted : user_pref("browser.search.order.1", "qvo6");
Line Deleted : user_pref("extensions.delta.admin", false);
Line Deleted : user_pref("extensions.delta.aflt", "babsst");
Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
Line Deleted : user_pref("extensions.delta.dfltLng", "de");
Line Deleted : user_pref("extensions.delta.excTlbr", false);
Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.delta.id", "f472855400000000000000215de6ca60");
Line Deleted : user_pref("extensions.delta.instlDay", "15941");
Line Deleted : user_pref("extensions.delta.instlRef", "sst");
Line Deleted : user_pref("extensions.delta.newTab", false);
Line Deleted : user_pref("extensions.delta.prdct", "delta");
Line Deleted : user_pref("extensions.delta.prtnrId", "delta");
Line Deleted : user_pref("extensions.delta.rvrt", "false");
Line Deleted : user_pref("extensions.delta.smplGrp", "none");
Line Deleted : user_pref("extensions.delta.tlbrId", "base");
Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Deleted : user_pref("extensions.delta.vrsn", "1.8.24.6");
Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.24.614:46:01");
Line Deleted : user_pref("extensions.delta.vrsni", "1.8.24.6");
Line Deleted : user_pref("extensions.delta_i.babExt", "");
Line Deleted : user_pref("extensions.delta_i.babTrack", "affID=119357&tsp=4984");
Line Deleted : user_pref("extensions.delta_i.srcExt", "ss");
Line Deleted : user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"descriptor\":\"c:\\\\Windows\\\\Microsoft.NET\\\\Framework\\\\v3.5\\\\W[...]
Line Deleted : user_pref("extensions.wajam.affiliate_id", "8523");
Line Deleted : user_pref("extensions.wajam.firstrun", "false");
Line Deleted : user_pref("extensions.wajam.log_send_info", "false");
Line Deleted : user_pref("extensions.wajam.mappingListJsonString", "{\"version\":\"0.21087\",\"supported_sites\":{\"google\":{\"patterns\":[\"^hxxp\\\\:\\/\\/www\\\\.google\\\\..{2,3}(|\\\\\\/ig|\\\\\\/firefox)\",\"[...]
Line Deleted : user_pref("extensions.wajam.no_trace", "false");
Line Deleted : user_pref("extensions.wajam.server_current_mapping_version", "0.21087");
Line Deleted : user_pref("extensions.wajam.supported_sites.encryptedgoogle.wajam_google_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'W[...]
Line Deleted : user_pref("extensions.wajam.supported_sites.google.wajam_google_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';[...]
Line Deleted : user_pref("extensions.wajam.supported_sites.yahoo.wajam_se_js", "try {window['APP_LABEL_NAME'] = 'wajam';window['APP_LABEL_NAME_FULL_UC'] = 'WAJAM';window['WAJAM_APP_LABEL_NAME_UC'] = 'Wajam';window['[...]
Line Deleted : user_pref("extensions.wajam.trace_log", "1377351555685 - processInstallationUpgrade - version set to : 1.26\n1377351555685 - processBrowserLoad - Bad mappingListJsonString: null\n1377351561281 - proce[...]
Line Deleted : user_pref("extensions.wajam.unique_id", "C643BBC3AEF1FF46A20D9B6FC66B3AD6");
Line Deleted : user_pref("extensions.wajam.user_current_mapping_version", "0");
Line Deleted : user_pref("extensions.wajam.version", "1.26");
Line Deleted : user_pref("peterstoolbar_tool.variablepartnercontent_23a", "op%2509PC%252CELE%252CUNT%252CTEL%2509t-online-shop.de%250AP%2509f52f86621ab59ae5%2509Talkline%2509TEL%2509talkline.de%250AP%2509c529201846f[...]
Line Deleted : user_pref("peterstoolbar_tool.variablepartnercontent_23b", "op%2509PC%252CELE%252CUNT%252CTEL%2509t-online-shop.de%250AP%2509f52f86621ab59ae5%2509Talkline%2509TEL%2509talkline.de%250AP%2509c529201846f[...]
Line Deleted : user_pref("peterstoolbar_tool.variablepartnercontent_26a", "orld%2520of%2520Sweets%2509EST%2509worldofsweets.de%250AP%250939f5a26befeeef6b%2509W%25FCstenrot%2509FIN%2509wuestenrotdirect.de%250AP%25098[...]
