| Lady Frigg | 20.07.2014 00:07 |
*puh* das artet ja richtig in Arbeit aus :crazy: aber hab mich tapfer durchgekämpft^^
Dazu kann ich berichten - nach den ersten Anweisungen gab es keine selbstständige Tabs von Firefox mehr. Schritt 1:
MBAM Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 19.07.2014
Suchlauf-Zeit: 21:43:59
Logdatei: Protokoll.txt
Administrator: Ja
Version: 2.00.2.1012
Malware Datenbank: v2014.07.19.07
Rootkit Datenbank: v2014.07.17.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Self-protection: Deaktiviert
Betriebssystem: Windows 8.1
CPU: x64
Dateisystem: NTFS
Benutzer: Lola
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 412924
Verstrichene Zeit: 28 Min, 20 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 16
PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{6CA2A4DE-483E-456B-8634-6445460D7097}, In Quarantäne, [445d960a1f5c63d32a8fb4a555ad8b75],
PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{C321541F-B22D-4593-AC1A-9634812A4E40}, In Quarantäne, [445d960a1f5c63d32a8fb4a555ad8b75],
PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A8018C54-B702-4D52-9ACC-8CA78911E633}, In Quarantäne, [445d960a1f5c63d32a8fb4a555ad8b75],
PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C6A846C5-D67F-48B4-8552-C22354E56966}, In Quarantäne, [445d960a1f5c63d32a8fb4a555ad8b75],
PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A8018C54-B702-4D52-9ACC-8CA78911E633}, In Quarantäne, [445d960a1f5c63d32a8fb4a555ad8b75],
PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C6A846C5-D67F-48B4-8552-C22354E56966}, In Quarantäne, [445d960a1f5c63d32a8fb4a555ad8b75],
PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{C321541F-B22D-4593-AC1A-9634812A4E40}, In Quarantäne, [445d960a1f5c63d32a8fb4a555ad8b75],
PUP.Optional.FlowSurf.A, HKU\S-1-5-21-2611022401-1185657083-2724232758-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{6CA2A4DE-483E-456B-8634-6445460D7097}, Löschen bei Neustart, [445d960a1f5c63d32a8fb4a555ad8b75],
PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\EXTENSIONS\{6CA2A4DE-483E-456B-8634-6445460D7097}, In Quarantäne, [445d960a1f5c63d32a8fb4a555ad8b75],
PUP.Optional.SearchProtect.A, HKU\S-1-5-21-2611022401-1185657083-2724232758-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}, Löschen bei Neustart, [a100910f572469cdd9fdbc9a1be7f907],
PUP.Optional.weDownload.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\The weDownload Manager, Löschen bei Neustart, [4958940c6b103cfa9f8703db28daba46],
PUP.Optional.FlowSurf.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\FLOWSURF, Löschen bei Neustart, [9a078f11ec8ff83e7e6c70aacf35768a],
PUP.Optional.FlowSurf.A, HKU\S-1-5-21-2611022401-1185657083-2724232758-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\FLOWSURF, Löschen bei Neustart, [b8e927799fdc64d28862a67415ef936d],
PUP.Optional.Qone8, HKU\S-1-5-21-2611022401-1185657083-2724232758-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Löschen bei Neustart, [28799d03c5b639fd876e34d732d26799],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2611022401-1185657083-2724232758-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, Löschen bei Neustart, [6c358f11ea91ef47a3fe0c08b94b5ea2],
PUP.Optional.weDownload.A, HKU\S-1-5-21-2611022401-1185657083-2724232758-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\The weDownload Manager, Löschen bei Neustart, [079af3ad611a61d5ac7af0ee966cac54],
Registrierungswerte: 5
PUP.Optional.FirstSeenToday.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fst_de_86, In Quarantäne, [5051920ea3d8e84eb629a630877be020],
PUP.Optional.FlowSurf.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|jid1-tofUlNEIFlkUIA@jetpack, C:\Program Files (x86)\Flowsurf\jid1-tofUlNEIFlkUIA@jetpack, In Quarantäne, [524f9e02ed8e6fc70ce67863fc068c74]
PUP.Optional.FlowSurf.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\FLOWSURF|chrid, oglkiljdmflopemijdadoiepkhcaodjn, Löschen bei Neustart, [9a078f11ec8ff83e7e6c70aacf35768a]
PUP.Optional.FlowSurf.A, HKU\S-1-5-21-2611022401-1185657083-2724232758-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\FLOWSURF|chrid, oglkiljdmflopemijdadoiepkhcaodjn, Löschen bei Neustart, [b8e927799fdc64d28862a67415ef936d]
