| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Trojaner und Malware auf meinem Laptop! Malwarebytes Anti-Malware hat 733 aufgespuertWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
23.11.2013, 20:42
| #1 |
 |  Trojaner und Malware auf meinem Laptop! Malwarebytes Anti-Malware hat 733 aufgespuert Liebes Trojaner-Board-Team, ich hoffe, dass ihr mir helfen koennt. Ich habe gestern schon festgestellt, dass ich Trojaner und Malware auf meinem Computer habe und habe erst einmal Avira wie sonst eigentlich auch immer darueber laufen lassen. Nun habe ich mich hier ein wenig durch die Foren gelesen und zunaechst einmal Malwarebytes Anti-Malware heruntergeladen und alles so eingestellt, wie ihr es in einem Forum angegeben hattet. Das System hat sage und schreibe 733 Funde entdeckt und ich habe auch den Log erstellt und poste ihn jetzt. Ich hoffe, dass ihr mir helfen koennt und freue mich auch ueber Tipps bezueglich Viren-Programm etc. (gerne auch eins, das ich kaufen muss oder gibt es ein gutes, das es als Freeware gibt). Ganz liebe Gruesse Mareike Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.11.23.08 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Mareike Foerst :: YOUR-C36CAA9C21 [administrator] 23/11/2013 20:27:48 mbam-log-2013-11-23 (20-27-48).txt Scan type: Full scan (C:\|) Scan options enabled: Memory | Startup | Registry | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: File System | P2P Objects scanned: 222666 Time elapsed: 3 minute(s), 45 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 66 HKCR\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE} (PUP.Optional.Delta) -> Quarantined and deleted successfully. HKCR\escort.escortIEPane.1 (PUP.Optional.Delta) -> Quarantined and deleted successfully. HKCR\escort.escortIEPane (PUP.Optional.Delta) -> Quarantined and deleted successfully. HKCR\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta) -> Quarantined and deleted successfully. HKCR\delta.deltaHlpr.1 (PUP.Optional.Delta) -> Quarantined and deleted successfully. HKCR\delta.deltaHlpr (PUP.Optional.Delta) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} (PUP.Optional.Delta) -> Quarantined and deleted successfully. HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. HKCR\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8} (PUP.Optional.Delta) -> Quarantined and deleted successfully. HKCR\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D} (PUP.Optional.Delta) -> Quarantined and deleted successfully. HKCR\esrv.deltaESrvc.1 (PUP.Optional.Delta) -> Quarantined and deleted successfully. HKCR\esrv.deltaESrvc (PUP.Optional.Delta) -> Quarantined and deleted successfully. HKCR\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. HKCR\delta.deltadskBnd.1 (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. HKCR\delta.deltadskBnd (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. HKCR\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7} (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079A25-328F-4BD4-BE04-00955ACAA0A7} (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7} (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7} (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7} (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. HKCR\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0} (PUP.Optional.Bandoo.A) -> Quarantined and deleted successfully. HKCR\TypeLib\{5B4144E1-B61D-495A-9A50-CD1A95D86D15} (PUP.Optional.Bandoo.A) -> Quarantined and deleted successfully. HKCR\BrowserConnection.Loader.1 (PUP.Optional.Bandoo.A) -> Quarantined and deleted successfully. HKCR\BrowserConnection.Loader (PUP.Optional.Bandoo.A) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4F12-8568-69135F087DB0} (PUP.Optional.Bandoo.A) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0} (PUP.Optional.Bandoo.A) -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0} (PUP.Optional.Bandoo.A) -> Quarantined and deleted successfully. HKCR\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115} (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully. HKCR\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9} (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully. HKCR\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC} (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully. HKCR\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87} (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully. HKCR\Typelib\{4599D05A-D545-4069-BB42-5895B4EAE05B} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. HKCR\Interface\{1231839B-064E-4788-B865-465A1B5266FD} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. HKCR\SearchQUIEHelper.DNSGuard (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. HKCR\SearchQUIEHelper.DNSGuard.1 (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. HKCU\SOFTWARE\DataMngr_Toolbar (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully. HKCU\SOFTWARE\DELTA\DELTA (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. HKCU\Software\ConduitSearchScopes (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. HKCU\Software\DataMngr (PUP.Optional.DataMngr.A) -> Quarantined and deleted successfully. HKCU\Software\PriceGong (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. HKCU\Software\BabSolution\Updater (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully. HKCU\SOFTWARE\DELTA\DELTA\IESTRG (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Quarantined and deleted successfully. HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings (PUP.Optional.BProtector.A) -> Quarantined and deleted successfully. HKCU\Software\Systweak\Advanced System Protector (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully. HKCU\Software\Systweak\RegClean Pro (PUP.Optional.RegCleanerPro.A) -> Quarantined and deleted successfully. HKLM\SOFTWARE\DATAMNGR (PUP.Optional.Searchqu.A) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Delta\delta\Instl (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Searchqu Toolbar (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. HKCR\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515} (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. HKCR\TypeLib\{841D5A49-E48D-413c-9C28-EB3D9081D705} (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. HKCR\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792} (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. HKCR\DnsBHO.BHO.1 (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. HKCR\DnsBHO.BHO (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. HKCR\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. HKCR\delta.deltaappCore.1 (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. HKCR\delta.deltaappCore (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. HKCR\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B} (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. HKCR\d (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\delta (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. Registry Values Detected: 12 HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Data: Delta Toolbar -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar|{99079A25-328F-4BD4-BE04-00955ACAA0A7} (PUP.Optional.SearchQu) -> Data: Searchqu Toolbar -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{99079a25-328f-4bd4-be04-00955acaa0a7} (PUP.Optional.SearchQu) -> Data: -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{82E1477C-B154-48D3-9891-33D83C26BCD3} (PUP.Optional.Delta.A) -> Data: -> Quarantined and deleted successfully. HKCU\SOFTWARE\Delta\Delta|tlbrSrchUrl (PUP.Optional.Delta.A) -> Data: -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|bProtector Start Page (PUP.BProtector) -> Data: -> Quarantined and deleted successfully. HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|bProtectorDefaultScope (PUP.BProtector) -> Data: {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} -> Quarantined and deleted successfully. HKCU\Software\Delta\delta|lastB (PUP.Optional.Delta.A) -> Data: hxxp://www.claro-search.com/?affID=114508&tt=4312_5&babsrc=HP_clro&mntrId=f89f3f1600000000000000fff06140e2 -> Quarantined and deleted successfully. HKCU\Software\Delta\delta\iestrg|tlbrsrchurl (PUP.Optional.Delta.A) -> Data: -> Quarantined and deleted successfully. HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Data: zszw1I1P0X1G1NtG1MtFyD -> Quarantined and deleted successfully. HKLM\SOFTWARE\DataMngr|Folder (PUP.Optional.Searchqu.A) -> Data: C:\Program Files\Windows Searchqu Toolbar -> Quarantined and deleted successfully. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|DATAMNGR (PUP.Optional.Datamngr.A) -> Data: C:\PROGRA~1\WI9130~1\Datamngr\DATAMN~1.EXE -> Quarantined and deleted successfully. Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 60 C:\Documents and Settings\Mareike Foerst\Application Data\searchqutoolbar (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\searchqutoolbar\weather (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\Babylon (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar (PUP.Optional.SearchQu) -> Delete on reboot. C:\Program Files\Windows Searchqu Toolbar\Datamngr (PUP.Optional.SearchQu) -> Delete on reboot. C:\Program Files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\css (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\components (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\BabSolution (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\BabSolution\CR (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully. C:\Program Files\Delta\delta\1.8.21.5 (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. C:\Program Files\Delta\delta\1.8.21.5\bh (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\Systweak\Advanced System Protector (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\Systweak\Advanced System Protector\2.1.1000.10158 (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\Systweak\Advanced System Protector\Backup (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\Systweak\Advanced System Protector\Logs (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\OpenCandy (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\OpenCandy\E5693B3E3FCE4A02BBB4F2E9EB983CF9 (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\File Scout (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\mt_ffx\Delta (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\mt_ffx\Delta\delta (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\mt_ffx\Delta\delta\1.8.21.5 (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552 (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\chrome (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\components (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\defaults (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\META-INF (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\modules (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\searchplugin (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. Files Detected: 595 C:\Program Files\Delta\delta\1.8.21.5\bh\delta.dll (PUP.Optional.Delta) -> Quarantined and deleted successfully. C:\Program Files\Delta\delta\1.8.21.5\deltasrv.exe (PUP.Optional.Delta) -> Quarantined and deleted successfully. C:\Program Files\Delta\delta\1.8.21.5\deltaTlbr.dll (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchqudtx.dll (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\BrowserConnection.dll (PUP.Optional.Bandoo.A) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\IEBHO.dll (PUP.Optional.Datamngr.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\searchqutoolbar\guid.dat (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\searchqutoolbar\dtx.ini (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\searchqutoolbar\geodata.xml (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\searchqutoolbar\geoip.xml (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\searchqutoolbar\log.txt (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\searchqutoolbar\preferences.dat (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\searchqutoolbar\stats.dat (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\searchqutoolbar\uninstallIE.dat (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\searchqutoolbar\version.xml (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\searchqutoolbar\weatherbutton_prefs.xml (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\searchqutoolbar\weather\29dcc30c46c4a16ee5aa734a33f534e4 (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\searchqutoolbar\weather\b7974346827291993f35920e4c828c59 (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\searchqutoolbar\weather\ea6a84e2beaf4d6ac5f77713d6f0c8c0 (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\searchqutoolbar\weather\forecasts_cache.xml (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\searchqutoolbar\weather\observations_cache.xml (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\Babylon\log_file.txt (PUP.Optional.Babylon.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\searchqutoolbar-manifest.xml (PUP.Optional.Searchqu.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\SetupDataMngr_Searchqu.exe (PUP.Optional.Searchqu.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433} (PUP.Optional.Searchqu.A) -> Quarantined and deleted successfully. C:\WINDOWS\system32\roboot.exe (PUP.Optional.PCPerformer.A) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\datamngrUI.exe (PUP.Optional.Datamngr.A) -> Delete on reboot. C:\Program Files\Windows Searchqu Toolbar\sysid.ini (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\uninstall.exe (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\datamngr.dll (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\DnsBHO.dll (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\chrome.manifest (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\chrome.manifest.alt (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\install.rdf (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\install.rdf.alt (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlp.dll (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlp.xpt (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF3.dll (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF4.dll (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF5.dll (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF6.dll (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\components\DataMngrHlpFF7.dll (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\DataMngr.js (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\DnsBHO.js (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\Error404BHO.js (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\NewTabBHO.js (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\overlay.js (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\overlay.xul (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\RelatedSearch.js (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\SearchBHO.js (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\SettingManager.js (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\Settings.xml (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\FirefoxExtension\content\Settings.xml.alt (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\as_guid.dat (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\manifest.xml (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\searchquband.dll (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\uninstall.exe (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\bandoocode.js (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\neterror.xhtml (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\partner.coupons.xml (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\preferences.xml (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\radiobeta.js (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\template.xml (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\toolbar.htm (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\toolbar.xul (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\vmncode.js (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\vmnrsswin.xml (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search\engines.xml (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\data\search\search.xsl (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\about.xml (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\bandoocode.js (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpanel.xul (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpaneltransparent.xul (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxpanelwin.xul (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxprefwin.xul (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxtransparentwin.xul (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\dtxwin.xul (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\emailnotifierproviders.xml (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\external.js (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\imeshcode.js (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\neterror.xhtml (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\vmncode.js (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\lib\wmpstreamer.html (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules\datastore.jsm (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\modules\nsDragAndDrop.js (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\tb_icon.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.js (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget.xml (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\content\widgets\net.vmn.www.PPCBully\widget_version (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\babylon_logo.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\bandoo.css (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\bluelite.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\bluesky.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-search-over.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-search.