Line Deleted : user_pref("peterstoolbar_tool.variablepartnercontent_26b", "orld%2520of%2520Sweets%2509EST%2509worldofsweets.de%250AP%250939f5a26befeeef6b%2509W%25FCstenrot%2509FIN%2509wuestenrotdirect.de%250AP%25098[...]
*************************
AdwCleaner[R0].txt - [29040 octets] - [24/08/2013 17:34:56]
AdwCleaner[S0].txt - [26564 octets] - [24/08/2013 17:36:22]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [26625 octets] ##########
--- --- ---
FRST Logfile:
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 25-08-2013 02
Ran by Evi (administrator) on 25-08-2013 23:50:14
Running from C:\Users\Evi\Documents
Microsoft® Windows Vista™ Home Premium Service Pack 2 (X86) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(IDT, Inc.) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\STacSV.exe
(Microsoft Corporation) C:\Windows\system32\SLsvc.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DockLogin.exe
(ATI Technologies Inc.) C:\Windows\system32\Ati2evxx.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files\WinZipper\winzipersvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Stardock Corporation) C:\Program Files\Dell\DellDock\DellDock.exe
(Adobe Systems Incorporated) C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe
(Andrea Electronics Corporation) C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\aestsrv.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Windows\system32\conime.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Creative Technology Ltd.) C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe
() C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe
(CyberLink Corp.) C:\Program Files\Dell\MediaDirect\PCMService.exe
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtcmd.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(ScanSoft, Inc.) C:\Program Files\ScanSoft\OmniPageSE2.0\opwareSE2.exe
(CANON INC.) C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Akamai Technologies, Inc.) C:\Users\Evi\AppData\Local\Akamai\netsession_win.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(WebConnect) C:\Program Files\WebConnect\updateWebConnect.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Akamai Technologies, Inc.) C:\Users\Evi\AppData\Local\Akamai\netsession_win.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(CANON INC.) C:\Program Files\Canon\Solution Menu EX\CNSEUPDT.EXE
(SupportSoft, Inc.) C:\Program Files\Dell Support Center\bin\sprtsvc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
(Adobe Systems, Inc.) C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_8_800_94.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-21] (Microsoft Corporation)
HKLM\...\Run: [Apoint] - C:\Program Files\DellTPad\Apoint.exe [196608 2008-07-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2008-01-21] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Dell Webcam Central] - C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe [446635 2008-06-03] (Creative Technology Ltd.)
HKLM\...\Run: [Dell DataSafe Online] - C:\Program Files\Dell DataSafe Online\DataSafeOnline.exe [1745648 2008-11-03] ()
HKLM\...\Run: [PCMService] - C:\Program Files\Dell\MediaDirect\PCMService.exe [132392 2008-07-04] (CyberLink Corp.)
HKLM\...\Run: [dellsupportcenter] - C:\Program Files\Dell Support Center\bin\sprtcmd.exe [206064 2008-10-04] (SupportSoft, Inc.)
HKLM\...\Run: [SysTrayApp] - C:\Program Files\IDT\WDM\sttray.exe [442433 2008-07-17] (IDT, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [497648 2010-07-29] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [421736 2012-03-06] (Apple Inc.)
HKLM\...\Run: [OpwareSE2] - C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [49152 2003-05-08] (ScanSoft, Inc.)