PUP.Optional.FastStart.A, HKU\S-1-5-21-2611022401-1185657083-2724232758-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, Löschen bei Neustart, [633edec2bdbecc6a7a28586dc63cf808]
Registrierungsdaten: 2
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[e7babfe1f8833501a5c3b9f012f29967]
PUP.Optional.WebsSearches.A, HKU\S-1-5-21-2611022401-1185657083-2724232758-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://istart.webssearches.com/?type=hp&ts=1405366540&from=amt&uid=WDCXWD10EZEX-22RKKA0_WD-WCC1S632002720027, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1405366540&from=amt&uid=WDCXWD10EZEX-22RKKA0_WD-WCC1S632002720027),Löschen bei Neustart,[ccd55e42a6d5360055e59609f31106fa]
Ordner: 12
PUP.Optional.CrossRider.A, C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode, In Quarantäne, [3f62633d611aa591547ea9fcb151c040],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\OGLKILJDMFLOPEMIJDADOIEPKHCAODJN, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\OGLKILJDMFLOPEMIJDADOIEPKHCAODJN\1.5.28_0, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\OGLKILJDMFLOPEMIJDADOIEPKHCAODJN\1.5.28_0\icons, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\OGLKILJDMFLOPEMIJDADOIEPKHCAODJN\1.5.28_0\includes, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\OGLKILJDMFLOPEMIJDADOIEPKHCAODJN\1.5.28_0\kango, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\OGLKILJDMFLOPEMIJDADOIEPKHCAODJN\1.5.28_0\kango-ui, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.Spigot.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\GPIIFGMGNFDIBLGPAEPBMFDKCHEICGOF, In Quarantäne, [7a27b8e8512a62d4fdb64274966cd32d],
PUP.Optional.CrossRider.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_ecoccdldklbjglocbgbfpmpehjegkode_0, In Quarantäne, [465bd1cfb6c5d95dc3e17a3dba4855ab],
PUP.Optional.CrossRider.A, C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_ecoccdldklbjglocbgbfpmpehjegkode_0, In Quarantäne, [c3deabf57a01c76ff7ad4d6ad230e31d],
PUP.Optional.CrossRider.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ecoccdldklbjglocbgbfpmpehjegkode, In Quarantäne, [8a171d83b1cafa3c4c595b5cdf23c937],
PUP.Optional.CrossRider.A, C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ecoccdldklbjglocbgbfpmpehjegkode, In Quarantäne, [b2ef8a1603782511d7ce7b3c19e9f50b],
Dateien: 67
PUP.Optional.WPM.A, C:\Users\Lola\AppData\Local\Temp\303331578\303331578.zipDir\tmp\wpm_v20.0.0.502.exe, In Quarantäne, [168b217f53282c0a63e9177a90710ff1],
PUP.Optional.Amonetize, C:\Users\Lola\Downloads\FlashPlayersetup__7343_i1040439988_il23.exe, In Quarantäne, [554cedb3ff7c8da925f92773dc257789],
PUP.Optional.BundleInstaller.A, C:\Users\Lola\Downloads\openoffice setup.exe, In Quarantäne, [fca57c246615c4725136ef5144bdb050],
PUP.Optional.BundleInstaller.A, C:\Users\Thomas\Downloads\Setup.exe, In Quarantäne, [950c4c546b1060d65c7dc2b260a413ed],
PUP.Optional.WebSearchs.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\HTTP_ISTART.WEBSSEARCHES.COM_0.LOCALSTORAGE, In Quarantäne, [8a17f3adb4c7ee485ce514ae996928d8],
PUP.Optional.CrossRider.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ecoccdldklbjglocbgbfpmpehjegkode_0.localstorage, In Quarantäne, [435eb2eeec8f56e06a9fac207b87e719],
PUP.Optional.CrossRider.A, C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ecoccdldklbjglocbgbfpmpehjegkode_0.localstorage, In Quarantäne, [633e49579fdcc96d9871ab21b74bdf21],
PUP.Optional.CrossRider.A, C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ecoccdldklbjglocbgbfpmpehjegkode_0.localstorage-journal, In