Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Google Chrome WTSAPI32.dll fehlerhaft (https://www.trojaner-board.de/162030-google-chrome-wtsapi32-dll-fehlerhaft.html)

Crounty 20.12.2014 23:14
Google Chrome WTSAPI32.dll fehlerhaft
 
Hallo Leute,
nachdem ich Emsisoft auf meinem Pc installiert hab und einen Suchlauf startete, fand dieser direkt Malware in Chrome und entferntete diese auch, seitdem aber erhalte ich immer eine Fehlermeldung in Chrome, dass eine Datei fehlerhaft sein soll und öffnet sich nicht. Erst nach mehreren malen funktioniert dann Chrome.

Die Seite zum Virus:
hxxp://blog.emsisoft.com/2014/06/18/emsisoft-malware-library/?found+Gen%3aVariant.Kazy.519551+(B)

schrauber 21.12.2014 07:11
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Crounty 21.12.2014 14:40
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-12-2014
Ran by Issam276 (administrator) on CROUNTY on 21-12-2014 14:36:18
Running from C:\Users\Issam276\Desktop
Loaded Profile: Issam276 (Available profiles: Issam276 & Gast & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Internet Security\a2service.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
() C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Akamai Technologies, Inc.) C:\Users\Issam276\AppData\Local\Akamai\netsession_win.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Spotify Ltd) C:\Users\Issam276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Internet Security\a2guard.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Akamai Technologies, Inc.) C:\Users\Issam276\AppData\Local\Akamai\netsession_win.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Windows\SysWOW64\WinMsgBalloonServer.exe
() C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SndVol.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7204568 2013-12-28] (Realtek Semiconductor)
HKLM-x32\...\Run: [Turbo Key] => C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe [1874432 2009-11-24] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Cpu Level Up help] => C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe [887936 2009-12-28] ()
HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft internet security\a2guard.exe [4954576 2014-12-01] (Emsisoft GmbH)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Issam276\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-09-15] (AMD)
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Run: [Spotify Web Helper] => C:\Users\Issam276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-12] (Spotify Ltd)
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Policies\system: [EnableLUA] 0
HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30524520 2014-11-27] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
SearchScopes: HKU\S-1-5-21-1925287450-1312797874-627100175-1001 -> DefaultScope {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-flv
SearchScopes: HKU\S-1-5-21-1925287450-1312797874-627100175-1001 -> Backup.Old.DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233}
SearchScopes: HKU\S-1-5-21-1925287450-1312797874-627100175-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1925287450-1312797874-627100175-1001 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-flv
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{BF86312B-8016-42B1-B232-8DED504D4B33}: [NameServer] 81.173.194.68,212.117.68.10

FireFox:
========
FF ProfilePath: C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1925287450-1312797874-627100175-1001: facebook.com/fbDesktopPlugin -> C:\Users\Issam276\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll (Facebook, Inc.)
FF SearchPlugin: C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197\searchplugins\yahoo_ff.xml
FF Extension: Adblock Plus - C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-02-22]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF Extension: No Name - C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197\extensions\ascsurfingprotection@iobit.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome:
=======
CHR HomePage: Default -> https://www.google.de/
CHR StartupUrls: Default -> "https://www.google.de/"
CHR DefaultSearchKeyword: Default -> google.de_
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-12-07]
CHR Extension: (Google Präsentationen) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-01]
CHR Extension: (Google Docs) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-01]
CHR Extension: (Google Drive) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-01]
CHR Extension: (WOT) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-12-20]
CHR Extension: (MEGA) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2014-12-20]
CHR Extension: (YouTube) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-01]
CHR Extension: (Adblock Plus) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-12-01]
CHR Extension: (Google-Suche) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-01]
CHR Extension: (Google Tabellen) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-01]
CHR Extension: (League of Legends(LoL) For New Tab) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\hagfodkdlfpceodghmlnbjafkcdjnifd [2014-12-20]
CHR Extension: (Ghostery) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-12-19]
CHR Extension: (Google Wallet) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-01]
CHR Extension: (Google Mail) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Internet Security\a2service.exe [4907232 2014-12-01] (Emsisoft GmbH)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.) [File not signed]
R2 AMD_RAIDXpert; C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [122880 2009-12-15] (AMD) [File not signed]
S4 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [136616 2012-05-10] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-08-19] (ASUSTeK Computer Inc.) [File not signed]
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-09-25] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-01-05] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5405456 2014-11-12] (TeamViewer GmbH)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
S4 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [X]
S3 npggsvc; C:\Windows\system32\GameMon.des -service [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT INTERNET SECURITY\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Internet Security\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Internet Security\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Internet Security\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH)
S2 ANIO; C:\Windows\SysWOW64\ANIO.SYS [28205 2003-05-05] (Alpha Networks Inc.) [File not signed]
R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2009-03-06] ()
R2 AODDriver4.2.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [57472 2012-05-10] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2014-06-29] (The OpenVPN Project)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Internet Security\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
S3 cpuz130; No ImagePath
S3 dump_wmimmc; No ImagePath
R2 ESLWireAC; C:\Windows\system32\drivers\ESLWireACD.sys [160784 2012-12-17] (<Turtle Entertainment>)
S3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)
R3 fwndis; C:\Windows\System32\DRIVERS\fwndis64.sys [484952 2014-12-01] ()
R1 fwwfp; C:\Program Files (x86)\Emsisoft Internet Security\fwwfp764.sys [414424 2014-12-01] ()
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-01] (INCA Internet Co., Ltd.) [File not signed]
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [53760 2012-09-28] (Apple, Inc.) [File not signed]
S3 X6va008; No ImagePath
S3 X6va009; No ImagePath
S3 X6va012; No ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S3 netr28ux; system32\DRIVERS\netr28ux.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-21 14:36 - 2014-12-21 14:36 - 00022418 _____ () C:\Users\Issam276\Desktop\FRST.txt
2014-12-21 04:09 - 2014-12-21 04:09 - 05073240 _____ (Microsoft Corporation) C:\Users\Issam276\Downloads\vcredist_x86.exe
2014-12-21 04:00 - 2014-12-21 04:08 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\BoL
2014-12-21 03:56 - 2014-12-21 03:56 - 00000270 _____ () C:\Users\Issam276\Downloads\Relog.zip
2014-12-21 03:54 - 2014-12-21 03:54 - 00000157 _____ () C:\Users\Issam276\Downloads\doGout.rar
2014-12-21 03:52 - 2014-12-21 03:54 - 00000000 ____D () C:\Users\Issam276\Desktop\sadsdasda
2014-12-21 03:51 - 2014-12-21 03:52 - 11539006 _____ () C:\Users\Issam276\Downloads\Bot of Legends.rar
2014-12-21 01:22 - 2014-12-21 01:23 - 00031608 _____ () C:\Users\Issam276\Downloads\mwb_scan.zip
2014-12-21 01:01 - 2014-12-21 01:01 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-12-20 23:44 - 2014-12-20 23:44 - 00001132 _____ () C:\Users\Public\Desktop\Emsisoft Internet Security.lnk
2014-12-20 23:44 - 2014-12-20 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Internet Security
2014-12-20 23:43 - 2014-12-21 14:36 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Internet Security
2014-12-20 23:43 - 2014-12-01 16:55 - 00484952 _____ () C:\Windows\system32\Drivers\fwndis64.sys
2014-12-20 23:42 - 2014-12-20 23:42 - 00001710 _____ () C:\EamClean.log
2014-12-20 23:36 - 2014-12-20 23:36 - 04095448 _____ (BrightFort LLC ) C:\Users\Issam276\Downloads\spywareblastersetup50.exe
2014-12-20 23:36 - 2014-12-20 23:36 - 00448512 _____ (OldTimer Tools) C:\Users\Issam276\Downloads\TFC.exe
2014-12-20 23:36 - 2014-12-20 23:36 - 00448512 _____ (OldTimer Tools) C:\Users\Issam276\Desktop\TFC.exe
2014-12-20 23:18 - 2014-12-20 23:20 - 170332104 _____ (Emsisoft Ltd ) C:\Users\Issam276\Downloads\EmsisoftInternetSecuritySetup.exe
2014-12-20 23:10 - 2014-12-20 23:10 - 02122240 _____ (Farbar) C:\Users\Issam276\Downloads\FRST64.exe
2014-12-20 23:10 - 2014-12-20 23:10 - 02122240 _____ (Farbar) C:\Users\Issam276\Desktop\FRST64.exe
2014-12-20 22:48 - 2014-12-20 23:42 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-12-20 22:34 - 2014-12-20 22:34 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-12-20 22:33 - 2008-01-04 13:34 - 00011832 _____ () C:\Windows\SysWOW64\Drivers\AsInsHelp64.sys
2014-12-20 22:33 - 2008-01-04 13:34 - 00010216 _____ () C:\Windows\SysWOW64\Drivers\AsInsHelp32.sys
2014-12-20 22:12 - 2014-12-20 22:12 - 05718872 _____ (Microsoft Corporation) C:\Users\Issam276\Downloads\vcredist_x64 (2).exe
2014-12-20 22:11 - 2014-12-20 22:11 - 05718872 _____ (Microsoft Corporation) C:\Users\Issam276\Downloads\vcredist_x64 (1).exe
2014-12-20 22:08 - 2014-12-20 22:08 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-20 22:07 - 2014-12-20 22:07 - 07190152 _____ (Microsoft Corporation) C:\Users\Issam276\Downloads\vcredist_x64.exe
2014-12-20 21:51 - 2014-12-20 21:51 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-12-20 21:42 - 2014-12-20 21:42 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Issam276\Downloads\revosetup95.exe
2014-12-20 21:42 - 2014-12-20 21:42 - 00001270 _____ () C:\Users\Issam276\Desktop\Revo Uninstaller.lnk
2014-12-20 21:42 - 2014-12-20 21:42 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-12-20 21:40 - 2014-12-20 21:41 - 170178096 _____ (Emsisoft Ltd ) C:\Users\Issam276\Downloads\EmsisoftAntiMalwareSetup.exe
2014-12-19 17:31 - 2014-12-19 17:31 - 00985600 _____ () C:\Users\Issam276\Downloads\MicrosoftFixit50123.msi
2014-12-19 15:53 - 2014-12-19 15:53 - 00000000 ____D () C:\ComboFix
2014-12-13 22:22 - 2014-12-13 22:22 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Blizzard
2014-12-13 22:14 - 2014-12-13 22:22 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-12-13 22:14 - 2014-12-13 22:14 - 00001161 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-12-13 22:14 - 2014-12-13 22:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-12-13 13:17 - 2014-12-13 13:17 - 00000731 _____ () C:\Users\Issam276\mabast suckt.txt
2014-12-12 19:40 - 2014-12-12 19:40 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-12 17:42 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-12 17:42 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-12 17:42 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-12 17:42 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-12 17:42 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-12 17:42 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-12 17:42 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-12 17:42 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-12 17:42 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-12 17:42 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-12 16:26 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-12 16:26 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-12 16:26 - 2014-11-24 23:12 - 17874432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-12 16:26 - 2014-11-24 22:59 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-12 16:26 - 2014-11-24 22:54 - 10921984 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-12 16:26 - 2014-11-24 22:53 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-12 16:26 - 2014-11-24 22:47 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-12 16:26 - 2014-11-24 22:47 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-12 16:26 - 2014-11-24 22:45 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-12 16:26 - 2014-11-24 22:45 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-12-12 16:26 - 2014-11-24 22:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 02157056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-12 16:26 - 2014-11-24 22:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-12-12 16:26 - 2014-11-24 22:43 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-12 16:26 - 2014-11-24 22:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-12 16:26 - 2014-11-24 22:43 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-12-12 16:26 - 2014-11-24 22:42 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-12 16:26 - 2014-11-24 21:44 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-12 16:26 - 2014-11-24 21:41 - 12369920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-12 16:26 - 2014-11-24 21:40 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-12 16:26 - 2014-11-24 21:37 - 09740800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-12 16:26 - 2014-11-24 21:35 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-12 16:26 - 2014-11-24 21:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-12 16:26 - 2014-11-24 21:34 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-12 16:26 - 2014-11-24 21:34 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 01802752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-12 16:26 - 2014-11-24 21:33 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-12-12 16:26 - 2014-11-24 21:32 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-12 16:26 - 2014-11-24 21:32 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-12 16:26 - 2014-11-24 21:32 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-12 16:26 - 2014-11-24 21:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-12 16:26 - 2014-11-24 21:32 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-12 16:26 - 2014-11-24 21:32 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-12-12 16:26 - 2014-11-24 21:32 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-12-12 16:26 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-12 16:26 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-12 16:26 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-12 16:26 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-12 16:26 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-12 16:26 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-12 16:26 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-12 16:26 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-12 16:26 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-12 16:26 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-12 16:26 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-12 16:26 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-12 16:26 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-12 16:26 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-12 16:26 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-12 16:25 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-12 16:25 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-06 18:13 - 2014-12-06 18:13 - 00146183 _____ () C:\Users\Issam276\Downloads\YouTube-Unblocker-056.crx
2014-12-06 17:48 - 2014-12-08 14:45 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-12-06 17:48 - 2014-12-06 17:48 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Yahoo!
2014-12-06 17:43 - 2014-12-06 17:44 - 04998707 _____ () C:\Users\Issam276\Downloads\flvplayer_setup20_25.exe
2014-12-05 17:14 - 2014-12-05 17:14 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\xulrunner
2014-12-05 17:13 - 2014-12-05 17:13 - 10124389 _____ () C:\Users\Issam276\AppData\Roaming\xulrunner.zip
2014-12-04 16:29 - 2014-12-04 16:29 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Secunia PSI
2014-12-03 11:25 - 2014-12-03 11:30 - 441252901 _____ () C:\Users\Issam276\Downloads\League Of Legends.mp4
2014-12-01 21:34 - 2014-12-01 21:34 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Steganos
2014-11-30 23:30 - 2014-12-01 00:12 - 00000000 ____D () C:\zoek_backup
2014-11-30 23:30 - 2014-11-30 23:30 - 01294848 _____ () C:\Users\Issam276\Desktop\zoek.exe
2014-11-30 22:22 - 2014-12-05 17:28 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-30 21:10 - 2014-11-30 21:10 - 00031862 _____ () C:\ComboFix.txt
2014-11-30 20:47 - 2014-11-30 21:10 - 00000000 ____D () C:\Qoobox
2014-11-30 20:47 - 2014-11-30 21:08 - 00000000 ____D () C:\Windows\erdnt
2014-11-30 20:47 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-30 20:47 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-30 20:47 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-30 20:46 - 2014-12-19 15:52 - 05601641 ____R (Swearware) C:\Users\Issam276\Desktop\ComboFix.exe
2014-11-30 20:14 - 2014-12-21 14:26 - 00005820 _____ () C:\Windows\setupact.log
2014-11-30 20:14 - 2014-12-20 23:42 - 00996320 _____ () C:\Windows\PFRO.log
2014-11-30 20:14 - 2014-11-30 20:14 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-30 19:53 - 2014-11-19 16:25 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-11-30 19:50 - 2014-11-30 19:54 - 00001467 _____ () C:\Windows\SecuniaPackage.log
2014-11-30 19:41 - 2014-11-30 19:41 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-11-30 15:25 - 2014-11-30 15:25 - 00001174 _____ () C:\Users\Issam276\Desktop\Avast Internet Security License File.rar
2014-11-30 01:25 - 2014-11-30 01:25 - 01093536 _____ () C:\Users\Issam276\Documents\cc_20141130_012508.reg
2014-11-29 22:20 - 2014-11-29 22:20 - 00001049 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2014-11-29 18:05 - 2014-11-29 18:05 - 00000000 ____D () C:\Users\Issam276\Documents\Diablo III
2014-11-29 00:10 - 2014-11-29 18:04 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-11-29 00:10 - 2014-11-29 00:10 - 00001162 _____ () C:\Users\Public\Desktop\Diablo III.lnk
2014-11-29 00:10 - 2014-11-29 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2014-11-29 00:03 - 2014-12-16 20:30 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Battle.net
2014-11-29 00:03 - 2014-11-29 00:03 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Battle.net
2014-11-29 00:03 - 2014-11-29 00:03 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Blizzard Entertainment
2014-11-29 00:02 - 2014-12-13 22:14 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-11-29 00:02 - 2014-11-29 00:02 - 00001124 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-11-29 00:02 - 2014-11-29 00:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-21 14:36 - 2014-06-28 19:29 - 00000000 ____D () C:\FRST
2014-12-21 14:35 - 2014-07-04 02:28 - 01419370 _____ () C:\Windows\WindowsUpdate.log
2014-12-21 14:33 - 2013-02-22 18:07 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-21 14:28 - 2013-02-22 18:07 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-21 14:27 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-21 04:52 - 2012-06-29 19:50 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Skype
2014-12-21 04:31 - 2012-09-19 17:23 - 00000940 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1925287450-1312797874-627100175-1001UA.job
2014-12-21 04:27 - 2012-06-14 13:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-21 00:35 - 2014-09-06 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-12-21 00:00 - 2014-11-18 17:48 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\TERA
2014-12-20 23:50 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-20 23:50 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-20 23:48 - 2012-06-14 15:08 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\TS3Client
2014-12-20 23:42 - 2014-06-29 19:05 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-12-20 22:46 - 2013-07-10 17:40 - 00000000 ____D () C:\Users\DefaultAppPool
2014-12-20 22:36 - 2014-09-07 12:39 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-20 22:33 - 2012-06-14 14:10 - 00000000 ____D () C:\Windows\System32\Tasks\ASUS
2014-12-20 22:33 - 2012-06-14 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-12-20 22:33 - 2012-06-14 14:09 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-12-20 22:33 - 2012-06-12 10:08 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-20 22:24 - 2013-02-01 21:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee
2014-12-20 22:21 - 2012-09-02 16:31 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-20 22:17 - 2012-09-14 17:26 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Unity
2014-12-20 21:59 - 2012-06-22 13:27 - 00000000 ____D () C:\Program Files (x86)\D-Link
2014-12-20 21:50 - 2012-06-14 13:52 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\InfraRecorder
2014-12-20 19:31 - 2012-09-19 17:23 - 00000918 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1925287450-1312797874-627100175-1001Core.job
2014-12-19 22:33 - 2014-11-07 17:57 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Spotify
2014-12-19 15:23 - 2012-06-15 15:21 - 00000000 ____D () C:\Users\Issam276\Desktop\Alles
2014-12-18 22:16 - 2013-04-27 07:45 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Spotify
2014-12-15 16:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-13 14:36 - 2013-02-02 10:54 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-13 14:36 - 2012-06-29 19:50 - 00000000 ____D () C:\ProgramData\Skype
2014-12-13 13:17 - 2012-06-14 12:17 - 00000000 ____D () C:\Users\Issam276
2014-12-13 02:32 - 2013-02-22 18:08 - 00002181 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-12 19:40 - 2014-05-06 19:56 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-12 19:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-12 17:50 - 2013-08-21 23:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-12 17:43 - 2012-06-17 14:06 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-12 17:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-12 16:27 - 2013-08-23 11:40 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-12 16:27 - 2012-06-14 13:47 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-12 16:27 - 2012-06-14 13:47 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-06 17:40 - 2014-08-10 06:44 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Windows Live
2014-12-05 17:28 - 2014-06-28 16:36 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-05 17:28 - 2014-06-28 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-05 17:28 - 2014-06-28 16:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-01 21:50 - 2012-12-08 09:39 - 00066256 _____ () C:\Users\Issam276\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-01 21:48 - 2012-12-08 09:38 - 04913880 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-01 21:47 - 2012-09-25 18:21 - 00006178 _____ () C:\ProgramData\hpzinstall.log
2014-12-01 21:41 - 2012-09-25 18:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-12-01 21:38 - 2012-09-25 18:22 - 00000000 ____D () C:\Program Files (x86)\HP
2014-12-01 21:38 - 2012-09-25 18:21 - 00000000 ____D () C:\ProgramData\HP
2014-12-01 21:33 - 2013-02-22 16:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-01 00:13 - 2014-02-11 12:15 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Comodo
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-12-01 00:08 - 2014-02-14 17:14 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-12-01 00:08 - 2014-02-14 17:14 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-12-01 00:08 - 2013-06-26 12:08 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-12-01 00:08 - 2012-07-03 17:11 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Google
2014-11-30 23:59 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-11-30 23:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-11-30 22:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PLA
2014-11-30 21:10 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-11-30 21:02 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-11-30 20:13 - 2014-03-03 18:42 - 00000000 ____D () C:\AdwCleaner
2014-11-30 20:13 - 2014-03-03 17:37 - 00000000 ____D () C:\Windows\system32\log
2014-11-30 19:39 - 2012-11-18 14:41 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-30 19:39 - 2012-11-18 14:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-30 19:39 - 2012-06-14 13:52 - 00000000 ____D () C:\Program Files\WinRAR
2014-11-30 19:26 - 2014-08-31 20:00 - 00000000 ___RD () C:\Users\Issam276\Dropbox
2014-11-30 19:17 - 2014-08-31 19:58 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Dropbox
2014-11-30 19:16 - 2014-08-31 20:00 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-30 12:19 - 2014-11-01 20:28 - 00000000 ____D () C:\Users\Issam276\AppData\Local\osu!
2014-11-30 01:24 - 2012-06-27 18:39 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\TeamViewer
2014-11-30 01:24 - 2012-06-15 15:18 - 00000000 ____D () C:\Windows\Minidump
2014-11-29 22:20 - 2012-06-14 13:02 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-11-29 10:13 - 2013-01-25 19:07 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\.minecraft
2014-11-27 22:18 - 2011-04-12 08:43 - 00770468 _____ () C:\Windows\system32\perfh007.dat
2014-11-27 22:18 - 2011-04-12 08:43 - 00174528 _____ () C:\Windows\system32\perfc007.dat
2014-11-27 22:18 - 2009-07-14 06:13 - 01799304 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-24 14:04 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-11-21 06:14 - 2014-06-28 16:36 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-21 06:14 - 2014-06-28 16:36 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-21 06:14 - 2014-06-28 16:36 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

Files to move or delete:
====================
C:\Users\Issam276\jagex_cl_oldschool_LIVE.dat
C:\Users\Issam276\jagex_cl_runescape_LIVE.dat
C:\Users\Issam276\random.dat


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-15 16:36

==================== End Of Log ============================
--- --- ---

--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-12-2014
Ran by Issam276 at 2014-12-21 14:37:21
Running from C:\Users\Issam276\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Emsisoft Internet Security (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Internet Security (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
FW: Emsisoft Internet Security (Enabled) {BD3F5FCA-866B-1E2E-0A68-58900A751EA1}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AI Suite (HKLM-x32\...\{310BC5E2-31AF-49BB-904D-E71EB93645DC}) (Version: 1.06.22 - )
Akamai NetSession Interface (HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{2BFD590F-1D73-3533-E734-FDDAC3746E4A}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM-x32\...\{9C1FAB12-F426-432E-8579-75CAB60C69CF}) (Version: 4.2.0.0594 - Advanced Micro Devices, Inc.)
ANIO Service (HKLM-x32\...\{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}) (Version:  - )
Application Profiles (HKLM-x32\...\{4ED980CB-C288-6A80-A3EA-AEECC543058B}) (Version: 2.0.4525.30280 - Advanced Micro Devices, Inc.)
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 7.18.03 - ASUSTeK Computer Inc.)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
ChrisPC DNS Switch 1.40 (HKLM-x32\...\{ECE17478-56C5-4280-AB67-AC2C2CAFA30F}_is1) (Version:  - Chris P.C. srl)
Chris-PC Game Booster (HKLM-x32\...\Chris-PC Game Booster_is1) (Version: 2.00 - Chris P.C. srl)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dropbox (HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
Emsisoft Internet Security (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft Ltd)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Facebook Messenger 2.1.4814.0 (HKLM-x32\...\{7204BDEE-1A48-4D95-A964-44A9250B439E}) (Version: 2.1.4814.0 - Facebook)
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 3.21.2.1 - Futuremark Corporation)
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HydraVision (x32 Version: 4.2.216.0 - Advanced Micro Devices, Inc.) Hidden
Java 7 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.9.11 - www.leaguereplays.com)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MTA:SA v1.4.0 (HKLM-x32\...\MTA:SA 1.4) (Version: v1.4.0 - Multi Theft Auto)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
osu! (HKLM-x32\...\{ba6599d0-1e00-4060-a455-55382b1c7008}) (Version: latest - ppy Pty Ltd)
PC Probe II (HKLM-x32\...\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}) (Version: 1.04.92 - ASUSTeK Computer Inc.)
RAIDXpert (HKLM-x32\...\InstallShield_{8B76B8E9-F773-4B75-A08C-120079EB765E}) (Version: 3.2.1540.10 - AMD)
RAIDXpert (x32 Version: 3.2.1540.10 - AMD) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6519 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.35436 Beta - TeamViewer)
Turbo Key (HKLM-x32\...\{B83F7FA5-3191-4E39-A1F2-8A9038BD0B04}) (Version: 1.01.03 - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WinSCP 4.3.8 (HKLM-x32\...\winscp3_is1) (Version: 4.3.8 - Martin Prikryl)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{3a022117-d6e3-4fcd-a8a2-d31ed64d8e1e}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

20-12-2014 21:54:28 Removed Façade
20-12-2014 21:57:41 Revo Uninstaller's restore point - D-Link Wireless G DWL-G122_DWA-110
20-12-2014 21:58:21 Removed ANIWZCS2 Service
20-12-2014 21:59:16 Entfernt D-Link Wireless G DWL-G122_DWA-110
20-12-2014 21:59:45 Revo Uninstaller's restore point - DayZ Commander
20-12-2014 22:00:06 Removed DayZ Commander
20-12-2014 22:04:49 Revo Uninstaller's restore point - Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
20-12-2014 22:08:24 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
20-12-2014 22:09:22 Revo Uninstaller's restore point - Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
20-12-2014 22:11:29 Revo Uninstaller's restore point - Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
20-12-2014 22:13:11 Revo Uninstaller's restore point - Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
20-12-2014 22:13:29 Removed Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
20-12-2014 22:16:58 Revo Uninstaller's restore point - Unity Web Player
20-12-2014 22:17:56 Revo Uninstaller's restore point - MorphVOX Junior
20-12-2014 22:18:13 Removed MorphVOX Junior
20-12-2014 22:19:51 Revo Uninstaller's restore point - Java 7 Update 71
20-12-2014 22:20:07 Removed Java 7 Update 71
20-12-2014 22:22:02 Revo Uninstaller's restore point - MorphVOX Pro
20-12-2014 22:22:18 Removed MorphVOX Pro
20-12-2014 22:24:45 Revo Uninstaller's restore point - AI Suite
20-12-2014 22:25:01 Entfernt AI Suite
20-12-2014 22:33:02 Installiert AI Suite
20-12-2014 22:34:09 Revo Uninstaller's restore point - System Requirements Lab CYRI
20-12-2014 22:34:50 Revo Uninstaller's restore point - System Requirements Lab CYRI
20-12-2014 22:35:54 Revo Uninstaller's restore point - The Binding of Isaac
20-12-2014 22:44:36 Revo Uninstaller's restore point - Avast Free Antivirus
20-12-2014 22:45:21 avast! antivirus system restore point
20-12-2014 23:44:15 Gerätetreiber-Paketinstallation: Emsisoft Netzwerkdienst
20-12-2014 23:54:52 Revo Uninstaller's restore point - Metin2
20-12-2014 23:57:45 Revo Uninstaller's restore point - TERA
21-12-2014 00:34:48 Revo Uninstaller's restore point - S.K.I.L.L. - Special Force 2