HKLM\...\Run: [CanonSolutionMenuEx] - C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] - C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2565520 2011-03-14] (CANON INC.)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [345144 2013-07-02] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
Winlogon\Notify\GoToAssist: C:\Program Files\Citrix\GoToAssist\514\G2AWinLogon.dll [X]
HKCU\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [125952 2008-01-21] (Microsoft Corporation)
HKCU\...\Run: [Skype] - C:\Program Files\Skype\\Phone\Skype.exe [26100520 2010-03-09] (Skype Technologies S.A.)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Evi\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [EPSON SX430 Series] - C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIHAE.EXE /FU "C:\Users\Evi\AppData\Local\Temp\E_S7F9A.tmp" /EF "HKCU" [x]
MountPoints2: F - F:\AutoRun.exe
MountPoints2: {06b02952-9199-11e2-8a12-001e101f2c0e} - F:\AutoRun.exe
MountPoints2: {5844bf13-e34c-11e2-bf92-001e101f7fb6} - F:\AutoRun.exe
MountPoints2: {6688d468-7ca6-11e1-9083-806e6f6e6963} - F:\AutoRun.exe
MountPoints2: {6688d4c6-7ca6-11e1-9083-001e101f7f74} - F:\AutoRun.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\QuickSet.lnk
ShortcutTarget: QuickSet.lnk -> C:\Program Files\Dell\QuickSet\quickset.exe (Dell Inc.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk
ShortcutTarget: Dell Dock First Run.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
Startup: C:\Users\Evi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock.lnk
ShortcutTarget: Dell Dock.lnk -> C:\Program Files\Dell\DellDock\DellDock.exe (Stardock Corporation)
==================== Internet (Whitelisted) ====================
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: WebConnect - {2316c625-b487-4410-a1a5-ff040b65245f} - C:\Program Files\WebConnect\WebConnectbho.dll (Web Connect)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: DealPly Shopping - {9cf699ca-2174-4ed8-bec1-ba82095edce0} - C:\Program Files\DealPly\DealPlyIE.dll No File
BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll (Dell Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msdaipp - No CLSID Value -
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL (Skype Technologies)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Evi\AppData\Roaming\Mozilla\Firefox\Profiles\prn9f8fr.default
FF SelectedSearchEngine: Google
FF Homepage: https://www.google.at/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF Plugin: @divx.com/DivX Player Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @facebook.com/FBPlugin,version=1.0.3 - C:\Users\Evi\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\wikipedia-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Evi\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
FF Extension: No Name - C:\Users\Evi\AppData\Roaming\Mozilla\Firefox\Profiles\prn9f8fr.default\Extensions\turntoolviewer@turntool.com
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Evi\AppData\Roaming\Mozilla\Firefox\Profiles\prn9f8fr.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}
FF Extension: DealPly Shopping - C:\Users\Evi\AppData\Roaming\Mozilla\Firefox\Profiles\prn9f8fr.default\Extensions\{e53a26f5-7199-4a5b-86f5-d2e86854b979}
FF Extension: firefox - C:\Users\Evi\AppData\Roaming\Mozilla\Firefox\Profiles\prn9f8fr.default\Extensions\firefox@webconnect.co.xpi
FF Extension: Default - C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
FF Extension: Skype extension for Firefox - C:\Program Files\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1}
FF Extension: Skype extension for Firefox - C:\Program Files\Mozilla Firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED}(23)
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
FF Extension: Microsoft .NET Framework Assistant - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
========================== Services (Whitelisted) =================
R2 AdobeActiveFileMonitor9.0; C:\Program Files\Adobe\Elements 9 Organizer\PhotoshopElementsFileAgent.exe [169408 2010-09-06] (Adobe Systems Incorporated)
R2 AESTFilters; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\aestsrv.exe [73728 2008-07-17] (Andrea Electronics Corporation)
R2 Akamai; c:\program files\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-03] (Akamai Technologies, Inc.)
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-07-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-07-02] (Avira Operations GmbH & Co. KG)
R2 DockLoginService; C:\Program Files\Dell\DellDock\DockLogin.exe [155648 2008-09-23] (Stardock Corporation)
R2 sprtsvc_DellSupportCenter; C:\Program Files\Dell Support Center\bin\sprtsvc.exe [201968 2008-10-04] (SupportSoft, Inc.)
R2 STacSV; C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_f091b975\STacSV.exe [221239 2008-07-17] (IDT, Inc.)
R2 Update WebConnect; C:\Program Files\WebConnect\updateWebConnect.exe [206632 2013-08-23] (WebConnect)
R2 winzipersvc; C:\Program Files\WinZipper\winzipersvc.exe [424104 2013-08-24] (Taiwan Shui Mu Chih Ching Technology Limited.)