Quarantäne, [9908b5ebd3a82e0867a28e3e20e2857b],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\background.html, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\extension_info.json, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\extension_info.json.bak, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\flowsurf-drop.png, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\flowsurf.css, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\jquery-1.7.2.min.js, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\main.js, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\main.js.bak, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\manifest.json, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\readme.txt, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\icons\button.png, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\icons\icon100.png, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\icons\icon128.png, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\icons\icon16.png, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\icons\icon256.png, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\icons\icon32.png, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\icons\icon48.png, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\icons\icon64.png, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\includes\content_init.js, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\includes\content_kango.js, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\includes\invoke_async_module.js, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\includes\message_target_module.js, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\includes\userscript_client.js, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\backgroundscript_engine.js, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\browser.js, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\console.js, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\i18n.js, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\initialize.js, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\io.js, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\kango.js, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\lang.js, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\messaging.js, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\storage.js, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\userscript_engine.js, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango\xhr.js, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango-ui\browser_button.js, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango-ui\kango_api.js, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango-ui\options.js, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango-ui\remote_popup_host.html, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.FlowSurf.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\oglkiljdmflopemijdadoiepkhcaodjn\1.5.28_0\kango-ui\ui.js, In Quarantäne, [673aa6facead2e083de71893a0622ad6],
PUP.Optional.Spigot.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gpiifgmgnfdiblgpaepbmfdkcheicgof\000003.log, In Quarantäne, [7a27b8e8512a62d4fdb64274966cd32d],
PUP.Optional.Spigot.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gpiifgmgnfdiblgpaepbmfdkcheicgof\CURRENT, In Quarantäne, [7a27b8e8512a62d4fdb64274966cd32d],
PUP.Optional.Spigot.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gpiifgmgnfdiblgpaepbmfdkcheicgof\LOCK, In Quarantäne, [7a27b8e8512a62d4fdb64274966cd32d],
PUP.Optional.Spigot.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gpiifgmgnfdiblgpaepbmfdkcheicgof\LOG, In Quarantäne, [7a27b8e8512a62d4fdb64274966cd32d],
PUP.Optional.Spigot.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\gpiifgmgnfdiblgpaepbmfdkcheicgof\MANIFEST-000002, In Quarantäne, [7a27b8e8512a62d4fdb64274966cd32d],
PUP.Optional.CrossRider.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_ecoccdldklbjglocbgbfpmpehjegkode_0\1, In Quarantäne, [465bd1cfb6c5d95dc3e17a3dba4855ab],
PUP.Optional.CrossRider.A, C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_ecoccdldklbjglocbgbfpmpehjegkode_0\1, In Quarantäne, [c3deabf57a01c76ff7ad4d6ad230e31d],
PUP.Optional.CrossRider.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ecoccdldklbjglocbgbfpmpehjegkode\000005.ldb, In Quarantäne, [8a171d83b1cafa3c4c595b5cdf23c937],
PUP.Optional.CrossRider.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ecoccdldklbjglocbgbfpmpehjegkode\000006.log, In Quarantäne, [8a171d83b1cafa3c4c595b5cdf23c937],