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-settings-over.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-settings.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-widgets-over.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn-widgets.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\btn_settings.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\ca.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\dictionary.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\divider.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\downloadcom.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\dtxlogo.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\ebay.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\email.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\email_on.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\facebook.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\games.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred0.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred0_5.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred1.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred1_5.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred2.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred2_5.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred3.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred3_5.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred4.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred4_5.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphred5.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\graphredna.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\grey.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\ico-shield.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_radio_png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_seperator_png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_twitter.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\icon_youtube.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\images.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\imesh.css (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lichen.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo-about.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo-over.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo-separator.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\logo.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\mail.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\maps.bmp (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\menuseparatorback.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\modify-save.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\modify.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\modifyhot.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\music.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\news.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\orange.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\pixsy.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\protect-id.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-buffering.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-connecting.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-playing.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta-stopped.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\radiobeta.ico (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\relatedlinks.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-collapse.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-delete.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-expand.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-feed.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-folder-remove.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-folder-rename.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-folder.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-found.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-reload.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss-subscribe.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rss.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rssback.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\rsstopback.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search-over.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search_button_over_png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\search_button_png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\settings.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\shopping.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\siteinfo.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-bluelite.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-bluesky.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-grey.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-lichen.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-orange.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin-yellow.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\skin.xml (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\technorati.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\throbber.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\toolbarsplitter.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\translate.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\video.bmp (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\vmn.css (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\vmn.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\weather.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\web.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\widgets-square-16px.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\wikipedia.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\yahoosearch.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\yellow.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\youtube.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\zoom.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\add.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\aol.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-dn.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-right-disabled.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-right.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\arrow-up.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-divider.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-end.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-mdl_ff.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btn-start.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-divider.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-end.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-mdl_ff.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\bg-btnover-start.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\blank.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn-widgets-over.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn-widgets.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnback-down-vista.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnback-vista.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnleft-down-vista.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnleft-vista.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnright-down-vista.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btnright-vista.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\btn_slider.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\button-splitter-down-vista.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\button-splitter-vista.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\checkmark.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\chevron.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\collapse.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\comcast.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\dtx.css (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\edit-back-hot.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\edit-back.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\expand.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\found.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\gmail.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_blue.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_cyan.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_lime.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_magenta.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\highlight_yellow.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\hotmail.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\ico-check.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\imap.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\lastsearch-thumb-back.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\loadingMid.