S2 dealplylive; C:\Program Files\DealPlyLive\Update\DealPlyLive.exe /svc [x]
S3 dealplylivem; C:\Program Files\DealPlyLive\Update\DealPlyLive.exe /medsvc [x]
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [84744 2013-03-21] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [135136 2013-03-21] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-03-21] (Avira Operations GmbH & Co. KG)
R0 CLFS; C:\Windows\System32\CLFS.sys [245736 2009-04-11] (Microsoft Corporation)
R3 itecir; C:\Windows\System32\DRIVERS\itecir.sys [54784 2008-07-28] (ITE Tech. Inc. )
R3 OA001Ufd; C:\Windows\System32\DRIVERS\OA001Ufd.sys [144672 2008-10-27] (Creative Technology Ltd.)
R3 OA001Vid; C:\Windows\System32\DRIVERS\OA001Vid.sys [277440 2008-10-27] (Creative Technology Ltd.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-03-02] (Avira GmbH)
S3 ewusbnet; system32\DRIVERS\ewusbnet.sys [x]
S3 ew_hwusbdev; system32\DRIVERS\ew_hwusbdev.sys [x]
S3 huawei_enumerator; system32\DRIVERS\ew_jubusenum.sys [x]
S3 hwdatacard; system32\DRIVERS\ewusbmdm.sys [x]
S3 IpInIp; system32\DRIVERS\ipinip.sys [x]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-08-25 23:49 - 2013-08-25 23:49 - 01070523 _____ (Farbar) C:\Users\Evi\Documents\FRST.exe
2013-08-25 21:23 - 2013-08-25 21:24 - 00001704 _____ C:\DelFix.txt
2013-08-25 21:23 - 2013-08-25 21:23 - 00000000 ____D C:\Windows\ERUNT
2013-08-25 21:16 - 2013-08-25 21:16 - 00891115 _____ C:\Users\Evi\Documents\SecurityCheck.exe
2013-08-24 17:34 - 2013-08-24 17:36 - 00000000 ____D C:\AdwCleaner
2013-08-24 17:34 - 2013-08-24 17:34 - 00975858 _____ C:\Users\Evi\Documents\adwcleaner_3.0.exe
2013-08-24 15:11 - 2013-07-25 04:40 - 12334080 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-08-24 15:11 - 2013-07-25 04:32 - 01800704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-08-24 15:11 - 2013-07-25 04:30 - 09738752 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-08-24 15:11 - 2013-07-25 04:26 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-08-24 15:11 - 2013-07-25 04:26 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-08-24 15:11 - 2013-07-25 04:25 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-08-24 15:11 - 2013-07-25 04:24 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-08-24 15:11 - 2013-07-25 04:24 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-08-24 15:11 - 2013-07-25 04:23 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-08-24 15:11 - 2013-07-25 04:23 - 00717824 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-08-24 15:11 - 2013-07-25 04:23 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-08-24 15:11 - 2013-07-25 04:23 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-08-24 15:11 - 2013-07-25 04:23 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-08-24 15:11 - 2013-07-25 04:22 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-08-24 15:11 - 2013-07-25 04:22 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-08-24 15:11 - 2013-07-25 04:22 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-08-24 15:02 - 2013-08-24 15:03 - 00000000 ____D C:\Program Files\QuickTime
2013-08-24 14:56 - 2013-07-08 06:20 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-08-24 14:56 - 2013-07-08 06:16 - 00992768 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-08-24 14:56 - 2013-07-08 06:16 - 00133120 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-08-24 14:56 - 2013-07-08 06:16 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-08-24 14:56 - 2013-07-05 06:53 - 00905664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-08-24 14:56 - 2013-06-15 15:22 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\icaapi.dll
2013-08-24 14:56 - 2013-06-15 13:23 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2013-08-24 14:55 - 2013-07-17 21:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-08-24 14:55 - 2013-07-10 11:47 - 00783360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2013-08-24 14:55 - 2013-07-08 06:55 - 03603904 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2013-08-24 14:55 - 2013-07-08 06:55 - 03551680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-08-24 14:54 - 2013-07-09 14:10 - 01205168 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-08-24 14:50 - 2013-08-25 23:31 - 00000000 ____D C:\Program Files\WinZipper