PUP.Optional.CrossRider.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ecoccdldklbjglocbgbfpmpehjegkode\CURRENT, In Quarantäne, [8a171d83b1cafa3c4c595b5cdf23c937],
PUP.Optional.CrossRider.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ecoccdldklbjglocbgbfpmpehjegkode\LOCK, In Quarantäne, [8a171d83b1cafa3c4c595b5cdf23c937],
PUP.Optional.CrossRider.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ecoccdldklbjglocbgbfpmpehjegkode\LOG, In Quarantäne, [8a171d83b1cafa3c4c595b5cdf23c937],
PUP.Optional.CrossRider.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ecoccdldklbjglocbgbfpmpehjegkode\LOG.old, In Quarantäne, [8a171d83b1cafa3c4c595b5cdf23c937],
PUP.Optional.CrossRider.A, C:\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ecoccdldklbjglocbgbfpmpehjegkode\MANIFEST-000004, In Quarantäne, [8a171d83b1cafa3c4c595b5cdf23c937],
PUP.Optional.CrossRider.A, C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ecoccdldklbjglocbgbfpmpehjegkode\000003.log, In Quarantäne, [b2ef8a1603782511d7ce7b3c19e9f50b],
PUP.Optional.CrossRider.A, C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ecoccdldklbjglocbgbfpmpehjegkode\CURRENT, In Quarantäne, [b2ef8a1603782511d7ce7b3c19e9f50b],
PUP.Optional.CrossRider.A, C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ecoccdldklbjglocbgbfpmpehjegkode\LOCK, In Quarantäne, [b2ef8a1603782511d7ce7b3c19e9f50b],
PUP.Optional.CrossRider.A, C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ecoccdldklbjglocbgbfpmpehjegkode\LOG, In Quarantäne, [b2ef8a1603782511d7ce7b3c19e9f50b],
PUP.Optional.CrossRider.A, C:\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ecoccdldklbjglocbgbfpmpehjegkode\MANIFEST-000002, In Quarantäne, [b2ef8a1603782511d7ce7b3c19e9f50b],
Physische Sektoren: 0
(No malicious items detected)
(end)
Schritt 2:
ESET Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=30419cf1aa7f75448c4ab68baa063358
# engine=19256
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-19 08:40:35
# local_time=2014-07-19 10:40:35 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 9580 12481171 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 4766334 14128756 0 0
# scanned=91
# found=0
# cleaned=0
# scan_time=20
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=30419cf1aa7f75448c4ab68baa063358
# engine=19256
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-19 10:21:15
# local_time=2014-07-20 12:21:15 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 100 15620 12487211 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 4772374 14134796 0 0
# scanned=225237
# found=100
# cleaned=0
# scan_time=5966
sh=95826B332BD1AC0543C2BA4DB637D082A994B1E5 ft=1 fh=f3159d8e366dd55a vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\DaemonProcess.exe.vir"
sh=749E0C6D85971204E397EAE65ED10A9A4AEF40AB ft=1 fh=ef830199de104882 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\Mobogenie.exe.vir"
sh=1FD24BAE5755536F5B1CDF3F46A6C75BFD137933 ft=0 fh=0000000000000000 vn="Variante von Android/Mobserv.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\MUServer.apk.vir"
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\nengine.dll.vir"
sh=93AD648467F47DC2708810D169F26F4A814778C5 ft=1 fh=e589ccabe231da4b vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\UpdateMoboGenie.exe.vir"
sh=5B316DFC64B10EF482340274CA23463B41FA06D7 ft=1 fh=65889e0c5d5dba37 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\CltMngSvc.exe.vir"
sh=3C4070BE9BE256CA88CD3B993CFBE4DEF47E67E1 ft=1 fh=83a1f0e292f9ec84 vn="Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\CltMngSvc.exe_1390855317907.vir"
sh=8D431618E9030709F4F92F93482A042D2D0B70FA ft=1 fh=f9c5079134e88344 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\SPTool.dll.vir"
sh=DF96804C0D2D07D7543728DF582C86ACD3BEF3CF ft=1 fh=8676e6337a543f91 vn="Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\SPtool.dll_1390855309140.vir"
sh=DF96804C0D2D07D7543728DF582C86ACD3BEF3CF ft=1 fh=8676e6337a543f91 vn="Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\SPtool.dll_1390855309390.vir"
sh=C8F8049916B0E5C1953670DB20F04E87791681F2 ft=1 fh=5f5f86e71335fd15 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\SPtool.dll_1391012880405.vir"