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\lock.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\logo-separator.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\mailcom.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitem-splitter.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemback-down-vista.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemback-vista.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-down-vista.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemleft-vista.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemright-down-vista.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menuitemright-vista.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_bg-basic.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_separator_bar.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\menu_separator_white.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\modify.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\move.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\movetarget.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\pop.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-buffering.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-connecting.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-playing.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta-stopped.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radiobeta.ico (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\reload.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\remove.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rename.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\resize-box.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rss.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rsschannelback.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\RSSLogo.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\rsstabdivider.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\scroll-left.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\scroll-right.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\search-go.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\search.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\text-ellipsis.xml (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\throbber.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\toolbarsplitter.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\transparent_1px.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\yahoo.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\footer.htm (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gamecategory.xsl (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gameData.js (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gameList.xsl (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\games.xsl (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\gametype.xsl (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\initHTML.html (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupGames.html (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupHTML.html (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupRSS.html (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\popupWidgets.html (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\scroll.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\panels.css (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupAbout.css (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupGames.css (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupRSS.css (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\css\popupWidgets.css (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\main.html (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\css\dialog.css (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\bg.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-search.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close-over.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\btn-wide-close.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\default.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-l.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-off-r.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-on-l.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\tab-on-r.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\transparent.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-left.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-mdl.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\ttlbar-right.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-left.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-mdl.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right-resize.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-btm-right.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-left.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\images\win-right.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\default\scripts\defscript.js (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-dn.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml-drop.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-sml.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrow-up.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\arrowr-bluew5.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-aboutbox.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-btnover.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bg-pnl520x390.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left-over.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-left.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-addtoolbar-right.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-back.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-close-grey.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-close-greyover.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-drag.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-mdl-over.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-mdl.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-moredetails.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-next-over.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-next.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-play-left-over.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-play-left.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-previous-over.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-previous.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-right-over.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm-over.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-search-pnlbtm.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-try-left-over.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\btn-try-left.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\bullet-orange.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\gamethumb-on.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\gamethumb2-over.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-calendar.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-dollar.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-download.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-joystick24.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-news24.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-play.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\ico-tags.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-Add.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-download.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-Info.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-play.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\icon-shop.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgon.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\menul-bgover.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\panel-botm-noscroll.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-bg-206.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-bg.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scroll-topwin.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-disable.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-down.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb-over.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollb.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-disable.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-down.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt-over.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\scrollt.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\searchbox-pnlbtm.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\star_x_grey.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\star_x_orange.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\TRUSTe_about.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-on.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-detailed-over.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-thumb-on.