2013-08-24 14:50 - 2013-08-24 15:43 - 00000000 ____D C:\Users\Evi\AppData\Roaming\WinZipper
2013-08-24 14:48 - 2013-08-24 14:48 - 00000000 ____D C:\User Data
2013-08-24 14:45 - 2013-08-25 23:49 - 00000888 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
2013-08-24 14:45 - 2013-08-25 23:28 - 00000884 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
2013-08-24 14:41 - 2013-08-24 14:41 - 41404760 _____ (Apple Inc.) C:\Users\Evi\Downloads\QuickTimeSetup.exe
2013-08-24 14:40 - 2013-08-24 14:41 - 00000000 ____D C:\Program Files\WebConnect
2013-07-29 22:47 - 2013-07-29 22:48 - 01067456 _____ (Solid State Networks) C:\Users\Evi\Downloads\install_flashplayer11x32au_mssd_aaa_aih.exe
2013-07-27 08:42 - 2013-08-24 15:23 - 00000000 ____D C:\Windows\system32\MRT
==================== One Month Modified Files and Folders =======
2013-08-25 23:50 - 2013-08-25 23:50 - 00000000 ____D C:\FRST
2013-08-25 23:49 - 2013-08-25 23:49 - 01070523 _____ (Farbar) C:\Users\Evi\Documents\FRST.exe
2013-08-25 23:49 - 2013-08-24 14:45 - 00000888 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineUA.job
2013-08-25 23:45 - 2006-11-02 14:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2013-08-25 23:45 - 2006-11-02 14:47 - 00003616 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2013-08-25 23:40 - 2009-08-11 19:26 - 00000000 ____D C:\Users\Evi\Documents\Martin
2013-08-25 23:34 - 2009-01-26 22:25 - 01447185 _____ C:\Windows\WindowsUpdate.log
2013-08-25 23:31 - 2013-08-24 14:50 - 00000000 ____D C:\Program Files\WinZipper
2013-08-25 23:31 - 2013-06-22 09:10 - 00000382 _____ C:\Windows\Tasks\Final Media Player Update Checker.job
2013-08-25 23:29 - 2010-10-05 20:41 - 00000000 ____D C:\Program Files\Common Files\Akamai
2013-08-25 23:28 - 2013-08-24 14:45 - 00000884 _____ C:\Windows\Tasks\DealPlyLiveUpdateTaskMachineCore.job
2013-08-25 23:28 - 2006-11-02 15:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-08-25 22:43 - 2006-11-02 15:01 - 00032510 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-08-25 22:03 - 2012-04-26 17:35 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-08-25 21:24 - 2013-08-25 21:23 - 00001704 _____ C:\DelFix.txt
2013-08-25 21:23 - 2013-08-25 21:23 - 00000000 ____D C:\Windows\ERUNT
2013-08-25 21:16 - 2013-08-25 21:16 - 00891115 _____ C:\Users\Evi\Documents\SecurityCheck.exe
2013-08-25 19:22 - 2012-04-01 15:11 - 00000000 ___RD C:\Users\Evi\Documents\Schule
2013-08-24 21:02 - 2008-01-21 09:16 - 01566088 _____ C:\Windows\system32\PerfStringBackup.INI
2013-08-24 17:36 - 2013-08-24 17:34 - 00000000 ____D C:\AdwCleaner
2013-08-24 17:36 - 2009-01-28 21:22 - 00000933 _____ C:\Users\Evi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-08-24 17:34 - 2013-08-24 17:34 - 00975858 _____ C:\Users\Evi\Documents\adwcleaner_3.0.exe
2013-08-24 17:17 - 2009-12-09 11:31 - 00000000 ____D C:\Users\Evi\Documents\Geschenke
2013-08-24 17:16 - 2009-02-02 16:12 - 00002597 _____ C:\Users\Evi\Desktop\Microsoft Office Word 2003.lnk
2013-08-24 16:36 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\Microsoft.NET
2013-08-24 15:50 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\rescache
2013-08-24 15:43 - 2013-08-24 14:50 - 00000000 ____D C:\Users\Evi\AppData\Roaming\WinZipper
2013-08-24 15:26 - 2006-11-02 13:18 - 00000000 ____D C:\Windows\system32\de-DE
2013-08-24 15:23 - 2013-07-27 08:42 - 00000000 ____D C:\Windows\system32\MRT
2013-08-24 15:19 - 2006-11-02 12:24 - 75778376 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe
2013-08-24 15:04 - 2012-04-26 17:35 - 00692104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2013-08-24 15:04 - 2011-09-08 21:39 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2013-08-24 15:03 - 2013-08-24 15:02 - 00000000 ____D C:\Program Files\QuickTime