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-09-27 11:49 - 2014-11-30 21:02 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {002BC456-DB44-4F10-BC5B-16C0AE4B94E5} - System32\Tasks\{35A5A0DE-E4FD-4FCE-A133-406843CE3598} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {00442CFD-6F8A-4E25-B0F7-099CBAF166DD} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {07487D3F-27D3-4242-9986-5805088BC752} - System32\Tasks\{9CD2CBDC-9F17-4183-A776-3C3CDDB91238} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {094AD9FC-9A2A-4434-A267-67318F3AFB3C} - System32\Tasks\{C0BF0233-4710-4F22-B838-C53FD13B197E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {0D5CB102-9F0B-4BEF-9B7C-C8DD85A116EC} - System32\Tasks\{57FA110B-6E92-4EFD-98D9-19C15C00EF98} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {0E945E72-5D2C-4BEE-8169-B44EFAF0C579} - System32\Tasks\{CC321D73-229D-4CDF-9597-05F0B15F5904} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {181CF0AB-DAE3-4E35-A43E-6BCC9EA672F0} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1925287450-1312797874-627100175-1001UA => C:\Users\Issam276\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-19] (Facebook Inc.)
Task: {1B0FF44F-B3B3-4261-9E8C-07E83F04A8CE} - System32\Tasks\{97DA18F4-90B4-45A3-BC74-3C01B81E7603} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {1B9795BE-3E65-435B-A5B7-EE5DED837485} - System32\Tasks\{1DB90D4F-8D72-4AD5-8F36-5C4F0864AD9F} => C:\Program Files (x86)\Opera\Opera.exe
Task: {1D959856-47B4-4D86-A9FD-33900CD35ADF} - System32\Tasks\{D7E5FBB1-D0B1-4F1A-8742-47F989B83816} => C:\Program Files (x86)\Opera\Opera.exe
Task: {1EC122BA-C536-430F-8C35-6F86ECC39FF0} - System32\Tasks\{494A9B35-6058-4C19-A20A-E1DCE48F0786} => C:\Program Files (x86)\Opera\Opera.exe
Task: {217D3CDB-3FEF-4F4E-9156-02BFFFAAE60A} - System32\Tasks\{1CB8B36D-FC19-4546-8C7C-611AF21AD7E1} => pcalua.exe -a C:\ProgramData\Wizard101(DE)\Wizard101.exe -d C:\ProgramData\Wizard101(DE)
Task: {2572CB5E-1A7C-46F1-85B1-B62F4A17C417} - System32\Tasks\{1FBC4539-2901-4DDB-9D2F-862065494E88} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {260A62D5-8017-49B7-871D-68159B4FD231} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1925287450-1312797874-627100175-1001Core => C:\Users\Issam276\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-19] (Facebook Inc.)
Task: {27618943-30C4-4FBF-94B8-8ACB0A6F7E6D} - System32\Tasks\{0C9C72E9-00D2-49A6-8DF4-DAF367138BD8} => C:\Program Files (x86)\Opera\Opera.exe
Task: {2991A55D-1CD8-403C-B255-0C11A6C837E1} - System32\Tasks\{B261FD97-9C57-4F06-9AD3-4052FA220C1D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2B7A7CE2-981F-42D2-8492-CD5D1AF9E827} - System32\Tasks\{B4F0F2F1-B534-4A0D-9DF2-C38AE4C520E9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2CCD6124-8AE7-461C-BE80-4B62D3002340} - System32\Tasks\{3D7EEA60-2C2B-478A-9723-F829C43AC6E5} => C:\Program Files (x86)\Opera\Opera.exe
Task: {2CF1D8CF-0EA9-458A-85A8-561D147B6135} - System32\Tasks\{0B628F86-550A-486F-B114-58C62871B721} => C:\Program Files (x86)\Opera\Opera.exe
Task: {310CC0F8-C247-4599-ACFC-F3CD766E6AD5} - System32\Tasks\{FB8C4083-EF27-4416-85FA-D471CEDE5FB4} => C:\Program Files (x86)\Opera\Opera.exe
Task: {38FF6FD9-3BC6-4F09-959F-F2205181E561} - System32\Tasks\ASUS\Cpu Level Up Hook Lanunch => C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHookLaunch.exe [2009-12-28] ()
Task: {3B272214-852C-4330-841F-3F9FF4F9CB96} - System32\Tasks\{2B6CE963-FF84-494C-A826-01D80631B926} => C:\Program Files (x86)\Opera\Opera.exe
Task: {517D8EB9-77F1-497E-834A-D1FA240CE073} - System32\Tasks\{027A1301-659D-4B41-8A7F-040B74EBA95D} => C:\Program Files (x86)\Opera\Opera.exe
Task: {518389D1-8CCD-4B86-8F41-B077F9C9C618} - System32\Tasks\{EDDBD687-D415-4B69-927A-02931F7F1AAE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {51BFF5FC-5BC5-4DEE-9099-827B8BFB3632} - System32\Tasks\{8383930E-67E3-4379-A09D-4E59914B6389} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5244B6B7-C2C2-416A-8955-6F2586705863} - System32\Tasks\{54F5669B-1BD5-4394-89D5-A6EFBA584ACD} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5250B132-6E5B-47AC-BB16-E9815CC9A9C0} - System32\Tasks\{CAF62C3C-79A4-4066-B1CD-4E0DF30564F9} => pcalua.exe -a "C:\Program Files (x86)\Hotspot Shield\bin\HssInstaller.exe" -d "C:\Program Files (x86)\Hotspot Shield\bin"
Task: {52E12DE9-93B7-4E4B-85D1-DD2EDCEBE48A} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2011-05-10] (Hewlett-Packard)
Task: {562A50BF-2E54-45F4-9077-473F7A049562} - System32\Tasks\{6310026B-3E16-4E78-998C-7F30496D8899} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {571A9041-6AA5-4836-BA2B-534C9EB85DCE} - System32\Tasks\{D319D8AB-8433-493A-84FA-D1698EDEAFCE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {577E3FA9-79BA-4694-AE4C-9B609E38C0E9} - System32\Tasks\{DE38B5D4-C035-40D9-848C-B966145964A9} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5AEBC49C-BCC7-4EC1-8951-9B299633E773} - System32\Tasks\{9E9AC548-DCCB-4B5B-9EDB-0E52B9DE5627} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5BE38A7A-4925-497C-82F3-A330FC280BC4} - System32\Tasks\{949BCCD7-1397-41DE-9EF8-11EE2C0CE563} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5C099198-A578-4EEC-92B4-6417465170A1} - System32\Tasks\{41F9C8B0-D0DD-4377-9D24-69E831D0CF7A} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5C4A49C0-89DE-4238-8F91-64CFBFBAEE53} - System32\Tasks\{BB6E67DE-783D-4A31-8585-E7CAEC52E5AA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5F97C91C-7B67-4A52-9DD7-0E6FA102D424} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-22] (Google Inc.)
Task: {60553E3D-46C1-4E1E-A947-FA9307DD2C8C} - System32\Tasks\{74F988AC-9E60-40C7-8D90-CFECFAEE92E1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {627CECAB-2B8F-4A2E-92B9-B140446FE0EC} - System32\Tasks\{90038331-2672-47E4-99D2-E9ECCB36DC14} => C:\Program Files (x86)\Opera\Opera.exe
Task: {6D6DF3D0-D45F-4F6F-B07C-E1FBBD6FD0B9} - System32\Tasks\{59008250-33FF-402A-82FD-577C388040C8} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {717B3FF7-1A14-47F6-8B46-91A57AD183CA} - System32\Tasks\{1FB7ED02-0BF3-4694-A643-44D549B5C376} => C:\Program Files (x86)\Opera\Opera.exe
Task: {722A80F7-B367-438E-82D6-607B2AAE2AD5} - System32\Tasks\{0D1B66EB-8E6C-4941-A849-C02CAA677C49} => C:\Program Files (x86)\Opera\Opera.exe
Task: {7352E960-C7B0-45FE-A83F-F87B5AA6E651} - System32\Tasks\{5F44ABCA-6526-4396-A179-A30F6651B4A5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {740EE1F2-3BC5-4CD5-B694-A5FE540D3E9E} - System32\Tasks\{F6171EAE-04B0-4030-B64B-4B9DF15D3273} => C:\Program Files (x86)\Opera\Opera.exe
Task: {76B86268-4206-4908-ADA8-A9FA15A4F610} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: {7A0C2EDE-2AF3-40D3-8E5E-AC91914B9348} - System32\Tasks\{36BD8F26-454A-45A7-98BC-D772130BD6D1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {7CBDBD19-6CA0-43C5-95A3-B5B0B50A01DB} - System32\Tasks\{B117D272-C5AF-4E62-9F8E-DA7E6CE8FF4E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {7EF615A3-395A-4B8F-AF0B-D79B49D3A554} - System32\Tasks\{064550D4-D75D-402D-AB32-91E23A58D5F4} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {821856F1-ED6B-4965-84E5-2519F0D73FB5} - System32\Tasks\{8424C4DF-A4EC-4B5B-814E-60CE8AB30940} => C:\Program Files (x86)\Opera\Opera.exe
Task: {82F5E65C-C34C-4E7A-BA2B-3EC5834D6E13} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12] (Adobe Systems Incorporated)
Task: {86715FE4-085D-43AB-A67D-906AB668D4A7} - System32\Tasks\{D1BFDBF2-DEA8-4BB9-8474-3A446710C951} => C:\Program Files (x86)\Opera\Opera.exe
Task: {878AA624-33EF-4ADA-BD3A-0D7BEA46656B} - System32\Tasks\{11EE2B2D-9A84-413C-B65A-30FADFE1F4C1} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8A24C11B-1434-4888-BB67-DA4035986E85} - System32\Tasks\{8F6BCC5D-9E79-4A90-A52C-B05FBD3A95EA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {8B9B1B73-C0C4-48B0-A910-7D63871A1890} - System32\Tasks\{CE6A2A80-3982-406F-916F-BF44A1FE93BE} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8C5EA5CA-2168-47C9-A8AD-8D8F8CD43494} - System32\Tasks\{3096790B-F753-40DE-BBBD-C96814C19276} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8D278482-A7C4-4259-B172-CD56F7F3242B} - System32\Tasks\{C307734E-4CEF-40E7-BB76-67E38AFE3245} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {8FB0CF65-18EC-4D9E-84EA-E0C2E70B609A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {9034EE4A-EF7C-4EBC-B8FB-59A0E30DCDCB} - System32\Tasks\{B7D832C7-A1D4-449B-AFB7-35A7D5308265} => C:\Program Files (x86)\Opera\Opera.exe
Task: {9173C9BE-02B5-4B2E-9CDD-85959BAC8FE8} - System32\Tasks\{AA084653-E62A-4321-85C7-E1F14B703E3B} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {92D5F453-D605-4376-BBAF-560DCBF5179E} - System32\Tasks\{08F83017-CD43-415F-BAC5-1B6099D399DE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {9455CECE-75DF-4B1C-8F1C-9D6F22BAF9EE} - System32\Tasks\{1C451F35-6BB4-4E64-9D44-83DA1235BD66} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {97E4E16D-3E9D-4441-B88C-F8DAD136D5AC} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {9B836882-C9AA-46BA-A2BA-B2FBC31A7D1B} - System32\Tasks\{402ED0EB-55E1-49BC-85FF-B611C38007C2} => C:\Program Files (x86)\Opera\Opera.exe
Task: {9DEE72AF-EDDE-4210-860C-D59F8CE425A5} - System32\Tasks\{FEE95010-E0AC-4F29-89EB-CC1D42B7322D} => C:\Program Files (x86)\Opera\Opera.exe
Task: {A0B271A8-0315-4B2F-8A8E-1D955B9A3912} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-02-22] (Google Inc.)
Task: {A5971EB2-865A-4144-B663-DC582061EE03} - System32\Tasks\{2EB349E6-0751-41BC-9F7E-301AC1E05B93} => C:\Program Files (x86)\Opera\Opera.exe
Task: {A6148E12-0291-4995-AF46-E06D84208F64} - System32\Tasks\{CE3CDE01-297E-4503-BDBC-F6BFCA06FC5A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A67DF276-6D87-4B90-9873-2A2EA8FCE1CB} - System32\Tasks\{F14CFAC1-DBF2-4360-95C4-B2F2F9DB35E4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {AA1BFF9B-0E49-4EB7-B267-2C7CB4A2ED1E} - System32\Tasks\{9276B961-43E2-4972-B3AD-25EACD24D008} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B1677E31-93D0-47CC-AC29-7D496732B34B} - System32\Tasks\{6933359E-E599-4364-BEFF-153E2C84ECF1} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B23234F8-1783-4601-B17A-A749DC43B32C} - System32\Tasks\{CF201C0D-902D-45EC-AB8B-441B32C49B96} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B39E32F9-A4EE-4F1C-AD43-1AFF1EC66810} - System32\Tasks\{520D24F2-56D5-4A8F-A89D-4396E1298D0E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B43C1327-9D38-4105-BA3A-C7AC2DC0A854} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {B4CB886A-F99C-4F83-B319-AC5B4339BAFC} - System32\Tasks\{74BC537C-1377-401A-9CBD-EC70A4E00FE6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B4D142B4-4AB8-4B95-912F-FA662BCB5F05} - System32\Tasks\{816E19F8-6746-42E8-825E-C00C9D8CFF94} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B4F576A8-5746-40C0-878D-8D298BD66F25} - System32\Tasks\{15AA7614-5DDE-4F02-8A19-A95EC0A1D51D} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B8266606-848E-4C36-BA78-1D86A62F2B77} - System32\Tasks\{24C3BC9D-CAFC-4292-BD2A-FFCF0B425D08} => C:\Program Files (x86)\Opera\Opera.exe
Task: {BB7D82FD-251B-4EF7-B078-D7DCE617D964} - System32\Tasks\{8FC938EB-7EAF-4A34-BC9D-AE2F5778B1B1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {BE835B87-3BC8-4D2F-98F4-08EA1738769B} - System32\Tasks\{9A921854-22BF-4FF6-917B-1529CCCD96DB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {BF14D3C2-045B-46CA-95BA-E54E71AA5EE8} - System32\Tasks\{FE9E2570-3D08-4423-AFC3-5C7948AE63B6} => C:\Program Files (x86)\Opera\Opera.exe
Task: {CBB4538C-70A1-4630-8661-5D84D95409E7} - System32\Tasks\{7A14CB27-EE0B-47F1-B055-77F01B48DBC9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {CE491649-14B0-4AE2-AF71-9B80E2717EDE} - System32\Tasks\{9A3B38A4-E24C-4CA3-836B-B69E7E5C4A8F} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D3A08372-F9B6-4E87-B367-CF2D04F990A2} - System32\Tasks\{C58F335D-256C-447C-8F92-0D21522B0AE2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D3ABB6D7-9F40-4E4A-B2B6-72AB46A050F7} - System32\Tasks\{83D83B71-6311-4584-B276-FEF554406168} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D51CC9D5-F8A0-48CA-AF21-4E3C1E57E18A} - System32\Tasks\{E3BA121A-6110-46E2-B350-F190E39F142A} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D55EA148-E054-4415-97C3-733D26CAD4E3} - System32\Tasks\{7B2D31C4-B94E-459C-9AB9-7BA5A6885752} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D68AFE80-D806-4B03-8AF8-0D69B8F3266F} - System32\Tasks\{C0804A57-189E-4D52-A8D5-914BE6EC38F9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D9F0C0DA-2D8C-45BC-8EB1-746DAD06A5AA} - System32\Tasks\{178B6CBE-CD97-4A87-A91B-79970D345AA5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {DE9B3A77-0437-4DAC-A2F6-1C4095755D50} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {DF647FC5-023B-433B-A122-FD19ECBBFB86} - System32\Tasks\{6B5908DA-E475-496F-9C03-92B7931F8B4E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E605C0CD-CF58-4517-9803-90D6F64981E6} - System32\Tasks\{CC42283F-627B-42E6-B065-74187AD2AC1E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E6FF23C5-E38B-446E-8E9D-335C6AF909D1} - System32\Tasks\{174B23CD-95AE-408F-A856-1370A9D536E1} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E709A72E-20A0-408C-8C71-C6281C3A9E2C} - System32\Tasks\{A7B59FCB-77B6-43A8-B48C-A4408A63A05C} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E966568A-61B6-46C0-81ED-FD8F48DFB1A5} - System32\Tasks\{3EF7DE06-5206-4DE0-8481-16D004F97BC7} => C:\Program Files (x86)\Opera\Opera.exe
Task: {EA7EC79F-EE05-40AC-A1AA-EF8F38EE1D94} - System32\Tasks\{0E7C6814-82A5-4652-86AF-0257E8E200B0} => C:\Program Files (x86)\Opera\Opera.exe
Task: {ED2C4059-C99A-478E-AFB7-A89311EE1AF3} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files (x86)\ASUS\AASP\1.01.12\AsLoader.exe [2010-01-13] (ASUSTeK Computer Inc.)
Task: {EE65A338-E67D-4F14-B674-5CBA24CD1AF1} - System32\Tasks\{3FE25692-2DF1-4C8A-83BD-5C0938957293} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F20A80F0-766A-4B7F-98DD-6229DA061883} - System32\Tasks\{6ABFC70E-5286-4F62-8D85-3DB5C7E96535} => C:\Program Files (x86)\Opera\Opera.exe
Task: {FAD1D3B7-6A37-47D3-839D-81888361D8DA} - System32\Tasks\{C4DCDE58-2889-4887-A3A8-759819CB3B00} => C:\Program Files (x86)\Opera\Opera.exe
Task: {FBD60A63-97EE-4455-A187-75DD221AC9B9} - System32\Tasks\{B55E87D1-7DD5-45F3-839C-11D9E63BACE7} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FDA4DAEA-5188-46B1-8E30-64BB76D227AC} - System32\Tasks\{EF6CA142-96C0-4D8A-B1B8-DF46DCB79231} => C:\Program Files (x86)\Opera\Opera.exe
Task: {FE7BAC5A-F911-419A-A23E-1A2FA331CB95} - System32\Tasks\{4C1D5CDD-8AE5-4025-923B-71D4C96C9F47} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FFBA2F6D-660A-4E9F-984C-78AD46ACDCD5} - System32\Tasks\{87B307EE-CC62-4781-8900-89C379B24C05} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1925287450-1312797874-627100175-1001Core.job => C:\Users\Issam276\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1925287450-1312797874-627100175-1001UA.job => C:\Users\Issam276\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-05-01 15:13 - 2014-05-01 15:13 - 00470016 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2013-03-28 21:31 - 2013-03-28 21:31 - 00210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-09-23 12:53 - 2012-09-23 12:53 - 00748544 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-09-23 12:53 - 2012-09-23 12:53 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2009-12-15 16:40 - 2009-12-15 16:40 - 00065536 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
2013-03-28 21:30 - 2013-03-28 21:30 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-07-10 10:29 - 2014-01-05 20:31 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2009-12-15 16:40 - 2009-12-15 16:40 - 00122880 _____ () C:\Windows\SysWOW64\WinMsgBalloonServer.exe
2009-12-15 16:41 - 2009-12-15 16:41 - 00139264 _____ () C:\Windows\SysWOW64\WinMsgBalloonClient.exe
2009-12-15 22:44 - 2009-12-15 22:44 - 00516096 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\libxml2.dll
2012-06-14 14:11 - 2009-04-29 13:24 - 00253952 _____ () C:\Program Files (x86)\ASUS\Turbo Key\pngio.dll
2012-06-14 14:11 - 2009-04-29 13:24 - 00208896 _____ () C:\Program Files (x86)\ASUS\Turbo Key\AiNap.dll
2012-06-14 14:11 - 2009-04-29 13:24 - 00008704 _____ () C:\Program Files (x86)\ASUS\Turbo Key\vvc.dll
2014-12-13 02:32 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-13 02:32 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-13 02:32 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-13 02:32 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: CGVPNCliService => 2
MSCONFIG\Services: EslWireHelper => 2
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: hshld => 2
MSCONFIG\Services: HssTrayService => 3
MSCONFIG\Services: HssWd => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LBTServ => 3
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: OkayFreedom VPN Starter Service => 2
MSCONFIG\Services: OverwolfUpdaterService => 3
MSCONFIG\Services: RalinkRegistryWriter => 2
MSCONFIG\Services: RalinkRegistryWriter64 => 2
MSCONFIG\Services: RaMediaServer => 2
MSCONFIG\Services: SearchAnonymizer => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer8 => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe                                                                                                                                                                                                             
MSCONFIG\startupreg: Spotify => "C:\Users\Issam276\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Issam276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent

========================= Accounts: ==========================

Administrator (S-1-5-21-1925287450-1312797874-627100175-500 - Administrator - Disabled)
Gast (S-1-5-21-1925287450-1312797874-627100175-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-1925287450-1312797874-627100175-1002 - Limited - Enabled)
Issam276 (S-1-5-21-1925287450-1312797874-627100175-1001 - Administrator - Enabled) => C:\Users\Issam276

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/21/2014 02:32:47 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Stream product id=0x0066): Streaming Failed

Error: (12/21/2014 02:32:17 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Too many failures while downloading ranges: 2

Error: (12/21/2014 02:29:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/21/2014 02:46:33 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm League of Legends.exe, Version 4.21.0.397 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 1110

Startzeit: 01d01cbeaaacc578

Endzeit: 185

Anwendungspfad: C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.71\deploy\League of Legends.exe

Berichts-ID:

Error: (12/20/2014 11:45:41 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
(Stream product id=0x0066): Streaming Failed

Error: (12/20/2014 11:44:24 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Nur zur Information.
Too many failures while downloading ranges: 2

Error: (12/20/2014 11:43:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/20/2014 10:22:49 PM) (Source: MsiInstaller) (EventID: 11001) (User: Crounty)
Description: Product: MorphVOX Pro -- Error 1001. Error 1001. Beim Initialisieren der Installation ist eine Ausnahme aufgetreten:
System.IO.FileNotFoundException: Die Datei oder Assembly "file:///C:\Program Files (x86)\Screaming Bee\MorphVOX Pro\MorphDriverUninstall2.dll" oder eine Abhängigkeit davon wurde nicht gefunden. Das System kann die angegebene Datei nicht finden.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/20/2014 10:18:42 PM) (Source: MsiInstaller) (EventID: 11001) (User: Crounty)
Description: Product: MorphVOX Junior -- Error 1001. Error 1001. Beim Initialisieren der Installation ist eine Ausnahme aufgetreten:
System.IO.FileNotFoundException: Die Datei oder Assembly "file:///C:\Program Files (x86)\Screaming Bee\MorphVOX Junior\MorphDriverUninstall2.dll" oder eine Abhängigkeit davon wurde nicht gefunden. Das System kann die angegebene Datei nicht finden.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/20/2014 10:00:41 PM) (Source: MsiInstaller) (EventID: 11316) (User: Crounty)
Description: Product: DayZ Commander -- Error 1316. Das angegebene Konto ist bereits vorhanden.


System errors:
=============
Error: (12/21/2014 02:27:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (12/21/2014 02:27:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ANIO Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (12/20/2014 11:42:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (12/20/2014 11:42:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (12/20/2014 11:42:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ANIO Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (12/20/2014 11:37:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Adobe Acrobat Update Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/20/2014 09:58:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ANIO Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (12/20/2014 02:25:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (12/20/2014 02:25:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ANIO Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (12/19/2014 10:54:59 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Net.Tcp-Listeneradapter" ist vom Dienst "Net.Tcp-Portfreigabedienst" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1053


Microsoft Office Sessions:
=========================
Error: (12/21/2014 02:32:47 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Stream product id=0x0066): Streaming Failed

Error: (12/21/2014 02:32:17 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Too many failures while downloading ranges: 2

Error: (12/21/2014 02:29:35 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/21/2014 02:46:33 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: League of Legends.exe4.21.0.397111001d01cbeaaacc578185C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.71\deploy\League of Legends.exe

Error: (12/20/2014 11:45:41 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Stream product id=0x0066): Streaming Failed

Error: (12/20/2014 11:44:24 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Too many failures while downloading ranges: 2

Error: (12/20/2014 11:43:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/20/2014 10:22:49 PM) (Source: MsiInstaller) (EventID: 11001) (User: Crounty)
Description: Product: MorphVOX Pro -- Error 1001. Error 1001. Beim Initialisieren der Installation ist eine Ausnahme aufgetreten:
System.IO.FileNotFoundException: Die Datei oder Assembly "file:///C:\Program Files (x86)\Screaming Bee\MorphVOX Pro\MorphDriverUninstall2.dll" oder eine Abhängigkeit davon wurde nicht gefunden. Das System kann die angegebene Datei nicht finden.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/20/2014 10:18:42 PM) (Source: MsiInstaller) (EventID: 11001) (User: Crounty)
Description: Product: MorphVOX Junior -- Error 1001. Error 1001. Beim Initialisieren der Installation ist eine Ausnahme aufgetreten:
System.IO.FileNotFoundException: Die Datei oder Assembly "file:///C:\Program Files (x86)\Screaming Bee\MorphVOX Junior\MorphDriverUninstall2.dll" oder eine Abhängigkeit davon wurde nicht gefunden. Das System kann die angegebene Datei nicht finden.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (12/20/2014 10:00:41 PM) (Source: MsiInstaller) (EventID: 11316) (User: Crounty)
Description: Product: DayZ Commander -- Error 1316. Das angegebene Konto ist bereits vorhanden.
(NULL)(NULL)(NULL)(NULL)(NULL)


CodeIntegrity Errors:
===================================
  Date: 2014-11-30 20:57:24.409
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-30 20:57:24.253
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-29 09:37:48.936
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-29 09:37:48.935
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-29 09:37:48.934
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-29 09:37:48.916
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-29 09:37:48.915
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-29 09:37:48.913
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-28 19:42:21.884
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-28 19:42:21.883
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: AMD FX(tm)-4100 Quad-Core Processor
Percentage of memory in use: 38%
Total physical RAM: 8174.12 MB
Available physical RAM: 4993.23 MB
Total Pagefile: 16346.41 MB
Available Pagefile: 12697.74 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:921.75 GB) (Free:725.96 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B2544B2F)
Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27)
Partition 2: (Active) - (Size=921.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================
Hier noch die 2 Scans von Emsisoft
Code:
Emsisoft Internet Security - Version 9.0
Letztes Update: 21.12.2014 01:12:30
Benutzerkonto: Crounty\Issam276

Scan Einstellungen:

Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\, Q:\

PUPs-Erkennung: An
Archiv Scan: An
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus

Scan Beginn:        21.12.2014 01:13:51
C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\jimkinmhioifhbgkpmindbifppbnhgii\7.2\uBm_xqmIEl4G.js.vir        gefunden: Adware.MultiPlug.CY (B)
C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Roaming\OpenCandy\99FEAAB6906247F389DE3EB4D37B98D6\LinkuryInstaller.msi.vir -> (Embedded CAB) -> BrowserHelper.exe        gefunden: Gen:Adware.Heur.bm1@gfQ3oyj (B)
C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Roaming\OpenCandy\99FEAAB6906247F389DE3EB4D37B98D6\LinkuryInstaller.msi.vir -> (Embedded EXE)        gefunden: Gen:Adware.Heur.2q@@g5ht0ec (B)
C:\ProgramData\Kaspersky Lab\AVP14.0.0\QB\67cf0e2e67fd7107.klq -> (Quarantine-6)        gefunden: Gen:Variant.Adware.BProtector.2 (B)
C:\ProgramData\Kaspersky Lab\AVP14.0.0\QB\695ac9ff29dd1d1d.klq -> (Quarantine-6)        gefunden: Gen:Variant.Adware.BProtector.2 (B)
C:\ProgramData\Kaspersky Lab\AVP14.0.0\QB\76d48c65bcfc1037.klq -> (Quarantine-6)        gefunden: Gen:Variant.Adware.BProtector.2 (B)
C:\ProgramData\Kaspersky Lab\AVP14.0.0\QB\8c6dc5017209b072.klq -> (Quarantine-6)        gefunden: Gen:Variant.Adware.BProtector.2 (B)
C:\ProgramData\Kaspersky Lab\AVP14.0.0\QB\d4e5fae884251c95.klq -> (Quarantine-6)        gefunden: Gen:Variant.Adware.BProtector.2 (B)
C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\File System\010\t\00\00000000        gefunden: Application.InstallAd (A)
C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\File System\010\t\00\00000001        gefunden: Application.InstallAd (A)
C:\Users\Issam276\Desktop\zoek.exe        gefunden: Trojan.Generic.12189744 (B)
C:\Users\Issam276\vusr56ik69so\vdXFrjXse.CBB        gefunden: Trojan.Ciusky.Gen.18 (B)
C:\zoek_backup\C_PROGRA~3_mlcalnbafllpekjinmmklpgcblhlaffh\mlcalnbafllpekjinmmklpgcblhlaffh.crx -> Y6jUEfM.js        gefunden: Adware.MultiPlug.CY (B)
C:\zoek_backup\C_PROGRA~3_oeiclgdmiipmnmhjjoncbohblhelhmcd\oeiclgdmiipmnmhjjoncbohblhelhmcd.crx -> L9CC.js        gefunden: Adware.MultiPlug.CY (B)

Gescannt        406945
Gefunden        14

Scan Ende:        21.12.2014 02:45:40
Scan Zeit:        1:31:49

C:\zoek_backup\C_PROGRA~3_oeiclgdmiipmnmhjjoncbohblhelhmcd\oeiclgdmiipmnmhjjoncbohblhelhmcd.crx        Quarantäne Adware.MultiPlug.CY (B)
C:\zoek_backup\C_PROGRA~3_mlcalnbafllpekjinmmklpgcblhlaffh\mlcalnbafllpekjinmmklpgcblhlaffh.crx        Quarantäne Adware.MultiPlug.CY (B)
C:\Users\Issam276\vusr56ik69so\vdXFrjXse.CBB        Quarantäne Trojan.Ciusky.Gen.18 (B)
C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\File System\010\t\00\00000001        Quarantäne Application.InstallAd (A)
C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\File System\010\t\00\00000000        Quarantäne Application.InstallAd (A)
C:\ProgramData\Kaspersky Lab\AVP14.0.0\QB\d4e5fae884251c95.klq        Quarantäne Gen:Variant.Adware.BProtector.2 (B)
C:\ProgramData\Kaspersky Lab\AVP14.0.0\QB\8c6dc5017209b072.klq        Quarantäne Gen:Variant.Adware.BProtector.2 (B)
C:\ProgramData\Kaspersky Lab\AVP14.0.0\QB\76d48c65bcfc1037.klq        Quarantäne Gen:Variant.Adware.BProtector.2 (B)
C:\ProgramData\Kaspersky Lab\AVP14.0.0\QB\695ac9ff29dd1d1d.klq        Quarantäne Gen:Variant.Adware.BProtector.2 (B)
C:\ProgramData\Kaspersky Lab\AVP14.0.0\QB\67cf0e2e67fd7107.klq        Quarantäne Gen:Variant.Adware.BProtector.2 (B)
C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Roaming\OpenCandy\99FEAAB6906247F389DE3EB4D37B98D6\LinkuryInstaller.msi.vir        Quarantäne Gen:Adware.Heur.2q@@g5ht0ec (B)
C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\jimkinmhioifhbgkpmindbifppbnhgii\7.2\uBm_xqmIEl4G.js.vir        Quarantäne Adware.MultiPlug.CY (B)

Quarantäne        12

Code:
Emsisoft Internet Security - Version 9.0
Letztes Update: 20.12.2014 23:46:44
Benutzerkonto: Crounty\Issam276

Scan Einstellungen:

Scan Methode: Smart Scan
Objekte: Rootkits, Speicher, Traces, C:\Windows\, C:\Program Files\, C:\Program Files (x86)\

PUPs-Erkennung: An
Archiv Scan: Aus
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus

Scan Beginn:        20.12.2014 23:47:46
Key: HKEY_USERS\.DEFAULT\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B}        gefunden: Application.AdGenie (A)
Key: HKEY_USERS\S-1-5-20\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B}        gefunden: Application.AdGenie (A)
Key: HKEY_USERS\.DEFAULT\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B}        gefunden: Application.AdGenie (A)
Key: HKEY_USERS\S-1-5-19\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B}        gefunden: Application.AdGenie (A)
Key: HKEY_USERS\S-1-5-20\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B}        gefunden: Application.AdGenie (A)
Key: HKEY_USERS\S-1-5-18\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B}        gefunden: Application.AdGenie (A)
Key: HKEY_USERS\.DEFAULT\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B}        gefunden: Application.AdGenie (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{02478D38-C3F9-4EFB-9B51-7695ECA05670}        gefunden: Application.BHO (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS        gefunden: Setting.DisableRegistryTools (A)
Value: HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS        gefunden: Setting.DisableRegistryTools (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\AU__RASAPI32        gefunden: Application.Win32.InstallExt (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\AU__RASMANCS        gefunden: Application.Win32.InstallExt (A)
C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll        gefunden: Gen:Adware.Heur.im9@gLahqXi (B)

Gescannt        335117
Gefunden        13

Scan Ende:        21.12.2014 01:01:04
Scan Zeit:        1:13:18

C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll        Quarantäne Gen:Adware.Heur.im9@gLahqXi (B)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\AU__RASMANCS        Quarantäne Application.Win32.InstallExt (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\TRACING\AU__RASAPI32        Quarantäne Application.Win32.InstallExt (A)
Value: HKEY_USERS\S-1-5-21-1925287450-1312797874-627100175-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS        Quarantäne Setting.DisableRegistryTools (A)
Value: HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM -> DISABLEREGISTRYTOOLS        Quarantäne Setting.DisableRegistryTools (A)
Key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{02478D38-C3F9-4EFB-9B51-7695ECA05670}        Quarantäne Application.BHO (A)
Key: HKEY_USERS\.DEFAULT\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B}        Quarantäne Application.AdGenie (A)
Key: HKEY_USERS\S-1-5-20\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B}        Quarantäne Application.AdGenie (A)
Key: HKEY_USERS\S-1-5-19\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B}        Quarantäne Application.AdGenie (A)

Quarantäne        9

schrauber 22.12.2014 13:24
Wer hat denn da schon mit Zoek rumgefixt?


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




Revo Uninstaller - Download - Filepony
damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.google.com/chrome/answer/3296214?hl=de

und ein frisches FRST log bitte.

Crounty 23.12.2014 17:37
War schonmal hier und mir wurde empfohlen Zoek zu nutzen

Code:
# AdwCleaner v4.106 - Bericht erstellt am 23/12/2014 um 17:10:22
# Aktualisiert 21/12/2014 von Xplode
# Database : 2014-12-21.4 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Issam276 - CROUNTY
# Gestartet von : C:\Users\Issam276\Desktop\AdwCleaner_4.106.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}

***** [ Browser ] *****

-\\ Internet Explorer v0.0.0.0


-\\ Mozilla Firefox v30.0 (de)


-\\ Google Chrome v39.0.2171.95


*************************

AdwCleaner[R0].txt - [63604 octets] - [03/03/2014 18:43:08]
AdwCleaner[R1].txt - [92447 octets] - [03/03/2014 18:46:55]
AdwCleaner[R2].txt - [2001 octets] - [12/03/2014 18:44:14]
AdwCleaner[R3].txt - [25903 octets] - [10/05/2014 17:14:56]
AdwCleaner[R4].txt - [1892 octets] - [23/12/2014 17:05:15]
AdwCleaner[S0].txt - [79181 octets] - [03/03/2014 19:10:25]
AdwCleaner[S1].txt - [23644 octets] - [10/05/2014 18:38:24]
AdwCleaner[S2].txt - [1805 octets] - [23/12/2014 17:10:22]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [1865 octets] ##########
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Home Premium x64
Ran by Issam276 on 23.12.2014 at 17:13:16,98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.12.2014 at 17:22:02,85
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-12-2014
Ran by Issam276 (administrator) on CROUNTY on 23-12-2014 17:34:33
Running from C:\Users\Issam276\Desktop
Loaded Profile: Issam276 (Available profiles: Issam276 & Gast & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Internet Security\a2service.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(AMD) C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe
() C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Akamai Technologies, Inc.) C:\Users\Issam276\AppData\Local\Akamai\netsession_win.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Spotify Ltd) C:\Users\Issam276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Akamai Technologies, Inc.) C:\Users\Issam276\AppData\Local\Akamai\netsession_win.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Internet Security\a2guard.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Windows\SysWOW64\WinMsgBalloonServer.exe
() C:\Windows\SysWOW64\WinMsgBalloonClient.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
() C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.231\deploy\LoLLauncher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.15\deploy\LoLPatcher.exe
() C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.123\deploy\LolClient.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) C:\Program Files\TeamSpeak 3 Client\ts3client_win64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7204568 2013-12-28] (Realtek Semiconductor)
HKLM-x32\...\Run: [Turbo Key] => C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe [1874432 2009-11-24] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Cpu Level Up help] => C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe [887936 2009-12-28] ()
HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft internet security\a2guard.exe [4954576 2014-12-01] (Emsisoft GmbH)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Issam276\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-09-15] (AMD)
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Run: [Spotify Web Helper] => C:\Users\Issam276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-12] (Spotify Ltd)
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Policies\system: [EnableLUA] 0
HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30524520 2014-11-27] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1925287450-1312797874-627100175-1001 -> Backup.Old.DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233}
SearchScopes: HKU\S-1-5-21-1925287450-1312797874-627100175-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1925287450-1312797874-627100175-1001 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-flv
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{BF86312B-8016-42B1-B232-8DED504D4B33}: [NameServer] 81.173.194.68,212.117.68.10