sh=C8F8049916B0E5C1953670DB20F04E87791681F2 ft=1 fh=5f5f86e71335fd15 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\SPtool.dll_1391012881015.vir"
sh=05C0A99ACE45CEFB680DF0D3D87C138A307D346A ft=1 fh=2e9dc85ff81fe5c7 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\SPtool.dll_1391443718514.vir"
sh=5FF1DB4E5E08B0718AF684AB591F51C4289B9145 ft=1 fh=59283cd49474610a vn="Win32/Conduit.SearchProtect.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\Main\bin\uninstall.exe.vir"
sh=33E077621D027F3A6C83972DBD1B0C7F899C1B4E ft=1 fh=3081b00e12e38191 vn="Variante von Win32/Conduit.SearchProtect.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\cltmng.exe.vir"
sh=F697E03ADDEBA7FFAEB6F58DF392181B7124603D ft=1 fh=63d6f81f206b87ab vn="Variante von Win64/Conduit.SearchProtect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\SPTool64.exe.vir"
sh=CF86EC53BF89452D78E9232D0A650ED0D6DDFBF8 ft=1 fh=f9b15bfcf851b7f7 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\SPVC32.dll.vir"
sh=D472287B4D2DE014565DAA5FE33CE7A8D8467BEF ft=1 fh=be2a50d35d915b95 vn="Variante von Win32/Conduit.SearchProtect.H evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\SPVC32Loader.dll.vir"
sh=A90FEB7960611E1959F335750997B5D1F96705CF ft=1 fh=cb70b3974a3698d7 vn="Variante von Win64/Conduit.SearchProtect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\SPVC64.dll.vir"
sh=3E71F188279BEBB9F9197E61CCB7D29619A56207 ft=1 fh=03c4fc387191019c vn="Variante von Win64/Conduit.SearchProtect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\SearchProtect\bin\SPVC64Loader.dll.vir"
sh=6F1A5ECDFB7EEC7C358BEFB0FB3D77CD7F21310D ft=1 fh=63510bae0f8b92a7 vn="Variante von Win32/Conduit.SearchProtect.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Searchprotect\UI\bin\cltmngui.exe.vir"
sh=1DBF1556C82A78CA45882E66DD83C0A977BF8D23 ft=1 fh=328989ef9803066c vn="Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface32.dll.vir"
sh=C5883F4245AE2C0515FB1D04A08FD82885B06398 ft=1 fh=8d649859311d4519 vn="Win64/Thinknice.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\DpInterface64.dll.vir"
sh=EA186A56E0445AF8E5F382F56F42F91682CFED3B ft=1 fh=875c743a5b727b00 vn="Win32/ELEX.AR evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\RSHP.exe.vir"
sh=9E90A050EB0BB1CEAB5633BCE404E5D5BC307647 ft=1 fh=2563181150dc44ea vn="Win32/Thinknice.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect32.dll.vir"
sh=16CF5D6E11C0F55548A67B8B5D04FA3460C76A2D ft=1 fh=7418003a088e68c3 vn="Win64/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SearchProtect64.dll.vir"
sh=C03584BE4ED7835858158D1C38D6B08317E2FC82 ft=1 fh=a96a1125b953bd6a vn="Win32/Thinknice.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SpAPPSv32.dll.vir"
sh=67642DACDC22ED45AF7947E4F47B1B8463E4162C ft=1 fh=b08cc40f36e9035a vn="Win64/Thinknice.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SpAPPSv64.dll.vir"
sh=9042385F0336C5429FCD45FC347CC29A9BC06BB0 ft=1 fh=a7a426d7c77c80fb vn="Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SupTab\SupTab.dll.vir"
sh=9A4653CEB22C589149D70AF965E4C1586F6CA52A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\The weDownload Manager\49074.crx.vir"
sh=3678253E7BCECF44D37889E6E706BCAF51847CCB ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\The weDownload Manager\49074.xpi.vir"
sh=54B26BB83094675DB6A0AC2FAFA7C91FC8942F4E ft=1 fh=3a4703d3f9f9f5f4 vn="Variante von Win32/Toolbar.CrossRider.V evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\The weDownload Manager\The weDownload Manager-bg.exe.vir"
sh=388F890CAEB292E51E95F1B708E310BC5A371BC4 ft=1 fh=c71c00111a7e76d1 vn="Win32/Toolbar.CrossRider.R evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\The weDownload Manager\The weDownload Manager-bho.dll.vir"
sh=90416AFC1C2546408118F8A2EE861437FD0675D7 ft=1 fh=e973c85d0c631798 vn="Variante von Win64/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\The weDownload Manager\The weDownload Manager-bho64.dll.vir"
sh=8A35852528873F841CFB43295889BDC024C7A28F ft=1 fh=3d74ec29744d8344 vn="Variante von Win32/Toolbar.CrossRider.AA evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\The weDownload Manager\The weDownload Manager-buttonutil.exe.vir"