2013-08-24 14:48 - 2013-08-24 14:48 - 00000000 ____D C:\User Data
2013-08-24 14:41 - 2013-08-24 14:41 - 41404760 _____ (Apple Inc.) C:\Users\Evi\Downloads\QuickTimeSetup.exe
2013-08-24 14:41 - 2013-08-24 14:40 - 00000000 ____D C:\Program Files\WebConnect
2013-08-24 14:40 - 2009-01-28 21:24 - 00000000 ____D C:\Users\Evi\AppData\Local\Google
2013-08-02 22:53 - 2009-01-31 21:13 - 00003304 _____ C:\Users\Evi\Documents\passwords.psafe3
2013-07-29 22:48 - 2013-07-29 22:47 - 01067456 _____ (Solid State Networks) C:\Users\Evi\Downloads\install_flashplayer11x32au_mssd_aaa_aih.exe
2013-07-29 12:41 - 2012-11-24 21:36 - 00000312 _____ C:\Users\Evi\Desktop\Klassenmappe.appref-ms
2013-07-29 12:41 - 2012-11-24 20:57 - 00000000 ____D C:\Users\Evi\AppData\Local\Deployment
2013-07-27 09:13 - 2013-06-22 09:10 - 00000000 ____D C:\Program Files\File Type Assistant
Files to move or delete:
====================
C:\Users\Evi\AppData\Local\Temp\AskSLib.dll
C:\Users\Evi\AppData\Local\Temp\FirefoxUpdateSetup.exe
C:\Users\Evi\AppData\Local\Temp\ICReinstall_FirefoxUpdateSetup.exe
C:\Users\Evi\AppData\Local\Temp\ICReinstall_SoftwareUpdateSetup.exe
C:\Users\Evi\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Evi\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Evi\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Evi\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Evi\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Evi\AppData\Local\Temp\Quarantine.exe
C:\Users\Evi\AppData\Local\Temp\Shockwave_Installer_FF.exe
C:\Users\Evi\AppData\Local\Temp\SoftwareUpdateSetup.exe
C:\Users\Evi\AppData\Local\Temp\TAbf9pQO.exe.part
C:\Users\Evi\AppData\Local\Temp\{757D84A1-56BA-4C27-AB89-0B826BF22E71}\InstallFlashPlayer.exe
C:\Users\Evi\AppData\Local\Temp\VSD1DFB.tmp\setup.exe
C:\Users\Evi\AppData\Local\Temp\VSD1DFB.tmp\DotNetFX40Client\dotNetFx40LP_Client_x86_x64de.exe
C:\Users\Evi\AppData\Local\Temp\UTPS\common\AboutPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\AddPbk.exe
C:\Users\Evi\AppData\Local\Temp\UTPS\common\AddrBookPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\AddrBookSrvPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\AddrBookUIPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\AtCodec.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\ATR2SMgr.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\CallAppPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\CallLogSrvPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\CallLogUIPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\CallSrvPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\CallUIPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\Common.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\core.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\DataServicePlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\DeviceAppPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\DeviceInfoExPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\DeviceMgrUIPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\DeviceSrvPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\DiagnosisPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\DialUpPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\DialupUIPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\LayoutPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\LiveUpdateInterface.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\mcciwin32.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\MenuMgrPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\mobilepartner.exe
C:\Users\Evi\AppData\Local\Temp\UTPS\common\msvcp60.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\mt.exe