FireFox:
========
FF ProfilePath: C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197\searchplugins\yahoo_ff.xml
FF Extension: Adblock Plus - C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-02-22]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF Extension: No Name - C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197\extensions\ascsurfingprotection@iobit.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome:
=======
CHR HomePage: Default -> https://www.google.de/
CHR StartupUrls: Default -> "https://www.google.de/"
CHR DefaultSearchKeyword: Default -> google.de_
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-12-23]
CHR Extension: (Google Präsentationen) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-01]
CHR Extension: (Google Docs) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-01]
CHR Extension: (Google Drive) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-01]
CHR Extension: (WOT) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-12-23]
CHR Extension: (MEGA) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2014-12-23]
CHR Extension: (YouTube) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-01]
CHR Extension: (Adblock Plus) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-12-23]
CHR Extension: (Google-Suche) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-01]
CHR Extension: (Google Tabellen) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-01]
CHR Extension: (League of Legends(LoL) For New Tab) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\hagfodkdlfpceodghmlnbjafkcdjnifd [2014-12-23]
CHR Extension: (Ghostery) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-12-23]
CHR Extension: (Google Wallet) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-01]
CHR Extension: (Google Mail) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Internet Security\a2service.exe [4907232 2014-12-01] (Emsisoft GmbH)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.) [File not signed]
R2 AMD_RAIDXpert; C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [122880 2009-12-15] (AMD) [File not signed]
S4 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [136616 2012-05-10] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-08-19] (ASUSTeK Computer Inc.) [File not signed]
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-09-25] () [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-01-05] ()
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5405456 2014-11-12] (TeamViewer GmbH)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
S4 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [X]
S3 npggsvc; C:\Windows\system32\GameMon.des -service [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT INTERNET SECURITY\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Internet Security\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Internet Security\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Internet Security\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH)
S2 ANIO; C:\Windows\SysWOW64\ANIO.SYS [28205 2003-05-05] (Alpha Networks Inc.) [File not signed]
R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2009-03-06] ()
R2 AODDriver4.2.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [57472 2012-05-10] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2014-06-29] (The OpenVPN Project)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Internet Security\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
S3 cpuz130; No ImagePath
S3 dump_wmimmc; No ImagePath
R2 ESLWireAC; C:\Windows\system32\drivers\ESLWireACD.sys [160784 2012-12-17] (<Turtle Entertainment>)
S3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)
R3 fwndis; C:\Windows\System32\DRIVERS\fwndis64.sys [484952 2014-12-01] ()
R1 fwwfp; C:\Program Files (x86)\Emsisoft Internet Security\fwwfp764.sys [414424 2014-12-01] ()
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-01] (INCA Internet Co., Ltd.) [File not signed]
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [53760 2012-09-28] (Apple, Inc.) [File not signed]
S3 X6va008; No ImagePath
S3 X6va009; No ImagePath
S3 X6va012; No ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S3 netr28ux; system32\DRIVERS\netr28ux.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-23 17:31 - 2014-12-23 17:31 - 00002253 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-23 17:31 - 2014-12-23 17:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-23 17:30 - 2014-12-23 17:30 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-12-23 17:30 - 2014-12-23 17:30 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-12-23 17:30 - 2014-12-23 17:30 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-23 17:30 - 2014-12-23 17:30 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-23 17:24 - 2014-12-23 17:25 - 00880784 _____ (Google Inc.) C:\Users\Issam276\Downloads\ChromeSetup.exe
2014-12-23 17:23 - 2014-12-23 17:24 - 00040936 _____ () C:\Users\Issam276\Desktop\Addition.txt
2014-12-23 17:22 - 2014-12-23 17:22 - 00000698 _____ () C:\Users\Issam276\Desktop\JRT.txt
2014-12-23 17:13 - 2014-12-23 17:13 - 00000000 ____D () C:\Windows\ERUNT
2014-12-23 17:12 - 2014-12-23 17:12 - 01707646 _____ (Thisisu) C:\Users\Issam276\Downloads\JRT.exe
2014-12-23 17:04 - 2014-12-23 17:03 - 02173952 _____ () C:\Users\Issam276\Desktop\AdwCleaner_4.106.exe
2014-12-23 17:03 - 2014-12-23 17:03 - 02173952 _____ () C:\Users\Issam276\Downloads\AdwCleaner_4.106.exe
2014-12-22 00:22 - 2014-12-22 00:22 - 02666496 _____ () C:\Users\Issam276\Downloads\IPCamAdapter.msi
2014-12-22 00:00 - 2014-12-22 00:00 - 00167296 _____ (Gibson Research Corp.) C:\Users\Issam276\Downloads\DNSBench.exe
2014-12-21 21:19 - 2014-12-21 21:19 - 00001613 _____ () C:\Users\Public\Desktop\League of Legends.lnk
2014-12-21 21:19 - 2014-12-21 21:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-12-21 21:13 - 2014-12-21 21:13 - 30668968 _____ (Riot Games) C:\Users\Issam276\Downloads\LeagueofLegends_EUW_Installer_9_15_2014.exe
2014-12-21 16:19 - 2014-12-21 16:18 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-21 16:16 - 2014-12-21 16:16 - 00638376 _____ (Oracle Corporation) C:\Users\Issam276\Downloads\jre-8u25-windows-i586-iftw.exe
2014-12-21 16:10 - 2014-12-21 16:10 - 00852505 _____ () C:\Users\Issam276\Downloads\SecurityCheck.exe
2014-12-21 14:36 - 2014-12-23 17:34 - 00020634 _____ () C:\Users\Issam276\Desktop\FRST.txt
2014-12-21 04:09 - 2014-12-21 04:09 - 05073240 _____ (Microsoft Corporation) C:\Users\Issam276\Downloads\vcredist_x86.exe
2014-12-21 04:00 - 2014-12-21 04:08 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\BoL
2014-12-21 03:56 - 2014-12-21 03:56 - 00000270 _____ () C:\Users\Issam276\Downloads\Relog.zip
2014-12-21 03:54 - 2014-12-21 03:54 - 00000157 _____ () C:\Users\Issam276\Downloads\doGout.rar
2014-12-21 03:52 - 2014-12-21 03:54 - 00000000 ____D () C:\Users\Issam276\Desktop\sadsdasda
2014-12-21 03:51 - 2014-12-21 03:52 - 11539006 _____ () C:\Users\Issam276\Downloads\Bot of Legends.rar
2014-12-21 01:22 - 2014-12-21 01:23 - 00031608 _____ () C:\Users\Issam276\Downloads\mwb_scan.zip
2014-12-21 01:01 - 2014-12-21 01:01 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-12-20 23:44 - 2014-12-20 23:44 - 00001132 _____ () C:\Users\Public\Desktop\Emsisoft Internet Security.lnk
2014-12-20 23:44 - 2014-12-20 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Internet Security
2014-12-20 23:43 - 2014-12-23 17:32 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Internet Security
2014-12-20 23:43 - 2014-12-01 16:55 - 00484952 _____ () C:\Windows\system32\Drivers\fwndis64.sys
2014-12-20 23:42 - 2014-12-20 23:42 - 00001710 _____ () C:\EamClean.log
2014-12-20 23:36 - 2014-12-20 23:36 - 04095448 _____ (BrightFort LLC ) C:\Users\Issam276\Downloads\spywareblastersetup50.exe
2014-12-20 23:36 - 2014-12-20 23:36 - 00448512 _____ (OldTimer Tools) C:\Users\Issam276\Downloads\TFC.exe
2014-12-20 23:36 - 2014-12-20 23:36 - 00448512 _____ (OldTimer Tools) C:\Users\Issam276\Desktop\TFC.exe
2014-12-20 23:18 - 2014-12-20 23:20 - 170332104 _____ (Emsisoft Ltd ) C:\Users\Issam276\Downloads\EmsisoftInternetSecuritySetup.exe
2014-12-20 23:10 - 2014-12-20 23:10 - 02122240 _____ (Farbar) C:\Users\Issam276\Downloads\FRST64.exe
2014-12-20 23:10 - 2014-12-20 23:10 - 02122240 _____ (Farbar) C:\Users\Issam276\Desktop\FRST64.exe
2014-12-20 22:48 - 2014-12-20 23:42 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-12-20 22:34 - 2014-12-20 22:34 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-12-20 22:33 - 2008-01-04 13:34 - 00011832 _____ () C:\Windows\SysWOW64\Drivers\AsInsHelp64.sys
2014-12-20 22:33 - 2008-01-04 13:34 - 00010216 _____ () C:\Windows\SysWOW64\Drivers\AsInsHelp32.sys
2014-12-20 22:12 - 2014-12-20 22:12 - 05718872 _____ (Microsoft Corporation) C:\Users\Issam276\Downloads\vcredist_x64 (2).exe
2014-12-20 22:11 - 2014-12-20 22:11 - 05718872 _____ (Microsoft Corporation) C:\Users\Issam276\Downloads\vcredist_x64 (1).exe
2014-12-20 22:08 - 2014-12-20 22:08 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-20 22:07 - 2014-12-20 22:07 - 07190152 _____ (Microsoft Corporation) C:\Users\Issam276\Downloads\vcredist_x64.exe
2014-12-20 21:51 - 2014-12-20 21:51 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-12-20 21:42 - 2014-12-20 21:42 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Issam276\Downloads\revosetup95.exe
2014-12-20 21:42 - 2014-12-20 21:42 - 00001270 _____ () C:\Users\Issam276\Desktop\Revo Uninstaller.lnk
2014-12-20 21:42 - 2014-12-20 21:42 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-12-20 21:40 - 2014-12-20 21:41 - 170178096 _____ (Emsisoft Ltd ) C:\Users\Issam276\Downloads\EmsisoftAntiMalwareSetup.exe
2014-12-19 17:31 - 2014-12-19 17:31 - 00985600 _____ () C:\Users\Issam276\Downloads\MicrosoftFixit50123.msi
2014-12-19 15:53 - 2014-12-19 15:53 - 00000000 ____D () C:\ComboFix
2014-12-13 22:22 - 2014-12-13 22:22 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Blizzard
2014-12-13 22:14 - 2014-12-13 22:22 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-12-13 22:14 - 2014-12-13 22:14 - 00001161 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-12-13 22:14 - 2014-12-13 22:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-12-13 13:17 - 2014-12-13 13:17 - 00000731 _____ () C:\Users\Issam276\mabast suckt.txt
2014-12-12 19:40 - 2014-12-12 19:40 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-12 17:42 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-12 17:42 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-12 17:42 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-12 17:42 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-12 17:42 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-12 17:42 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-12 17:42 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-12 17:42 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-12 17:42 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-12 17:42 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-12 16:26 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-12 16:26 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-12 16:26 - 2014-11-24 23:12 - 17874432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-12 16:26 - 2014-11-24 22:59 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-12 16:26 - 2014-11-24 22:54 - 10921984 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-12 16:26 - 2014-11-24 22:53 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-12 16:26 - 2014-11-24 22:47 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-12 16:26 - 2014-11-24 22:47 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-12 16:26 - 2014-11-24 22:45 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-12 16:26 - 2014-11-24 22:45 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-12-12 16:26 - 2014-11-24 22:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 02157056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-12 16:26 - 2014-11-24 22:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-12-12 16:26 - 2014-11-24 22:43 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-12 16:26 - 2014-11-24 22:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-12 16:26 - 2014-11-24 22:43 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-12-12 16:26 - 2014-11-24 22:42 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-12 16:26 - 2014-11-24 21:44 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-12 16:26 - 2014-11-24 21:41 - 12369920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-12 16:26 - 2014-11-24 21:40 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-12 16:26 - 2014-11-24 21:37 - 09740800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-12 16:26 - 2014-11-24 21:35 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-12 16:26 - 2014-11-24 21:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-12 16:26 - 2014-11-24 21:34 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-12 16:26 - 2014-11-24 21:34 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 01802752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-12 16:26 - 2014-11-24 21:33 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-12-12 16:26 - 2014-11-24 21:32 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-12 16:26 - 2014-11-24 21:32 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-12 16:26 - 2014-11-24 21:32 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-12 16:26 - 2014-11-24 21:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-12 16:26 - 2014-11-24 21:32 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-12 16:26 - 2014-11-24 21:32 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-12-12 16:26 - 2014-11-24 21:32 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-12-12 16:26 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-12 16:26 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-12 16:26 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-12 16:26 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-12 16:26 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-12 16:26 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-12 16:26 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-12 16:26 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-12 16:26 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-12 16:26 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-12 16:26 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-12 16:26 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-12 16:26 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-12 16:26 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-12 16:26 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-12 16:25 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-12 16:25 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-06 18:13 - 2014-12-06 18:13 - 00146183 _____ () C:\Users\Issam276\Downloads\YouTube-Unblocker-056.crx
2014-12-06 17:48 - 2014-12-08 14:45 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-12-06 17:48 - 2014-12-06 17:48 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Yahoo!
2014-12-06 17:43 - 2014-12-06 17:44 - 04998707 _____ () C:\Users\Issam276\Downloads\flvplayer_setup20_25.exe
2014-12-05 17:14 - 2014-12-05 17:14 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\xulrunner
2014-12-05 17:13 - 2014-12-05 17:13 - 10124389 _____ () C:\Users\Issam276\AppData\Roaming\xulrunner.zip
2014-12-04 16:29 - 2014-12-04 16:29 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Secunia PSI
2014-12-03 11:25 - 2014-12-03 11:30 - 441252901 _____ () C:\Users\Issam276\Downloads\League Of Legends.mp4
2014-12-01 21:34 - 2014-12-01 21:34 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Steganos
2014-11-30 23:30 - 2014-12-01 00:12 - 00000000 ____D () C:\zoek_backup
2014-11-30 23:30 - 2014-11-30 23:30 - 01294848 _____ () C:\Users\Issam276\Desktop\zoek.exe
2014-11-30 22:22 - 2014-12-05 17:28 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-30 21:10 - 2014-11-30 21:10 - 00031862 _____ () C:\ComboFix.txt
2014-11-30 20:47 - 2014-11-30 21:10 - 00000000 ____D () C:\Qoobox
2014-11-30 20:47 - 2014-11-30 21:08 - 00000000 ____D () C:\Windows\erdnt
2014-11-30 20:47 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-30 20:47 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-30 20:47 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-30 20:46 - 2014-12-19 15:52 - 05601641 ____R (Swearware) C:\Users\Issam276\Desktop\ComboFix.exe
2014-11-30 20:14 - 2014-12-23 17:11 - 00997672 _____ () C:\Windows\PFRO.log
2014-11-30 20:14 - 2014-12-23 17:11 - 00006660 _____ () C:\Windows\setupact.log
2014-11-30 20:14 - 2014-11-30 20:14 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-30 19:53 - 2014-11-19 16:25 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-11-30 19:50 - 2014-11-30 19:54 - 00001467 _____ () C:\Windows\SecuniaPackage.log
2014-11-30 19:41 - 2014-11-30 19:41 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-11-30 15:25 - 2014-11-30 15:25 - 00001174 _____ () C:\Users\Issam276\Desktop\Avast Internet Security License File.rar
2014-11-30 01:25 - 2014-11-30 01:25 - 01093536 _____ () C:\Users\Issam276\Documents\cc_20141130_012508.reg
2014-11-29 22:20 - 2014-11-29 22:20 - 00001049 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2014-11-29 18:05 - 2014-11-29 18:05 - 00000000 ____D () C:\Users\Issam276\Documents\Diablo III
2014-11-29 00:10 - 2014-11-29 18:04 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-11-29 00:10 - 2014-11-29 00:10 - 00001162 _____ () C:\Users\Public\Desktop\Diablo III.lnk
2014-11-29 00:10 - 2014-11-29 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2014-11-29 00:03 - 2014-12-16 20:30 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Battle.net
2014-11-29 00:03 - 2014-11-29 00:03 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Battle.net
2014-11-29 00:03 - 2014-11-29 00:03 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Blizzard Entertainment
2014-11-29 00:02 - 2014-12-13 22:14 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-11-29 00:02 - 2014-11-29 00:02 - 00001124 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-11-29 00:02 - 2014-11-29 00:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-23 17:34 - 2014-06-28 19:29 - 00000000 ____D () C:\FRST
2014-12-23 17:32 - 2012-06-14 15:08 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\TS3Client
2014-12-23 17:31 - 2013-02-22 18:07 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-23 17:27 - 2012-06-14 13:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-23 17:21 - 2012-06-15 15:21 - 00000000 ____D () C:\Users\Issam276\Desktop\Alles
2014-12-23 17:19 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-23 17:19 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-23 17:15 - 2014-07-04 02:28 - 01524381 _____ () C:\Windows\WindowsUpdate.log
2014-12-23 17:11 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-23 17:10 - 2014-03-03 18:42 - 00000000 ____D () C:\AdwCleaner
2014-12-23 03:40 - 2014-11-07 17:57 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Spotify
2014-12-22 03:57 - 2012-06-29 19:50 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Skype
2014-12-21 21:19 - 2014-05-11 10:31 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Riot Games
2014-12-21 19:31 - 2012-09-19 17:23 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Facebook
2014-12-21 18:15 - 2012-06-12 10:08 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-21 17:06 - 2011-04-12 08:43 - 00770016 _____ () C:\Windows\system32\perfh007.dat
2014-12-21 17:06 - 2011-04-12 08:43 - 00174334 _____ () C:\Windows\system32\perfc007.dat
2014-12-21 17:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-12-21 17:05 - 2012-09-22 13:39 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\SoftGrid Client
2014-12-21 17:01 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-21 16:51 - 2012-10-03 08:30 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\HpUpdate
2014-12-21 16:51 - 2012-09-25 18:22 - 00000000 ____D () C:\Program Files (x86)\HP
2014-12-21 16:22 - 2013-08-23 11:40 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-21 16:22 - 2012-06-21 17:01 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Adobe
2014-12-21 16:22 - 2012-06-14 13:47 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-21 16:22 - 2012-06-14 13:47 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-21 00:35 - 2014-09-06 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-12-21 00:00 - 2014-11-18 17:48 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\TERA
2014-12-20 23:42 - 2014-06-29 19:05 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-12-20 22:46 - 2013-07-10 17:40 - 00000000 ____D () C:\Users\DefaultAppPool
2014-12-20 22:36 - 2014-09-07 12:39 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-20 22:33 - 2012-06-14 14:10 - 00000000 ____D () C:\Windows\System32\Tasks\ASUS
2014-12-20 22:33 - 2012-06-14 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-12-20 22:33 - 2012-06-14 14:09 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-12-20 22:24 - 2013-02-01 21:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee
2014-12-20 22:21 - 2012-09-02 16:31 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-20 22:17 - 2012-09-14 17:26 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Unity
2014-12-20 21:59 - 2012-06-22 13:27 - 00000000 ____D () C:\Program Files (x86)\D-Link
2014-12-20 21:50 - 2012-06-14 13:52 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\InfraRecorder
2014-12-18 22:16 - 2013-04-27 07:45 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Spotify
2014-12-15 16:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-13 14:36 - 2013-02-02 10:54 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-13 14:36 - 2012-06-29 19:50 - 00000000 ____D () C:\ProgramData\Skype
2014-12-13 13:17 - 2012-06-14 12:17 - 00000000 ____D () C:\Users\Issam276
2014-12-12 19:40 - 2014-05-06 19:56 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-12 19:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-12 17:50 - 2013-08-21 23:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-12 17:43 - 2012-06-17 14:06 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-12 17:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-06 17:40 - 2014-08-10 06:44 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Windows Live
2014-12-05 17:28 - 2014-06-28 16:36 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-05 17:28 - 2014-06-28 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-05 17:28 - 2014-06-28 16:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-01 21:50 - 2012-12-08 09:39 - 00066256 _____ () C:\Users\Issam276\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-01 21:48 - 2012-12-08 09:38 - 04913880 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-01 21:47 - 2012-09-25 18:21 - 00006178 _____ () C:\ProgramData\hpzinstall.log
2014-12-01 21:38 - 2012-09-25 18:21 - 00000000 ____D () C:\ProgramData\HP
2014-12-01 21:33 - 2013-02-22 16:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-01 00:13 - 2014-02-11 12:15 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Comodo
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-12-01 00:08 - 2014-02-14 17:14 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-12-01 00:08 - 2014-02-14 17:14 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-12-01 00:08 - 2013-06-26 12:08 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-12-01 00:08 - 2012-07-03 17:11 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Google
2014-11-30 23:59 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-11-30 23:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-11-30 22:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PLA
2014-11-30 21:10 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-11-30 21:02 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-11-30 20:13 - 2014-03-03 17:37 - 00000000 ____D () C:\Windows\system32\log
2014-11-30 19:39 - 2012-11-18 14:41 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-30 19:39 - 2012-11-18 14:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-30 19:39 - 2012-06-14 13:52 - 00000000 ____D () C:\Program Files\WinRAR
2014-11-30 19:26 - 2014-08-31 20:00 - 00000000 ___RD () C:\Users\Issam276\Dropbox
2014-11-30 19:17 - 2014-08-31 19:58 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Dropbox
2014-11-30 19:16 - 2014-08-31 20:00 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-30 12:19 - 2014-11-01 20:28 - 00000000 ____D () C:\Users\Issam276\AppData\Local\osu!
2014-11-30 01:24 - 2012-06-27 18:39 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\TeamViewer
2014-11-30 01:24 - 2012-06-15 15:18 - 00000000 ____D () C:\Windows\Minidump
2014-11-29 22:20 - 2012-06-14 13:02 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-11-29 10:13 - 2013-01-25 19:07 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\.minecraft
2014-11-27 22:18 - 2009-07-14 06:13 - 01799304 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-24 14:04 - 2010-11-21 04:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Files to move or delete:
====================
C:\Users\Issam276\jagex_cl_oldschool_LIVE.dat
C:\Users\Issam276\jagex_cl_runescape_LIVE.dat
C:\Users\Issam276\random.dat


Some content of TEMP:
====================
C:\Users\Issam276\AppData\Local\Temp\Quarantine.exe
C:\Users\Issam276\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-15 16:36

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-12-2014
Ran by Issam276 at 2014-12-23 17:35:00
Running from C:\Users\Issam276\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Emsisoft Internet Security (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Internet Security (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
FW: Emsisoft Internet Security (Enabled) {BD3F5FCA-866B-1E2E-0A68-58900A751EA1}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AI Suite (HKLM-x32\...\{310BC5E2-31AF-49BB-904D-E71EB93645DC}) (Version: 1.06.22 - )
Akamai NetSession Interface (HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{2BFD590F-1D73-3533-E734-FDDAC3746E4A}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM-x32\...\{9C1FAB12-F426-432E-8579-75CAB60C69CF}) (Version: 4.2.0.0594 - Advanced Micro Devices, Inc.)
ANIO Service (HKLM-x32\...\{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}) (Version:  - )
Application Profiles (HKLM-x32\...\{4ED980CB-C288-6A80-A3EA-AEECC543058B}) (Version: 2.0.4525.30280 - Advanced Micro Devices, Inc.)
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 7.18.03 - ASUSTeK Computer Inc.)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Chris-PC Game Booster (HKLM-x32\...\Chris-PC Game Booster_is1) (Version: 2.00 - Chris P.C. srl)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dropbox (HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
Emsisoft Internet Security (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft Ltd)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HydraVision (x32 Version: 4.2.216.0 - Advanced Micro Devices, Inc.) Hidden
Java 7 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MTA:SA v1.4.0 (HKLM-x32\...\MTA:SA 1.4) (Version: v1.4.0 - Multi Theft Auto)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
osu! (HKLM-x32\...\{ba6599d0-1e00-4060-a455-55382b1c7008}) (Version: latest - ppy Pty Ltd)
PC Probe II (HKLM-x32\...\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}) (Version: 1.04.92 - ASUSTeK Computer Inc.)
RAIDXpert (HKLM-x32\...\InstallShield_{8B76B8E9-F773-4B75-A08C-120079EB765E}) (Version: 3.2.1540.10 - AMD)
RAIDXpert (x32 Version: 3.2.1540.10 - AMD) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6519 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.35436 Beta - TeamViewer)
Turbo Key (HKLM-x32\...\{B83F7FA5-3191-4E39-A1F2-8A9038BD0B04}) (Version: 1.01.03 - )
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WinSCP 4.3.8 (HKLM-x32\...\winscp3_is1) (Version: 4.3.8 - Martin Prikryl)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{3a022117-d6e3-4fcd-a8a2-d31ed64d8e1e}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

21-12-2014 18:15:32 Revo Uninstaller's restore point - Futuremark SystemInfo
21-12-2014 21:13:15 Revo Uninstaller's restore point - League of Legends
21-12-2014 21:13:34 Removed League of Legends
21-12-2014 21:18:29 Revo Uninstaller's restore point - LOLReplay
21-12-2014 21:18:35 Installed League of Legends
21-12-2014 21:19:13 DirectX wurde installiert
21-12-2014 21:50:17 Revo Uninstaller's restore point - ChrisPC DNS Switch 1.40
22-12-2014 00:22:17 Installed IP Camera Adapter
23-12-2014 17:25:24 Revo Uninstaller's restore point - Google Chrome

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-09-27 11:49 - 2014-11-30 21:02 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {002BC456-DB44-4F10-BC5B-16C0AE4B94E5} - System32\Tasks\{35A5A0DE-E4FD-4FCE-A133-406843CE3598} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {00442CFD-6F8A-4E25-B0F7-099CBAF166DD} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {07487D3F-27D3-4242-9986-5805088BC752} - System32\Tasks\{9CD2CBDC-9F17-4183-A776-3C3CDDB91238} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {094AD9FC-9A2A-4434-A267-67318F3AFB3C} - System32\Tasks\{C0BF0233-4710-4F22-B838-C53FD13B197E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {0D5CB102-9F0B-4BEF-9B7C-C8DD85A116EC} - System32\Tasks\{57FA110B-6E92-4EFD-98D9-19C15C00EF98} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {0E945E72-5D2C-4BEE-8169-B44EFAF0C579} - System32\Tasks\{CC321D73-229D-4CDF-9597-05F0B15F5904} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {1B0FF44F-B3B3-4261-9E8C-07E83F04A8CE} - System32\Tasks\{97DA18F4-90B4-45A3-BC74-3C01B81E7603} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {1B9795BE-3E65-435B-A5B7-EE5DED837485} - System32\Tasks\{1DB90D4F-8D72-4AD5-8F36-5C4F0864AD9F} => C:\Program Files (x86)\Opera\Opera.exe
Task: {1D959856-47B4-4D86-A9FD-33900CD35ADF} - System32\Tasks\{D7E5FBB1-D0B1-4F1A-8742-47F989B83816} => C:\Program Files (x86)\Opera\Opera.exe
Task: {1EC122BA-C536-430F-8C35-6F86ECC39FF0} - System32\Tasks\{494A9B35-6058-4C19-A20A-E1DCE48F0786} => C:\Program Files (x86)\Opera\Opera.exe
Task: {217D3CDB-3FEF-4F4E-9156-02BFFFAAE60A} - System32\Tasks\{1CB8B36D-FC19-4546-8C7C-611AF21AD7E1} => pcalua.exe -a C:\ProgramData\Wizard101(DE)\Wizard101.exe -d C:\ProgramData\Wizard101(DE)
Task: {2572CB5E-1A7C-46F1-85B1-B62F4A17C417} - System32\Tasks\{1FBC4539-2901-4DDB-9D2F-862065494E88} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {27618943-30C4-4FBF-94B8-8ACB0A6F7E6D} - System32\Tasks\{0C9C72E9-00D2-49A6-8DF4-DAF367138BD8} => C:\Program Files (x86)\Opera\Opera.exe
Task: {2991A55D-1CD8-403C-B255-0C11A6C837E1} - System32\Tasks\{B261FD97-9C57-4F06-9AD3-4052FA220C1D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2B7A7CE2-981F-42D2-8492-CD5D1AF9E827} - System32\Tasks\{B4F0F2F1-B534-4A0D-9DF2-C38AE4C520E9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2CCD6124-8AE7-461C-BE80-4B62D3002340} - System32\Tasks\{3D7EEA60-2C2B-478A-9723-F829C43AC6E5} => C:\Program Files (x86)\Opera\Opera.exe
Task: {2CF1D8CF-0EA9-458A-85A8-561D147B6135} - System32\Tasks\{0B628F86-550A-486F-B114-58C62871B721} => C:\Program Files (x86)\Opera\Opera.exe
Task: {310CC0F8-C247-4599-ACFC-F3CD766E6AD5} - System32\Tasks\{FB8C4083-EF27-4416-85FA-D471CEDE5FB4} => C:\Program Files (x86)\Opera\Opera.exe
Task: {38FF6FD9-3BC6-4F09-959F-F2205181E561} - System32\Tasks\ASUS\Cpu Level Up Hook Lanunch => C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHookLaunch.exe [2009-12-28] ()
Task: {3B272214-852C-4330-841F-3F9FF4F9CB96} - System32\Tasks\{2B6CE963-FF84-494C-A826-01D80631B926} => C:\Program Files (x86)\Opera\Opera.exe
Task: {4D020374-93EC-4337-92A7-F01F2B25AB76} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-23] (Google Inc.)
Task: {517D8EB9-77F1-497E-834A-D1FA240CE073} - System32\Tasks\{027A1301-659D-4B41-8A7F-040B74EBA95D} => C:\Program Files (x86)\Opera\Opera.exe
Task: {518389D1-8CCD-4B86-8F41-B077F9C9C618} - System32\Tasks\{EDDBD687-D415-4B69-927A-02931F7F1AAE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {51BFF5FC-5BC5-4DEE-9099-827B8BFB3632} - System32\Tasks\{8383930E-67E3-4379-A09D-4E59914B6389} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5244B6B7-C2C2-416A-8955-6F2586705863} - System32\Tasks\{54F5669B-1BD5-4394-89D5-A6EFBA584ACD} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5250B132-6E5B-47AC-BB16-E9815CC9A9C0} - System32\Tasks\{CAF62C3C-79A4-4066-B1CD-4E0DF30564F9} => pcalua.exe -a "C:\Program Files (x86)\Hotspot Shield\bin\HssInstaller.exe" -d "C:\Program Files (x86)\Hotspot Shield\bin"
Task: {52E12DE9-93B7-4E4B-85D1-DD2EDCEBE48A} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
Task: {562A50BF-2E54-45F4-9077-473F7A049562} - System32\Tasks\{6310026B-3E16-4E78-998C-7F30496D8899} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {571A9041-6AA5-4836-BA2B-534C9EB85DCE} - System32\Tasks\{D319D8AB-8433-493A-84FA-D1698EDEAFCE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {577E3FA9-79BA-4694-AE4C-9B609E38C0E9} - System32\Tasks\{DE38B5D4-C035-40D9-848C-B966145964A9} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5AEBC49C-BCC7-4EC1-8951-9B299633E773} - System32\Tasks\{9E9AC548-DCCB-4B5B-9EDB-0E52B9DE5627} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5BE38A7A-4925-497C-82F3-A330FC280BC4} - System32\Tasks\{949BCCD7-1397-41DE-9EF8-11EE2C0CE563} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5C099198-A578-4EEC-92B4-6417465170A1} - System32\Tasks\{41F9C8B0-D0DD-4377-9D24-69E831D0CF7A} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5C4A49C0-89DE-4238-8F91-64CFBFBAEE53} - System32\Tasks\{BB6E67DE-783D-4A31-8585-E7CAEC52E5AA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {60553E3D-46C1-4E1E-A947-FA9307DD2C8C} - System32\Tasks\{74F988AC-9E60-40C7-8D90-CFECFAEE92E1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {627CECAB-2B8F-4A2E-92B9-B140446FE0EC} - System32\Tasks\{90038331-2672-47E4-99D2-E9ECCB36DC14} => C:\Program Files (x86)\Opera\Opera.exe
Task: {6D6DF3D0-D45F-4F6F-B07C-E1FBBD6FD0B9} - System32\Tasks\{59008250-33FF-402A-82FD-577C388040C8} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {717B3FF7-1A14-47F6-8B46-91A57AD183CA} - System32\Tasks\{1FB7ED02-0BF3-4694-A643-44D549B5C376} => C:\Program Files (x86)\Opera\Opera.exe
Task: {722A80F7-B367-438E-82D6-607B2AAE2AD5} - System32\Tasks\{0D1B66EB-8E6C-4941-A849-C02CAA677C49} => C:\Program Files (x86)\Opera\Opera.exe
Task: {7352E960-C7B0-45FE-A83F-F87B5AA6E651} - System32\Tasks\{5F44ABCA-6526-4396-A179-A30F6651B4A5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {740EE1F2-3BC5-4CD5-B694-A5FE540D3E9E} - System32\Tasks\{F6171EAE-04B0-4030-B64B-4B9DF15D3273} => C:\Program Files (x86)\Opera\Opera.exe
Task: {7461D4F0-EA41-4211-B75D-45216A8E1438} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-23] (Google Inc.)
Task: {76B86268-4206-4908-ADA8-A9FA15A4F610} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: {7A0C2EDE-2AF3-40D3-8E5E-AC91914B9348} - System32\Tasks\{36BD8F26-454A-45A7-98BC-D772130BD6D1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {7CBDBD19-6CA0-43C5-95A3-B5B0B50A01DB} - System32\Tasks\{B117D272-C5AF-4E62-9F8E-DA7E6CE8FF4E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {7EF615A3-395A-4B8F-AF0B-D79B49D3A554} - System32\Tasks\{064550D4-D75D-402D-AB32-91E23A58D5F4} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {821856F1-ED6B-4965-84E5-2519F0D73FB5} - System32\Tasks\{8424C4DF-A4EC-4B5B-814E-60CE8AB30940} => C:\Program Files (x86)\Opera\Opera.exe
Task: {82F5E65C-C34C-4E7A-BA2B-3EC5834D6E13} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-21] (Adobe Systems Incorporated)
Task: {86715FE4-085D-43AB-A67D-906AB668D4A7} - System32\Tasks\{D1BFDBF2-DEA8-4BB9-8474-3A446710C951} => C:\Program Files (x86)\Opera\Opera.exe
Task: {878AA624-33EF-4ADA-BD3A-0D7BEA46656B} - System32\Tasks\{11EE2B2D-9A84-413C-B65A-30FADFE1F4C1} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8A24C11B-1434-4888-BB67-DA4035986E85} - System32\Tasks\{8F6BCC5D-9E79-4A90-A52C-B05FBD3A95EA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {8B9B1B73-C0C4-48B0-A910-7D63871A1890} - System32\Tasks\{CE6A2A80-3982-406F-916F-BF44A1FE93BE} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8C5EA5CA-2168-47C9-A8AD-8D8F8CD43494} - System32\Tasks\{3096790B-F753-40DE-BBBD-C96814C19276} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8D278482-A7C4-4259-B172-CD56F7F3242B} - System32\Tasks\{C307734E-4CEF-40E7-BB76-67E38AFE3245} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {8FB0CF65-18EC-4D9E-84EA-E0C2E70B609A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {9034EE4A-EF7C-4EBC-B8FB-59A0E30DCDCB} - System32\Tasks\{B7D832C7-A1D4-449B-AFB7-35A7D5308265} => C:\Program Files (x86)\Opera\Opera.exe
Task: {9173C9BE-02B5-4B2E-9CDD-85959BAC8FE8} - System32\Tasks\{AA084653-E62A-4321-85C7-E1F14B703E3B} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {92D5F453-D605-4376-BBAF-560DCBF5179E} - System32\Tasks\{08F83017-CD43-415F-BAC5-1B6099D399DE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {9455CECE-75DF-4B1C-8F1C-9D6F22BAF9EE} - System32\Tasks\{1C451F35-6BB4-4E64-9D44-83DA1235BD66} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {97E4E16D-3E9D-4441-B88C-F8DAD136D5AC} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {9B836882-C9AA-46BA-A2BA-B2FBC31A7D1B} - System32\Tasks\{402ED0EB-55E1-49BC-85FF-B611C38007C2} => C:\Program Files (x86)\Opera\Opera.exe
Task: {9DEE72AF-EDDE-4210-860C-D59F8CE425A5} - System32\Tasks\{FEE95010-E0AC-4F29-89EB-CC1D42B7322D} => C:\Program Files (x86)\Opera\Opera.exe
Task: {A5971EB2-865A-4144-B663-DC582061EE03} - System32\Tasks\{2EB349E6-0751-41BC-9F7E-301AC1E05B93} => C:\Program Files (x86)\Opera\Opera.exe
Task: {A6148E12-0291-4995-AF46-E06D84208F64} - System32\Tasks\{CE3CDE01-297E-4503-BDBC-F6BFCA06FC5A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A67DF276-6D87-4B90-9873-2A2EA8FCE1CB} - System32\Tasks\{F14CFAC1-DBF2-4360-95C4-B2F2F9DB35E4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {AA1BFF9B-0E49-4EB7-B267-2C7CB4A2ED1E} - System32\Tasks\{9276B961-43E2-4972-B3AD-25EACD24D008} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B1677E31-93D0-47CC-AC29-7D496732B34B} - System32\Tasks\{6933359E-E599-4364-BEFF-153E2C84ECF1} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B23234F8-1783-4601-B17A-A749DC43B32C} - System32\Tasks\{CF201C0D-902D-45EC-AB8B-441B32C49B96} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B39E32F9-A4EE-4F1C-AD43-1AFF1EC66810} - System32\Tasks\{520D24F2-56D5-4A8F-A89D-4396E1298D0E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B43C1327-9D38-4105-BA3A-C7AC2DC0A854} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {B4CB886A-F99C-4F83-B319-AC5B4339BAFC} - System32\Tasks\{74BC537C-1377-401A-9CBD-EC70A4E00FE6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B4D142B4-4AB8-4B95-912F-FA662BCB5F05} - System32\Tasks\{816E19F8-6746-42E8-825E-C00C9D8CFF94} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B4F576A8-5746-40C0-878D-8D298BD66F25} - System32\Tasks\{15AA7614-5DDE-4F02-8A19-A95EC0A1D51D} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B8266606-848E-4C36-BA78-1D86A62F2B77} - System32\Tasks\{24C3BC9D-CAFC-4292-BD2A-FFCF0B425D08} => C:\Program Files (x86)\Opera\Opera.exe
Task: {BB7D82FD-251B-4EF7-B078-D7DCE617D964} - System32\Tasks\{8FC938EB-7EAF-4A34-BC9D-AE2F5778B1B1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {BE835B87-3BC8-4D2F-98F4-08EA1738769B} - System32\Tasks\{9A921854-22BF-4FF6-917B-1529CCCD96DB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {BF14D3C2-045B-46CA-95BA-E54E71AA5EE8} - System32\Tasks\{FE9E2570-3D08-4423-AFC3-5C7948AE63B6} => C:\Program Files (x86)\Opera\Opera.exe
Task: {CBB4538C-70A1-4630-8661-5D84D95409E7} - System32\Tasks\{7A14CB27-EE0B-47F1-B055-77F01B48DBC9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {CE491649-14B0-4AE2-AF71-9B80E2717EDE} - System32\Tasks\{9A3B38A4-E24C-4CA3-836B-B69E7E5C4A8F} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D3A08372-F9B6-4E87-B367-CF2D04F990A2} - System32\Tasks\{C58F335D-256C-447C-8F92-0D21522B0AE2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D3ABB6D7-9F40-4E4A-B2B6-72AB46A050F7} - System32\Tasks\{83D83B71-6311-4584-B276-FEF554406168} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D51CC9D5-F8A0-48CA-AF21-4E3C1E57E18A} - System32\Tasks\{E3BA121A-6110-46E2-B350-F190E39F142A} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D55EA148-E054-4415-97C3-733D26CAD4E3} - System32\Tasks\{7B2D31C4-B94E-459C-9AB9-7BA5A6885752} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D68AFE80-D806-4B03-8AF8-0D69B8F3266F} - System32\Tasks\{C0804A57-189E-4D52-A8D5-914BE6EC38F9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D9F0C0DA-2D8C-45BC-8EB1-746DAD06A5AA} - System32\Tasks\{178B6CBE-CD97-4A87-A91B-79970D345AA5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {DE9B3A77-0437-4DAC-A2F6-1C4095755D50} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {DF647FC5-023B-433B-A122-FD19ECBBFB86} - System32\Tasks\{6B5908DA-E475-496F-9C03-92B7931F8B4E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E605C0CD-CF58-4517-9803-90D6F64981E6} - System32\Tasks\{CC42283F-627B-42E6-B065-74187AD2AC1E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E6FF23C5-E38B-446E-8E9D-335C6AF909D1} - System32\Tasks\{174B23CD-95AE-408F-A856-1370A9D536E1} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E709A72E-20A0-408C-8C71-C6281C3A9E2C} - System32\Tasks\{A7B59FCB-77B6-43A8-B48C-A4408A63A05C} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E966568A-61B6-46C0-81ED-FD8F48DFB1A5} - System32\Tasks\{3EF7DE06-5206-4DE0-8481-16D004F97BC7} => C:\Program Files (x86)\Opera\Opera.exe
Task: {EA7EC79F-EE05-40AC-A1AA-EF8F38EE1D94} - System32\Tasks\{0E7C6814-82A5-4652-86AF-0257E8E200B0} => C:\Program Files (x86)\Opera\Opera.exe
Task: {ED2C4059-C99A-478E-AFB7-A89311EE1AF3} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files (x86)\ASUS\AASP\1.01.12\AsLoader.exe [2010-01-13] (ASUSTeK Computer Inc.)
Task: {EE65A338-E67D-4F14-B674-5CBA24CD1AF1} - System32\Tasks\{3FE25692-2DF1-4C8A-83BD-5C0938957293} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F20A80F0-766A-4B7F-98DD-6229DA061883} - System32\Tasks\{6ABFC70E-5286-4F62-8D85-3DB5C7E96535} => C:\Program Files (x86)\Opera\Opera.exe
Task: {FAD1D3B7-6A37-47D3-839D-81888361D8DA} - System32\Tasks\{C4DCDE58-2889-4887-A3A8-759819CB3B00} => C:\Program Files (x86)\Opera\Opera.exe
Task: {FBD60A63-97EE-4455-A187-75DD221AC9B9} - System32\Tasks\{B55E87D1-7DD5-45F3-839C-11D9E63BACE7} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FDA4DAEA-5188-46B1-8E30-64BB76D227AC} - System32\Tasks\{EF6CA142-96C0-4D8A-B1B8-DF46DCB79231} => C:\Program Files (x86)\Opera\Opera.exe
Task: {FE7BAC5A-F911-419A-A23E-1A2FA331CB95} - System32\Tasks\{4C1D5CDD-8AE5-4025-923B-71D4C96C9F47} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FFBA2F6D-660A-4E9F-984C-78AD46ACDCD5} - System32\Tasks\{87B307EE-CC62-4781-8900-89C379B24C05} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2009-12-15 16:40 - 2009-12-15 16:40 - 00065536 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpert.exe
2012-07-10 10:29 - 2014-01-05 20:31 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-03-28 21:30 - 2013-03-28 21:30 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2009-12-15 16:40 - 2009-12-15 16:40 - 00122880 _____ () C:\Windows\SysWOW64\WinMsgBalloonServer.exe
2009-12-15 16:41 - 2009-12-15 16:41 - 00139264 _____ () C:\Windows\SysWOW64\WinMsgBalloonClient.exe
2014-05-01 15:13 - 2014-05-01 15:13 - 00470016 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2012-12-17 17:14 - 2012-12-17 17:14 - 00954848 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
2014-01-21 16:54 - 2014-12-21 21:19 - 01294336 _____ () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe
2014-12-21 21:19 - 2014-12-21 21:19 - 02465272 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.231\deploy\LoLLauncher.exe
2014-12-21 21:20 - 2014-12-21 21:20 - 04214776 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.15\deploy\LoLPatcher.exe
2014-12-21 21:27 - 2014-12-21 21:27 - 00074752 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.123\deploy\LolClient.exe
2014-02-28 10:14 - 2014-02-28 10:14 - 00173568 _____ () C:\Program Files\TeamSpeak 3 Client\quazip.dll
2014-02-27 15:51 - 2014-02-27 15:51 - 01080832 _____ () C:\Program Files\TeamSpeak 3 Client\platforms\qwindows.dll
2014-02-27 15:51 - 2014-02-27 15:51 - 00833024 _____ () C:\Program Files\TeamSpeak 3 Client\sqldrivers\qsqlite.dll
2014-02-28 14:07 - 2014-08-10 11:33 - 00102344 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2014-02-28 14:07 - 2014-08-10 11:33 - 00108488 _____ () C:\Program Files\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2014-02-27 15:51 - 2014-02-27 15:51 - 00030208 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qgif.dll
2014-02-27 15:51 - 2014-02-27 15:51 - 00233984 _____ () C:\Program Files\TeamSpeak 3 Client\imageformats\qjpeg.dll
2014-02-28 14:10 - 2014-08-10 11:33 - 00134088 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\appscanner_plugin.dll
2014-02-28 14:10 - 2014-08-10 11:33 - 00563656 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2014-02-28 14:10 - 2014-08-10 11:33 - 00265160 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\lua_plugin.dll
2014-02-28 14:10 - 2014-08-10 11:33 - 00579016 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2014-02-28 14:10 - 2014-08-10 11:33 - 00029640 _____ () C:\Program Files\TeamSpeak 3 Client\plugins\test_plugin.dll
2014-02-27 15:51 - 2014-02-27 15:51 - 00159232 _____ () C:\Program Files\TeamSpeak 3 Client\accessible\qtaccessiblewidgets.dll
2009-12-15 22:44 - 2009-12-15 22:44 - 00516096 _____ () C:\Program Files (x86)\AMD\RAIDXpert\bin\libxml2.dll
2012-06-14 14:11 - 2009-04-29 13:24 - 00253952 _____ () C:\Program Files (x86)\ASUS\Turbo Key\pngio.dll
2012-06-14 14:11 - 2009-04-29 13:24 - 00208896 _____ () C:\Program Files (x86)\ASUS\Turbo Key\AiNap.dll
2012-06-14 14:11 - 2009-04-29 13:24 - 00008704 _____ () C:\Program Files (x86)\ASUS\Turbo Key\vvc.dll
2014-12-21 21:20 - 2014-12-21 21:20 - 01628152 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.15\deploy\RiotLauncher.dll
2014-05-01 15:15 - 2014-05-01 15:15 - 00463360 _____ () C:\ProgramData\MEGAsync\ShellExtX32.dll
2014-12-21 21:23 - 2014-12-21 21:23 - 04774248 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.123\deploy\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2014-12-21 21:23 - 2014-12-21 21:23 - 16032616 _____ () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.123\deploy\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
2014-12-23 17:31 - 2014-12-06 02:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-23 17:31 - 2014-12-06 02:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-23 17:31 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-23 17:31 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: CGVPNCliService => 2
MSCONFIG\Services: EslWireHelper => 2
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: hshld => 2
MSCONFIG\Services: HssTrayService => 3
MSCONFIG\Services: HssWd => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LBTServ => 3
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: OkayFreedom VPN Starter Service => 2
MSCONFIG\Services: OverwolfUpdaterService => 3
MSCONFIG\Services: RalinkRegistryWriter => 2
MSCONFIG\Services: RalinkRegistryWriter64 => 2
MSCONFIG\Services: RaMediaServer => 2
MSCONFIG\Services: SearchAnonymizer => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer8 => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe                                                                                                                                                                                                             
MSCONFIG\startupreg: Spotify => "C:\Users\Issam276\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Issam276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent

========================= Accounts: ==========================

Administrator (S-1-5-21-1925287450-1312797874-627100175-500 - Administrator - Disabled)
Gast (S-1-5-21-1925287450-1312797874-627100175-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-1925287450-1312797874-627100175-1002 - Limited - Enabled)
Issam276 (S-1-5-21-1925287450-1312797874-627100175-1001 - Administrator - Enabled) => C:\Users\Issam276

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-11-30 20:57:24.409
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-30 20:57:24.253
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-29 09:37:48.936
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-29 09:37:48.935
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-29 09:37:48.934
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-29 09:37:48.916
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-29 09:37:48.915
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-29 09:37:48.913
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-28 19:42:21.884
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-28 19:42:21.883
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: AMD FX(tm)-4100 Quad-Core Processor
Percentage of memory in use: 37%
Total physical RAM: 8174.12 MB
Available physical RAM: 5123.04 MB
Total Pagefile: 16346.41 MB
Available Pagefile: 12714.45 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:921.75 GB) (Free:731.9 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B2544B2F)
Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27)
Partition 2: (Active) - (Size=921.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber 24.12.2014 17:22

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

Crounty 25.12.2014 17:54
Sorry, dass ich davon nicht mehr ausführen konnte, hab leider das Problem, dass der PC direkt einen Bluescreen kriegt wenn der den Desktop nach dem start geladen hat.
Der abgesicherte Modus geht jedoch

Hier der Link zum Foto davon:
hxxp://img5.fotos-hochladen.net/uploads/20141225151755s4j0pyf1ia.jpg