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\view-thumb-over.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets-square-16px.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets-square-24px.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\panels\images\widgets.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\managerpanel.html (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\volumeslider.html (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css\manager.css (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\css\slider.css (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\bg-pnl.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\btn-close-grey.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\btn-close-greyover.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\collapsed_button.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\expanded_button.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation-down.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation-over.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-playstation.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\ico-radio.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\music-note.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause-on.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-pause.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-play-on.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-btn-play.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-bg.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-buffer.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-busy.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-off.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-on.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-eq-warning.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-design-on.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-design.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options-on.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-options.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-0.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-1.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-2.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-3.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\radio-volume-mute.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\scrollbar-handle.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\scrollbar-track.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\slider.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\slideron.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\radio\images\track.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_02.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_03.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_04.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_06.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_07.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_08.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_09.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_10.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_11.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_12.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_13.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_14.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_15.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_16.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_18.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_19.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_20.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\border_21.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\btn-close-grey.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\btn-close-greyover.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\close-hot.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\close-normal.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\loadingMid.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\proxy.html (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\template.html (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\template.xml (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\templateFF.html (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\uwa\throbber.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\cond999.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\icons.xml (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na-s.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na-t.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\icons\na.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.css (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\popupWeather.html (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\add.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\arrowr-bluew5.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue-whitebg.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\bg-pnl520x350blue.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-check.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\box-uncheck.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-grey.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-close-greyover.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-delete.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm-over.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btn-search-pnlbtm.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next-off.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-next.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous-off.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\btnarrow-previous.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-check.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid-s.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\ico-hotandhumid.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\options-weather.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-blue.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\over-orange.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\powered-by-weatherbug2.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-checked.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\radio-unchecked.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\searchbox-pnlbtm.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\lib\weatherbutton\panels\images\weather-contour.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-main.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-search.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-weather.gif (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-weather.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\options\options-widgets.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-left.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-middle.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\chrome\skin\searchbar\searchbar-background-right.png (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\components\windowmediator.js (PUP.Optional.SearchQu) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\BabSolution\CR\Delta.crx (PUP.Optional.BabSolution.A) -> Quarantined and deleted successfully. C:\Program Files\Delta\delta\1.8.21.5\deltaApp.dll (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. C:\Program Files\Delta\delta\1.8.21.5\deltaEng.dll (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. C:\Program Files\Delta\delta\1.8.21.5\GUninstaller.exe (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. C:\Program Files\Delta\delta\1.8.21.5\uninstall.exe (PUP.Optional.Delta.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\Systweak\Advanced System Protector\QDetail.db (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\Systweak\Advanced System Protector\Settings.db (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\Systweak\Advanced System Protector\Update.ini (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\Systweak\Advanced System Protector\2.1.1000.10158\ASPLog.txt (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\Systweak\Advanced System Protector\Logs\log_22-10-12_08-25-38.xml (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\Systweak\Advanced System Protector\Logs\SMLog.xml (PUP.Optional.AdvancedSystemProtector.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data\1.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data\2229.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data\2260.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data\a.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data\b.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data\c.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data\d.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data\e.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data\f.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data\g.