C:\Users\Evi\AppData\Local\Temp\UTPS\common\NDISAPI.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\NDISPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\NetConnectPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\NetConnectSrvPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\NetInfoRecordUIPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\NetInfoSrvPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\NetInfoUIExPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\NetSettingPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\NetSrvPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\NotifyServicePlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\OSAdapt.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\OSCall.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\OSDialup.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\OSNDIS.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\OSPowerMgr.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\PluginContainer.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\Proxy.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\sdk.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\SettingUIPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\SmsAppPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\SmsSrvPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\SMSUIPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\StatusBarMgrPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\STKPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\STKSrvPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\subinacl.exe
C:\Users\Evi\AppData\Local\Temp\UTPS\common\ToolBarMgrPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\Trace.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\UnblockPin.exe
C:\Users\Evi\AppData\Local\Temp\UTPS\common\USSDSrvPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\USSDUIPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\Win7Support.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\XCodec.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\XFramePlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\XStartScreen.exe
C:\Users\Evi\AppData\Local\Temp\UTPS\common\qtlib\libgcc_s_dw2-1.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\qtlib\mingwm10.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\qtlib\QtCore4.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\qtlib\QtGui4.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\qtlib\QtNetwork4.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\qtlib\QtXml4.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\plugins\imageformats\qgif4.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\plugins\imageformats\qico4.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\plugins\imageformats\qjpeg4.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\plugins\imageformats\qmng4.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\plugins\imageformats\qtiff4.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\common\plugins\codecs\qcncodecs4.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\C75\DialupUIPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\C75\LiveUpdateInterface.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\C75\NetConnectPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\C75\SMSUIPlugin.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\C75\UpdateDog\HttpInterface.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\C75\UpdateDog\LiveUpd.exe
C:\Users\Evi\AppData\Local\Temp\UTPS\C75\UpdateDog\ouc.exe
C:\Users\Evi\AppData\Local\Temp\UTPS\C75\UpdateDog\QueryStrategy.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\C75\UpdateDog\RunLiveUpd.exe
C:\Users\Evi\AppData\Local\Temp\UTPS\C75\UpdateDog\RunOuc.exe
C:\Users\Evi\AppData\Local\Temp\UTPS\C75\Driver\devsetup32.exe
C:\Users\Evi\AppData\Local\Temp\UTPS\C75\Driver\devsetup64.exe
C:\Users\Evi\AppData\Local\Temp\UTPS\C75\Driver\DriverSetup.exe
C:\Users\Evi\AppData\Local\Temp\UTPS\C75\Driver\DriverUninstall.exe
C:\Users\Evi\AppData\Local\Temp\UTPS\C75\Driver\LocateDevice.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\C75\Driver\Driver\X86\hwgpssensor.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\C75\Driver\Driver\X86\WdfCoInstaller01007.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\C75\Driver\Driver\X64\hwgpssensor.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\C75\Driver\Driver\X64\WdfCoInstaller01007.dll