Ok hab mir mal über den abgesicherten modus Bluescreenview geholt und hab dann folgendes rausbekommen:
Code:
122514-28392-01.dmp        25.12.2014 15:18:14        DRIVER_IRQL_NOT_LESS_OR_EQUAL        0x000000d1        fffffac8`b9d4b04c        00000000`00000002        00000000`00000000        fffff880`04ae26a2        fwndis64.sys        fwndis64.sys+36a2                                        x64        ntoskrnl.exe+75bc0                                        C:\Windows\Minidump\122514-28392-01.dmp        4        15        7601        279.552        25.12.2014 15:19:44
Code:
fwndis64.sys        fwndis64.sys+36a2        fffff880`04adf000        fffff880`04b58000        0x00079000        0x549958e6        23.12.2014 12:58:30                                               
ntoskrnl.exe        ntoskrnl.exe+f20d4        fffff800`0344d000        fffff800`03a32000        0x005e5000        0x531590fb        04.03.2014 09:38:19        Microsoft® Windows® Operating System        NT Kernel & System        6.1.7601.18409 (win7sp1_gdr.140303-2144)        Microsoft Corporation        C:\Windows\system32\ntoskrnl.exe       
hal.dll                fffff800`03404000        fffff800`0344d000        0x00049000        0x4ce7c669        20.11.2010 14:00:25                                               
kdcom.dll                fffff800`00bb5000        fffff800`00bbf000        0x0000a000        0x4d4d8061        05.02.2011 17:52:49                                               
mcupdate_AuthenticAMD.dll                fffff880`00c5a000        fffff880`00c67000        0x0000d000        0x4a5bdf65        14.07.2009 02:29:09                                               
PSHED.dll                fffff880`00c67000        fffff880`00c7b000        0x00014000        0x4a5be027        14.07.2009 02:32:23        Betriebssystem Microsoft® Windows®        Plattformspezifischer Hardwarefehlertreiber        6.1.7600.16385 (win7_rtm.090713-1255)        Microsoft Corporation        C:\Windows\system32\PSHED.dll       
CLFS.SYS                fffff880`00c7b000        fffff880`00cd9000        0x0005e000        0x4a5bc11d        14.07.2009 00:19:57                                               
CI.dll                fffff880`00cd9000        fffff880`00d99000        0x000c0000        0x4ce7c944        20.11.2010 14:12:36                                               
Wdf01000.sys                fffff880`00ec4000        fffff880`00f86000        0x000c2000        0x51c51641        22.06.2013 04:13:05                                               
WDFLDR.SYS                fffff880`00f86000        fffff880`00f96000        0x00010000        0x5010ab70        26.07.2012 03:29:04                                               
ACPI.sys                fffff880`00f96000        fffff880`00fed000        0x00057000        0x4ce79294        20.11.2010 10:19:16                                               
WMILIB.SYS                fffff880`00fed000        fffff880`00ff6000        0x00009000        0x4a5bc117        14.07.2009 00:19:51                                               
msisadrv.sys                fffff880`00ff6000        fffff880`01000000        0x0000a000        0x4a5bc0fe        14.07.2009 00:19:26                                               
pci.sys                fffff880`00e00000        fffff880`00e33000        0x00033000        0x4ce7928f        20.11.2010 10:19:11                                               
vdrvroot.sys                fffff880`00e33000        fffff880`00e40000        0x0000d000        0x4a5bcadb        14.07.2009 01:01:31                                               
partmgr.sys                fffff880`00e40000        fffff880`00e55000        0x00015000        0x4f641bc1        17.03.2012 06:06:09                                               
volmgr.sys                fffff880`00e55000        fffff880`00e6a000        0x00015000        0x4ce792a0        20.11.2010 10:19:28                                               
volmgrx.sys                fffff880`00d99000        fffff880`00df5000        0x0005c000        0x4ce792eb        20.11.2010 10:20:43                                               
pciide.sys                fffff880`00e6a000        fffff880`00e71000        0x00007000        0x4a5bc115        14.07.2009 00:19:49                                               
PCIIDEX.SYS                fffff880`00e71000        fffff880`00e81000        0x00010000        0x4a5bc114        14.07.2009 00:19:48                                               
mountmgr.sys                fffff880`00e81000        fffff880`00e9b000        0x0001a000        0x4ce79299        20.11.2010 10:19:21                                               
atapi.sys                fffff880`00e9b000        fffff880`00ea4000        0x00009000        0x4a5bc113        14.07.2009 00:19:47                                               
ataport.SYS                fffff880`00c00000        fffff880`00c2a000        0x0002a000        0x51fef9b5        05.08.2013 02:02:45                                               
amd_sata.sys                fffff880`00ea4000        fffff880`00ebc000        0x00018000        0x5077e774        12.10.2012 10:48:36                                               
storport.sys                fffff880`0108c000        fffff880`010f0000        0x00064000        0x52f04432        04.02.2014 02:36:50                                               
amd_xata.sys                fffff880`010f0000        fffff880`010fe000        0x0000e000        0x5077e777        12.10.2012 10:48:39                                               
amdsata.sys                fffff880`010fe000        fffff880`0111c000        0x0001e000        0x4ba2c91d        19.03.2010 01:45:17                                               
amdxata.sys                fffff880`0111c000        fffff880`01127000        0x0000b000        0x4ba3a3ca        19.03.2010 17:18:18                                               
fltmgr.sys                fffff880`01127000        fffff880`01173000        0x0004c000        0x4ce7929c        20.11.2010 10:19:24                                               
fileinfo.sys                fffff880`01173000        fffff880`01187000        0x00014000        0x4a5bc481        14.07.2009 00:34:25                                               
Ntfs.sys                fffff880`01254000        fffff880`013fd000        0x001a9000        0x52e1be8a        24.01.2014 02:14:50                                               
msrpc.sys                fffff880`01187000        fffff880`011e5000        0x0005e000        0x4ce79334        20.11.2010 10:21:56                                               
ksecdd.sys                fffff880`01200000        fffff880`0121b000        0x0001b000        0x5348920e        12.04.2014 02:08:30                                               
cng.sys                fffff880`01000000        fffff880`01072000        0x00072000        0x50194fb7        01.08.2012 16:48:07                                               
pcw.sys                fffff880`0121b000        fffff880`0122c000        0x00011000        0x4a5bc0ff        14.07.2009 00:19:27                                               
Fs_Rec.sys                fffff880`0122c000        fffff880`01236000        0x0000a000        0x4f4eefd2        01.03.2012 04:41:06                                               
ndis.sys                fffff880`01486000        fffff880`01578000        0x000f2000        0x5034f6b2        22.08.2012 16:11:46                                               
NETIO.SYS                fffff880`01578000        fffff880`015d8000        0x00060000        0x5294760d        26.11.2013 11:21:01                                               
ksecpkg.sys                fffff880`01400000        fffff880`0142c000        0x0002c000        0x543c7790        14.10.2014 02:08:32                                               
tcpip.sys                fffff880`01601000        fffff880`01800000        0x001ff000        0x533f5bd4        05.04.2014 02:26:44                                               
fwpkclnt.sys                fffff880`0142c000        fffff880`01475000        0x00049000        0x533f5b09        05.04.2014 02:23:21                                               
volsnap.sys                fffff880`0184c000        fffff880`01898000        0x0004c000        0x4ce792c8        20.11.2010 10:20:08                                               
spldr.sys                fffff880`01898000        fffff880`018a0000        0x00008000        0x4a0858bb        11.05.2009 17:56:27                                               
rdyboost.sys                fffff880`018a0000        fffff880`018da000        0x0003a000        0x4ce7982e        20.11.2010 10:43:10                                               
mup.sys                fffff880`018da000        fffff880`018ec000        0x00012000        0x4a5bc201        14.07.2009 00:23:45                                               
hwpolicy.sys                fffff880`018ec000        fffff880`018f5000        0x00009000        0x4ce7927e        20.11.2010 10:18:54                                               
fvevol.sys                fffff880`018f5000        fffff880`0192f000        0x0003a000        0x5100a65c        24.01.2013 04:11:24                                               
disk.sys                fffff880`0192f000        fffff880`01945000        0x00016000        0x4a5bc11d        14.07.2009 00:19:57                                               
CLASSPNP.SYS                fffff880`01945000        fffff880`01975000        0x00030000        0x4ce7929b        20.11.2010 10:19:23                                               
cdrom.sys                fffff880`019ab000        fffff880`019d5000        0x0002a000        0x4ce79298        20.11.2010 10:19:20                                               
a2dix64.sys                fffff880`019d5000        fffff880`019e4000        0x0000f000        0x5221c6af        31.08.2013 11:34:23                                               
Null.SYS                fffff880`019e4000        fffff880`019ed000        0x00009000        0x4a5bc109        14.07.2009 00:19:37                                               
Beep.SYS                fffff880`019ed000        fffff880`019f4000        0x00007000        0x4a5bca8d        14.07.2009 01:00:13                                               
vga.sys                fffff880`01800000        fffff880`0180e000        0x0000e000        0x4a5bc587        14.07.2009 00:38:47                                               
VIDEOPRT.SYS                fffff880`0180e000        fffff880`01833000        0x00025000        0x4a5bc58b        14.07.2009 00:38:51                                               
watchdog.sys                fffff880`01833000        fffff880`01843000        0x00010000        0x4a5bc53f        14.07.2009 00:37:35                                               
RDPCDD.sys                fffff880`01843000        fffff880`0184c000        0x00009000        0x4a5bce62        14.07.2009 01:16:34                                               
rdpencdd.sys                fffff880`019f4000        fffff880`019fd000        0x00009000        0x4a5bce62        14.07.2009 01:16:34                                               
rdprefmp.sys                fffff880`01475000        fffff880`0147e000        0x00009000        0x4a5bce63        14.07.2009 01:16:35                                               
Msfs.SYS                fffff880`015d8000        fffff880`015e3000        0x0000b000        0x4a5bc113        14.07.2009 00:19:47                                               
Npfs.SYS                fffff880`015e3000        fffff880`015f4000        0x00011000        0x4a5bc114        14.07.2009 00:19:48                                               
tdx.sys                fffff880`00c2a000        fffff880`00c4c000        0x00022000        0x54616a72        11.11.2014 02:46:26                                               
TDI.SYS                fffff880`01236000        fffff880`01243000        0x0000d000        0x4ce7933e        20.11.2010 10:22:06                                               
afd.sys                fffff880`03a7c000        fffff880`03b05000        0x00089000        0x5388291c        30.05.2014 07:45:48                                               
netbt.sys                fffff880`03b05000        fffff880`03b4a000        0x00045000        0x4ce79386        20.11.2010 10:23:18                                               
ws2ifsl.sys                fffff880`03b4a000        fffff880`03b55000        0x0000b000        0x4a5bccf9        14.07.2009 01:10:33                                               
wfplwf.sys                fffff880`03b55000        fffff880`03b5e000        0x00009000        0x4a5bccb6        14.07.2009 01:09:26                                               
pacer.sys                fffff880`03b5e000        fffff880`03b84000        0x00026000        0x4ce7a862        20.11.2010 11:52:18                                               
anodlwfx.sys                fffff880`03b84000        fffff880`03b8d000        0x00009000        0x49b0f680        06.03.2009 11:10:08                                               
vwififlt.sys                fffff880`03b8d000        fffff880`03ba3000        0x00016000        0x4a5bcc3a        14.07.2009 01:07:22                                               
hssdrv6.sys                fffff880`03ba3000        fffff880`03bbd000        0x0001a000        0x5376cad1        17.05.2014 03:34:57                                               
netbios.sys                fffff880`03bbd000        fffff880`03bcc000        0x0000f000        0x4a5bccb6        14.07.2009 01:09:26                                               
serial.sys                fffff880`03bcc000        fffff880`03be9000        0x0001d000        0x4a5bcaa8        14.07.2009 01:00:40                                               
wanarp.sys                fffff880`03a00000        fffff880`03a1b000        0x0001b000        0x4ce7a874        20.11.2010 11:52:36                                               
termdd.sys                fffff880`03a1b000        fffff880`03a2f000        0x00014000        0x4ce7ab0c        20.11.2010 12:03:40                                               
rdbss.sys                fffff880`03c27000        fffff880`03c78000        0x00051000        0x4ce79497        20.11.2010 10:27:51                                               
nsiproxy.sys                fffff880`03c78000        fffff880`03c84000        0x0000c000        0x4a5bc15e        14.07.2009 00:21:02                                               
mssmbios.sys                fffff880`03c84000        fffff880`03c8f000        0x0000b000        0x4a5bc3be        14.07.2009 00:31:10                                               
fwwfp764.sys                fffff880`03c8f000        fffff880`03cf7000        0x00068000        0x54995909        23.12.2014 12:59:05                                               
discache.sys                fffff880`03cf7000        fffff880`03d06000        0x0000f000        0x4a5bc52e        14.07.2009 00:37:18                                               
dfsc.sys                fffff880`03d06000        fffff880`03d24000        0x0001e000        0x4ce79447        20.11.2010 10:26:31                                               
blbdrive.sys                fffff880`03d24000        fffff880`03d35000        0x00011000        0x4a5bc4df        14.07.2009 00:35:59                                               
AsUpIO.sys                fffff880`03d35000        fffff880`03d3b000        0x00006000        0x4a515fb2        06.07.2009 03:21:38                                        C:\Windows\system32\drivers\AsUpIO.sys       
AsIO.sys                fffff880`03d3b000        fffff880`03d41000        0x00006000        0x4c7325fe        24.08.2010 02:53:02                                        C:\Windows\system32\drivers\AsIO.sys       
a2util64.sys                fffff880`03d41000        fffff880`03d4b000        0x0000a000        0x537059be        12.05.2014 06:18:54                                               
a2ddax64.sys                fffff880`03d4b000        fffff880`03d55000        0x0000a000        0x51396c04        08.03.2013 05:41:40                                               
tunnel.sys                fffff880`03d55000        fffff880`03d7b000        0x00026000        0x4ce7a846        20.11.2010 11:51:50                                               
amdppm.sys                fffff880`03d7b000        fffff880`03d90000        0x00015000        0x4a5bc0fd        14.07.2009 00:19:25                                               
atikmpag.sys                fffff880`042cd000        fffff880`0436b000        0x0009e000        0x52311556        12.09.2013 02:13:58                                               
atikmdag.sys                fffff880`1100c000        fffff880`11c8c000        0x00c80000        0x52312203        12.09.2013 03:08:03                                               
dxgkrnl.sys                fffff880`11c8c000        fffff880`11d81000        0x000f5000        0x539e411c        16.06.2014 01:58:04                                               
dxgmms1.sys                fffff880`11d81000        fffff880`11dc7000        0x00046000        0x5164dc13        10.04.2013 04:27:15                                               
HDAudBus.sys                fffff880`11dc7000        fffff880`11deb000        0x00024000        0x4ce7a65e        20.11.2010 11:43:42                                               
Rt64win7.sys                fffff880`04852000        fffff880`0492c000        0x000da000        0x521c41ce        27.08.2013 07:06:06                                               
usbohci.sys                fffff880`0492c000        fffff880`04937000        0x0000b000        0x52954db5        27.11.2013 02:41:09                                               
USBPORT.SYS                fffff880`04937000        fffff880`0498d000        0x00056000        0x52954db7        27.11.2013 02:41:11                                               
usbfilter.sys                fffff880`0498d000        fffff880`0499e000        0x00011000        0x503d6ff0        29.08.2012 02:27:12                                               
usbehci.sys                fffff880`0499e000        fffff880`049b0000        0x00012000        0x52954db7        27.11.2013 02:41:11                                               
parport.sys                fffff880`049b0000        fffff880`049cd000        0x0001d000        0x4a5bcaa8        14.07.2009 01:00:40                                               
ASACPI.sys                fffff880`049cd000        fffff880`049d5000        0x00008000        0x4a5e9f11        16.07.2009 04:31:29                                               
serenum.sys                fffff880`049d5000        fffff880`049e1000        0x0000c000        0x4a5bcaa1        14.07.2009 01:00:33                                               
wmiacpi.sys                fffff880`049e1000        fffff880`049ea000        0x00009000        0x4a5bc3b6        14.07.2009 00:31:02                                               
CompositeBus.sys                fffff880`049ea000        fffff880`049fa000        0x00010000        0x4ce7a3ed        20.11.2010 11:33:17                                               
ScreamingBAudio64.sys                fffff880`04800000        fffff880`0480e000        0x0000e000        0x4c2ce468        01.07.2010 19:54:32                                               
portcls.sys                fffff880`0480e000        fffff880`0484b000        0x0003d000        0x524e1b82        04.10.2013 02:36:02                                               
drmk.sys                fffff880`0436b000        fffff880`0438d000        0x00022000        0x524e24fe        04.10.2013 03:16:30                                               
ks.sys                fffff880`0438d000        fffff880`043d0000        0x00043000        0x4ce7a3f3        20.11.2010 11:33:23                                               
ksthunk.sys                fffff880`0484b000        fffff880`04850200        0x00005200        0x4a5bca93        14.07.2009 01:00:19                                               
AgileVpn.sys                fffff880`043d0000        fffff880`043e6000        0x00016000        0x4a5bccf0        14.07.2009 01:10:24                                               
rasl2tp.sys                fffff880`04200000        fffff880`04224000        0x00024000        0x4ce7a872        20.11.2010 11:52:34                                               
ndistapi.sys                fffff880`11deb000        fffff880`11df7000        0x0000c000        0x4a5bccd8        14.07.2009 01:10:00                                               
ndiswan.sys                fffff880`04224000        fffff880`04253000        0x0002f000        0x4ce7a870        20.11.2010 11:52:32                                               
raspppoe.sys                fffff880`04253000        fffff880`0426e000        0x0001b000        0x4a5bcce9        14.07.2009 01:10:17                                               
raspptp.sys                fffff880`0426e000        fffff880`0428f000        0x00021000        0x4ce7a86f        20.11.2010 11:52:31                                               
rassstp.sys                fffff880`0428f000        fffff880`042a9000        0x0001a000        0x4a5bccf1        14.07.2009 01:10:25                                               
taphss6.sys                fffff880`042a9000        fffff880`042b7000        0x0000e000        0x5376b077        17.05.2014 01:42:31                                               
kbdclass.sys                fffff880`04b58000        fffff880`04b67000        0x0000f000        0x4a5bc116        14.07.2009 00:19:50                                               
mouclass.sys                fffff880`04b67000        fffff880`04b76000        0x0000f000        0x4a5bc116        14.07.2009 00:19:50                                               
swenum.sys                fffff880`04b76000        fffff880`04b77480        0x00001480        0x4a5bca92        14.07.2009 01:00:18                                               
amdiox64.sys                fffff880`04b78000        fffff880`04b8c000        0x00014000        0x4b7d5a21        18.02.2010 16:17:53                                               
umbus.sys                fffff880`04b8c000        fffff880`04b9e000        0x00012000        0x4ce7a695        20.11.2010 11:44:37                                               
usbhub.sys                fffff880`04b9e000        fffff880`04bf8000        0x0005a000        0x52954dd0        27.11.2013 02:41:36                                               
NDProxy.SYS                fffff880`04a00000        fffff880`04a15000        0x00015000        0x4ce7a864        20.11.2010 11:52:20                                               
AtihdW76.sys                fffff880`04a15000        fffff880`04a31000        0x0001c000        0x511d60fd        14.02.2013 23:11:09                                               
RTKVHD64.sys                fffff880`05c5b000        fffff880`05fe2500        0x00387500        0x5278d8fd        05.11.2013 12:39:41                                               
win32k.sys                fffff960`000d0000        fffff960`003f2000        0x00322000        0x00000000                                                       
Dxapi.sys                fffff880`05fe3000        fffff880`05fef000        0x0000c000        0x4a5bc574        14.07.2009 00:38:28                                               
crashdmp.sys                fffff880`05fef000        fffff880`05ffd000        0x0000e000        0x4a5bcabd        14.07.2009 01:01:01                                               
dump_dumpata.sys                fffff880`05c00000        fffff880`05c0c000        0x0000c000        0x4a5bc113        14.07.2009 00:19:47                                               
dump_atapi.sys                fffff880`05c0c000        fffff880`05c15000        0x00009000        0x4a5bc113        14.07.2009 00:19:47                                               
dump_dumpfve.sys                fffff880`05c15000        fffff880`05c28000        0x00013000        0x4a5bc18f        14.07.2009 00:21:51                                               
hidusb.sys                fffff880`05c28000        fffff880`05c36000        0x0000e000        0x4ce7a665        20.11.2010 11:43:49                                               
HIDCLASS.SYS                fffff880`05c36000        fffff880`05c4f000        0x00019000        0x51d3a2f1        03.07.2013 05:05:05                                               
HIDPARSE.SYS                fffff880`05c4f000        fffff880`05c57080        0x00008080        0x51d3a2f0        03.07.2013 05:05:04                                               
USBD.SYS                fffff880`05c58000        fffff880`05c59e80        0x00001e80        0x52954daf        27.11.2013 02:41:03                                               
mouhid.sys                fffff880`04a31000        fffff880`04a3e000        0x0000d000        0x4a5bca94        14.07.2009 01:00:20                                               
kbdhid.sys                fffff880`04a3e000        fffff880`04a4c000        0x0000e000        0x4ce7a3f5        20.11.2010 11:33:25                                               
monitor.sys                fffff880`04a4c000        fffff880`04a5a000        0x0000e000        0x4a5bc58c        14.07.2009 00:38:52                                               
TSDDD.dll                fffff960`005c0000        fffff960`005ca000        0x0000a000        0x00000000                                                       
cdd.dll                fffff960`00710000        fffff960`00737000        0x00027000        0x00000000                                                       
ATMFD.DLL                fffff960`00980000        fffff960`009e1000        0x00061000        0x00000000                Adobe Type Manager        Windows NT OpenType/Type 1 Font Driver        5.1 Build 238        Adobe Systems Incorporated        C:\Windows\system32\ATMFD.DLL       
luafv.sys                fffff880`04a5a000        fffff880`04a7d000        0x00023000        0x4a5bc295        14.07.2009 00:26:13                                               
lltdio.sys                fffff880`04a7d000        fffff880`04a92000        0x00015000        0x4a5bcc92        14.07.2009 01:08:50                                               
nwifi.sys                fffff880`03d90000        fffff880`03de3000        0x00053000        0x4a5bcc3b        14.07.2009 01:07:23                                               
ndisuio.sys                fffff880`04a92000        fffff880`04aa5000        0x00013000        0x4ce7a7e0        20.11.2010 11:50:08                                               
rspndr.sys                fffff880`04aa5000        fffff880`04abd000        0x00018000        0x4a5bcc92        14.07.2009 01:08:50                                               
HTTP.sys                fffff880`07461000        fffff880`0752a000        0x000c9000        0x4ce793ce        20.11.2010 10:24:30                                               
bowser.sys                fffff880`0752a000        fffff880`07548000        0x0001e000        0x4d649328        23.02.2011 05:55:04                                               
mpsdrv.sys                fffff880`07548000        fffff880`07560000        0x00018000        0x4a5bcc79        14.07.2009 01:08:25                                               
mrxsmb.sys                fffff880`07560000        fffff880`0758d000        0x0002d000        0x4db78226        27.04.2011 03:40:38                                               
mrxsmb10.sys                fffff880`0758d000        fffff880`075db000        0x0004e000        0x4e17c104        09.07.2011 03:46:28                                               
mrxsmb20.sys                fffff880`075db000        fffff880`075ff000        0x00024000        0x4db781e9        27.04.2011 03:39:37                                               
AODDriver2.sys                fffff880`07400000        fffff880`07432000        0x00032000        0x4f7d6499        05.04.2012 10:23:37                                               
AODDriver2.sys                fffff880`03a2f000        fffff880`03a61000        0x00032000        0x4f8e24b3        18.04.2012 03:19:31                                               
ESLWireACD.sys                fffff880`07e36000        fffff880`07ee0000        0x000aa000        0x508119ff        19.10.2012 10:14:39
Code:
==================================================
Dump File        : 122514-28392-01.dmp
Crash Time        : 25.12.2014 15:18:14
Bug Check String  : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code    : 0x000000d1
Parameter 1      : fffffac8`b9d4b04c
Parameter 2      : 00000000`00000002
Parameter 3      : 00000000`00000000
Parameter 4      : fffff880`04ae26a2
Caused By Driver  : fwndis64.sys
Caused By Address : fwndis64.sys+36a2
File Description  :
Product Name      :
Company          :
File Version      :
Processor        : x64
Crash Address    : ntoskrnl.exe+75bc0
Stack Address 1  :
Stack Address 2  :
Stack Address 3  :
Computer Name    :
Full Path        : C:\Windows\Minidump\122514-28392-01.dmp
Processors Count  : 4
Major Version    : 15
Minor Version    : 7601
Dump File Size    : 279.552
Dump File Time    : 25.12.2014 15:19:44
==================================================
Hier die Logs von Eset und Securitycheck.
Eset musste ich vorzeitig beenden, als dieser bei ca. 99% an einer leeren Datei hängen blieb
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=167cf204ebe24941b0a714f886f19d1c
# engine=18861
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-06-24 02:26:59
# local_time=2014-06-24 04:26:59 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1292 16777213 100 100 14081 35094441 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 2207 155249869 0 0
# scanned=40374
# found=22
# cleaned=0
# scan_time=446
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir"
sh=37D61F35EF511D7329202EA9E64B34A3A2733621 ft=1 fh=c71c001146429c75 vn="a variant of Win32/Toolbar.CrossRider.H potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-bho.dll.vir"
sh=16B4E7716034DAA8D51DF6933A1487521BAFD576 ft=1 fh=c71c00116f2f2486 vn="probably a variant of Win32/Toolbar.CrossRider.H potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-buttonutil.dll.vir"
sh=13C4E4530579D27AC735D69EB2D02C3143219550 ft=1 fh=4f6371db0a407d38 vn="a variant of Win32/Toolbar.CrossRider.I potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-buttonutil.exe.vir"
sh=0BE9B64B77D6993C208E74AD3EED09045EE1D8F0 ft=1 fh=711bf31f462ed090 vn="a variant of Win64/Toolbar.Crossrider.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-buttonutil64.dll.vir"
sh=A809AC1B09E64A27EC24867BBEF73E1F87F03649 ft=1 fh=4f6371db28b3513d vn="a variant of Win64/Toolbar.Crossrider.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-buttonutil64.exe.vir"
sh=C7180FFA47C505D779731E8DE951C27325483719 ft=1 fh=98f706846ae8387b vn="a variant of Win32/Toolbar.CrossRider.J potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-codedownloader.exe.vir"
sh=CD404C84FB05E5CD7CEE04070B84F96E31A52388 ft=1 fh=9ba1eca12ec55543 vn="a variant of Win32/Toolbar.CrossRider.I potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-helper.exe.vir"
sh=F5FB4CE2BDF7D2EFB02E98E3B5BDA31817E37C48 ft=1 fh=c71c0011cb1ed606 vn="a variant of Win32/SProtector.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MagniPic\assistant.dll.vir"
sh=EDF1A87DEB46CAC58EEFF284F6B253F3A9420587 ft=1 fh=c71c001121b25b01 vn="Win32/AdWare.MultiPlug.N application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MagniPic\iQ5FoM4WlA.dll.vir"
sh=03C058349D803B8A000FD4E20BE2E081176641A6 ft=1 fh=c71c00113f6bc66f vn="Win64/Adware.MultiPlug.A application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MagniPic\iQ5FoM4WlA.x64.dll.vir"
sh=67D59D15A734F2B41373F1CAF8347D199215D42C ft=1 fh=86e026dc2bf78850 vn="a variant of Win32/Mobogenie.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\New_UpdateMoboGenie.exe.vir"
sh=FA1F72CB2B306C4DEB45392C63EB10857682154B ft=1 fh=937c9ad3b66761c3 vn="Win32/Packed.ScrambleWrapper.H potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PutLockerDownloader.com\ptlextsetup.exe.vir"
sh=4269ACDD607F43005F345EA5604026FEBFD17193 ft=1 fh=c71c00117f8f9250 vn="a variant of Win32/AdWare.MultiPlug.K.gen application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\TubeAdBlocker\nnJYt.exe.vir"
sh=E0B8C7584C2F978C46B398FC66E33A30194FA7DF ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhaknhgbchodnaijihojhahebjgdekdb\1.5\Zvgp4Q_FrrLr.js.vir"
sh=748E90CBB284A00D9E9396B9EE387AC5905FF8D1 ft=1 fh=ab95f3a7820679d6 vn="a variant of Win32/Mobogenie.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DaemonProcess.exe.vir"
sh=D0E5E11ACDD3E7AF720794C6AD722169570CA169 ft=1 fh=afc8ab45c959803b vn="a variant of Win32/Mobogenie.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\Mobogenie.exe.vir"
sh=67D59D15A734F2B41373F1CAF8347D199215D42C ft=1 fh=86e026dc2bf78850 vn="a variant of Win32/Mobogenie.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\New_UpdateMoboGenie.exe.vir"
sh=05C3D3349BEA6B6DDD293DB9F60B492CFC90112C ft=1 fh=c23f98680dc9e474 vn="a variant of Win32/Complitly.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Roaming\Complitly\Complitly.dll.vir"
sh=154B5B1384246942A81D2EACA90E36A49FCEAC21 ft=1 fh=ff2f13d3f4dcaba0 vn="a variant of Win32/PredictAd.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Roaming\Complitly\KeepMeUpdated.exe.vir"
sh=124D2DB8310706C1102EB05FD35013EE01B28FC3 ft=1 fh=9e3d2ffc645885da vn="a variant of Win64/Complitly.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Roaming\Complitly\64\Complitly64.dll.vir"
sh=154B5B1384246942A81D2EACA90E36A49FCEAC21 ft=1 fh=ff2f13d3f4dcaba0 vn="a variant of Win32/PredictAd.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Roaming\Complitly\64\KeepMeUpdated.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=167cf204ebe24941b0a714f886f19d1c
# engine=21362
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-02 04:56:32
# local_time=2014-12-02 05:56:32 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 94 153821 156954 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 153860 169169242 0 0
# scanned=354815
# found=104
# cleaned=0
# scan_time=8890
sh=9B28F35A352DE4C5512BC252EBC813DBEB26BC61 ft=1 fh=d37c366403454630 vn="MSIL/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyPC Backup\DEL_MyPC Backup.exe.vir"
sh=C2EC3C4E860FAD724D7A086E6BB3E4701FACAF6D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\background.js.vir"
sh=51866AD7FC44825C2009A915F539C24D44E9F99B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\background.unit.js.vir"
sh=9AC5C4CB8FE1DC5A04042EAAB72096AB2A10CBF2 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\SOAP.js.vir"
sh=891BA5F7795F8C841BD652A2FB6DFE615DED2077 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\lib\config.js.vir"
sh=2E0FDE228693F5433F4104E6679EA3ACAF9074DF ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\lib\context.js.vir"
sh=E3C3DBAF88CEF9B5AB6D0D9006BF153582DA926B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\lib\tinifying.js.vir"
sh=74DC8DA7B53D4836822C0D695FA64A588CF0C5B7 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.min.js.vir"
sh=A7138ECAD617D8E249516239F82F038AEC2C7102 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.translations.js.vir"
sh=CC4C5BB54E8A79425341EC5FA3F76B2D5FA584FE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.unit.js.vir"
sh=01B364112DB8E2852EFA984F97ADC1CF58590A62 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.vars.js.vir"
sh=61BD120563C9011610F822D74ADB3728F6842EBD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\abril.js.vir"
sh=BCC36801E2A4087A4EDE7BD72DA43A9D6572B310 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\amazon.js.vir"
sh=55920C7FB630C966D1CD1807DBE49DD3D7977A16 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\aol.js.vir"
sh=071DADD326560EB569FC2EDD199B57E3DCA733DC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ask.js.vir"
sh=4DF142B28BE3758A2BDC2B7339FE07938255B5AE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\autoscout24.js.vir"
sh=1F382CFFAE0ED064F2A20A0E1CD58561C0CB03BE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\autosottocosto.js.vir"
sh=E40658861F9B0924BC566820C199087AA70A12DD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\baixaki.js.vir"
sh=0B29F17180B65440157142503C7B8FB0AA2C0BAE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\bomnegocio.js.vir"
sh=270D3179983ACB96D36FE0B0F6F90F2F39CD93B6 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\chip.js.vir"
sh=7CA24925C54F35FEC2636310E63B8F9445E398B8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ciao.js.vir"
sh=2805F50D550F54E8320E7CC3F8261011A4B1D708 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\conduit.js.vir"
sh=8AE23C218C8C5C7FDE4ACEC6EC03E2532F93B3D1 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\corriere.js.vir"
sh=3F04F3EF28DCA81FE7035524F4E00266F6A99418 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\craigslist.js.vir"
sh=E4B31A0CBBCB21F765D8E39D6995774769E1D1C5 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\dailymotion.js.vir"
sh=5A6801A81DA721A31FFC89FC1ACB7253435857D9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\default_adapter.js.vir"
sh=B080E7B72E779B4DBB0D9EFF6BA25324AAF6732E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\delta-search.js.vir"
sh=12B0F6486BCD558F1DF654BB43B4BD82C4189982 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\diretta.js.vir"
sh=28DE4A412DAA395D5B72CDC473E69CBAAB6A0629 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ebay.js.vir"
sh=FEE5CDB15AF9B3F80F14E7F4AF03611610FEF53A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ehow.js.vir"
sh=43E70ABC3C2100D2B3E405623A15404D177137BE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\elmundo.js.vir"
sh=0C94AB2CDEFD7AAAFBBBCE8076390756A2060EBE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\elpais.js.vir"
sh=25A6B2263F57114BF9C38998821E72CBA16DEC34 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\facebook.js.vir"
sh=F747128DEB18A507F8D59FACA9A68A1FF3581244 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\foxsports.js.vir"
sh=B2B7D6908BEC80B648B3716AD09D9816E7DE21C9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\friv.js.vir"
sh=44DE2938DEFE8A034DBB19FB905717FABD914478 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\funutilities.js.vir"
sh=A3BF510881F25E55B23943E87C5B47945EDB5733 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\globo.js.vir"
sh=D59A428609E09512F5C524D13046BC4474E43633 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\gmx.js.vir"
sh=16B7B5FD445FCF5E0F7B9743A1CEC1D12EACCF76 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\go.js.vir"
sh=25CEEE5D0F63AFB5AD9D359618746FB3FA925049 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\google.js.vir"
sh=6FE54305ACDF1F37D65F846A09AAF2AE610B52E4 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\gumtree.js.vir"
sh=15F0642FA9891E81FEFB5EA9F8345F5C1E988A09 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\huffingtonpost.js.vir"
sh=EB007BD6CF9DE9D145721AB1B42C4A6A49F3AD26 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ilmeteo.js.vir"
sh=27E667BAE43C7A31330B12FD5B78F1C97DC4DCF2 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\imdb.js.vir"
sh=D8F06AC4F0B4CF4CA4EBDC56B5C6F23D74B1351D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\inbox.js.vir"
sh=5D09C1440CE775837E5F58040E3B3DA5861C7F2D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\indeed.js.vir"
sh=A4E13E1C85F9C090C7A5530AC4D8939F928D2426 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\instagram.js.vir"
sh=8DA76B1679E8AD4F80F08BE4371902E1FB69A04B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\jappy.js.vir"
sh=3AD210DFBC9BB4B90769240B57325E62AA67A0FC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\leboncoin.js.vir"
sh=8BDD182DA8610E6AE7B4DA2CD3A7C8522FE9FDD9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\libero.js.vir"
sh=1E1F26D3E48C3E972C75F8ADA49335B3BFE796CA ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\live.js.vir"
sh=0DA42755F29D7FCC9B02DF1AAE846B28FC83ABEC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\marca.js.vir"
sh=F03C5032CA21A97A475F612044FF910AEA97F98D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mediaset.js.vir"
sh=5E561234265C05C72EDF14FE2A1C8D830F518726 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mercadolivre.js.vir"
sh=3287EDFE107F42BD54464354F7EDD0D5EC1F62BD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\milanuncios.js.vir"
sh=7C16F8FEDEE0D02E5CD2D16384924D1DE7CA85F8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\msn.js.vir"
sh=56FD8F01CBA6F2AC7175247C9E2EA54DA5CBEAB8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mundoanuncio.js.vir"
sh=AAA91E6A3E08FD24A0462853FF90AE67D64A10FB ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\netlog.js.vir"
sh=EA8E9609F9746A6D089057B1ABC2CB5B87ADB56C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\nirvam.js.vir"
sh=6932E76E73E9171D15052538CEC919832B24495A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\okcupid.js.vir"
sh=8E05B6DE79ED0DB5161E08D7C84E44D346A34223 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\olx.js.vir"
sh=717CC4F0E41AC53700E82CE4150428EDCED00F2C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\orange.js.vir"
sh=6FE05930F5495CBDAF254E3A722F298042D59188 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pagesjaunes.js.vir"
sh=27653CA2D9A8C542EA7B30EC1B1D3EDCC8FDA44A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\photobucket.js.vir"
sh=B34BCC1E3592F30FADA8B4783167EFC6FD6B163B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pinterest.js.vir"
sh=B5F8A49604BB9BB9AE06A12B0458AEFA5868A395 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pof.js.vir"
sh=582536F3328D7D253FF3FB556BAA2D86B9D4D17B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\repubblica.js.vir"
sh=77BAC2C1AF3BD54E7F3E4F40624EE936D67BAC1C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\roblox.js.vir"
sh=05B58255C0C2E4D9B28DC1E4C254138D76F25E14 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\segundamano.js.vir"
sh=29C2BD733E33AC33433DF6F180524C931ACD8FB2 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\sfr.js.vir"
sh=003D9DC3AC3B890014F8A9184AC79B41AA02CE5F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\shopping.js.vir"
sh=B3399BAC685AC2DB00C8BF73787722CB37C52F9F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\skyrock.js.vir"
sh=0C8FD62D3A1464E8987BE463BF2ECB09B887397B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\spiegel.js.vir"
sh=273E29401D827883A2841293AB86970DB150211D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\subito.js.vir"
sh=492F666790E7E80B87CD6D7734D65EBF7453C758 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\t-online.js.vir"
sh=6436DF7125F4ECE8773E0EC7695BCE863C94C2BB ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tagged.js.vir"
sh=EF5B3DA829CFA21C8DE4E47B451BA654E1828C9D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\terra.js.vir"
sh=6E4BFE2B03FA0D3BE7747A45508F2891161B5CC9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tiscali.js.vir"
sh=B5A821672054FDADFBA8F67402445E028FF8AD50 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tripadvisor.js.vir"
sh=65F5D2CCE61D4BD156608FBECF0FB967734D83FC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\twitpic.js.vir"
sh=3A85F938570568A286C33D328740BAFC4FB73045 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\twitter.js.vir"
sh=DCD0A0C6E3AA56687A1719F5D364E1763A6E4A81 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\uol.js.vir"
sh=149DA3B16316B14C6297C1C52CF0049180185271 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\v9.js.vir"
sh=FC7BB8C266DCF99268F4235F7983F1F130991DA4 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\virgilio.js.vir"
sh=412A4635278002E8EF719CABC22126417A508FFC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\voila.js.vir"
sh=FC821B9B1DA7646182685D4A70350534A3838E3F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\walmart.js.vir"
sh=BBE95AE4E0F8DC7571869344180B8140F38FC2DC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\weather.js.vir"
sh=010560C39E506B0E2431760D6DFC39ADD61D128E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\web.js.vir"
sh=2A75280C8C5789E6BE74220F53BBBAE04E523E6B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\yahoo.js.vir"
sh=4C69F4B1969C916367D64C9046F480B157C43993 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\yelp.js.vir"
sh=7DCF3B4AB444CB8B66645655E5DB9857870C9DCC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\youtube.js.vir"
sh=4FB0DAB41986A8701720A2C60F898B70CC25F3E0 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\services\bhp.js.vir"
sh=26133A64F47E90C8535CE111BAD8C35C9FA562B0 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\services\favlinks.js.vir"
sh=EBF01B3EC4607AEB707184674F723440272D4EF5 ft=0 fh=0000000000000000 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.1.32.zip.vir"
sh=A703E83DC6447E84E8582B80A3DBF6C03B77D04A ft=0 fh=0000000000000000 vn="Variante von Android/Mobserv.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk.vir"
sh=E85C421E9C435E8C2116E56EC1B2A927BA0092CC ft=1 fh=19660ba49630fd55 vn="Variante von Win64/TrojanDownloader.Agent.F Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\GFilterSvc.exe.vir"
sh=558C365776AD71C812363E30D7880CF564028A06 ft=1 fh=e10f04e359590fdb vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=B9276CCB99D02DF2AB5E3B289230782ACE0901CE ft=0 fh=0000000000000000 vn="JS/GFilter.A Trojaner" ac=I fn="C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\eilgiifgoafnjpmdmdkafdnghcfghkpe\2.1_0\g.js"
sh=6B671BC420C26DD44428397D39B13402CC19BCF9 ft=1 fh=65859fa78065d607 vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\File System\010\t\00\00000000"
sh=6B671BC420C26DD44428397D39B13402CC19BCF9 ft=1 fh=65859fa78065d607 vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\File System\010\t\00\00000001"
sh=FF273D0017363755214FA5CD888C2C2D54721700 ft=1 fh=0089eae0191970f8 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\assembly\GAC\Microsoft.VisualStudio.OLE.Interop\7.1.40304.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.OLE.Interop.dll"
sh=A70EFAB5F2D2D83AD2B7E0304169C73F6D0EC700 ft=1 fh=011924ad9c4ebdbf vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll"
sh=6BF9D715657523581D681EED88C7D864C1DE178B ft=0 fh=0000000000000000 vn="JS/GFilter.A Trojaner" ac=I fn="C:\Windows\Installer\{DCDF7E9A-228E-4B24-95B3-A928C685FD36}\cfgkdnomfdapcmmpoincemjabefgjblljrx"
sh=4F414B59FCABC57B249BCE7AF4E35F0E84143DD2 ft=1 fh=93556752e2e6958d vn="NSIS/TrojanDownloader.Adload.Y Trojaner" ac=I fn="C:\zoek_backup\C_Users_Issam276_Downloads_HDVidCodec.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=167cf204ebe24941b0a714f886f19d1c
# engine=21704
# end=stopped
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-25 04:50:16
# local_time=2014-12-25 05:50:16 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 7719 171156066 0 0
# compatibility_mode_1='Emsisoft Internet Security'
# compatibility_mode=16643 16777214 100 100 6398 220768504 0 0
# scanned=349438
# found=99
# cleaned=0
# scan_time=5639
sh=9B28F35A352DE4C5512BC252EBC813DBEB26BC61 ft=1 fh=d37c366403454630 vn="MSIL/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyPC Backup\DEL_MyPC Backup.exe.vir"
sh=C2EC3C4E860FAD724D7A086E6BB3E4701FACAF6D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\background.js.vir"
sh=51866AD7FC44825C2009A915F539C24D44E9F99B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\background.unit.js.vir"
sh=9AC5C4CB8FE1DC5A04042EAAB72096AB2A10CBF2 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\SOAP.js.vir"