sh=C9F775295CC651D4E6EA9AB1194D7DEF88A9C705 ft=1 fh=c71c00113096d58d vn="möglicherweise Variante von Win64/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\The weDownload Manager\The weDownload Manager-buttonutil64.dll.vir"
sh=FDBCF2A8097E80DD8C0E4A47167CA51D311427F9 ft=1 fh=3d74ec299e67ffa8 vn="Variante von Win64/Toolbar.Crossrider.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\The weDownload Manager\The weDownload Manager-buttonutil64.exe.vir"
sh=A619A66DFB30811DD65994FBE427DDD26DE5EDA2 ft=1 fh=1a8d23ed7c65c977 vn="Win32/Toolbar.CrossRider.S evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\The weDownload Manager\The weDownload Manager-chromeinstaller.exe.vir"
sh=3CF294A4B897845053A30E8E6C7AF418ECD05017 ft=1 fh=e3207db2f2123b3d vn="Win32/Toolbar.CrossRider.T evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\The weDownload Manager\The weDownload Manager-codedownloader.exe.vir"
sh=2ED35EA232A7A5B52E5A986C6BB2909B8CA52415 ft=1 fh=17f8ae824c93a525 vn="Variante von Win32/Toolbar.CrossRider.X evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\The weDownload Manager\The weDownload Manager-enabler.exe.vir"
sh=780902952FC4DB3D6A5321273C4BD849A8635633 ft=1 fh=b452135b3dee8c92 vn="Variante von Win32/Toolbar.CrossRider.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\The weDownload Manager\The weDownload Manager-firefoxinstaller.exe.vir"
sh=CC2AC68A6B7D5ECF5D055985CF27A99A80D6C6B5 ft=1 fh=5baeea4b593d9080 vn="Variante von Win32/Toolbar.CrossRider.W evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\The weDownload Manager\The weDownload Manager-updater.exe.vir"
sh=C62FF895E33B51FB1E304FF9A7D6E64D2DD736F5 ft=1 fh=2e18a956c41cfa90 vn="Win32/Packed.VMDetector.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\The weDownload Manager\utils.exe.vir"
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Local\genienext\nengine.dll.vir"
sh=B5ED1E639B7D9AD3C0F3C81E5AA2E9F88DDFEB65 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.21_0\extensionData\plugins\102_dealply_m.js.vir"
sh=C8DB5E57774018F7ECA9B897993D81B6A6B37F7B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.21_0\extensionData\plugins\103_intext_5_m.js.vir"
sh=8BFBBD749FDAA46297DA7F28A30E29C55FD72880 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.21_0\extensionData\plugins\104_jollywallet_m.js.vir"
sh=0B21E41A47E579081215969619861996F43524B1 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.21_0\extensionData\plugins\105_corticas_m.js.vir"
sh=AE2D5CE395EE9CD2595F77F616E574F4794B1152 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.21_0\extensionData\plugins\155_ibario_pops_m.js.vir"
sh=7C81F4B98C95A247009293CC3CBE66218ED8ADD0 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.21_0\extensionData\plugins\184_noproblemppc_m.js.vir"
sh=9F07ACC96BC246F25975479E9382CDF88E7D8711 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.21_0\extensionData\plugins\191_ciuvo_m.js.vir"
sh=F913C9EE03B4CCE8680961DBF505FA17BAC140F0 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.21_0\extensionData\plugins\192_revizer_ws_dynamic_b2b_m.js.vir"
sh=28F70DF1D28964084CCA8382AE4ADA97EF0C4C0A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.21_0\extensionData\plugins\193_revizer_p_dynamic_b2b_m.js.vir"
sh=5238A49C440E541BF241BC5EA247BAC9321C096D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.21_0\extensionData\plugins\91_monetizationLoader.js.js.vir"
sh=0C5AC30A082628E85A9A8B68EF5E5EAFA46F0CC7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.21_0\extensionData\plugins\93_superfish_no_coupons_m.js.vir"
sh=D6CFE89E51D1CF5C0043E538BC26C4477CE3EF3E ft=0 fh=0000000000000000 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.2.0.zip.vir"
sh=95826B332BD1AC0543C2BA4DB637D082A994B1E5 ft=1 fh=f3159d8e366dd55a vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DaemonProcess.exe.vir"
sh=749E0C6D85971204E397EAE65ED10A9A4AEF40AB ft=1 fh=ef830199de104882 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\Mobogenie.exe.vir"
sh=1FD24BAE5755536F5B1CDF3F46A6C75BFD137933 ft=0 fh=0000000000000000 vn="Variante von Android/Mobserv.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk.vir"