C:\Users\Evi\AppData\Local\Temp\UTPS\C75\AutoRun\AutoRunSetup.exe
C:\Users\Evi\AppData\Local\Temp\UTPS\C75\AutoRun\AutoRunUninstall.exe
C:\Users\Evi\AppData\Local\Temp\Temp1_Klassenmappe-3.0.1.zip\Application Files\Klassenmappe_3_0_1_0\Klassenmappe.exe.config.deploy
C:\Users\Evi\AppData\Local\Temp\Temp1_Klassenmappe-3.0.1.zip\Application Files\Klassenmappe_3_0_1_0\Klassenmappe.exe.deploy
C:\Users\Evi\AppData\Local\Temp\Temp1_Klassenmappe-3.0.1.zip\Application Files\Klassenmappe_3_0_1_0\Klassenmappe.exe.manifest
C:\Users\Evi\AppData\Local\Temp\Temp1_Klassenmappe-3.0.1.zip\Application Files\Klassenmappe_3_0_1_0\ListViewPrinter.dll.deploy
C:\Users\Evi\AppData\Local\Temp\Temp1_Klassenmappe-3.0.1.zip\Application Files\Klassenmappe_3_0_1_0\ObjectListView.dll.deploy
C:\Users\Evi\AppData\Local\Temp\Temp1_Klassenmappe-3.0.1.zip\Application Files\Klassenmappe_3_0_1_0\PdfSharp.dll.deploy
C:\Users\Evi\AppData\Local\Temp\Temp1_Klassenmappe-2.6.0.1.zip\Application Files\Klassenmappe_2_6_0_1\Klassenmappe.exe.config.deploy
C:\Users\Evi\AppData\Local\Temp\Temp1_Klassenmappe-2.6.0.1.zip\Application Files\Klassenmappe_2_6_0_1\Klassenmappe.exe.deploy
C:\Users\Evi\AppData\Local\Temp\Temp1_Klassenmappe-2.6.0.1.zip\Application Files\Klassenmappe_2_6_0_1\Klassenmappe.exe.manifest
C:\Users\Evi\AppData\Local\Temp\Temp1_Klassenmappe-2.6.0.1.zip\Application Files\Klassenmappe_2_6_0_1\ListViewPrinter.dll.deploy
C:\Users\Evi\AppData\Local\Temp\Temp1_Klassenmappe-2.6.0.1.zip\Application Files\Klassenmappe_2_6_0_1\ObjectListView.dll.deploy
C:\Users\Evi\AppData\Local\Temp\Temp1_Klassenmappe-2.6.0.1.zip\Application Files\Klassenmappe_2_6_0_1\PdfSharp.dll.deploy
C:\Users\Evi\AppData\Local\Temp\is1852162411\1124332_Setup.EXE
C:\Users\Evi\AppData\Local\Temp\is1852162411\1124332_Setup.EXE.part
C:\Users\Evi\AppData\Local\Temp\is1852162411\419836_Setup.EXE
C:\Users\Evi\AppData\Local\Temp\is1852162411\419836_Setup.EXE.part
C:\Users\Evi\AppData\Local\Temp\is1852162411\cor_ar_201381417179_qvo6.exe
C:\Users\Evi\AppData\Local\Temp\is1852162411\DeltaTB.exe
C:\Users\Evi\AppData\Local\Temp\is1852162411\dp.exe
C:\Users\Evi\AppData\Local\Temp\is1852162411\MetaCrawlerSetup.exe
C:\Users\Evi\AppData\Local\Temp\is1852162411\OptimizerPro.exe
C:\Users\Evi\AppData\Local\Temp\is1852162411\WebConnect.exe
C:\Users\Evi\AppData\Local\Temp\DWD41E1.tmp\Explorer.EXE.hu.kdmp
C:\Users\Evi\AppData\Local\Temp\C21C5A0C-BAB0-7891-8FA4-CA6C21244F67\Latest\BabMaint.exe
C:\Users\Evi\AppData\Local\Temp\C21C5A0C-BAB0-7891-8FA4-CA6C21244F67\Latest\BExternal.dll
C:\Users\Evi\AppData\Local\Temp\C21C5A0C-BAB0-7891-8FA4-CA6C21244F67\Latest\BUSolForMontiera.dll
C:\Users\Evi\AppData\Local\Temp\C21C5A0C-BAB0-7891-8FA4-CA6C21244F67\Latest\BUSolution.dll
C:\Users\Evi\AppData\Local\Temp\C21C5A0C-BAB0-7891-8FA4-CA6C21244F67\Latest\ccp.exe
C:\Users\Evi\AppData\Local\Temp\C21C5A0C-BAB0-7891-8FA4-CA6C21244F67\Latest\ChromeToolbarSetup.dll
C:\Users\Evi\AppData\Local\Temp\C21C5A0C-BAB0-7891-8FA4-CA6C21244F67\Latest\CrxInstaller.dll
C:\Users\Evi\AppData\Local\Temp\C21C5A0C-BAB0-7891-8FA4-CA6C21244F67\Latest\enhancedNT.dll
C:\Users\Evi\AppData\Local\Temp\C21C5A0C-BAB0-7891-8FA4-CA6C21244F67\Latest\GUninstaller.exe
C:\Users\Evi\AppData\Local\Temp\C21C5A0C-BAB0-7891-8FA4-CA6C21244F67\Latest\IEHelper.dll
C:\Users\Evi\AppData\Local\Temp\C21C5A0C-BAB0-7891-8FA4-CA6C21244F67\Latest\MntrDLLInstall.dll
C:\Users\Evi\AppData\Local\Temp\C21C5A0C-BAB0-7891-8FA4-CA6C21244F67\Latest\MyDeltaTB.exe
C:\Users\Evi\AppData\Local\Temp\C21C5A0C-BAB0-7891-8FA4-CA6C21244F67\Latest\Setup.exe
C:\Users\Evi\AppData\Local\Temp\C21C5A0C-BAB0-7891-8FA4-CA6C21244F67\Latest\sqlite3.dll
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-08-25 23:35
==================== End Of Log ============================
--- --- ---
Das Addition.txt-Log-File schicke ich anschließend. |
FRST 32-Bit | FRST 64-Bit
Lesestoff:
AdwCleaner auf deinen Desktop.