sh=891BA5F7795F8C841BD652A2FB6DFE615DED2077 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\lib\config.js.vir"
sh=2E0FDE228693F5433F4104E6679EA3ACAF9074DF ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\lib\context.js.vir"
sh=E3C3DBAF88CEF9B5AB6D0D9006BF153582DA926B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\lib\tinifying.js.vir"
sh=74DC8DA7B53D4836822C0D695FA64A588CF0C5B7 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.min.js.vir"
sh=A7138ECAD617D8E249516239F82F038AEC2C7102 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.translations.js.vir"
sh=CC4C5BB54E8A79425341EC5FA3F76B2D5FA584FE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.unit.js.vir"
sh=01B364112DB8E2852EFA984F97ADC1CF58590A62 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.vars.js.vir"
sh=61BD120563C9011610F822D74ADB3728F6842EBD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\abril.js.vir"
sh=BCC36801E2A4087A4EDE7BD72DA43A9D6572B310 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\amazon.js.vir"
sh=55920C7FB630C966D1CD1807DBE49DD3D7977A16 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\aol.js.vir"
sh=071DADD326560EB569FC2EDD199B57E3DCA733DC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ask.js.vir"
sh=4DF142B28BE3758A2BDC2B7339FE07938255B5AE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\autoscout24.js.vir"
sh=1F382CFFAE0ED064F2A20A0E1CD58561C0CB03BE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\autosottocosto.js.vir"
sh=E40658861F9B0924BC566820C199087AA70A12DD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\baixaki.js.vir"
sh=0B29F17180B65440157142503C7B8FB0AA2C0BAE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\bomnegocio.js.vir"
sh=270D3179983ACB96D36FE0B0F6F90F2F39CD93B6 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\chip.js.vir"
sh=7CA24925C54F35FEC2636310E63B8F9445E398B8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ciao.js.vir"
sh=2805F50D550F54E8320E7CC3F8261011A4B1D708 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\conduit.js.vir"
sh=8AE23C218C8C5C7FDE4ACEC6EC03E2532F93B3D1 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\corriere.js.vir"
sh=3F04F3EF28DCA81FE7035524F4E00266F6A99418 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\craigslist.js.vir"
sh=E4B31A0CBBCB21F765D8E39D6995774769E1D1C5 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\dailymotion.js.vir"
sh=5A6801A81DA721A31FFC89FC1ACB7253435857D9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\default_adapter.js.vir"
sh=B080E7B72E779B4DBB0D9EFF6BA25324AAF6732E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\delta-search.js.vir"
sh=12B0F6486BCD558F1DF654BB43B4BD82C4189982 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\diretta.js.vir"
sh=28DE4A412DAA395D5B72CDC473E69CBAAB6A0629 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ebay.js.vir"
sh=FEE5CDB15AF9B3F80F14E7F4AF03611610FEF53A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ehow.js.vir"
sh=43E70ABC3C2100D2B3E405623A15404D177137BE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\elmundo.js.vir"
sh=0C94AB2CDEFD7AAAFBBBCE8076390756A2060EBE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\elpais.js.vir"
sh=25A6B2263F57114BF9C38998821E72CBA16DEC34 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\facebook.js.vir"
sh=F747128DEB18A507F8D59FACA9A68A1FF3581244 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\foxsports.js.vir"
sh=B2B7D6908BEC80B648B3716AD09D9816E7DE21C9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\friv.js.vir"
sh=44DE2938DEFE8A034DBB19FB905717FABD914478 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\funutilities.js.vir"
sh=A3BF510881F25E55B23943E87C5B47945EDB5733 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\globo.js.vir"
sh=D59A428609E09512F5C524D13046BC4474E43633 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\gmx.js.vir"
sh=16B7B5FD445FCF5E0F7B9743A1CEC1D12EACCF76 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\go.js.vir"
sh=25CEEE5D0F63AFB5AD9D359618746FB3FA925049 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\google.js.vir"
sh=6FE54305ACDF1F37D65F846A09AAF2AE610B52E4 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\gumtree.js.vir"
sh=15F0642FA9891E81FEFB5EA9F8345F5C1E988A09 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\huffingtonpost.js.vir"
sh=EB007BD6CF9DE9D145721AB1B42C4A6A49F3AD26 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ilmeteo.js.vir"
sh=27E667BAE43C7A31330B12FD5B78F1C97DC4DCF2 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\imdb.js.vir"
sh=D8F06AC4F0B4CF4CA4EBDC56B5C6F23D74B1351D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\inbox.js.vir"
sh=5D09C1440CE775837E5F58040E3B3DA5861C7F2D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\indeed.js.vir"
sh=A4E13E1C85F9C090C7A5530AC4D8939F928D2426 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\instagram.js.vir"
sh=8DA76B1679E8AD4F80F08BE4371902E1FB69A04B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\jappy.js.vir"
sh=3AD210DFBC9BB4B90769240B57325E62AA67A0FC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\leboncoin.js.vir"
sh=8BDD182DA8610E6AE7B4DA2CD3A7C8522FE9FDD9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\libero.js.vir"
sh=1E1F26D3E48C3E972C75F8ADA49335B3BFE796CA ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\live.js.vir"
sh=0DA42755F29D7FCC9B02DF1AAE846B28FC83ABEC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\marca.js.vir"
sh=F03C5032CA21A97A475F612044FF910AEA97F98D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mediaset.js.vir"
sh=5E561234265C05C72EDF14FE2A1C8D830F518726 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mercadolivre.js.vir"
sh=3287EDFE107F42BD54464354F7EDD0D5EC1F62BD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\milanuncios.js.vir"
sh=7C16F8FEDEE0D02E5CD2D16384924D1DE7CA85F8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\msn.js.vir"
sh=56FD8F01CBA6F2AC7175247C9E2EA54DA5CBEAB8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mundoanuncio.js.vir"
sh=AAA91E6A3E08FD24A0462853FF90AE67D64A10FB ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\netlog.js.vir"
sh=EA8E9609F9746A6D089057B1ABC2CB5B87ADB56C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\nirvam.js.vir"
sh=6932E76E73E9171D15052538CEC919832B24495A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\okcupid.js.vir"
sh=8E05B6DE79ED0DB5161E08D7C84E44D346A34223 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\olx.js.vir"
sh=717CC4F0E41AC53700E82CE4150428EDCED00F2C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\orange.js.vir"
sh=6FE05930F5495CBDAF254E3A722F298042D59188 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pagesjaunes.js.vir"
sh=27653CA2D9A8C542EA7B30EC1B1D3EDCC8FDA44A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\photobucket.js.vir"
sh=B34BCC1E3592F30FADA8B4783167EFC6FD6B163B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pinterest.js.vir"
sh=B5F8A49604BB9BB9AE06A12B0458AEFA5868A395 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pof.js.vir"
sh=582536F3328D7D253FF3FB556BAA2D86B9D4D17B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\repubblica.js.vir"
sh=77BAC2C1AF3BD54E7F3E4F40624EE936D67BAC1C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\roblox.js.vir"
sh=05B58255C0C2E4D9B28DC1E4C254138D76F25E14 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\segundamano.js.vir"
sh=29C2BD733E33AC33433DF6F180524C931ACD8FB2 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\sfr.js.vir"
sh=003D9DC3AC3B890014F8A9184AC79B41AA02CE5F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\shopping.js.vir"
sh=B3399BAC685AC2DB00C8BF73787722CB37C52F9F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\skyrock.js.vir"
sh=0C8FD62D3A1464E8987BE463BF2ECB09B887397B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\spiegel.js.vir"
sh=273E29401D827883A2841293AB86970DB150211D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\subito.js.vir"
sh=492F666790E7E80B87CD6D7734D65EBF7453C758 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\t-online.js.vir"
sh=6436DF7125F4ECE8773E0EC7695BCE863C94C2BB ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tagged.js.vir"
sh=EF5B3DA829CFA21C8DE4E47B451BA654E1828C9D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\terra.js.vir"
sh=6E4BFE2B03FA0D3BE7747A45508F2891161B5CC9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tiscali.js.vir"
sh=B5A821672054FDADFBA8F67402445E028FF8AD50 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tripadvisor.js.vir"
sh=65F5D2CCE61D4BD156608FBECF0FB967734D83FC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\twitpic.js.vir"
sh=3A85F938570568A286C33D328740BAFC4FB73045 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\twitter.js.vir"
sh=DCD0A0C6E3AA56687A1719F5D364E1763A6E4A81 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\uol.js.vir"
sh=149DA3B16316B14C6297C1C52CF0049180185271 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\v9.js.vir"
sh=FC7BB8C266DCF99268F4235F7983F1F130991DA4 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\virgilio.js.vir"
sh=412A4635278002E8EF719CABC22126417A508FFC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\voila.js.vir"
sh=FC821B9B1DA7646182685D4A70350534A3838E3F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\walmart.js.vir"
sh=BBE95AE4E0F8DC7571869344180B8140F38FC2DC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\weather.js.vir"
sh=010560C39E506B0E2431760D6DFC39ADD61D128E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\web.js.vir"
sh=2A75280C8C5789E6BE74220F53BBBAE04E523E6B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\yahoo.js.vir"
sh=4C69F4B1969C916367D64C9046F480B157C43993 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\yelp.js.vir"
sh=7DCF3B4AB444CB8B66645655E5DB9857870C9DCC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\youtube.js.vir"
sh=4FB0DAB41986A8701720A2C60F898B70CC25F3E0 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\services\bhp.js.vir"
sh=26133A64F47E90C8535CE111BAD8C35C9FA562B0 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\services\favlinks.js.vir"
sh=E85C421E9C435E8C2116E56EC1B2A927BA0092CC ft=1 fh=19660ba49630fd55 vn="Variante von Win64/TrojanDownloader.Agent.F Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\GFilterSvc.exe.vir"
sh=558C365776AD71C812363E30D7880CF564028A06 ft=1 fh=e10f04e359590fdb vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=B9276CCB99D02DF2AB5E3B289230782ACE0901CE ft=0 fh=0000000000000000 vn="JS/GFilter.A Trojaner" ac=I fn="C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\eilgiifgoafnjpmdmdkafdnghcfghkpe\2.1_0\g.js"
sh=FF273D0017363755214FA5CD888C2C2D54721700 ft=1 fh=0089eae0191970f8 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\assembly\GAC\Microsoft.VisualStudio.OLE.Interop\7.1.40304.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.OLE.Interop.dll"
sh=4F414B59FCABC57B249BCE7AF4E35F0E84143DD2 ft=1 fh=93556752e2e6958d vn="NSIS/TrojanDownloader.Adload.Y Trojaner" ac=I fn="C:\zoek_backup\C_Users_Issam276_Downloads_HDVidCodec.exe.vir"
sh=740982CE3B3E4BD08C1CBD5FC8CFEB982F1D4E05 ft=1 fh=af8c0585c052e303 vn="Win32/InstalleRex.T evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_PROGRA~3_InstallMate\{891AB449-A3D6-BE99-5C72-EBF452F996BF}\_Setupx.dll"
Code:
Results of screen317's Security Check version 0.99.93 
 Windows 7 Service Pack 1 x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
 Windows Security Center service is not running! This report may not be accurate!
Emsisoft Internet Security 
 Antivirus up to date! 
`````````Anti-malware/Other Utilities Check:`````````
 JavaFX 2.1.1   
 Java 8 Update 25 
 Java version 32-bit out of Date!
  Adobe Flash Player 15.0.0.246 Flash Player out of Date! 
 Adobe Reader XI 
 Google Chrome (39.0.2171.95)
````````Process Check: objlist.exe by Laurent```````` 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 
````````````````````End of Log``````````````````````
Edit: Ich denke mal das mit dem Bluescreen liegt an Chrome, da ich an diesem Tag (23.12) nur Chrome installiert habe. Werde nachher mal Chrome deinstallieren und schauen ob ich noch immer Bluescreens krieg

Crounty 25.12.2014 20:40
FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 20-12-2014
Ran by Issam276 (administrator) on CROUNTY on 25-12-2014 18:01:12
Running from C:\Users\Issam276\Desktop
Loaded Profile: Issam276 (Available profiles: Issam276 & Gast)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 9
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7204568 2013-12-28] (Realtek Semiconductor)
HKLM-x32\...\Run: [Turbo Key] => C:\Program Files (x86)\ASUS\Turbo Key\TurboKey.exe [1874432 2009-11-24] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Cpu Level Up help] => C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHelp.exe [887936 2009-12-28] ()
HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft internet security\a2guard.exe [4974176 2014-12-25] (Emsisoft GmbH)
HKLM\...\Policies\Explorer: [LinkResolveIgnoreLinkInfo] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 1
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Issam276\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-09-15] (AMD)
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Run: [Spotify Web Helper] => C:\Users\Issam276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1676344 2014-12-12] (Spotify Ltd)
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Run: [GoogleChromeAutoLaunch_0106D596D6B01A359AD12FA4DA46D292] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [856904 2014-12-06] (Google Inc.)
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Policies\system: [EnableLUA] 0
HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30524520 2014-11-27] (Skype Technologies S.A.)
ShellIconOverlayIdentifiers: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX64.dll ()
ShellIconOverlayIdentifiers: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX64.dll ()
ShellIconOverlayIdentifiers: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX64.dll ()
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
ShellIconOverlayIdentifiers-x32: [###MegaShellExtPending] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\ProgramData\MEGAsync\ShellExtX32.dll ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSynced] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\ProgramData\MEGAsync\ShellExtX32.dll ()
ShellIconOverlayIdentifiers-x32: [###MegaShellExtSyncing] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\ProgramData\MEGAsync\ShellExtX32.dll ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1925287450-1312797874-627100175-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 -> Backup.Old.DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1925287450-1312797874-627100175-1001 -> Backup.Old.DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233}
SearchScopes: HKU\S-1-5-21-1925287450-1312797874-627100175-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1925287450-1312797874-627100175-1001 -> {DECA3892-BA8F-44b8-A993-A466AD694AE4} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-flv
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{BF86312B-8016-42B1-B232-8DED504D4B33}: [NameServer] 81.173.194.68,212.117.68.10

FireFox:
========
FF ProfilePath: C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197\searchplugins\yahoo_ff.xml
FF Extension: Adblock Plus - C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-02-22]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF Extension: No Name - C:\Users\Issam276\AppData\Roaming\Mozilla\Firefox\Profiles\ogok5qfm.default-1361552468197\extensions\ascsurfingprotection@iobit.com [Not Found]
FF Extension: No Name - C:\Program Files (x86)\IObit Apps Toolbar\FF [Not Found]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]

Chrome:
=======
CHR HomePage: Default -> https://www.google.de/
CHR StartupUrls: Default -> "https://www.google.de/"
CHR DefaultSearchKeyword: Default -> google.de_
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ProxFlow) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\aakchaleigkohafkfjfjbblobjifikek [2014-12-23]
CHR Extension: (Google Präsentationen) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-12-01]
CHR Extension: (Google Docs) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-12-01]
CHR Extension: (Google Drive) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-12-01]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-01]
CHR Extension: (WOT) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-12-23]
CHR Extension: (MEGA) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2014-12-23]
CHR Extension: (YouTube) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-12-01]
CHR Extension: (Adblock Plus) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-12-23]
CHR Extension: (Google-Suche) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-12-01]
CHR Extension: (Google Tabellen) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-12-01]
CHR Extension: (League of Legends(LoL) For New Tab) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\hagfodkdlfpceodghmlnbjafkcdjnifd [2014-12-23]
CHR Extension: (Ghostery) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij [2014-12-23]
CHR Extension: (Google Wallet) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-12-01]
CHR Extension: (Google Mail) - C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-12-01]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Internet Security\a2service.exe [4918032 2014-12-25] (Emsisoft GmbH)
S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2013-03-28] (Advanced Micro Devices, Inc.) [File not signed]
S2 AMD_RAIDXpert; C:\Program Files (x86)\AMD\RAIDXpert\bin\RAIDXpertService.exe [122880 2009-12-15] (AMD) [File not signed]
S4 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [136616 2012-05-10] ()
S2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [90112 2009-08-19] (ASUSTeK Computer Inc.) [File not signed]
S2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-09-25] () [File not signed]
S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-01-05] ()
S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5405456 2014-11-12] (TeamViewer GmbH)
S2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-21] (Microsoft Corporation)
S4 EslWireHelper; C:\Program Files\EslWire\service\WireHelperSvc.exe [X]
S3 npggsvc; C:\Windows\system32\GameMon.des -service [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT INTERNET SECURITY\a2accx64.sys [71472 2014-05-12] (Emsisoft GmbH)
S1 A2DDA; C:\Program Files (x86)\Emsisoft Internet Security\a2ddax64.sys [26176 2013-03-28] (Emsisoft GmbH)
S1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Internet Security\a2dix64.sys [45208 2013-09-30] (Emsisoft GmbH)
S1 a2util; C:\Program Files (x86)\Emsisoft Internet Security\a2util64.sys [23088 2014-05-12] (Emsisoft GmbH)
S2 ANIO; C:\Windows\SysWOW64\ANIO.SYS [28205 2003-05-05] (Alpha Networks Inc.) [File not signed]
R1 anodlwf; C:\Windows\System32\DRIVERS\anodlwfx.sys [15872 2009-03-06] ()
S2 AODDriver4.2.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [57472 2012-05-10] (Advanced Micro Devices)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-24] ()
S1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
S3 aswTap; C:\Windows\System32\DRIVERS\aswTap.sys [44640 2014-06-29] (The OpenVPN Project)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-25] (AVM Berlin)
S3 cleanhlp; C:\Program Files (x86)\Emsisoft Internet Security\cleanhlp64.sys [57024 2013-12-04] (Emsisoft GmbH)
S3 cpuz130; No ImagePath
S3 dump_wmimmc; No ImagePath
S2 ESLWireAC; C:\Windows\system32\drivers\ESLWireACD.sys [160784 2012-12-17] (<Turtle Entertainment>)
S3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-25] (AVM GmbH)
R3 fwndis; C:\Windows\System32\DRIVERS\fwndis64.sys [491632 2014-12-25] ()
S1 fwwfp; C:\Program Files (x86)\Emsisoft Internet Security\fwwfp764.sys [414424 2014-12-25] ()
R1 HssDRV6; C:\Windows\System32\DRIVERS\hssdrv6.sys [44744 2014-05-17] (AnchorFree Inc.)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-01] (INCA Internet Co., Ltd.) [File not signed]
R3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [53760 2012-09-28] (Apple, Inc.) [File not signed]
S3 X6va008; No ImagePath
S3 X6va009; No ImagePath
S3 X6va012; No ImagePath
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
S3 netr28ux; system32\DRIVERS\netr28ux.sys [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-25 17:56 - 2014-12-25 17:57 - 00051169 _____ () C:\Users\Issam276\Desktop\Addition.txt
2014-12-25 17:39 - 2014-12-25 17:39 - 00001892 _____ () C:\Users\Issam276\Desktop\bluescreen.txt
2014-12-25 16:45 - 2014-12-25 16:52 - 125683715 _____ (Realtek Semiconductor Corp.) C:\Users\Issam276\Downloads\64bit_Win7_Win8_Win81_R275.exe
2014-12-25 16:31 - 2014-12-25 16:31 - 00000000 ____D () C:\Windows\LastGood
2014-12-25 16:31 - 2014-08-27 07:10 - 00942808 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2014-12-25 16:31 - 2014-08-27 07:10 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2014-12-25 16:29 - 2014-12-25 16:29 - 00581632 ____H (radio42) C:\Users\Issam276\Downloads\Bass.Net.dll
2014-12-25 16:29 - 2014-12-25 16:29 - 00105528 ____H (Un4seen Developments) C:\Users\Issam276\Downloads\Bass.dll
2014-12-25 16:24 - 2014-12-25 16:24 - 03123224 _____ (Easeware ) C:\Users\Issam276\Downloads\DriverEasy_480_Setup.exe
2014-12-25 16:24 - 2014-12-25 16:24 - 00000933 _____ () C:\Users\Public\Desktop\DriverEasy.lnk
2014-12-25 16:24 - 2014-12-25 16:24 - 00000412 _____ () C:\Windows\Tasks\DriverEasy Scheduled Scan.job
2014-12-25 16:24 - 2014-12-25 16:24 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Easeware
2014-12-25 16:24 - 2014-12-25 16:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverEasy
2014-12-25 15:41 - 2014-12-25 15:41 - 02347384 _____ (ESET) C:\Users\Issam276\Downloads\esetsmartinstaller_deu.exe
2014-12-25 15:41 - 2014-12-25 15:41 - 00852505 _____ () C:\Users\Issam276\Downloads\SecurityCheck (1).exe
2014-12-25 15:37 - 2014-12-25 15:37 - 00141480 _____ () C:\Users\Issam276\Downloads\bluescreenview_setup.exe
2014-12-25 15:37 - 2014-12-25 15:37 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft BlueScreenView
2014-12-25 15:37 - 2014-12-25 15:37 - 00000000 ____D () C:\Program Files (x86)\NirSoft
2014-12-25 15:19 - 2014-12-25 15:19 - 00279552 _____ () C:\Windows\Minidump\122514-28392-01.dmp
2014-12-25 15:17 - 2014-12-25 15:19 - 461110785 _____ () C:\Windows\MEMORY.DMP
2014-12-25 15:17 - 2014-12-25 15:17 - 00275424 _____ () C:\Windows\Minidump\122514-32401-01.dmp
2014-12-23 21:20 - 2014-12-24 01:08 - 00000000 ____D () C:\Users\Issam276\Desktop\lelel3
2014-12-23 17:31 - 2014-12-23 17:31 - 00002253 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-23 17:31 - 2014-12-23 17:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-23 17:30 - 2014-12-25 15:18 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-23 17:30 - 2014-12-25 03:35 - 00001114 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-23 17:30 - 2014-12-23 17:30 - 00004110 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-12-23 17:30 - 2014-12-23 17:30 - 00003858 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-12-23 17:24 - 2014-12-23 17:25 - 00880784 _____ (Google Inc.) C:\Users\Issam276\Downloads\ChromeSetup.exe
2014-12-23 17:22 - 2014-12-23 17:22 - 00000698 _____ () C:\Users\Issam276\Desktop\JRT.txt
2014-12-23 17:13 - 2014-12-23 17:13 - 00000000 ____D () C:\Windows\ERUNT
2014-12-23 17:12 - 2014-12-23 17:12 - 01707646 _____ (Thisisu) C:\Users\Issam276\Downloads\JRT.exe
2014-12-23 17:04 - 2014-12-23 17:03 - 02173952 _____ () C:\Users\Issam276\Desktop\AdwCleaner_4.106.exe
2014-12-23 17:03 - 2014-12-23 17:03 - 02173952 _____ () C:\Users\Issam276\Downloads\AdwCleaner_4.106.exe
2014-12-22 00:00 - 2014-12-22 00:00 - 00167296 _____ (Gibson Research Corp.) C:\Users\Issam276\Downloads\DNSBench.exe
2014-12-21 21:19 - 2014-12-21 21:19 - 00001613 _____ () C:\Users\Public\Desktop\League of Legends.lnk
2014-12-21 21:19 - 2014-12-21 21:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-12-21 21:13 - 2014-12-21 21:13 - 30668968 _____ (Riot Games) C:\Users\Issam276\Downloads\LeagueofLegends_EUW_Installer_9_15_2014.exe
2014-12-21 16:19 - 2014-12-21 16:18 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-12-21 16:16 - 2014-12-21 16:16 - 00638376 _____ (Oracle Corporation) C:\Users\Issam276\Downloads\jre-8u25-windows-i586-iftw.exe
2014-12-21 16:10 - 2014-12-21 16:10 - 00852505 _____ () C:\Users\Issam276\Downloads\SecurityCheck.exe
2014-12-21 14:36 - 2014-12-25 18:01 - 00018049 _____ () C:\Users\Issam276\Desktop\FRST.txt
2014-12-21 04:09 - 2014-12-21 04:09 - 05073240 _____ (Microsoft Corporation) C:\Users\Issam276\Downloads\vcredist_x86.exe
2014-12-21 04:00 - 2014-12-25 02:46 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\BoL
2014-12-21 03:56 - 2014-12-21 03:56 - 00000270 _____ () C:\Users\Issam276\Downloads\Relog.zip
2014-12-21 03:54 - 2014-12-21 03:54 - 00000157 _____ () C:\Users\Issam276\Downloads\doGout.rar
2014-12-21 03:52 - 2014-12-23 21:20 - 00000000 ____D () C:\Users\Issam276\Desktop\sadsdasda
2014-12-21 03:51 - 2014-12-21 03:52 - 11539006 _____ () C:\Users\Issam276\Downloads\Bot of Legends.rar
2014-12-21 01:22 - 2014-12-21 01:23 - 00031608 _____ () C:\Users\Issam276\Downloads\mwb_scan.zip
2014-12-21 01:01 - 2014-12-21 01:01 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-12-20 23:44 - 2014-12-20 23:44 - 00001132 _____ () C:\Users\Public\Desktop\Emsisoft Internet Security.lnk
2014-12-20 23:44 - 2014-12-20 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Internet Security
2014-12-20 23:43 - 2014-12-25 16:03 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Internet Security
2014-12-20 23:43 - 2014-12-25 01:05 - 00491632 _____ () C:\Windows\system32\Drivers\fwndis64.sys
2014-12-20 23:42 - 2014-12-20 23:42 - 00001710 _____ () C:\EamClean.log
2014-12-20 23:36 - 2014-12-20 23:36 - 04095448 _____ (BrightFort LLC ) C:\Users\Issam276\Downloads\spywareblastersetup50.exe
2014-12-20 23:36 - 2014-12-20 23:36 - 00448512 _____ (OldTimer Tools) C:\Users\Issam276\Downloads\TFC.exe
2014-12-20 23:36 - 2014-12-20 23:36 - 00448512 _____ (OldTimer Tools) C:\Users\Issam276\Desktop\TFC.exe
2014-12-20 23:10 - 2014-12-20 23:10 - 02122240 _____ (Farbar) C:\Users\Issam276\Downloads\FRST64.exe
2014-12-20 23:10 - 2014-12-20 23:10 - 02122240 _____ (Farbar) C:\Users\Issam276\Desktop\FRST64.exe
2014-12-20 22:48 - 2014-12-20 23:42 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-12-20 22:34 - 2014-12-20 22:34 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-12-20 22:33 - 2008-01-04 13:34 - 00011832 _____ () C:\Windows\SysWOW64\Drivers\AsInsHelp64.sys
2014-12-20 22:33 - 2008-01-04 13:34 - 00010216 _____ () C:\Windows\SysWOW64\Drivers\AsInsHelp32.sys
2014-12-20 22:12 - 2014-12-20 22:12 - 05718872 _____ (Microsoft Corporation) C:\Users\Issam276\Downloads\vcredist_x64 (2).exe
2014-12-20 22:11 - 2014-12-20 22:11 - 05718872 _____ (Microsoft Corporation) C:\Users\Issam276\Downloads\vcredist_x64 (1).exe
2014-12-20 22:08 - 2014-12-20 22:08 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-20 22:07 - 2014-12-20 22:07 - 07190152 _____ (Microsoft Corporation) C:\Users\Issam276\Downloads\vcredist_x64.exe
2014-12-20 21:51 - 2014-12-20 21:51 - 00000000 ____D () C:\Windows\System32\Tasks\Apple
2014-12-20 21:42 - 2014-12-20 21:42 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Issam276\Downloads\revosetup95.exe
2014-12-20 21:42 - 2014-12-20 21:42 - 00001270 _____ () C:\Users\Issam276\Desktop\Revo Uninstaller.lnk
2014-12-20 21:42 - 2014-12-20 21:42 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-12-19 15:53 - 2014-12-19 15:53 - 00000000 ____D () C:\ComboFix
2014-12-13 22:22 - 2014-12-13 22:22 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Blizzard
2014-12-13 22:14 - 2014-12-13 22:22 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-12-13 22:14 - 2014-12-13 22:14 - 00001161 _____ () C:\Users\Public\Desktop\Hearthstone.lnk
2014-12-13 22:14 - 2014-12-13 22:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-12-13 13:17 - 2014-12-13 13:17 - 00000731 _____ () C:\Users\Issam276\mabast suckt.txt
2014-12-12 19:40 - 2014-12-12 19:40 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-12 17:42 - 2014-10-18 03:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-12 17:42 - 2014-10-18 02:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-12 17:42 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-12 17:42 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-12 17:42 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-12 17:42 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-12 17:42 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-12 17:42 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-12 17:42 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-12 17:42 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-12 16:26 - 2014-12-04 03:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-12 16:26 - 2014-12-04 03:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-12 16:26 - 2014-12-02 00:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-12 16:26 - 2014-11-24 23:12 - 17874432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-12 16:26 - 2014-11-24 22:59 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-12-12 16:26 - 2014-11-24 22:54 - 10921984 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-12 16:26 - 2014-11-24 22:53 - 02339840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-12 16:26 - 2014-11-24 22:47 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-12 16:26 - 2014-11-24 22:47 - 01388032 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-12 16:26 - 2014-11-24 22:45 - 01494016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-12 16:26 - 2014-11-24 22:45 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-12-12 16:26 - 2014-11-24 22:45 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 02157056 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-12 16:26 - 2014-11-24 22:44 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-12-12 16:26 - 2014-11-24 22:44 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-12-12 16:26 - 2014-11-24 22:43 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-12 16:26 - 2014-11-24 22:43 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-12 16:26 - 2014-11-24 22:43 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-12-12 16:26 - 2014-11-24 22:42 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-12 16:26 - 2014-11-24 21:44 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-12-12 16:26 - 2014-11-24 21:41 - 12369920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-12 16:26 - 2014-11-24 21:40 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-12 16:26 - 2014-11-24 21:37 - 09740800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-12 16:26 - 2014-11-24 21:35 - 01139712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-12 16:26 - 2014-11-24 21:35 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-12 16:26 - 2014-11-24 21:34 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-12 16:26 - 2014-11-24 21:34 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 01802752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 00421376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-12 16:26 - 2014-11-24 21:33 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-12 16:26 - 2014-11-24 21:33 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-12-12 16:26 - 2014-11-24 21:32 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-12 16:26 - 2014-11-24 21:32 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-12 16:26 - 2014-11-24 21:32 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-12 16:26 - 2014-11-24 21:32 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-12 16:26 - 2014-11-24 21:32 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-12 16:26 - 2014-11-24 21:32 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-12-12 16:26 - 2014-11-24 21:32 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-12-12 16:26 - 2014-11-11 04:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-12 16:26 - 2014-11-11 03:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-12 16:26 - 2014-11-11 02:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-12 16:26 - 2014-10-30 03:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-12 16:26 - 2014-10-30 02:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-12 16:26 - 2014-10-03 03:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-12 16:26 - 2014-10-03 03:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-12 16:26 - 2014-10-03 03:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-12 16:26 - 2014-10-03 03:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-12 16:26 - 2014-10-03 03:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-12 16:26 - 2014-10-03 02:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-12 16:26 - 2014-10-03 02:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-12 16:26 - 2014-10-03 02:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-12 16:26 - 2014-10-03 02:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-12 16:26 - 2014-10-03 02:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-12 16:25 - 2014-11-08 04:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-12 16:25 - 2014-11-08 03:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-06 18:13 - 2014-12-06 18:13 - 00146183 _____ () C:\Users\Issam276\Downloads\YouTube-Unblocker-056.crx
2014-12-06 17:48 - 2014-12-08 14:45 - 00000000 ____D () C:\Program Files (x86)\Yahoo!
2014-12-06 17:48 - 2014-12-06 17:48 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Yahoo!
2014-12-06 17:43 - 2014-12-06 17:44 - 04998707 _____ () C:\Users\Issam276\Downloads\flvplayer_setup20_25.exe
2014-12-05 17:14 - 2014-12-05 17:14 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\xulrunner
2014-12-05 17:13 - 2014-12-05 17:13 - 10124389 _____ () C:\Users\Issam276\AppData\Roaming\xulrunner.zip
2014-12-04 16:29 - 2014-12-04 16:29 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Secunia PSI
2014-12-03 11:25 - 2014-12-03 11:30 - 441252901 _____ () C:\Users\Issam276\Downloads\League Of Legends.mp4
2014-12-01 21:34 - 2014-12-01 21:34 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Steganos
2014-11-30 23:30 - 2014-11-30 23:30 - 01294848 _____ () C:\Users\Issam276\Desktop\zoek.exe
2014-11-30 22:22 - 2014-12-05 17:28 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-11-30 21:10 - 2014-11-30 21:10 - 00031862 _____ () C:\ComboFix.txt
2014-11-30 20:47 - 2014-11-30 21:10 - 00000000 ____D () C:\Qoobox
2014-11-30 20:47 - 2014-11-30 21:08 - 00000000 ____D () C:\Windows\erdnt
2014-11-30 20:47 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-30 20:47 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-30 20:47 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-30 20:47 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-30 20:46 - 2014-12-19 15:52 - 05601641 ____R (Swearware) C:\Users\Issam276\Desktop\ComboFix.exe
2014-11-30 20:14 - 2014-12-25 15:31 - 01001196 _____ () C:\Windows\PFRO.log
2014-11-30 20:14 - 2014-12-25 15:17 - 00007780 _____ () C:\Windows\setupact.log
2014-11-30 20:14 - 2014-11-30 20:14 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-30 19:53 - 2014-11-19 16:25 - 00272296 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00319912 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00189352 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-11-30 19:51 - 2014-11-30 19:51 - 00111016 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2014-11-30 19:50 - 2014-11-30 19:54 - 00001467 _____ () C:\Windows\SecuniaPackage.log
2014-11-30 19:41 - 2014-11-30 19:41 - 00000000 ____D () C:\Program Files (x86)\Secunia
2014-11-30 15:25 - 2014-11-30 15:25 - 00001174 _____ () C:\Users\Issam276\Desktop\Avast Internet Security License File.rar
2014-11-30 01:25 - 2014-11-30 01:25 - 01093536 _____ () C:\Users\Issam276\Documents\cc_20141130_012508.reg
2014-11-29 22:20 - 2014-11-29 22:20 - 00001049 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2014-11-29 18:05 - 2014-11-29 18:05 - 00000000 ____D () C:\Users\Issam276\Documents\Diablo III
2014-11-29 00:10 - 2014-11-29 18:04 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-11-29 00:10 - 2014-11-29 00:10 - 00001162 _____ () C:\Users\Public\Desktop\Diablo III.lnk
2014-11-29 00:10 - 2014-11-29 00:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2014-11-29 00:03 - 2014-12-16 20:30 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Battle.net
2014-11-29 00:03 - 2014-11-29 00:03 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Battle.net
2014-11-29 00:03 - 2014-11-29 00:03 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Blizzard Entertainment
2014-11-29 00:02 - 2014-12-13 22:14 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-11-29 00:02 - 2014-11-29 00:02 - 00001124 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-11-29 00:02 - 2014-11-29 00:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-25 18:01 - 2014-06-28 19:29 - 00000000 ____D () C:\FRST
2014-12-25 16:59 - 2012-06-15 15:21 - 00000000 ____D () C:\Users\Issam276\Desktop\Alles
2014-12-25 16:43 - 2014-07-04 02:28 - 01546615 _____ () C:\Windows\WindowsUpdate.log
2014-12-25 16:31 - 2012-06-14 13:30 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-12-25 15:19 - 2012-06-15 15:18 - 00000000 ____D () C:\Windows\Minidump
2014-12-25 15:17 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-25 04:30 - 2012-06-14 15:08 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\TS3Client
2014-12-25 04:27 - 2012-06-14 13:47 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-25 01:03 - 2012-06-29 19:50 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Skype
2014-12-23 23:32 - 2014-11-07 17:57 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Spotify
2014-12-23 19:45 - 2014-09-07 12:39 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-23 17:31 - 2013-02-22 18:07 - 00000000 ____D () C:\Program Files (x86)\Google
2014-12-23 17:19 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-23 17:19 - 2009-07-14 05:45 - 00028720 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-23 17:10 - 2014-03-03 18:42 - 00000000 ____D () C:\AdwCleaner
2014-12-21 21:19 - 2014-05-11 10:31 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Riot Games
2014-12-21 19:31 - 2012-09-19 17:23 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Facebook
2014-12-21 18:15 - 2012-06-12 10:08 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-21 17:06 - 2011-04-12 08:43 - 00770016 _____ () C:\Windows\system32\perfh007.dat
2014-12-21 17:06 - 2011-04-12 08:43 - 00174334 _____ () C:\Windows\system32\perfc007.dat
2014-12-21 17:06 - 2009-07-14 04:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-12-21 17:05 - 2012-09-22 13:39 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\SoftGrid Client
2014-12-21 17:01 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-21 16:51 - 2012-10-03 08:30 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\HpUpdate
2014-12-21 16:51 - 2012-09-25 18:22 - 00000000 ____D () C:\Program Files (x86)\HP
2014-12-21 16:22 - 2013-08-23 11:40 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-21 16:22 - 2012-06-21 17:01 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Adobe
2014-12-21 16:22 - 2012-06-14 13:47 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-21 16:22 - 2012-06-14 13:47 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-21 00:35 - 2014-09-06 18:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-12-21 00:00 - 2014-11-18 17:48 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\TERA
2014-12-20 23:42 - 2014-06-29 19:05 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-12-20 22:46 - 2013-07-10 17:40 - 00000000 ____D () C:\Users\DefaultAppPool
2014-12-20 22:33 - 2012-06-14 14:10 - 00000000 ____D () C:\Windows\System32\Tasks\ASUS
2014-12-20 22:33 - 2012-06-14 14:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-12-20 22:33 - 2012-06-14 14:09 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-12-20 22:24 - 2013-02-01 21:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Screaming Bee
2014-12-20 22:21 - 2012-09-02 16:31 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-20 22:17 - 2012-09-14 17:26 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Unity
2014-12-20 21:59 - 2012-06-22 13:27 - 00000000 ____D () C:\Program Files (x86)\D-Link
2014-12-20 21:50 - 2012-06-14 13:52 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\InfraRecorder
2014-12-18 22:16 - 2013-04-27 07:45 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Spotify
2014-12-15 16:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-12-13 14:36 - 2013-02-02 10:54 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-13 14:36 - 2012-06-29 19:50 - 00000000 ____D () C:\ProgramData\Skype
2014-12-13 13:17 - 2012-06-14 12:17 - 00000000 ____D () C:\Users\Issam276
2014-12-12 19:40 - 2014-05-06 19:56 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-12 19:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-12 17:50 - 2013-08-21 23:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-12 17:43 - 2012-06-17 14:06 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-12 17:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-06 17:40 - 2014-08-10 06:44 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Windows Live
2014-12-05 17:28 - 2014-06-28 16:36 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-05 17:28 - 2014-06-28 16:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-05 17:28 - 2014-06-28 16:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-01 21:50 - 2012-12-08 09:39 - 00066256 _____ () C:\Users\Issam276\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-01 21:48 - 2012-12-08 09:38 - 04913880 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-01 21:47 - 2012-09-25 18:21 - 00006178 _____ () C:\ProgramData\hpzinstall.log
2014-12-01 21:38 - 2012-09-25 18:21 - 00000000 ____D () C:\ProgramData\HP
2014-12-01 21:33 - 2013-02-22 16:07 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-01 00:13 - 2014-02-11 12:15 - 00000008 __RSH () C:\ProgramData\ntuser.pol
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Comodo
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Gast\AppData\Local\Comodo
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-12-01 00:08 - 2014-05-10 17:23 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-12-01 00:08 - 2014-02-14 17:14 - 00000000 ____D () C:\Users\Default\AppData\Local\Google
2014-12-01 00:08 - 2014-02-14 17:14 - 00000000 ____D () C:\Users\Default User\AppData\Local\Google
2014-12-01 00:08 - 2013-06-26 12:08 - 00000000 ____D () C:\Users\Gast\AppData\Local\Google
2014-12-01 00:08 - 2012-07-03 17:11 - 00000000 ____D () C:\Users\Issam276\AppData\Local\Google
2014-11-30 23:59 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-11-30 23:59 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-11-30 22:40 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PLA
2014-11-30 21:10 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2014-11-30 21:02 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-11-30 20:13 - 2014-03-03 17:37 - 00000000 ____D () C:\Windows\system32\log
2014-11-30 19:39 - 2012-11-18 14:41 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-30 19:39 - 2012-11-18 14:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-11-30 19:39 - 2012-06-14 13:52 - 00000000 ____D () C:\Program Files\WinRAR
2014-11-30 19:26 - 2014-08-31 20:00 - 00000000 ___RD () C:\Users\Issam276\Dropbox
2014-11-30 19:17 - 2014-08-31 19:58 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Dropbox
2014-11-30 19:16 - 2014-08-31 20:00 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-11-30 12:19 - 2014-11-01 20:28 - 00000000 ____D () C:\Users\Issam276\AppData\Local\osu!
2014-11-30 01:24 - 2012-06-27 18:39 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\TeamViewer
2014-11-29 22:20 - 2012-06-14 13:02 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-11-29 10:13 - 2013-01-25 19:07 - 00000000 ____D () C:\Users\Issam276\AppData\Roaming\.minecraft
2014-11-27 22:18 - 2009-07-14 06:13 - 01799304 _____ () C:\Windows\system32\PerfStringBackup.INI

Files to move or delete:
====================
C:\Users\Issam276\jagex_cl_oldschool_LIVE.dat
C:\Users\Issam276\jagex_cl_runescape_LIVE.dat
C:\Users\Issam276\random.dat


Some content of TEMP:
====================
C:\Users\Issam276\AppData\Local\Temp\Quarantine.exe
C:\Users\Issam276\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-12-15 16:36

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

--- --- ---

Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20-12-2014
Ran by Issam276 at 2014-12-25 18:01:33
Running from C:\Users\Issam276\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Emsisoft Internet Security (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Internet Security (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
FW: Emsisoft Internet Security (Disabled) {BD3F5FCA-866B-1E2E-0A68-58900A751EA1}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 16 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
AI Suite (HKLM-x32\...\{310BC5E2-31AF-49BB-904D-E71EB93645DC}) (Version: 1.06.22 - )
Akamai NetSession Interface (HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
AMD Catalyst Install Manager (HKLM\...\{2BFD590F-1D73-3533-E734-FDDAC3746E4A}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD OverDrive (HKLM-x32\...\{9C1FAB12-F426-432E-8579-75CAB60C69CF}) (Version: 4.2.0.0594 - Advanced Micro Devices, Inc.)
ANIO Service (HKLM-x32\...\{7B5CE976-C7A9-4E38-A7F3-6C8EF025DD8E}) (Version:  - )
Application Profiles (HKLM-x32\...\{4ED980CB-C288-6A80-A3EA-AEECC543058B}) (Version: 2.0.4525.30280 - Advanced Micro Devices, Inc.)
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 7.18.03 - ASUSTeK Computer Inc.)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
AVM FRITZ!WLAN (HKLM-x32\...\AVMWLANCLI) (Version:  - AVM Berlin)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Chris-PC Game Booster (HKLM-x32\...\Chris-PC Game Booster_is1) (Version: 2.00 - Chris P.C. srl)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
DriverEasy 4.8.0 (HKLM\...\DriverEasy_is1) (Version: 4.8.0.0 - Easeware)
Dropbox (HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
Emsisoft Internet Security (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft Ltd)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Gameforge Live 2.0.5 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.5 - Gameforge)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HydraVision (x32 Version: 4.2.216.0 - Advanced Micro Devices, Inc.) Hidden
Java 7 Update 71 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417071FF}) (Version: 7.0.710 - Oracle)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games )
League of Legends (x32 Version: 3.0.1 - Riot Games ) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
MEGAsync (HKLM-x32\...\MEGAsync) (Version:  - Mega Limited)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{b341426f-8543-4e0d-96c3-e976f8ec5ab6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MTA:SA v1.4.0 (HKLM-x32\...\MTA:SA 1.4) (Version: v1.4.0 - Multi Theft Auto)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version:  - )
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
osu! (HKLM-x32\...\{ba6599d0-1e00-4060-a455-55382b1c7008}) (Version: latest - ppy Pty Ltd)
PC Probe II (HKLM-x32\...\{F7338FA3-DAB5-49B2-900D-0AFB5760C166}) (Version: 1.04.92 - ASUSTeK Computer Inc.)
RAIDXpert (HKLM-x32\...\InstallShield_{8B76B8E9-F773-4B75-A08C-120079EB765E}) (Version: 3.2.1540.10 - AMD)
RAIDXpert (x32 Version: 3.2.1540.10 - AMD) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.90.826.2014 - Realtek)
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6519 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14083.17 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-1925287450-1312797874-627100175-1001\...\Spotify) (Version: 0.9.15.27.g87efe634 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.35436 Beta - TeamViewer)