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\nengine.dll.vir"
sh=93AD648467F47DC2708810D169F26F4A814778C5 ft=1 fh=e589ccabe231da4b vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\New_UpdateMoboGenie.exe.vir"
sh=9EFDE89A61BAAA7D5D5D4B08214BE3D2EE505248 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Roaming\Mozilla\Firefox\Profiles\0r83g7y4.default\Extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\102_dealply_m.js.vir"
sh=57F445259F179510FE1EACAAD27A82E87305756C ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Roaming\Mozilla\Firefox\Profiles\0r83g7y4.default\Extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\103_intext_5_m.js.vir"
sh=30630D311A124BA372D209C02247D8A4238E3610 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Roaming\Mozilla\Firefox\Profiles\0r83g7y4.default\Extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\104_jollywallet_m.js.vir"
sh=04253E738106628805978963C1648F429CD2A08E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Roaming\Mozilla\Firefox\Profiles\0r83g7y4.default\Extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\105_corticas_m.js.vir"
sh=9832E303AF1F020C6DD37DB8D8E7A0FF40979142 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Roaming\Mozilla\Firefox\Profiles\0r83g7y4.default\Extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\123_intext_adv_m.js.vir"
sh=84CA9AA694BCAE4779C18F493E7083124A3126C5 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Roaming\Mozilla\Firefox\Profiles\0r83g7y4.default\Extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\155_ibario_pops_m.js.vir"
sh=D9DF0722882055C5C11AFD602D505B2E7EA9AFC6 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Roaming\Mozilla\Firefox\Profiles\0r83g7y4.default\Extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\184_noproblemppc_m.js.vir"
sh=39D85F60370A7E5065A9BDC9D83216476D768A60 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Roaming\Mozilla\Firefox\Profiles\0r83g7y4.default\Extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\191_ciuvo_m.js.vir"
sh=755E6F27D557EE62A1733A6D7446929692C0E2D5 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Roaming\Mozilla\Firefox\Profiles\0r83g7y4.default\Extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\192_revizer_ws_dynamic_b2b_m.js.vir"
sh=1C11431100002928B21CADA701E3D80CDBEFB6A2 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Roaming\Mozilla\Firefox\Profiles\0r83g7y4.default\Extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\193_revizer_p_dynamic_b2b_m.js.vir"
sh=3BB30FB241BF8D2B709364A69F5128CA9BEF9ED2 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Roaming\Mozilla\Firefox\Profiles\0r83g7y4.default\Extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\217_similar_products_m.js.vir"
sh=115081E9037F5D63F69BC5CA19ECC1ACC8F61896 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Roaming\Mozilla\Firefox\Profiles\0r83g7y4.default\Extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\223_imonomy_m.js.vir"
sh=7BC84C8A88F318467C124FA76E67F600EB90FCAC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Roaming\Mozilla\Firefox\Profiles\0r83g7y4.default\Extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\224_beacon_pops_m.js.vir"
sh=2DC335A206411AD5B2CB8E8AB2B1333596493CB9 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Roaming\Mozilla\Firefox\Profiles\0r83g7y4.default\Extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\226_set_campaign_id_m.js.vir"
sh=46F27C818E66AF2651C8AEAAC8249451A90182BE ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Roaming\Mozilla\Firefox\Profiles\0r83g7y4.default\Extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\230_revizer_ws_dynamic_b2b_2_m.js.vir"
sh=ADA1ABB410D5E0C6AD102F5BA8AEB6A255C1E9A6 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Roaming\Mozilla\Firefox\Profiles\0r83g7y4.default\Extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\233_revizer_p_dynamic_b2b_2_m.js.vir"
sh=99ED957925C94680B2842F0C146CF7F28A86CCD0 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Roaming\Mozilla\Firefox\Profiles\0r83g7y4.default\Extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\91_monetizationLoader.js.js.vir"