Turbo Key (HKLM-x32\...\{B83F7FA5-3191-4E39-A1F2-8A9038BD0B04}) (Version: 1.01.03 - )
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR 5.11 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)
WinSCP 4.3.8 (HKLM-x32\...\winscp3_is1) (Version: 4.3.8 - Martin Prikryl)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{3a022117-d6e3-4fcd-a8a2-d31ed64d8e1e}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1925287450-1312797874-627100175-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Issam276\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

21-12-2014 18:15:32 Revo Uninstaller's restore point - Futuremark SystemInfo
21-12-2014 21:13:15 Revo Uninstaller's restore point - League of Legends
21-12-2014 21:13:34 Removed League of Legends
21-12-2014 21:18:29 Revo Uninstaller's restore point - LOLReplay
21-12-2014 21:18:35 Installed League of Legends
21-12-2014 21:19:13 DirectX wurde installiert
21-12-2014 21:50:17 Revo Uninstaller's restore point - ChrisPC DNS Switch 1.40
22-12-2014 00:22:17 Installed IP Camera Adapter
23-12-2014 17:25:24 Revo Uninstaller's restore point - Google Chrome

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-09-27 11:49 - 2014-11-30 21:02 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {002BC456-DB44-4F10-BC5B-16C0AE4B94E5} - System32\Tasks\{35A5A0DE-E4FD-4FCE-A133-406843CE3598} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {00442CFD-6F8A-4E25-B0F7-099CBAF166DD} - System32\Tasks\Adobe-Online-Aktualisierungsprogramm => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-09-12] (Adobe Systems Incorporated)
Task: {07487D3F-27D3-4242-9986-5805088BC752} - System32\Tasks\{9CD2CBDC-9F17-4183-A776-3C3CDDB91238} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {094AD9FC-9A2A-4434-A267-67318F3AFB3C} - System32\Tasks\{C0BF0233-4710-4F22-B838-C53FD13B197E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {0D5CB102-9F0B-4BEF-9B7C-C8DD85A116EC} - System32\Tasks\{57FA110B-6E92-4EFD-98D9-19C15C00EF98} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {0E945E72-5D2C-4BEE-8169-B44EFAF0C579} - System32\Tasks\{CC321D73-229D-4CDF-9597-05F0B15F5904} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {1B0FF44F-B3B3-4261-9E8C-07E83F04A8CE} - System32\Tasks\{97DA18F4-90B4-45A3-BC74-3C01B81E7603} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {1B9795BE-3E65-435B-A5B7-EE5DED837485} - System32\Tasks\{1DB90D4F-8D72-4AD5-8F36-5C4F0864AD9F} => C:\Program Files (x86)\Opera\Opera.exe
Task: {1D959856-47B4-4D86-A9FD-33900CD35ADF} - System32\Tasks\{D7E5FBB1-D0B1-4F1A-8742-47F989B83816} => C:\Program Files (x86)\Opera\Opera.exe
Task: {1EC122BA-C536-430F-8C35-6F86ECC39FF0} - System32\Tasks\{494A9B35-6058-4C19-A20A-E1DCE48F0786} => C:\Program Files (x86)\Opera\Opera.exe
Task: {217D3CDB-3FEF-4F4E-9156-02BFFFAAE60A} - System32\Tasks\{1CB8B36D-FC19-4546-8C7C-611AF21AD7E1} => pcalua.exe -a C:\ProgramData\Wizard101(DE)\Wizard101.exe -d C:\ProgramData\Wizard101(DE)
Task: {2572CB5E-1A7C-46F1-85B1-B62F4A17C417} - System32\Tasks\{1FBC4539-2901-4DDB-9D2F-862065494E88} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {27618943-30C4-4FBF-94B8-8ACB0A6F7E6D} - System32\Tasks\{0C9C72E9-00D2-49A6-8DF4-DAF367138BD8} => C:\Program Files (x86)\Opera\Opera.exe
Task: {2991A55D-1CD8-403C-B255-0C11A6C837E1} - System32\Tasks\{B261FD97-9C57-4F06-9AD3-4052FA220C1D} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2B7A7CE2-981F-42D2-8492-CD5D1AF9E827} - System32\Tasks\{B4F0F2F1-B534-4A0D-9DF2-C38AE4C520E9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {2CCD6124-8AE7-461C-BE80-4B62D3002340} - System32\Tasks\{3D7EEA60-2C2B-478A-9723-F829C43AC6E5} => C:\Program Files (x86)\Opera\Opera.exe
Task: {2CF1D8CF-0EA9-458A-85A8-561D147B6135} - System32\Tasks\{0B628F86-550A-486F-B114-58C62871B721} => C:\Program Files (x86)\Opera\Opera.exe
Task: {310CC0F8-C247-4599-ACFC-F3CD766E6AD5} - System32\Tasks\{FB8C4083-EF27-4416-85FA-D471CEDE5FB4} => C:\Program Files (x86)\Opera\Opera.exe
Task: {38FF6FD9-3BC6-4F09-959F-F2205181E561} - System32\Tasks\ASUS\Cpu Level Up Hook Lanunch => C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHookLaunch.exe [2009-12-28] ()
Task: {3B272214-852C-4330-841F-3F9FF4F9CB96} - System32\Tasks\{2B6CE963-FF84-494C-A826-01D80631B926} => C:\Program Files (x86)\Opera\Opera.exe
Task: {4D020374-93EC-4337-92A7-F01F2B25AB76} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-23] (Google Inc.)
Task: {517D8EB9-77F1-497E-834A-D1FA240CE073} - System32\Tasks\{027A1301-659D-4B41-8A7F-040B74EBA95D} => C:\Program Files (x86)\Opera\Opera.exe
Task: {518389D1-8CCD-4B86-8F41-B077F9C9C618} - System32\Tasks\{EDDBD687-D415-4B69-927A-02931F7F1AAE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {51BFF5FC-5BC5-4DEE-9099-827B8BFB3632} - System32\Tasks\{8383930E-67E3-4379-A09D-4E59914B6389} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5244B6B7-C2C2-416A-8955-6F2586705863} - System32\Tasks\{54F5669B-1BD5-4394-89D5-A6EFBA584ACD} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {5250B132-6E5B-47AC-BB16-E9815CC9A9C0} - System32\Tasks\{CAF62C3C-79A4-4066-B1CD-4E0DF30564F9} => pcalua.exe -a "C:\Program Files (x86)\Hotspot Shield\bin\HssInstaller.exe" -d "C:\Program Files (x86)\Hotspot Shield\bin"
Task: {52E12DE9-93B7-4E4B-85D1-DD2EDCEBE48A} - System32\Tasks\HP-Online-Aktualisierungsprogramm => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
Task: {562A50BF-2E54-45F4-9077-473F7A049562} - System32\Tasks\{6310026B-3E16-4E78-998C-7F30496D8899} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {571A9041-6AA5-4836-BA2B-534C9EB85DCE} - System32\Tasks\{D319D8AB-8433-493A-84FA-D1698EDEAFCE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {577E3FA9-79BA-4694-AE4C-9B609E38C0E9} - System32\Tasks\{DE38B5D4-C035-40D9-848C-B966145964A9} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5AEBC49C-BCC7-4EC1-8951-9B299633E773} - System32\Tasks\{9E9AC548-DCCB-4B5B-9EDB-0E52B9DE5627} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5BE38A7A-4925-497C-82F3-A330FC280BC4} - System32\Tasks\{949BCCD7-1397-41DE-9EF8-11EE2C0CE563} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5C099198-A578-4EEC-92B4-6417465170A1} - System32\Tasks\{41F9C8B0-D0DD-4377-9D24-69E831D0CF7A} => C:\Program Files (x86)\Opera\Opera.exe
Task: {5C4A49C0-89DE-4238-8F91-64CFBFBAEE53} - System32\Tasks\{BB6E67DE-783D-4A31-8585-E7CAEC52E5AA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {60553E3D-46C1-4E1E-A947-FA9307DD2C8C} - System32\Tasks\{74F988AC-9E60-40C7-8D90-CFECFAEE92E1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {627CECAB-2B8F-4A2E-92B9-B140446FE0EC} - System32\Tasks\{90038331-2672-47E4-99D2-E9ECCB36DC14} => C:\Program Files (x86)\Opera\Opera.exe
Task: {6D6DF3D0-D45F-4F6F-B07C-E1FBBD6FD0B9} - System32\Tasks\{59008250-33FF-402A-82FD-577C388040C8} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {717B3FF7-1A14-47F6-8B46-91A57AD183CA} - System32\Tasks\{1FB7ED02-0BF3-4694-A643-44D549B5C376} => C:\Program Files (x86)\Opera\Opera.exe
Task: {722A80F7-B367-438E-82D6-607B2AAE2AD5} - System32\Tasks\{0D1B66EB-8E6C-4941-A849-C02CAA677C49} => C:\Program Files (x86)\Opera\Opera.exe
Task: {7352E960-C7B0-45FE-A83F-F87B5AA6E651} - System32\Tasks\{5F44ABCA-6526-4396-A179-A30F6651B4A5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {740EE1F2-3BC5-4CD5-B694-A5FE540D3E9E} - System32\Tasks\{F6171EAE-04B0-4030-B64B-4B9DF15D3273} => C:\Program Files (x86)\Opera\Opera.exe
Task: {7461D4F0-EA41-4211-B75D-45216A8E1438} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-12-23] (Google Inc.)
Task: {76B86268-4206-4908-ADA8-A9FA15A4F610} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: {7A0C2EDE-2AF3-40D3-8E5E-AC91914B9348} - System32\Tasks\{36BD8F26-454A-45A7-98BC-D772130BD6D1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {7CBDBD19-6CA0-43C5-95A3-B5B0B50A01DB} - System32\Tasks\{B117D272-C5AF-4E62-9F8E-DA7E6CE8FF4E} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {7EF615A3-395A-4B8F-AF0B-D79B49D3A554} - System32\Tasks\{064550D4-D75D-402D-AB32-91E23A58D5F4} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {821856F1-ED6B-4965-84E5-2519F0D73FB5} - System32\Tasks\{8424C4DF-A4EC-4B5B-814E-60CE8AB30940} => C:\Program Files (x86)\Opera\Opera.exe
Task: {82F5E65C-C34C-4E7A-BA2B-3EC5834D6E13} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-21] (Adobe Systems Incorporated)
Task: {86715FE4-085D-43AB-A67D-906AB668D4A7} - System32\Tasks\{D1BFDBF2-DEA8-4BB9-8474-3A446710C951} => C:\Program Files (x86)\Opera\Opera.exe
Task: {878AA624-33EF-4ADA-BD3A-0D7BEA46656B} - System32\Tasks\{11EE2B2D-9A84-413C-B65A-30FADFE1F4C1} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8A24C11B-1434-4888-BB67-DA4035986E85} - System32\Tasks\{8F6BCC5D-9E79-4A90-A52C-B05FBD3A95EA} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {8B9B1B73-C0C4-48B0-A910-7D63871A1890} - System32\Tasks\{CE6A2A80-3982-406F-916F-BF44A1FE93BE} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8C5EA5CA-2168-47C9-A8AD-8D8F8CD43494} - System32\Tasks\{3096790B-F753-40DE-BBBD-C96814C19276} => C:\Program Files (x86)\Opera\Opera.exe
Task: {8D278482-A7C4-4259-B172-CD56F7F3242B} - System32\Tasks\{C307734E-4CEF-40E7-BB76-67E38AFE3245} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {8FB0CF65-18EC-4D9E-84EA-E0C2E70B609A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
Task: {9034EE4A-EF7C-4EBC-B8FB-59A0E30DCDCB} - System32\Tasks\{B7D832C7-A1D4-449B-AFB7-35A7D5308265} => C:\Program Files (x86)\Opera\Opera.exe
Task: {9173C9BE-02B5-4B2E-9CDD-85959BAC8FE8} - System32\Tasks\{AA084653-E62A-4321-85C7-E1F14B703E3B} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {92D5F453-D605-4376-BBAF-560DCBF5179E} - System32\Tasks\{08F83017-CD43-415F-BAC5-1B6099D399DE} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {9455CECE-75DF-4B1C-8F1C-9D6F22BAF9EE} - System32\Tasks\{1C451F35-6BB4-4E64-9D44-83DA1235BD66} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {97E4E16D-3E9D-4441-B88C-F8DAD136D5AC} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {9B836882-C9AA-46BA-A2BA-B2FBC31A7D1B} - System32\Tasks\{402ED0EB-55E1-49BC-85FF-B611C38007C2} => C:\Program Files (x86)\Opera\Opera.exe
Task: {9DEE72AF-EDDE-4210-860C-D59F8CE425A5} - System32\Tasks\{FEE95010-E0AC-4F29-89EB-CC1D42B7322D} => C:\Program Files (x86)\Opera\Opera.exe
Task: {A5971EB2-865A-4144-B663-DC582061EE03} - System32\Tasks\{2EB349E6-0751-41BC-9F7E-301AC1E05B93} => C:\Program Files (x86)\Opera\Opera.exe
Task: {A6148E12-0291-4995-AF46-E06D84208F64} - System32\Tasks\{CE3CDE01-297E-4503-BDBC-F6BFCA06FC5A} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {A67DF276-6D87-4B90-9873-2A2EA8FCE1CB} - System32\Tasks\{F14CFAC1-DBF2-4360-95C4-B2F2F9DB35E4} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {AA1BFF9B-0E49-4EB7-B267-2C7CB4A2ED1E} - System32\Tasks\{9276B961-43E2-4972-B3AD-25EACD24D008} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B1677E31-93D0-47CC-AC29-7D496732B34B} - System32\Tasks\{6933359E-E599-4364-BEFF-153E2C84ECF1} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B23234F8-1783-4601-B17A-A749DC43B32C} - System32\Tasks\{CF201C0D-902D-45EC-AB8B-441B32C49B96} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B39E32F9-A4EE-4F1C-AD43-1AFF1EC66810} - System32\Tasks\{520D24F2-56D5-4A8F-A89D-4396E1298D0E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B43C1327-9D38-4105-BA3A-C7AC2DC0A854} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {B4CB886A-F99C-4F83-B319-AC5B4339BAFC} - System32\Tasks\{74BC537C-1377-401A-9CBD-EC70A4E00FE6} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {B4D142B4-4AB8-4B95-912F-FA662BCB5F05} - System32\Tasks\{816E19F8-6746-42E8-825E-C00C9D8CFF94} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B4F576A8-5746-40C0-878D-8D298BD66F25} - System32\Tasks\{15AA7614-5DDE-4F02-8A19-A95EC0A1D51D} => C:\Program Files (x86)\Opera\Opera.exe
Task: {B8266606-848E-4C36-BA78-1D86A62F2B77} - System32\Tasks\{24C3BC9D-CAFC-4292-BD2A-FFCF0B425D08} => C:\Program Files (x86)\Opera\Opera.exe
Task: {BB7D82FD-251B-4EF7-B078-D7DCE617D964} - System32\Tasks\{8FC938EB-7EAF-4A34-BC9D-AE2F5778B1B1} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {BE835B87-3BC8-4D2F-98F4-08EA1738769B} - System32\Tasks\{9A921854-22BF-4FF6-917B-1529CCCD96DB} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {BF14D3C2-045B-46CA-95BA-E54E71AA5EE8} - System32\Tasks\{FE9E2570-3D08-4423-AFC3-5C7948AE63B6} => C:\Program Files (x86)\Opera\Opera.exe
Task: {CBB4538C-70A1-4630-8661-5D84D95409E7} - System32\Tasks\{7A14CB27-EE0B-47F1-B055-77F01B48DBC9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {CE491649-14B0-4AE2-AF71-9B80E2717EDE} - System32\Tasks\{9A3B38A4-E24C-4CA3-836B-B69E7E5C4A8F} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D3A08372-F9B6-4E87-B367-CF2D04F990A2} - System32\Tasks\{C58F335D-256C-447C-8F92-0D21522B0AE2} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D3ABB6D7-9F40-4E4A-B2B6-72AB46A050F7} - System32\Tasks\{83D83B71-6311-4584-B276-FEF554406168} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D51CC9D5-F8A0-48CA-AF21-4E3C1E57E18A} - System32\Tasks\{E3BA121A-6110-46E2-B350-F190E39F142A} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D55EA148-E054-4415-97C3-733D26CAD4E3} - System32\Tasks\{7B2D31C4-B94E-459C-9AB9-7BA5A6885752} => C:\Program Files (x86)\Opera\Opera.exe
Task: {D68AFE80-D806-4B03-8AF8-0D69B8F3266F} - System32\Tasks\{C0804A57-189E-4D52-A8D5-914BE6EC38F9} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {D9F0C0DA-2D8C-45BC-8EB1-746DAD06A5AA} - System32\Tasks\{178B6CBE-CD97-4A87-A91B-79970D345AA5} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {DE9B3A77-0437-4DAC-A2F6-1C4095755D50} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {DF647FC5-023B-433B-A122-FD19ECBBFB86} - System32\Tasks\{6B5908DA-E475-496F-9C03-92B7931F8B4E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E605C0CD-CF58-4517-9803-90D6F64981E6} - System32\Tasks\{CC42283F-627B-42E6-B065-74187AD2AC1E} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E6FF23C5-E38B-446E-8E9D-335C6AF909D1} - System32\Tasks\{174B23CD-95AE-408F-A856-1370A9D536E1} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E709A72E-20A0-408C-8C71-C6281C3A9E2C} - System32\Tasks\{A7B59FCB-77B6-43A8-B48C-A4408A63A05C} => C:\Program Files (x86)\Opera\Opera.exe
Task: {E966568A-61B6-46C0-81ED-FD8F48DFB1A5} - System32\Tasks\{3EF7DE06-5206-4DE0-8481-16D004F97BC7} => C:\Program Files (x86)\Opera\Opera.exe
Task: {EA7EC79F-EE05-40AC-A1AA-EF8F38EE1D94} - System32\Tasks\{0E7C6814-82A5-4652-86AF-0257E8E200B0} => C:\Program Files (x86)\Opera\Opera.exe
Task: {ED2C4059-C99A-478E-AFB7-A89311EE1AF3} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files (x86)\ASUS\AASP\1.01.12\AsLoader.exe [2010-01-13] (ASUSTeK Computer Inc.)
Task: {EE65A338-E67D-4F14-B674-5CBA24CD1AF1} - System32\Tasks\{3FE25692-2DF1-4C8A-83BD-5C0938957293} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {F20A80F0-766A-4B7F-98DD-6229DA061883} - System32\Tasks\{6ABFC70E-5286-4F62-8D85-3DB5C7E96535} => C:\Program Files (x86)\Opera\Opera.exe
Task: {FAD1D3B7-6A37-47D3-839D-81888361D8DA} - System32\Tasks\{C4DCDE58-2889-4887-A3A8-759819CB3B00} => C:\Program Files (x86)\Opera\Opera.exe
Task: {FBD60A63-97EE-4455-A187-75DD221AC9B9} - System32\Tasks\{B55E87D1-7DD5-45F3-839C-11D9E63BACE7} => Firefox.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FDA4DAEA-5188-46B1-8E30-64BB76D227AC} - System32\Tasks\{EF6CA142-96C0-4D8A-B1B8-DF46DCB79231} => C:\Program Files (x86)\Opera\Opera.exe
Task: {FE7BAC5A-F911-419A-A23E-1A2FA331CB95} - System32\Tasks\{4C1D5CDD-8AE5-4025-923B-71D4C96C9F47} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: {FFBA2F6D-660A-4E9F-984C-78AD46ACDCD5} - System32\Tasks\{87B307EE-CC62-4781-8900-89C379B24C05} => Iexplore.exe hxxp://ui.skype.com/ui/0/5.10.0.116/de/go/help.faq.installer?LastError=1603
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverEasy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-05-01 15:13 - 2014-05-01 15:13 - 00470016 _____ () C:\ProgramData\MEGAsync\ShellExtX64.dll
2012-12-17 17:14 - 2012-12-17 17:14 - 00954848 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
2014-05-01 15:15 - 2014-05-01 15:15 - 00463360 _____ () C:\ProgramData\MEGAsync\ShellExtX32.dll
2014-12-23 17:31 - 2014-12-06 02:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-23 17:31 - 2014-12-06 02:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-25 15:38 - 2014-02-10 12:44 - 04592128 _____ () C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libglesv2.dll
2014-12-25 15:38 - 2014-02-10 12:44 - 00112128 _____ () C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\SwiftShader\3.2.6.45159\libegl.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: CGVPNCliService => 2
MSCONFIG\Services: EslWireHelper => 2
MSCONFIG\Services: Hamachi2Svc => 2
MSCONFIG\Services: hshld => 2
MSCONFIG\Services: HssTrayService => 3
MSCONFIG\Services: HssWd => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: LBTServ => 3
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: OkayFreedom VPN Starter Service => 2
MSCONFIG\Services: OverwolfUpdaterService => 3
MSCONFIG\Services: RalinkRegistryWriter => 2
MSCONFIG\Services: RalinkRegistryWriter64 => 2
MSCONFIG\Services: RaMediaServer => 2
MSCONFIG\Services: SearchAnonymizer => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer8 => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: hpqSRMon => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe                                                                                                                                                                                                             
MSCONFIG\startupreg: Spotify => "C:\Users\Issam276\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Issam276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\steam.exe" -silent

========================= Accounts: ==========================

Administrator (S-1-5-21-1925287450-1312797874-627100175-500 - Administrator - Disabled)
Gast (S-1-5-21-1925287450-1312797874-627100175-501 - Limited - Disabled) => C:\Users\Gast
HomeGroupUser$ (S-1-5-21-1925287450-1312797874-627100175-1002 - Limited - Enabled)
Issam276 (S-1-5-21-1925287450-1312797874-627100175-1001 - Administrator - Enabled) => C:\Users\Issam276

==================== Faulty Device Manager Devices =============

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/25/2014 05:51:58 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/25/2014 04:44:02 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Windows\system32\wbem\wmiprvse.exe; Beschreibung = Installed AMD PCI IDE Controller.zip by DriverEasy; Fehler = 0x8007043c).

Error: (12/25/2014 04:35:05 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (12/25/2014 04:31:09 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Users\Issam276\AppData\Local\Temp\Rar$EXa0.743\Install_Win7_7090_11252014\setup.exe ; Beschreibung = Installiert Realtek Ethernet Controller Driver; Fehler = 0x8007043c).

Error: (12/25/2014 03:32:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/25/2014 03:21:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/25/2014 01:06:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: a2service.exe, Version: 9.0.0.4783, Zeitstempel: 0x5474cf54
Name des fehlerhaften Moduls: fw32.dll_unloaded, Version: 0.0.0.0, Zeitstempel: 0x54694215
Ausnahmecode: 0xc0000005
Fehleroffset: 0x72bc477d
ID des fehlerhaften Prozesses: 0x434
Startzeit der fehlerhaften Anwendung: 0xa2service.exe0
Pfad der fehlerhaften Anwendung: a2service.exe1
Pfad des fehlerhaften Moduls: a2service.exe2
Berichtskennung: a2service.exe3

Error: (12/23/2014 09:20:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BoL Studio.exe, Version: 0.0.0.0, Zeitstempel: 0x53ebcd62
Name des fehlerhaften Moduls: BoL Studio.exe, Version: 0.0.0.0, Zeitstempel: 0x53ebcd62
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000cf4f
ID des fehlerhaften Prozesses: 0x1678
Startzeit der fehlerhaften Anwendung: 0xBoL Studio.exe0
Pfad der fehlerhaften Anwendung: BoL Studio.exe1
Pfad des fehlerhaften Moduls: BoL Studio.exe2
Berichtskennung: BoL Studio.exe3

Error: (12/23/2014 07:26:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SpotifyWebHelper.exe, Version: 0.9.15.27, Zeitstempel: 0x54803b75
Name des fehlerhaften Moduls: SpotifyWebHelper.exe, Version: 0.9.15.27, Zeitstempel: 0x54803b75
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00012397
ID des fehlerhaften Prozesses: 0xb70
Startzeit der fehlerhaften Anwendung: 0xSpotifyWebHelper.exe0
Pfad der fehlerhaften Anwendung: SpotifyWebHelper.exe1
Pfad des fehlerhaften Moduls: SpotifyWebHelper.exe2
Berichtskennung: SpotifyWebHelper.exe3


System errors:
=============
Error: (12/25/2014 05:52:21 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084defragsvc{D20A3293-3341-4AE8-9AAF-8E397CB63C34}

Error: (12/25/2014 04:32:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (12/25/2014 04:32:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (12/25/2014 04:32:13 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (12/25/2014 04:32:12 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Heimnetzgruppen-Anbieter" ist vom Dienst "Funktionssuchanbieter-Host" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (12/25/2014 04:32:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (12/25/2014 04:32:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (12/25/2014 04:32:09 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (12/25/2014 04:32:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068

Error: (12/25/2014 04:32:02 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "Computerbrowser" ist vom Dienst "Server" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068


Microsoft Office Sessions:
=========================
Error: (12/25/2014 05:51:58 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

Error: (12/25/2014 04:44:02 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Windows\system32\wbem\wmiprvse.exeInstalled AMD PCI IDE Controller.zip by DriverEasy0x8007043c

Error: (12/25/2014 04:35:05 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Issam276\Downloads\esetsmartinstaller_deu.exe

Error: (12/25/2014 04:31:09 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: C:\Users\Issam276\AppData\Local\Temp\Rar$EXa0.743\Install_Win7_7090_11252014\setup.exe Installiert Realtek Ethernet Controller Driver0x8007043c

Error: (12/25/2014 03:32:59 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/25/2014 03:21:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/25/2014 01:06:10 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: a2service.exe9.0.0.47835474cf54fw32.dll_unloaded0.0.0.054694215c000000572bc477d43401d01ecb15711921C:\Program Files (x86)\Emsisoft Internet Security\a2service.exefw32.dlld459cba0-8bc9-11e4-bc70-5404a612ad7a

Error: (12/23/2014 09:20:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: BoL Studio.exe0.0.0.053ebcd62BoL Studio.exe0.0.0.053ebcd62c00004090000cf4f167801d01eedb7174746C:\Users\Issam276\Desktop\sadsdasda\BoL Studio.exeC:\Users\Issam276\Desktop\sadsdasda\BoL Studio.exe11e2d658-8ae1-11e4-bc70-5404a612ad7a

Error: (12/23/2014 07:26:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: SpotifyWebHelper.exe0.9.15.2754803b75SpotifyWebHelper.exe0.9.15.2754803b75c000000500012397b7001d01ecb221fced9C:\Users\Issam276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exeC:\Users\Issam276\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe41edc2fc-8ad1-11e4-bc70-5404a612ad7a


CodeIntegrity Errors:
===================================
  Date: 2014-11-30 20:57:24.409
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-11-30 20:57:24.253
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-06-29 09:37:48.936
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-29 09:37:48.935
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-29 09:37:48.934
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-29 09:37:48.916
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-29 09:37:48.915
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-29 09:37:48.913
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-28 19:42:21.884
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.

  Date: 2014-06-28 19:42:21.883
  Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\KLELAMX64\klelam.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.


==================== Memory info ===========================

Processor: AMD FX(tm)-4100 Quad-Core Processor
Percentage of memory in use: 23%
Total physical RAM: 8174.12 MB
Available physical RAM: 6219.1 MB
Total Pagefile: 16346.41 MB
Available Pagefile: 14682.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:921.75 GB) (Free:734.52 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B2544B2F)
Partition 1: (Not Active) - (Size=9.8 GB) - (Type=27)
Partition 2: (Active) - (Size=921.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================
So, hab Google Chrome deinstalliert, kam aber nach wie vor das Problem, bloß mit einer etwas veränderten Fehlermeldung.
Code:
fwndis64.sys        fwndis64.sys+3b2a        fffff880`02c00000        fffff880`02c79000        0x00079000        0x549958e6        23.12.2014 12:58:30                                               
ntoskrnl.exe        ntoskrnl.exe+f20d4        fffff800`0340e000        fffff800`039f3000        0x005e5000        0x531590fb        04.03.2014 09:38:19        Microsoft® Windows® Operating System        NT Kernel & System        6.1.7601.18409 (win7sp1_gdr.140303-2144)        Microsoft Corporation        C:\Windows\system32\ntoskrnl.exe       
hal.dll                fffff800`039f3000        fffff800`03a3c000        0x00049000        0x4ce7c669        20.11.2010 14:00:25                                               
kdcom.dll                fffff800`00bb3000        fffff800`00bbd000        0x0000a000        0x4d4d8061        05.02.2011 17:52:49                                               
mcupdate_AuthenticAMD.dll                fffff880`00c75000        fffff880`00c82000        0x0000d000        0x4a5bdf65        14.07.2009 02:29:09                                               
PSHED.dll                fffff880`00c82000        fffff880`00c96000        0x00014000        0x4a5be027        14.07.2009 02:32:23        Betriebssystem Microsoft® Windows®        Plattformspezifischer Hardwarefehlertreiber        6.1.7600.16385 (win7_rtm.090713-1255)        Microsoft Corporation        C:\Windows\system32\PSHED.dll       
CLFS.SYS                fffff880`00c96000        fffff880`00cf4000        0x0005e000        0x4a5bc11d        14.07.2009 00:19:57                                               
CI.dll                fffff880`00cf4000        fffff880`00db4000        0x000c0000        0x4ce7c944        20.11.2010 14:12:36                                               
Wdf01000.sys                fffff880`00e05000        fffff880`00ec7000        0x000c2000        0x51c51641        22.06.2013 04:13:05                                               
WDFLDR.SYS                fffff880`00ec7000        fffff880`00ed7000        0x00010000        0x5010ab70        26.07.2012 03:29:04                                               
ACPI.sys                fffff880`00ed7000        fffff880`00f2e000        0x00057000        0x4ce79294        20.11.2010 10:19:16                                               
WMILIB.SYS                fffff880`00f2e000        fffff880`00f37000        0x00009000        0x4a5bc117        14.07.2009 00:19:51                                               
msisadrv.sys                fffff880`00f37000        fffff880`00f41000        0x0000a000        0x4a5bc0fe        14.07.2009 00:19:26                                               
pci.sys                fffff880`00f41000        fffff880`00f74000        0x00033000        0x4ce7928f        20.11.2010 10:19:11                                               
vdrvroot.sys                fffff880`00f74000        fffff880`00f81000        0x0000d000        0x4a5bcadb        14.07.2009 01:01:31                                               
partmgr.sys                fffff880`00f81000        fffff880`00f96000        0x00015000        0x4f641bc1        17.03.2012 06:06:09                                               
volmgr.sys                fffff880`00f96000        fffff880`00fab000        0x00015000        0x4ce792a0        20.11.2010 10:19:28                                               
volmgrx.sys                fffff880`00c00000        fffff880`00c5c000        0x0005c000        0x4ce792eb        20.11.2010 10:20:43                                               
pciide.sys                fffff880`00fab000        fffff880`00fb2000        0x00007000        0x4a5bc115        14.07.2009 00:19:49                                               
PCIIDEX.SYS                fffff880`00fb2000        fffff880`00fc2000        0x00010000        0x4a5bc114        14.07.2009 00:19:48                                               
mountmgr.sys                fffff880`00fc2000        fffff880`00fdc000        0x0001a000        0x4ce79299        20.11.2010 10:19:21                                               
atapi.sys                fffff880`00fdc000        fffff880`00fe5000        0x00009000        0x4a5bc113        14.07.2009 00:19:47                                               
ataport.SYS                fffff880`00db4000        fffff880`00dde000        0x0002a000        0x51fef9b5        05.08.2013 02:02:45                                               
amd_sata.sys                fffff880`00fe5000        fffff880`00ffd000        0x00018000        0x5077e774        12.10.2012 10:48:36                                               
storport.sys                fffff880`010df000        fffff880`01143000        0x00064000        0x52f04432        04.02.2014 02:36:50                                               
amd_xata.sys                fffff880`01143000        fffff880`01151000        0x0000e000        0x5077e777        12.10.2012 10:48:39                                               
amdsata.sys                fffff880`01151000        fffff880`0116f000        0x0001e000        0x4ba2c91d        19.03.2010 01:45:17                                               
amdxata.sys                fffff880`0116f000        fffff880`0117a000        0x0000b000        0x4ba3a3ca        19.03.2010 17:18:18                                               
fltmgr.sys                fffff880`0117a000        fffff880`011c6000        0x0004c000        0x4ce7929c        20.11.2010 10:19:24                                               
fileinfo.sys                fffff880`011c6000        fffff880`011da000        0x00014000        0x4a5bc481        14.07.2009 00:34:25                                               
Ntfs.sys                fffff880`0124d000        fffff880`013f6000        0x001a9000        0x52e1be8a        24.01.2014 02:14:50                                               
msrpc.sys                fffff880`01000000        fffff880`0105e000        0x0005e000        0x4ce79334        20.11.2010 10:21:56                                               
ksecdd.sys                fffff880`01200000        fffff880`0121b000        0x0001b000        0x5348920e        12.04.2014 02:08:30                                               
cng.sys                fffff880`0105e000        fffff880`010d0000        0x00072000        0x50194fb7        01.08.2012 16:48:07                                               
pcw.sys                fffff880`0121b000        fffff880`0122c000        0x00011000        0x4a5bc0ff        14.07.2009 00:19:27                                               
Fs_Rec.sys                fffff880`0122c000        fffff880`01236000        0x0000a000        0x4f4eefd2        01.03.2012 04:41:06                                               
ndis.sys                fffff880`014c9000        fffff880`015bb000        0x000f2000        0x5034f6b2        22.08.2012 16:11:46                                               
NETIO.SYS                fffff880`01400000        fffff880`01460000        0x00060000        0x5294760d        26.11.2013 11:21:01                                               
ksecpkg.sys                fffff880`01460000        fffff880`0148c000        0x0002c000        0x543c7790        14.10.2014 02:08:32                                               
tcpip.sys                fffff880`01601000        fffff880`01800000        0x001ff000        0x533f5bd4        05.04.2014 02:26:44                                               
fwpkclnt.sys                fffff880`0182c000        fffff880`01875000        0x00049000        0x533f5b09        05.04.2014 02:23:21                                               
volsnap.sys                fffff880`01875000        fffff880`018c1000        0x0004c000        0x4ce792c8        20.11.2010 10:20:08                                               
spldr.sys                fffff880`018c1000        fffff880`018c9000        0x00008000        0x4a0858bb        11.05.2009 17:56:27                                               
rdyboost.sys                fffff880`018c9000        fffff880`01903000        0x0003a000        0x4ce7982e        20.11.2010 10:43:10                                               
mup.sys                fffff880`01903000        fffff880`01915000        0x00012000        0x4a5bc201        14.07.2009 00:23:45                                               
hwpolicy.sys                fffff880`01915000        fffff880`0191e000        0x00009000        0x4ce7927e        20.11.2010 10:18:54                                               
fvevol.sys                fffff880`0191e000        fffff880`01958000        0x0003a000        0x5100a65c        24.01.2013 04:11:24                                               
disk.sys                fffff880`01958000        fffff880`0196e000        0x00016000        0x4a5bc11d        14.07.2009 00:19:57                                               
CLASSPNP.SYS                fffff880`0196e000        fffff880`0199e000        0x00030000        0x4ce7929b        20.11.2010 10:19:23                                               
cdrom.sys                fffff880`019d4000        fffff880`019fe000        0x0002a000        0x4ce79298        20.11.2010 10:19:20                                               
a2dix64.sys                fffff880`01800000        fffff880`0180f000        0x0000f000        0x5221c6af        31.08.2013 11:34:23                                               
Null.SYS                fffff880`0180f000        fffff880`01818000        0x00009000        0x4a5bc109        14.07.2009 00:19:37                                               
Beep.SYS                fffff880`01818000        fffff880`0181f000        0x00007000        0x4a5bca8d        14.07.2009 01:00:13                                               
vga.sys                fffff880`0148c000        fffff880`0149a000        0x0000e000        0x4a5bc587        14.07.2009 00:38:47                                               
VIDEOPRT.SYS                fffff880`0149a000        fffff880`014bf000        0x00025000        0x4a5bc58b        14.07.2009 00:38:51                                               
watchdog.sys                fffff880`015bb000        fffff880`015cb000        0x00010000        0x4a5bc53f        14.07.2009 00:37:35                                               
RDPCDD.sys                fffff880`0181f000        fffff880`01828000        0x00009000        0x4a5bce62        14.07.2009 01:16:34                                               
rdpencdd.sys                fffff880`015cb000        fffff880`015d4000        0x00009000        0x4a5bce62        14.07.2009 01:16:34                                               
rdprefmp.sys                fffff880`015d4000        fffff880`015dd000        0x00009000        0x4a5bce63        14.07.2009 01:16:35                                               
Msfs.SYS                fffff880`015dd000        fffff880`015e8000        0x0000b000        0x4a5bc113        14.07.2009 00:19:47                                               
Npfs.SYS                fffff880`015e8000        fffff880`015f9000        0x00011000        0x4a5bc114        14.07.2009 00:19:48                                               
tdx.sys                fffff880`011da000        fffff880`011fc000        0x00022000        0x54616a72        11.11.2014 02:46:26                                               
TDI.SYS                fffff880`01236000        fffff880`01243000        0x0000d000        0x4ce7933e        20.11.2010 10:22:06                                               
afd.sys                fffff880`03eb7000        fffff880`03f40000        0x00089000        0x5388291c        30.05.2014 07:45:48                                               
netbt.sys                fffff880`03f40000        fffff880`03f85000        0x00045000        0x4ce79386        20.11.2010 10:23:18                                               
ws2ifsl.sys                fffff880`03f85000        fffff880`03f90000        0x0000b000        0x4a5bccf9        14.07.2009 01:10:33                                               
wfplwf.sys                fffff880`03f90000        fffff880`03f99000        0x00009000        0x4a5bccb6        14.07.2009 01:09:26                                               
pacer.sys                fffff880`03f99000        fffff880`03fbf000        0x00026000        0x4ce7a862        20.11.2010 11:52:18                                               
anodlwfx.sys                fffff880`03fbf000        fffff880`03fc8000        0x00009000        0x49b0f680        06.03.2009 11:10:08                                               
vwififlt.sys                fffff880`03fc8000        fffff880`03fde000        0x00016000        0x4a5bcc3a        14.07.2009 01:07:22                                               
hssdrv6.sys                fffff880`03fde000        fffff880`03ff8000        0x0001a000        0x5376cad1        17.05.2014 03:34:57                                               
netbios.sys                fffff880`03e00000        fffff880`03e0f000        0x0000f000        0x4a5bccb6        14.07.2009 01:09:26                                               
serial.sys                fffff880`03e0f000        fffff880`03e2c000        0x0001d000        0x4a5bcaa8        14.07.2009 01:00:40                                               
wanarp.sys                fffff880`03e2c000        fffff880`03e47000        0x0001b000        0x4ce7a874        20.11.2010 11:52:36                                               
termdd.sys                fffff880`03e47000        fffff880`03e5b000        0x00014000        0x4ce7ab0c        20.11.2010 12:03:40                                               
rdbss.sys                fffff880`03e5b000        fffff880`03eac000        0x00051000        0x4ce79497        20.11.2010 10:27:51                                               
nsiproxy.sys                fffff880`010d0000        fffff880`010dc000        0x0000c000        0x4a5bc15e        14.07.2009 00:21:02                                               
mssmbios.sys                fffff880`03eac000        fffff880`03eb7000        0x0000b000        0x4a5bc3be        14.07.2009 00:31:10                                               
fwwfp764.sys                fffff880`0426c000        fffff880`042d4000        0x00068000        0x54995909        23.12.2014 12:59:05                                               
discache.sys                fffff880`042d4000        fffff880`042e3000        0x0000f000        0x4a5bc52e        14.07.2009 00:37:18                                               
dfsc.sys                fffff880`042e3000        fffff880`04301000        0x0001e000        0x4ce79447        20.11.2010 10:26:31                                               
blbdrive.sys                fffff880`04301000        fffff880`04312000        0x00011000        0x4a5bc4df        14.07.2009 00:35:59                                               
AsUpIO.sys                fffff880`04312000        fffff880`04318000        0x00006000        0x4a515fb2        06.07.2009 03:21:38                                        C:\Windows\system32\drivers\AsUpIO.sys       
AsIO.sys                fffff880`04318000        fffff880`0431e000        0x00006000        0x4c7325fe        24.08.2010 02:53:02                                        C:\Windows\system32\drivers\AsIO.sys       
a2util64.sys                fffff880`0431e000        fffff880`04328000        0x0000a000        0x537059be        12.05.2014 06:18:54                                               
a2ddax64.sys                fffff880`04328000        fffff880`04332000        0x0000a000        0x51396c04        08.03.2013 05:41:40                                               
tunnel.sys                fffff880`04332000        fffff880`04358000        0x00026000        0x4ce7a846        20.11.2010 11:51:50                                               
amdppm.sys                fffff880`04358000        fffff880`0436d000        0x00015000        0x4a5bc0fd        14.07.2009 00:19:25                                               
atikmpag.sys                fffff880`0446d000        fffff880`0450b000        0x0009e000        0x52311556        12.09.2013 02:13:58                                               
atikmdag.sys                fffff880`11071000        fffff880`11cf1000        0x00c80000        0x52312203        12.09.2013 03:08:03                                               
dxgkrnl.sys                fffff880`11cf1000        fffff880`11de6000        0x000f5000        0x539e411c        16.06.2014 01:58:04                                               
dxgmms1.sys                fffff880`11000000        fffff880`11046000        0x00046000        0x5164dc13        10.04.2013 04:27:15                                               
HDAudBus.sys                fffff880`11046000        fffff880`1106a000        0x00024000        0x4ce7a65e        20.11.2010 11:43:42                                               
Rt64win7.sys                fffff880`0450b000        fffff880`045f4000        0x000e9000        0x53fc2790        26.08.2014 07:22:08                                               
usbohci.sys                fffff880`11de6000        fffff880`11df1000        0x0000b000        0x52954db5        27.11.2013 02:41:09                                               
USBPORT.SYS                fffff880`04400000        fffff880`04456000        0x00056000        0x52954db7        27.11.2013 02:41:11                                               
usbfilter.sys                fffff880`04456000        fffff880`04467000        0x00011000        0x503d6ff0        29.08.2012 02:27:12                                               
usbehci.sys                fffff880`0436d000        fffff880`0437f000        0x00012000        0x52954db7        27.11.2013 02:41:11                                               
parport.sys                fffff880`0437f000        fffff880`0439c000        0x0001d000        0x4a5bcaa8        14.07.2009 01:00:40                                               
ASACPI.sys                fffff880`11df1000        fffff880`11df9000        0x00008000        0x4a5e9f11        16.07.2009 04:31:29                                               
serenum.sys                fffff880`045f4000        fffff880`04600000        0x0000c000        0x4a5bcaa1        14.07.2009 01:00:33                                               
wmiacpi.sys                fffff880`0439c000        fffff880`043a5000        0x00009000        0x4a5bc3b6        14.07.2009 00:31:02                                               
CompositeBus.sys                fffff880`043a5000        fffff880`043b5000        0x00010000        0x4ce7a3ed        20.11.2010 11:33:17                                               
ScreamingBAudio64.sys                fffff880`043b5000        fffff880`043c3000        0x0000e000        0x4c2ce468        01.07.2010 19:54:32                                               
portcls.sys                fffff880`043c3000        fffff880`04400000        0x0003d000        0x524e1b82        04.10.2013 02:36:02                                               
drmk.sys                fffff880`04200000        fffff880`04222000        0x00022000        0x524e24fe        04.10.2013 03:16:30                                               
ks.sys                fffff880`04222000        fffff880`04265000        0x00043000        0x4ce7a3f3        20.11.2010 11:33:23                                               
ksthunk.sys                fffff880`11df9000        fffff880`11dfe200        0x00005200        0x4a5bca93        14.07.2009 01:00:19                                               
AgileVpn.sys                fffff880`00dde000        fffff880`00df4000        0x00016000        0x4a5bccf0        14.07.2009 01:10:24                                               
rasl2tp.sys                fffff880`02cfd000        fffff880`02d21000        0x00024000        0x4ce7a872        20.11.2010 11:52:34                                               
ndistapi.sys                fffff880`02d21000        fffff880`02d2d000        0x0000c000        0x4a5bccd8        14.07.2009 01:10:00                                               
ndiswan.sys                fffff880`02d2d000        fffff880`02d5c000        0x0002f000        0x4ce7a870        20.11.2010 11:52:32                                               
raspppoe.sys                fffff880`02d5c000        fffff880`02d77000        0x0001b000        0x4a5bcce9        14.07.2009 01:10:17                                               
raspptp.sys                fffff880`02d77000        fffff880`02d98000        0x00021000        0x4ce7a86f        20.11.2010 11:52:31                                               
rassstp.sys                fffff880`02d98000        fffff880`02db2000        0x0001a000        0x4a5bccf1        14.07.2009 01:10:25                                               
taphss6.sys                fffff880`02db2000        fffff880`02dc0000        0x0000e000        0x5376b077        17.05.2014 01:42:31                                               
kbdclass.sys                fffff880`02c79000        fffff880`02c88000        0x0000f000        0x4a5bc116        14.07.2009 00:19:50                                               
mouclass.sys                fffff880`02c88000        fffff880`02c97000        0x0000f000        0x4a5bc116        14.07.2009 00:19:50                                               
swenum.sys                fffff880`02c97000        fffff880`02c98480        0x00001480        0x4a5bca92        14.07.2009 01:00:18                                               
amdiox64.sys                fffff880`02c99000        fffff880`02cad000        0x00014000        0x4b7d5a21        18.02.2010 16:17:53                                               
umbus.sys                fffff880`02cad000        fffff880`02cbf000        0x00012000        0x4ce7a695        20.11.2010 11:44:37                                               
usbhub.sys                fffff880`05667000        fffff880`056c1000        0x0005a000        0x52954dd0        27.11.2013 02:41:36                                               
NDProxy.SYS                fffff880`056c1000        fffff880`056d6000        0x00015000        0x4ce7a864        20.11.2010 11:52:20                                               
AtihdW76.sys                fffff880`056d6000        fffff880`056f2000        0x0001c000        0x511d60fd        14.02.2013 23:11:09                                               
RTKVHD64.sys                fffff880`05e46000        fffff880`061cd500        0x00387500        0x5278d8fd        05.11.2013 12:39:41                                               
win32k.sys                fffff960`000b0000        fffff960`003d2000        0x00322000        0x00000000                                                       
Dxapi.sys                fffff880`061ce000        fffff880`061da000        0x0000c000        0x4a5bc574        14.07.2009 00:38:28                                               
crashdmp.sys                fffff880`061da000        fffff880`061e8000        0x0000e000        0x4a5bcabd        14.07.2009 01:01:01                                               
dump_dumpata.sys                fffff880`061e8000        fffff880`061f4000        0x0000c000        0x4a5bc113        14.07.2009 00:19:47                                               
dump_atapi.sys                fffff880`061f4000        fffff880`061fd000        0x00009000        0x4a5bc113        14.07.2009 00:19:47                                               
dump_dumpfve.sys                fffff880`05e00000        fffff880`05e13000        0x00013000        0x4a5bc18f        14.07.2009 00:21:51                                               
hidusb.sys                fffff880`05e13000        fffff880`05e21000        0x0000e000        0x4ce7a665        20.11.2010 11:43:49                                               
HIDCLASS.SYS                fffff880`05e21000        fffff880`05e3a000        0x00019000        0x51d3a2f1        03.07.2013 05:05:05                                               
HIDPARSE.SYS                fffff880`05e3a000        fffff880`05e42080        0x00008080        0x51d3a2f0        03.07.2013 05:05:04                                               
USBD.SYS                fffff880`05e43000        fffff880`05e44e80        0x00001e80        0x52954daf        27.11.2013 02:41:03                                               
mouhid.sys                fffff880`056f2000        fffff880`056ff000        0x0000d000        0x4a5bca94        14.07.2009 01:00:20                                               
kbdhid.sys                fffff880`056ff000        fffff880`0570d000        0x0000e000        0x4ce7a3f5        20.11.2010 11:33:25                                               
monitor.sys                fffff880`0570d000        fffff880`0571b000        0x0000e000        0x4a5bc58c        14.07.2009 00:38:52                                               
TSDDD.dll                fffff960`004a0000        fffff960`004aa000        0x0000a000        0x00000000                                                       
cdd.dll                fffff960`00610000        fffff960`00637000        0x00027000        0x00000000                                                       
ATMFD.DLL                fffff960`00940000        fffff960`009a1000        0x00061000        0x00000000                Adobe Type Manager        Windows NT OpenType/Type 1 Font Driver        5.1 Build 238        Adobe Systems Incorporated        C:\Windows\system32\ATMFD.DLL       
luafv.sys                fffff880`0571b000        fffff880`0573e000        0x00023000        0x4a5bc295        14.07.2009 00:26:13                                               
lltdio.sys                fffff880`0573e000        fffff880`05753000        0x00015000        0x4a5bcc92        14.07.2009 01:08:50                                               
nwifi.sys                fffff880`05753000        fffff880`057a6000        0x00053000        0x4a5bcc3b        14.07.2009 01:07:23                                               
ndisuio.sys                fffff880`057a6000        fffff880`057b9000        0x00013000        0x4ce7a7e0        20.11.2010 11:50:08                                               
rspndr.sys                fffff880`057b9000        fffff880`057d1000        0x00018000        0x4a5bcc92        14.07.2009 01:08:50                                               
HTTP.sys                fffff880`06233000        fffff880`062fc000        0x000c9000        0x4ce793ce        20.11.2010 10:24:30                                               
bowser.sys                fffff880`062fc000        fffff880`0631a000        0x0001e000        0x4d649328        23.02.2011 05:55:04                                               
mpsdrv.sys                fffff880`0631a000        fffff880`06332000        0x00018000        0x4a5bcc79        14.07.2009 01:08:25                                               
mrxsmb.sys                fffff880`06332000        fffff880`0635f000        0x0002d000        0x4db78226        27.04.2011 03:40:38                                               
mrxsmb10.sys                fffff880`0635f000        fffff880`063ad000        0x0004e000        0x4e17c104        09.07.2011 03:46:28                                               
mrxsmb20.sys                fffff880`063ad000        fffff880`063d1000        0x00024000        0x4db781e9        27.04.2011 03:39:37                                               
AODDriver2.sys                fffff880`06200000        fffff880`06232000        0x00032000        0x4f7d6499        05.04.2012 10:23:37                                               
AODDriver2.sys                fffff880`05600000        fffff880`05632000        0x00032000        0x4f8e24b3        18.04.2012 03:19:31
Code:
==================================================
Dump File        : 122514-29078-01.dmp
Crash Time        : 25.12.2014 18:07:11
Bug Check String  : DRIVER_IRQL_NOT_LESS_OR_EQUAL
Bug Check Code    : 0x000000d1
Parameter 1      : fffffa80`15e00000
Parameter 2      : 00000000`00000002
Parameter 3      : 00000000`00000000
Parameter 4      : fffff880`02c03b2a
Caused By Driver  : fwndis64.sys
Caused By Address : fwndis64.sys+3b2a
File Description  :
Product Name      :
Company          :
File Version      :
Processor        : x64
Crash Address    : ntoskrnl.exe+75bc0
Stack Address 1  :
Stack Address 2  :
Stack Address 3  :
Computer Name    :
Full Path        : C:\Windows\Minidump\122514-29078-01.dmp
Processors Count  : 4
Major Version    : 15
Minor Version    : 7601
Dump File Size    : 279.552
Dump File Time    : 25.12.2014 18:08:21
==================================================
Hab danach wieder Chrome installiert

Edit: Problem mit dem Bluescreen behoben, lag tatsächlich an Chrome. Hab nach Chromes Installation Pc neugestartet und plötzlich kam kein Bluescreen mehr.

Soll ich jetzt Eset, Securitycheck und FRST wiederholen?

Ok, nochmal einen Bluescreen gekriegt.

Entweder fwndis64.sys+36a2 oder fwndis64.sys+3b2a

Es lag an Emsisoft. Wusste es von anfang an, wollte es aber nicht glauben. Nachdem ich einen Systemwiederherstellungspunkt genutzt hatte und ich noch immer Bluescreens gekriegt hab, hab ich Emsisoft runtergehauen und voilà! Keine Bluescreens mehr.
Ich werd Emsisoft wieder installieren, wenn ich noch immer Probleme hab, werde ich nen anderen Anti Virus suchen müssen

Crounty 26.12.2014 01:38
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=167cf204ebe24941b0a714f886f19d1c
# engine=18861
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-06-24 02:26:59
# local_time=2014-06-24 04:26:59 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1292 16777213 100 100 14081 35094441 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 2207 155249869 0 0
# scanned=40374
# found=22
# cleaned=0
# scan_time=446
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir"
sh=37D61F35EF511D7329202EA9E64B34A3A2733621 ft=1 fh=c71c001146429c75 vn="a variant of Win32/Toolbar.CrossRider.H potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-bho.dll.vir"
sh=16B4E7716034DAA8D51DF6933A1487521BAFD576 ft=1 fh=c71c00116f2f2486 vn="probably a variant of Win32/Toolbar.CrossRider.H potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-buttonutil.dll.vir"
sh=13C4E4530579D27AC735D69EB2D02C3143219550 ft=1 fh=4f6371db0a407d38 vn="a variant of Win32/Toolbar.CrossRider.I potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-buttonutil.exe.vir"
sh=0BE9B64B77D6993C208E74AD3EED09045EE1D8F0 ft=1 fh=711bf31f462ed090 vn="a variant of Win64/Toolbar.Crossrider.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-buttonutil64.dll.vir"
sh=A809AC1B09E64A27EC24867BBEF73E1F87F03649 ft=1 fh=4f6371db28b3513d vn="a variant of Win64/Toolbar.Crossrider.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-buttonutil64.exe.vir"
sh=C7180FFA47C505D779731E8DE951C27325483719 ft=1 fh=98f706846ae8387b vn="a variant of Win32/Toolbar.CrossRider.J potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-codedownloader.exe.vir"
sh=CD404C84FB05E5CD7CEE04070B84F96E31A52388 ft=1 fh=9ba1eca12ec55543 vn="a variant of Win32/Toolbar.CrossRider.I potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\hosts2\hosts2-helper.exe.vir"
sh=F5FB4CE2BDF7D2EFB02E98E3B5BDA31817E37C48 ft=1 fh=c71c0011cb1ed606 vn="a variant of Win32/SProtector.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MagniPic\assistant.dll.vir"
sh=EDF1A87DEB46CAC58EEFF284F6B253F3A9420587 ft=1 fh=c71c001121b25b01 vn="Win32/AdWare.MultiPlug.N application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MagniPic\iQ5FoM4WlA.dll.vir"
sh=03C058349D803B8A000FD4E20BE2E081176641A6 ft=1 fh=c71c00113f6bc66f vn="Win64/Adware.MultiPlug.A application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MagniPic\iQ5FoM4WlA.x64.dll.vir"
sh=67D59D15A734F2B41373F1CAF8347D199215D42C ft=1 fh=86e026dc2bf78850 vn="a variant of Win32/Mobogenie.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mobogenie\New_UpdateMoboGenie.exe.vir"
sh=FA1F72CB2B306C4DEB45392C63EB10857682154B ft=1 fh=937c9ad3b66761c3 vn="Win32/Packed.ScrambleWrapper.H potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PutLockerDownloader.com\ptlextsetup.exe.vir"
sh=4269ACDD607F43005F345EA5604026FEBFD17193 ft=1 fh=c71c00117f8f9250 vn="a variant of Win32/AdWare.MultiPlug.K.gen application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\TubeAdBlocker\nnJYt.exe.vir"
sh=E0B8C7584C2F978C46B398FC66E33A30194FA7DF ft=0 fh=0000000000000000 vn="Win32/Adware.MultiPlug.H application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhaknhgbchodnaijihojhahebjgdekdb\1.5\Zvgp4Q_FrrLr.js.vir"
sh=748E90CBB284A00D9E9396B9EE387AC5905FF8D1 ft=1 fh=ab95f3a7820679d6 vn="a variant of Win32/Mobogenie.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\DaemonProcess.exe.vir"
sh=D0E5E11ACDD3E7AF720794C6AD722169570CA169 ft=1 fh=afc8ab45c959803b vn="a variant of Win32/Mobogenie.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\Mobogenie.exe.vir"
sh=67D59D15A734F2B41373F1CAF8347D199215D42C ft=1 fh=86e026dc2bf78850 vn="a variant of Win32/Mobogenie.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\New_UpdateMoboGenie.exe.vir"
sh=05C3D3349BEA6B6DDD293DB9F60B492CFC90112C ft=1 fh=c23f98680dc9e474 vn="a variant of Win32/Complitly.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Roaming\Complitly\Complitly.dll.vir"
sh=154B5B1384246942A81D2EACA90E36A49FCEAC21 ft=1 fh=ff2f13d3f4dcaba0 vn="a variant of Win32/PredictAd.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Roaming\Complitly\KeepMeUpdated.exe.vir"
sh=124D2DB8310706C1102EB05FD35013EE01B28FC3 ft=1 fh=9e3d2ffc645885da vn="a variant of Win64/Complitly.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Roaming\Complitly\64\Complitly64.dll.vir"
sh=154B5B1384246942A81D2EACA90E36A49FCEAC21 ft=1 fh=ff2f13d3f4dcaba0 vn="a variant of Win32/PredictAd.A potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Roaming\Complitly\64\KeepMeUpdated.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=167cf204ebe24941b0a714f886f19d1c
# engine=21362
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-02 04:56:32
# local_time=2014-12-02 05:56:32 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 94 153821 156954 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 153860 169169242 0 0
# scanned=354815
# found=104
# cleaned=0
# scan_time=8890
sh=9B28F35A352DE4C5512BC252EBC813DBEB26BC61 ft=1 fh=d37c366403454630 vn="MSIL/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyPC Backup\DEL_MyPC Backup.exe.vir"
sh=C2EC3C4E860FAD724D7A086E6BB3E4701FACAF6D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\background.js.vir"
sh=51866AD7FC44825C2009A915F539C24D44E9F99B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\background.unit.js.vir"
sh=9AC5C4CB8FE1DC5A04042EAAB72096AB2A10CBF2 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\SOAP.js.vir"
sh=891BA5F7795F8C841BD652A2FB6DFE615DED2077 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\lib\config.js.vir"
sh=2E0FDE228693F5433F4104E6679EA3ACAF9074DF ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\lib\context.js.vir"
sh=E3C3DBAF88CEF9B5AB6D0D9006BF153582DA926B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\lib\tinifying.js.vir"
sh=74DC8DA7B53D4836822C0D695FA64A588CF0C5B7 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.min.js.vir"
sh=A7138ECAD617D8E249516239F82F038AEC2C7102 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.translations.js.vir"
sh=CC4C5BB54E8A79425341EC5FA3F76B2D5FA584FE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.unit.js.vir"
sh=01B364112DB8E2852EFA984F97ADC1CF58590A62 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.vars.js.vir"
sh=61BD120563C9011610F822D74ADB3728F6842EBD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\abril.js.vir"
sh=BCC36801E2A4087A4EDE7BD72DA43A9D6572B310 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\amazon.js.vir"
sh=55920C7FB630C966D1CD1807DBE49DD3D7977A16 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\aol.js.vir"
sh=071DADD326560EB569FC2EDD199B57E3DCA733DC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ask.js.vir"
sh=4DF142B28BE3758A2BDC2B7339FE07938255B5AE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\autoscout24.js.vir"
sh=1F382CFFAE0ED064F2A20A0E1CD58561C0CB03BE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\autosottocosto.js.vir"
sh=E40658861F9B0924BC566820C199087AA70A12DD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\baixaki.js.vir"
sh=0B29F17180B65440157142503C7B8FB0AA2C0BAE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\bomnegocio.js.vir"
sh=270D3179983ACB96D36FE0B0F6F90F2F39CD93B6 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\chip.js.vir"
sh=7CA24925C54F35FEC2636310E63B8F9445E398B8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ciao.js.vir"
sh=2805F50D550F54E8320E7CC3F8261011A4B1D708 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\conduit.js.vir"
sh=8AE23C218C8C5C7FDE4ACEC6EC03E2532F93B3D1 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\corriere.js.vir"
sh=3F04F3EF28DCA81FE7035524F4E00266F6A99418 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\craigslist.js.vir"
sh=E4B31A0CBBCB21F765D8E39D6995774769E1D1C5 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\dailymotion.js.vir"
sh=5A6801A81DA721A31FFC89FC1ACB7253435857D9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\default_adapter.js.vir"
sh=B080E7B72E779B4DBB0D9EFF6BA25324AAF6732E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\delta-search.js.vir"
sh=12B0F6486BCD558F1DF654BB43B4BD82C4189982 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\diretta.js.vir"
sh=28DE4A412DAA395D5B72CDC473E69CBAAB6A0629 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ebay.js.vir"
sh=FEE5CDB15AF9B3F80F14E7F4AF03611610FEF53A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ehow.js.vir"
sh=43E70ABC3C2100D2B3E405623A15404D177137BE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\elmundo.js.vir"
sh=0C94AB2CDEFD7AAAFBBBCE8076390756A2060EBE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\elpais.js.vir"
sh=25A6B2263F57114BF9C38998821E72CBA16DEC34 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\facebook.js.vir"
sh=F747128DEB18A507F8D59FACA9A68A1FF3581244 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\foxsports.js.vir"
sh=B2B7D6908BEC80B648B3716AD09D9816E7DE21C9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\friv.js.vir"
sh=44DE2938DEFE8A034DBB19FB905717FABD914478 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\funutilities.js.vir"
sh=A3BF510881F25E55B23943E87C5B47945EDB5733 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\globo.js.vir"
sh=D59A428609E09512F5C524D13046BC4474E43633 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\gmx.js.vir"
sh=16B7B5FD445FCF5E0F7B9743A1CEC1D12EACCF76 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\go.js.vir"
sh=25CEEE5D0F63AFB5AD9D359618746FB3FA925049 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\google.js.vir"
sh=6FE54305ACDF1F37D65F846A09AAF2AE610B52E4 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\gumtree.js.vir"
sh=15F0642FA9891E81FEFB5EA9F8345F5C1E988A09 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\huffingtonpost.js.vir"
sh=EB007BD6CF9DE9D145721AB1B42C4A6A49F3AD26 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ilmeteo.js.vir"
sh=27E667BAE43C7A31330B12FD5B78F1C97DC4DCF2 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\imdb.js.vir"
sh=D8F06AC4F0B4CF4CA4EBDC56B5C6F23D74B1351D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\inbox.js.vir"
sh=5D09C1440CE775837E5F58040E3B3DA5861C7F2D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\indeed.js.vir"
sh=A4E13E1C85F9C090C7A5530AC4D8939F928D2426 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\instagram.js.vir"
sh=8DA76B1679E8AD4F80F08BE4371902E1FB69A04B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\jappy.js.vir"
sh=3AD210DFBC9BB4B90769240B57325E62AA67A0FC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\leboncoin.js.vir"
sh=8BDD182DA8610E6AE7B4DA2CD3A7C8522FE9FDD9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\libero.js.vir"
sh=1E1F26D3E48C3E972C75F8ADA49335B3BFE796CA ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\live.js.vir"
sh=0DA42755F29D7FCC9B02DF1AAE846B28FC83ABEC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\marca.js.vir"
sh=F03C5032CA21A97A475F612044FF910AEA97F98D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mediaset.js.vir"
sh=5E561234265C05C72EDF14FE2A1C8D830F518726 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mercadolivre.js.vir"
sh=3287EDFE107F42BD54464354F7EDD0D5EC1F62BD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\milanuncios.js.vir"
sh=7C16F8FEDEE0D02E5CD2D16384924D1DE7CA85F8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\msn.js.vir"
sh=56FD8F01CBA6F2AC7175247C9E2EA54DA5CBEAB8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mundoanuncio.js.vir"
sh=AAA91E6A3E08FD24A0462853FF90AE67D64A10FB ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\netlog.js.vir"
sh=EA8E9609F9746A6D089057B1ABC2CB5B87ADB56C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\nirvam.js.vir"
sh=6932E76E73E9171D15052538CEC919832B24495A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\okcupid.js.vir"
sh=8E05B6DE79ED0DB5161E08D7C84E44D346A34223 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\olx.js.vir"
sh=717CC4F0E41AC53700E82CE4150428EDCED00F2C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\orange.js.vir"
sh=6FE05930F5495CBDAF254E3A722F298042D59188 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pagesjaunes.js.vir"
sh=27653CA2D9A8C542EA7B30EC1B1D3EDCC8FDA44A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\photobucket.js.vir"
sh=B34BCC1E3592F30FADA8B4783167EFC6FD6B163B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pinterest.js.vir"
sh=B5F8A49604BB9BB9AE06A12B0458AEFA5868A395 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pof.js.vir"
sh=582536F3328D7D253FF3FB556BAA2D86B9D4D17B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\repubblica.js.vir"
sh=77BAC2C1AF3BD54E7F3E4F40624EE936D67BAC1C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\roblox.js.vir"
sh=05B58255C0C2E4D9B28DC1E4C254138D76F25E14 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\segundamano.js.vir"
sh=29C2BD733E33AC33433DF6F180524C931ACD8FB2 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\sfr.js.vir"
sh=003D9DC3AC3B890014F8A9184AC79B41AA02CE5F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\shopping.js.vir"
sh=B3399BAC685AC2DB00C8BF73787722CB37C52F9F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\skyrock.js.vir"
sh=0C8FD62D3A1464E8987BE463BF2ECB09B887397B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\spiegel.js.vir"
sh=273E29401D827883A2841293AB86970DB150211D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\subito.js.vir"
sh=492F666790E7E80B87CD6D7734D65EBF7453C758 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\t-online.js.vir"
sh=6436DF7125F4ECE8773E0EC7695BCE863C94C2BB ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tagged.js.vir"
sh=EF5B3DA829CFA21C8DE4E47B451BA654E1828C9D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\terra.js.vir"
sh=6E4BFE2B03FA0D3BE7747A45508F2891161B5CC9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tiscali.js.vir"
sh=B5A821672054FDADFBA8F67402445E028FF8AD50 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tripadvisor.js.vir"
sh=65F5D2CCE61D4BD156608FBECF0FB967734D83FC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\twitpic.js.vir"
sh=3A85F938570568A286C33D328740BAFC4FB73045 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\twitter.js.vir"
sh=DCD0A0C6E3AA56687A1719F5D364E1763A6E4A81 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\uol.js.vir"
sh=149DA3B16316B14C6297C1C52CF0049180185271 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\v9.js.vir"
sh=FC7BB8C266DCF99268F4235F7983F1F130991DA4 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\virgilio.js.vir"
sh=412A4635278002E8EF719CABC22126417A508FFC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\voila.js.vir"
sh=FC821B9B1DA7646182685D4A70350534A3838E3F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\walmart.js.vir"
sh=BBE95AE4E0F8DC7571869344180B8140F38FC2DC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\weather.js.vir"
sh=010560C39E506B0E2431760D6DFC39ADD61D128E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\web.js.vir"
sh=2A75280C8C5789E6BE74220F53BBBAE04E523E6B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\yahoo.js.vir"
sh=4C69F4B1969C916367D64C9046F480B157C43993 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\yelp.js.vir"
sh=7DCF3B4AB444CB8B66645655E5DB9857870C9DCC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\youtube.js.vir"
sh=4FB0DAB41986A8701720A2C60F898B70CC25F3E0 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\services\bhp.js.vir"
sh=26133A64F47E90C8535CE111BAD8C35C9FA562B0 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\services\favlinks.js.vir"
sh=EBF01B3EC4607AEB707184674F723440272D4EF5 ft=0 fh=0000000000000000 vn="Variante von Win32/Mobogenie.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie2.1.32.zip.vir"
sh=A703E83DC6447E84E8582B80A3DBF6C03B77D04A ft=0 fh=0000000000000000 vn="Variante von Android/Mobserv.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Issam276\AppData\Local\Mobogenie\Version\OldVersion\Mobogenie\MUServer.apk.vir"
sh=E85C421E9C435E8C2116E56EC1B2A927BA0092CC ft=1 fh=19660ba49630fd55 vn="Variante von Win64/TrojanDownloader.Agent.F Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\GFilterSvc.exe.vir"
sh=558C365776AD71C812363E30D7880CF564028A06 ft=1 fh=e10f04e359590fdb vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=B9276CCB99D02DF2AB5E3B289230782ACE0901CE ft=0 fh=0000000000000000 vn="JS/GFilter.A Trojaner" ac=I fn="C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\eilgiifgoafnjpmdmdkafdnghcfghkpe\2.1_0\g.js"
sh=6B671BC420C26DD44428397D39B13402CC19BCF9 ft=1 fh=65859fa78065d607 vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\File System\010\t\00\00000000"
sh=6B671BC420C26DD44428397D39B13402CC19BCF9 ft=1 fh=65859fa78065d607 vn="Variante von Win32/Toolbar.CrossRider.BM evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Issam276\AppData\Local\Google\Chrome\User Data\Default\File System\010\t\00\00000001"
sh=FF273D0017363755214FA5CD888C2C2D54721700 ft=1 fh=0089eae0191970f8 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\assembly\GAC\Microsoft.VisualStudio.OLE.Interop\7.1.40304.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.OLE.Interop.dll"
sh=A70EFAB5F2D2D83AD2B7E0304169C73F6D0EC700 ft=1 fh=011924ad9c4ebdbf vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\assembly\GAC_MSIL\Interop.SHDocVw\1.1.0.0__84542ff99aed6a4d\Interop.SHDocVw.dll"
sh=6BF9D715657523581D681EED88C7D864C1DE178B ft=0 fh=0000000000000000 vn="JS/GFilter.A Trojaner" ac=I fn="C:\Windows\Installer\{DCDF7E9A-228E-4B24-95B3-A928C685FD36}\cfgkdnomfdapcmmpoincemjabefgjblljrx"
sh=4F414B59FCABC57B249BCE7AF4E35F0E84143DD2 ft=1 fh=93556752e2e6958d vn="NSIS/TrojanDownloader.Adload.Y Trojaner" ac=I fn="C:\zoek_backup\C_Users_Issam276_Downloads_HDVidCodec.exe.vir"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=167cf204ebe24941b0a714f886f19d1c
# engine=21704
# end=stopped
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-25 04:50:16
# local_time=2014-12-25 05:50:16 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 7719 171156066 0 0
# compatibility_mode_1='Emsisoft Internet Security'
# compatibility_mode=16643 16777214 100 100 6398 220768504 0 0
# scanned=349438
# found=99
# cleaned=0
# scan_time=5639
sh=9B28F35A352DE4C5512BC252EBC813DBEB26BC61 ft=1 fh=d37c366403454630 vn="MSIL/MyPCBackup.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyPC Backup\DEL_MyPC Backup.exe.vir"
sh=C2EC3C4E860FAD724D7A086E6BB3E4701FACAF6D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\background.js.vir"
sh=51866AD7FC44825C2009A915F539C24D44E9F99B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\background.unit.js.vir"
sh=9AC5C4CB8FE1DC5A04042EAAB72096AB2A10CBF2 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\SOAP.js.vir"
sh=891BA5F7795F8C841BD652A2FB6DFE615DED2077 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\lib\config.js.vir"
sh=2E0FDE228693F5433F4104E6679EA3ACAF9074DF ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\lib\context.js.vir"
sh=E3C3DBAF88CEF9B5AB6D0D9006BF153582DA926B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\lib\tinifying.js.vir"
sh=74DC8DA7B53D4836822C0D695FA64A588CF0C5B7 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.min.js.vir"
sh=A7138ECAD617D8E249516239F82F038AEC2C7102 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.translations.js.vir"
sh=CC4C5BB54E8A79425341EC5FA3F76B2D5FA584FE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.unit.js.vir"
sh=01B364112DB8E2852EFA984F97ADC1CF58590A62 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\minibar.vars.js.vir"
sh=61BD120563C9011610F822D74ADB3728F6842EBD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\abril.js.vir"
sh=BCC36801E2A4087A4EDE7BD72DA43A9D6572B310 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\amazon.js.vir"
sh=55920C7FB630C966D1CD1807DBE49DD3D7977A16 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\aol.js.vir"
sh=071DADD326560EB569FC2EDD199B57E3DCA733DC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ask.js.vir"
sh=4DF142B28BE3758A2BDC2B7339FE07938255B5AE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\autoscout24.js.vir"
sh=1F382CFFAE0ED064F2A20A0E1CD58561C0CB03BE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\autosottocosto.js.vir"
sh=E40658861F9B0924BC566820C199087AA70A12DD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\baixaki.js.vir"
sh=0B29F17180B65440157142503C7B8FB0AA2C0BAE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\bomnegocio.js.vir"
sh=270D3179983ACB96D36FE0B0F6F90F2F39CD93B6 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\chip.js.vir"
sh=7CA24925C54F35FEC2636310E63B8F9445E398B8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ciao.js.vir"
sh=2805F50D550F54E8320E7CC3F8261011A4B1D708 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\conduit.js.vir"
sh=8AE23C218C8C5C7FDE4ACEC6EC03E2532F93B3D1 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\corriere.js.vir"
sh=3F04F3EF28DCA81FE7035524F4E00266F6A99418 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\craigslist.js.vir"
sh=E4B31A0CBBCB21F765D8E39D6995774769E1D1C5 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\dailymotion.js.vir"
sh=5A6801A81DA721A31FFC89FC1ACB7253435857D9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\default_adapter.js.vir"
sh=B080E7B72E779B4DBB0D9EFF6BA25324AAF6732E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\delta-search.js.vir"
sh=12B0F6486BCD558F1DF654BB43B4BD82C4189982 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\diretta.js.vir"
sh=28DE4A412DAA395D5B72CDC473E69CBAAB6A0629 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ebay.js.vir"
sh=FEE5CDB15AF9B3F80F14E7F4AF03611610FEF53A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ehow.js.vir"
sh=43E70ABC3C2100D2B3E405623A15404D177137BE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\elmundo.js.vir"
sh=0C94AB2CDEFD7AAAFBBBCE8076390756A2060EBE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\elpais.js.vir"
sh=25A6B2263F57114BF9C38998821E72CBA16DEC34 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\facebook.js.vir"
sh=F747128DEB18A507F8D59FACA9A68A1FF3581244 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\foxsports.js.vir"
sh=B2B7D6908BEC80B648B3716AD09D9816E7DE21C9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\friv.js.vir"
sh=44DE2938DEFE8A034DBB19FB905717FABD914478 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\funutilities.js.vir"
sh=A3BF510881F25E55B23943E87C5B47945EDB5733 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\globo.js.vir"
sh=D59A428609E09512F5C524D13046BC4474E43633 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\gmx.js.vir"
sh=16B7B5FD445FCF5E0F7B9743A1CEC1D12EACCF76 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\go.js.vir"
sh=25CEEE5D0F63AFB5AD9D359618746FB3FA925049 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\google.js.vir"
sh=6FE54305ACDF1F37D65F846A09AAF2AE610B52E4 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\gumtree.js.vir"
sh=15F0642FA9891E81FEFB5EA9F8345F5C1E988A09 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\huffingtonpost.js.vir"
sh=EB007BD6CF9DE9D145721AB1B42C4A6A49F3AD26 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ilmeteo.js.vir"
sh=27E667BAE43C7A31330B12FD5B78F1C97DC4DCF2 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\imdb.js.vir"
sh=D8F06AC4F0B4CF4CA4EBDC56B5C6F23D74B1351D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\inbox.js.vir"
sh=5D09C1440CE775837E5F58040E3B3DA5861C7F2D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\indeed.js.vir"
sh=A4E13E1C85F9C090C7A5530AC4D8939F928D2426 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\instagram.js.vir"
sh=8DA76B1679E8AD4F80F08BE4371902E1FB69A04B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\jappy.js.vir"
sh=3AD210DFBC9BB4B90769240B57325E62AA67A0FC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\leboncoin.js.vir"
sh=8BDD182DA8610E6AE7B4DA2CD3A7C8522FE9FDD9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\libero.js.vir"
sh=1E1F26D3E48C3E972C75F8ADA49335B3BFE796CA ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\live.js.vir"
sh=0DA42755F29D7FCC9B02DF1AAE846B28FC83ABEC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\marca.js.vir"
sh=F03C5032CA21A97A475F612044FF910AEA97F98D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mediaset.js.vir"
sh=5E561234265C05C72EDF14FE2A1C8D830F518726 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mercadolivre.js.vir"
sh=3287EDFE107F42BD54464354F7EDD0D5EC1F62BD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\milanuncios.js.vir"
sh=7C16F8FEDEE0D02E5CD2D16384924D1DE7CA85F8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\msn.js.vir"
sh=56FD8F01CBA6F2AC7175247C9E2EA54DA5CBEAB8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mundoanuncio.js.vir"
sh=AAA91E6A3E08FD24A0462853FF90AE67D64A10FB ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\netlog.js.vir"
sh=EA8E9609F9746A6D089057B1ABC2CB5B87ADB56C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\nirvam.js.vir"
sh=6932E76E73E9171D15052538CEC919832B24495A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\okcupid.js.vir"
sh=8E05B6DE79ED0DB5161E08D7C84E44D346A34223 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\olx.js.vir"
sh=717CC4F0E41AC53700E82CE4150428EDCED00F2C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\orange.js.vir"
sh=6FE05930F5495CBDAF254E3A722F298042D59188 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pagesjaunes.js.vir"
sh=27653CA2D9A8C542EA7B30EC1B1D3EDCC8FDA44A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\photobucket.js.vir"
sh=B34BCC1E3592F30FADA8B4783167EFC6FD6B163B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pinterest.js.vir"
sh=B5F8A49604BB9BB9AE06A12B0458AEFA5868A395 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pof.js.vir"
sh=582536F3328D7D253FF3FB556BAA2D86B9D4D17B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\repubblica.js.vir"
sh=77BAC2C1AF3BD54E7F3E4F40624EE936D67BAC1C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\roblox.js.vir"
sh=05B58255C0C2E4D9B28DC1E4C254138D76F25E14 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\segundamano.js.vir"
sh=29C2BD733E33AC33433DF6F180524C931ACD8FB2 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\sfr.js.vir"
sh=003D9DC3AC3B890014F8A9184AC79B41AA02CE5F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\shopping.js.vir"
sh=B3399BAC685AC2DB00C8BF73787722CB37C52F9F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\skyrock.js.vir"
sh=0C8FD62D3A1464E8987BE463BF2ECB09B887397B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\spiegel.js.vir"
sh=273E29401D827883A2841293AB86970DB150211D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\subito.js.vir"
sh=492F666790E7E80B87CD6D7734D65EBF7453C758 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\t-online.js.vir"
sh=6436DF7125F4ECE8773E0EC7695BCE863C94C2BB ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tagged.js.vir"
sh=EF5B3DA829CFA21C8DE4E47B451BA654E1828C9D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\terra.js.vir"
sh=6E4BFE2B03FA0D3BE7747A45508F2891161B5CC9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tiscali.js.vir"
sh=B5A821672054FDADFBA8F67402445E028FF8AD50 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tripadvisor.js.vir"
sh=65F5D2CCE61D4BD156608FBECF0FB967734D83FC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\twitpic.js.vir"
sh=3A85F938570568A286C33D328740BAFC4FB73045 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\twitter.js.vir"
sh=DCD0A0C6E3AA56687A1719F5D364E1763A6E4A81 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\uol.js.vir"
sh=149DA3B16316B14C6297C1C52CF0049180185271 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\v9.js.vir"
sh=FC7BB8C266DCF99268F4235F7983F1F130991DA4 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\virgilio.js.vir"
sh=412A4635278002E8EF719CABC22126417A508FFC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\voila.js.vir"
sh=FC821B9B1DA7646182685D4A70350534A3838E3F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\walmart.js.vir"
sh=BBE95AE4E0F8DC7571869344180B8140F38FC2DC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\weather.js.vir"
sh=010560C39E506B0E2431760D6DFC39ADD61D128E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\web.js.vir"
sh=2A75280C8C5789E6BE74220F53BBBAE04E523E6B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\yahoo.js.vir"
sh=4C69F4B1969C916367D64C9046F480B157C43993 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\yelp.js.vir"
sh=7DCF3B4AB444CB8B66645655E5DB9857870C9DCC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\youtube.js.vir"
sh=4FB0DAB41986A8701720A2C60F898B70CC25F3E0 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\services\bhp.js.vir"
sh=26133A64F47E90C8535CE111BAD8C35C9FA562B0 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\services\favlinks.js.vir"
sh=E85C421E9C435E8C2116E56EC1B2A927BA0092CC ft=1 fh=19660ba49630fd55 vn="Variante von Win64/TrojanDownloader.Agent.F Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\GFilterSvc.exe.vir"
sh=558C365776AD71C812363E30D7880CF564028A06 ft=1 fh=e10f04e359590fdb vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=B9276CCB99D02DF2AB5E3B289230782ACE0901CE ft=0 fh=0000000000000000 vn="JS/GFilter.A Trojaner" ac=I fn="C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\eilgiifgoafnjpmdmdkafdnghcfghkpe\2.1_0\g.js"
sh=FF273D0017363755214FA5CD888C2C2D54721700 ft=1 fh=0089eae0191970f8 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\assembly\GAC\Microsoft.VisualStudio.OLE.Interop\7.1.40304.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.OLE.Interop.dll"
sh=4F414B59FCABC57B249BCE7AF4E35F0E84143DD2 ft=1 fh=93556752e2e6958d vn="NSIS/TrojanDownloader.Adload.Y Trojaner" ac=I fn="C:\zoek_backup\C_Users_Issam276_Downloads_HDVidCodec.exe.vir"
sh=740982CE3B3E4BD08C1CBD5FC8CFEB982F1D4E05 ft=1 fh=af8c0585c052e303 vn="Win32/InstalleRex.T evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_PROGRA~3_InstallMate\{891AB449-A3D6-BE99-5C72-EBF452F996BF}\_Setupx.dll"
ESETSmartInstaller@High as downloader log:
Can not open internet# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=167cf204ebe24941b0a714f886f19d1c
# engine=21707
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-12-25 10:26:24
# local_time=2014-12-25 11:26:24 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 7587 171176234 0 0
# compatibility_mode_1='Emsisoft Internet Security'
# compatibility_mode=16643 16777213 100 100 5572 220788672 0 0
# scanned=342354
# found=84
# cleaned=45
# scan_time=5546
sh=717CC4F0E41AC53700E82CE4150428EDCED00F2C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\orange.js.vir"
sh=6FE05930F5495CBDAF254E3A722F298042D59188 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pagesjaunes.js.vir"
sh=27653CA2D9A8C542EA7B30EC1B1D3EDCC8FDA44A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\photobucket.js.vir"
sh=B34BCC1E3592F30FADA8B4783167EFC6FD6B163B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pinterest.js.vir"
sh=B5F8A49604BB9BB9AE06A12B0458AEFA5868A395 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\pof.js.vir"
sh=582536F3328D7D253FF3FB556BAA2D86B9D4D17B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\repubblica.js.vir"
sh=77BAC2C1AF3BD54E7F3E4F40624EE936D67BAC1C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\roblox.js.vir"
sh=05B58255C0C2E4D9B28DC1E4C254138D76F25E14 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\segundamano.js.vir"
sh=29C2BD733E33AC33433DF6F180524C931ACD8FB2 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\sfr.js.vir"
sh=003D9DC3AC3B890014F8A9184AC79B41AA02CE5F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\shopping.js.vir"
sh=B3399BAC685AC2DB00C8BF73787722CB37C52F9F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\skyrock.js.vir"
sh=0C8FD62D3A1464E8987BE463BF2ECB09B887397B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\spiegel.js.vir"
sh=273E29401D827883A2841293AB86970DB150211D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\subito.js.vir"
sh=492F666790E7E80B87CD6D7734D65EBF7453C758 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\t-online.js.vir"
sh=6436DF7125F4ECE8773E0EC7695BCE863C94C2BB ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tagged.js.vir"
sh=EF5B3DA829CFA21C8DE4E47B451BA654E1828C9D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\terra.js.vir"
sh=6E4BFE2B03FA0D3BE7747A45508F2891161B5CC9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tiscali.js.vir"
sh=B5A821672054FDADFBA8F67402445E028FF8AD50 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\tripadvisor.js.vir"
sh=65F5D2CCE61D4BD156608FBECF0FB967734D83FC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\twitpic.js.vir"
sh=3A85F938570568A286C33D328740BAFC4FB73045 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\twitter.js.vir"
sh=DCD0A0C6E3AA56687A1719F5D364E1763A6E4A81 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\uol.js.vir"
sh=149DA3B16316B14C6297C1C52CF0049180185271 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\v9.js.vir"
sh=FC7BB8C266DCF99268F4235F7983F1F130991DA4 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\virgilio.js.vir"
sh=412A4635278002E8EF719CABC22126417A508FFC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\voila.js.vir"
sh=FC821B9B1DA7646182685D4A70350534A3838E3F ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\walmart.js.vir"
sh=BBE95AE4E0F8DC7571869344180B8140F38FC2DC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\weather.js.vir"
sh=010560C39E506B0E2431760D6DFC39ADD61D128E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\web.js.vir"
sh=2A75280C8C5789E6BE74220F53BBBAE04E523E6B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\yahoo.js.vir"
sh=4C69F4B1969C916367D64C9046F480B157C43993 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\yelp.js.vir"
sh=7DCF3B4AB444CB8B66645655E5DB9857870C9DCC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\youtube.js.vir"
sh=4FB0DAB41986A8701720A2C60F898B70CC25F3E0 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\services\bhp.js.vir"
sh=26133A64F47E90C8535CE111BAD8C35C9FA562B0 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\services\favlinks.js.vir"
sh=E85C421E9C435E8C2116E56EC1B2A927BA0092CC ft=1 fh=19660ba49630fd55 vn="Variante von Win64/TrojanDownloader.Agent.F Trojaner" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\GFilterSvc.exe.vir"
sh=558C365776AD71C812363E30D7880CF564028A06 ft=1 fh=e10f04e359590fdb vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\roboot64.exe.vir"
sh=B9276CCB99D02DF2AB5E3B289230782ACE0901CE ft=0 fh=0000000000000000 vn="JS/GFilter.A Trojaner" ac=I fn="C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\eilgiifgoafnjpmdmdkafdnghcfghkpe\2.1_0\g.js"
sh=C95AD7AC212CF5AC3CC9473722203383E1CEF22B ft=1 fh=716698975c4da313 vn="Variante von Win32/InstallCore.TL evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Issam276\AppData\Local\Temp\ICReinstall_64bit_Win7_Win8_Win81_R275_CB-DL-Manager.exe"
sh=C95AD7AC212CF5AC3CC9473722203383E1CEF22B ft=1 fh=716698975c4da313 vn="Variante von Win32/InstallCore.TL evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Issam276\Downloads\64bit_Win7_Win8_Win81_R275_CB-DL-Manager.exe"
sh=FF273D0017363755214FA5CD888C2C2D54721700 ft=1 fh=0089eae0191970f8 vn="Variante von Win32/Toolbar.Linkury.G evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\assembly\GAC\Microsoft.VisualStudio.OLE.Interop\7.1.40304.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.OLE.Interop.dll"
sh=740982CE3B3E4BD08C1CBD5FC8CFEB982F1D4E05 ft=1 fh=af8c0585c052e303 vn="Win32/InstalleRex.T evtl. unerwünschte Anwendung" ac=I fn="C:\zoek_backup\C_PROGRA~3_InstallMate\{891AB449-A3D6-BE99-5C72-EBF452F996BF}\_Setupx.dll"
sh=1F382CFFAE0ED064F2A20A0E1CD58561C0CB03BE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\autosottocosto.js.vir"
sh=E40658861F9B0924BC566820C199087AA70A12DD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\baixaki.js.vir"
sh=0B29F17180B65440157142503C7B8FB0AA2C0BAE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\bomnegocio.js.vir"
sh=270D3179983ACB96D36FE0B0F6F90F2F39CD93B6 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\chip.js.vir"
sh=7CA24925C54F35FEC2636310E63B8F9445E398B8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ciao.js.vir"
sh=2805F50D550F54E8320E7CC3F8261011A4B1D708 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\conduit.js.vir"
sh=8AE23C218C8C5C7FDE4ACEC6EC03E2532F93B3D1 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\corriere.js.vir"
sh=3F04F3EF28DCA81FE7035524F4E00266F6A99418 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\craigslist.js.vir"
sh=E4B31A0CBBCB21F765D8E39D6995774769E1D1C5 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\dailymotion.js.vir"
sh=5A6801A81DA721A31FFC89FC1ACB7253435857D9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\default_adapter.js.vir"
sh=B080E7B72E779B4DBB0D9EFF6BA25324AAF6732E ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\delta-search.js.vir"
sh=12B0F6486BCD558F1DF654BB43B4BD82C4189982 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\diretta.js.vir"
sh=28DE4A412DAA395D5B72CDC473E69CBAAB6A0629 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ebay.js.vir"
sh=FEE5CDB15AF9B3F80F14E7F4AF03611610FEF53A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ehow.js.vir"
sh=43E70ABC3C2100D2B3E405623A15404D177137BE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\elmundo.js.vir"
sh=0C94AB2CDEFD7AAAFBBBCE8076390756A2060EBE ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\elpais.js.vir"
sh=25A6B2263F57114BF9C38998821E72CBA16DEC34 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\facebook.js.vir"
sh=F747128DEB18A507F8D59FACA9A68A1FF3581244 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\foxsports.js.vir"
sh=B2B7D6908BEC80B648B3716AD09D9816E7DE21C9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\friv.js.vir"
sh=44DE2938DEFE8A034DBB19FB905717FABD914478 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\funutilities.js.vir"
sh=A3BF510881F25E55B23943E87C5B47945EDB5733 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\globo.js.vir"
sh=D59A428609E09512F5C524D13046BC4474E43633 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\gmx.js.vir"
sh=16B7B5FD445FCF5E0F7B9743A1CEC1D12EACCF76 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\go.js.vir"
sh=25CEEE5D0F63AFB5AD9D359618746FB3FA925049 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\google.js.vir"
sh=6FE54305ACDF1F37D65F846A09AAF2AE610B52E4 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\gumtree.js.vir"
sh=15F0642FA9891E81FEFB5EA9F8345F5C1E988A09 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\huffingtonpost.js.vir"
sh=EB007BD6CF9DE9D145721AB1B42C4A6A49F3AD26 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\ilmeteo.js.vir"
sh=27E667BAE43C7A31330B12FD5B78F1C97DC4DCF2 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\imdb.js.vir"
sh=D8F06AC4F0B4CF4CA4EBDC56B5C6F23D74B1351D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\inbox.js.vir"
sh=5D09C1440CE775837E5F58040E3B3DA5861C7F2D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\indeed.js.vir"
sh=A4E13E1C85F9C090C7A5530AC4D8939F928D2426 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\instagram.js.vir"
sh=8DA76B1679E8AD4F80F08BE4371902E1FB69A04B ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\jappy.js.vir"
sh=3AD210DFBC9BB4B90769240B57325E62AA67A0FC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\leboncoin.js.vir"
sh=8BDD182DA8610E6AE7B4DA2CD3A7C8522FE9FDD9 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\libero.js.vir"
sh=1E1F26D3E48C3E972C75F8ADA49335B3BFE796CA ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\live.js.vir"
sh=0DA42755F29D7FCC9B02DF1AAE846B28FC83ABEC ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\marca.js.vir"
sh=F03C5032CA21A97A475F612044FF910AEA97F98D ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mediaset.js.vir"
sh=5E561234265C05C72EDF14FE2A1C8D830F518726 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mercadolivre.js.vir"
sh=3287EDFE107F42BD54464354F7EDD0D5EC1F62BD ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\milanuncios.js.vir"
sh=7C16F8FEDEE0D02E5CD2D16384924D1DE7CA85F8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\msn.js.vir"
sh=56FD8F01CBA6F2AC7175247C9E2EA54DA5CBEAB8 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\mundoanuncio.js.vir"
sh=AAA91E6A3E08FD24A0462853FF90AE67D64A10FB ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\netlog.js.vir"
sh=EA8E9609F9746A6D089057B1ABC2CB5B87ADB56C ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\nirvam.js.vir"
sh=6932E76E73E9171D15052538CEC919832B24495A ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\okcupid.js.vir"
sh=8E05B6DE79ED0DB5161E08D7C84E44D346A34223 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Iminent.I evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\8.4.3.1_0\scripts\minibar\adapters\olx.js.vir"
Das ist das Log nach der Sys Wiederherstellung

schrauber 26.12.2014 19:12
Chrome muss jetzt trotzdem nochmal runter, das Profil ist komplett für die Tonne.


Revo Uninstaller - Download - Filepony
damit Chrome deinstallieren, keine Daten behalten, Reste entfernen lassen, neu installieren.

Dann:
https://support.google.com/chrome/answer/3296214?hl=de


Was ist nun aktueller Stand an Problemen?

Crounty 27.12.2014 03:51
Keine Probleme mehr, danke für deine Hilfe

schrauber 27.12.2014 19:28
Fertig :)

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun :)

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.


Alle Zeitangaben in WEZ +1. Es ist jetzt 12:00 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55