sh=0C5AC30A082628E85A9A8B68EF5E5EAFA46F0CC7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Roaming\Mozilla\Firefox\Profiles\0r83g7y4.default\Extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\93_superfish_no_coupons_m.js.vir"
sh=8E6A6992A3C7FEC4000FA1A4D764DD597109E0B5 ft=1 fh=c71c0011cd00713e vn="Win32/NextLive.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Lola\AppData\Roaming\newnext.me\nengine.dll.vir"
sh=B5ED1E639B7D9AD3C0F3C81E5AA2E9F88DDFEB65 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.21_0\extensionData\plugins\102_dealply_m.js.vir"
sh=C8DB5E57774018F7ECA9B897993D81B6A6B37F7B ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.21_0\extensionData\plugins\103_intext_5_m.js.vir"
sh=8BFBBD749FDAA46297DA7F28A30E29C55FD72880 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.21_0\extensionData\plugins\104_jollywallet_m.js.vir"
sh=0B21E41A47E579081215969619861996F43524B1 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.21_0\extensionData\plugins\105_corticas_m.js.vir"
sh=AE2D5CE395EE9CD2595F77F616E574F4794B1152 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.21_0\extensionData\plugins\155_ibario_pops_m.js.vir"
sh=7C81F4B98C95A247009293CC3CBE66218ED8ADD0 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.21_0\extensionData\plugins\184_noproblemppc_m.js.vir"
sh=9F07ACC96BC246F25975479E9382CDF88E7D8711 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.21_0\extensionData\plugins\191_ciuvo_m.js.vir"
sh=F913C9EE03B4CCE8680961DBF505FA17BAC140F0 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.21_0\extensionData\plugins\192_revizer_ws_dynamic_b2b_m.js.vir"
sh=28F70DF1D28964084CCA8382AE4ADA97EF0C4C0A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.21_0\extensionData\plugins\193_revizer_p_dynamic_b2b_m.js.vir"
sh=5238A49C440E541BF241BC5EA247BAC9321C096D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.21_0\extensionData\plugins\91_monetizationLoader.js.js.vir"
sh=0C5AC30A082628E85A9A8B68EF5E5EAFA46F0CC7 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Thomas\AppData\Local\Google\Chrome\User Data\Default\Extensions\ecoccdldklbjglocbgbfpmpehjegkode\1.26.21_0\extensionData\plugins\93_superfish_no_coupons_m.js.vir"
sh=F913C9EE03B4CCE8680961DBF505FA17BAC140F0 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\5fod2mo1.default\Extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\192_revizer_ws_dynamic_b2b_m.js.vir"
sh=28F70DF1D28964084CCA8382AE4ADA97EF0C4C0A ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\5fod2mo1.default\Extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\193_revizer_p_dynamic_b2b_m.js.vir"
sh=76546544E4F61C8A5C86A53DC07C4F6B1A39B904 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\5fod2mo1.default\Extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\217_similar_products_m.js.vir"
sh=7BC84C8A88F318467C124FA76E67F600EB90FCAC ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\5fod2mo1.default\Extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\224_beacon_pops_m.js.vir"
sh=3F1A2FD85413FF4A3A4FF8BE0DFB3956E96B0212 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\5fod2mo1.default\Extensions\b1ac2ff7-8e51-4bb6-8bf8-87f1d567919a@4bb97481-aead-4c2e-a62b-e25e264651bb.com\extensionData\plugins\91_monetizationLoader.js.js.vir"
sh=535AF651EA5F3D5DE0E0A0C7A83FB82D217C1414 ft=1 fh=839880581fe9fccf vn="Variante von Win32/Speedchecker.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Lola\AppData\Local\Temp\awhA552.tmp"
sh=BBD7A2AC1E027E7ED0CFA567CF06E86D22B2A665 ft=1 fh=55978f7f5077c75a vn="Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Lola\Downloads\IObit-Malware-Figher-Setup.exe"
sh=B4E711E7C5EB528585859AB5CBC76A88239757B5 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Thomas\AppData\Local\Mozilla\Firefox\Profiles\5fod2mo1.default\Cache\8\BC\6D1ADd01"
sh=85F7A6DCC9459A0B1E5BB8CD1138F0E4075C90A2 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Thomas\AppData\Local\Mozilla\Firefox\Profiles\5fod2mo1.default\Cache\D\DF\46B67d01"
|
Hinweis:
AdwCleaner auf deinen Desktop.