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data\h.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data\i.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data\j.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data\k.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data\l.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data\m.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data\mru.xml (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data\n.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data\o.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data\p.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data\q.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data\r.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data\s.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data\t.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data\u.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data\v.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data\w.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data\wlu.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data\x.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data\y.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\PriceGong\Data\z.txt (PUP.Optional.PriceGong.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\OpenCandy\E5693B3E3FCE4A02BBB4F2E9EB983CF9\DeltaTB.exe (PUP.Optional.OpenCandy) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\File Scout\filescout.exe (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Application Data\File Scout\uninst.exe (PUP.Optional.FileScout.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\chrome.manifest (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\install.rdf (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\version.txt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\chrome\hotspot_shield.jar (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\components\ConduitAutoCompleteSearch.js (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\components\ConduitAutoCompleteSearch.xpt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\components\RadioWMPCore.xpt (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\components\RadioWMPCoreGecko10.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\components\RadioWMPCoreGecko11.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\components\RadioWMPCoreGecko19.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\components\RadioWMPCoreGecko5.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\components\RadioWMPCoreGecko6.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\components\RadioWMPCoreGecko7.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\components\RadioWMPCoreGecko8.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\components\RadioWMPCoreGecko9.dll (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\defaults\alertSettingsComponent.xml (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\defaults\appContextMenu.xml (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\defaults\fbAlert.js (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\defaults\getAppsContextMenu.xml (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\defaults\postAppsContextMenu.xml (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\defaults\toolbarContextMenu.xml (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\defaults\unsharedAppsContextMenu.xml (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\META-INF\manifest.mf (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\META-INF\zigbert.rsa (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\META-INF\zigbert.sf (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\modules\Chat.jsm (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\modules\DataStructures.jsm (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\modules\EBEncryption.jsm (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\modules\ExternalLibraryLoader.jsm (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\modules\HTTP.jsm (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\modules\IO.jsm (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\modules\Log.jsm (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\modules\MainSingleton.jsm (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\modules\MD5.jsm (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\modules\Notifications.jsm (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\modules\ObserversAndEvents.jsm (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\modules\Prefs.jsm (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\modules\SearchProtector.jsm (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\modules\SearchSuggestIO.jsm (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\modules\String.jsm (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\modules\TEAEncryption.jsm (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\modules\Timer.jsm (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\modules\Twitter.jsm (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\modules\URL.jsm (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\modules\Windows.jsm (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\modules\XML.jsm (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ct1561552\searchplugin\conduit.xml (PUP.Optional.Conduit.A) -> Quarantined and deleted successfully. (end) |
|
24.11.2013, 07:43
| #2 |
| /// the machine /// TB-Ausbilder    | Trojaner und Malware auf meinem Laptop! Malwarebytes Anti-Malware hat 733 aufgespuert hi,
__________________ So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
24.11.2013, 08:25
| #3 |
| | Trojaner und Malware auf meinem Laptop! Malwarebytes Anti-Malware hat 733 aufgespuert Hallo Schrauber,
__________________danke dir fuer die schnelle Antwort. Hier nun der FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-11-2013 03
Ran by Mareike Foerst (administrator) on YOUR-C36CAA9C21 on 23-11-2013 20:59:12
Running from C:\Documents and Settings\Mareike Foerst\My Documents\Downloads
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\WINDOWS\system32\scardsvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Documents and Settings\All Users\Application Data\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
(Matsushita Electric Industrial Co., Ltd.) C:\WINDOWS\system32\DVDRAMSV.exe
() C:\Program Files\Hotspot Shield\bin\openvpnas.exe
() C:\Program Files\Hotspot Shield\bin\hsswd.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
() C:\Documents and Settings\All Users\Application Data\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(TOSHIBA) C:\Program Files\Toshiba\Bluetooth Monitor\BtMon2.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [Acrobat Assistant 8.0] - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-07] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [FreePDF Assistant] - C:\Program Files\FreePDF_XP\fpassist.exe [373760 2013-03-14] (shbox.de)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
MountPoints2: {c5223fda-f0aa-11de-becb-0016d42a930e} - E:\Menu.exe
HKU\Administrator\...\Run: [TOSCDSPD] - C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe [ 2005-04-11] (TOSHIBA)
HKU\Administrator\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
HKU\Default User\...\Run: [TOSCDSPD] - C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe [ 2005-04-11] (TOSHIBA)
HKU\Default User\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
Lsa: [Notification Packages] scecli scecli
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Monitor.lnk
ShortcutTarget: Bluetooth Monitor.lnk -> C:\Program Files\TOSHIBA\Bluetooth Monitor\BtMon2.exe (TOSHIBA)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.claro-search.com/?affID=114508&tt=4312_5&babsrc=HP_clro&mntrId=f89f3f1600000000000000fff06140e2
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://dts.search-results.com/sidebar.html?src=ssb&appid=0&systemid=410&sr=0
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://www.icq.com/search/results.php?q={searchTerms}&ch_id=osd
URLSearchHook: HKCU - Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\prxtbHot2.dll (Conduit Ltd.)
SearchScopes: HKLM - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKCU - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1561552
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=F89F00FFF06140E2&affID=121563&tsp=4938
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL =
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1561552
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll No File
BHO: Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\prxtbHot2.dll (Conduit Ltd.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Hotspot Shield Class - {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - C:\Program Files\Hotspot Shield\HssIE\HssIE.dll (AnchorFree Inc.)
Toolbar: HKLM - EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Hotspot Shield Toolbar - {c95a4e8e-816d-4655-8c79-d736da1adb6d} - C:\Program Files\Hotspot_Shield\prxtbHot2.dll (Conduit Ltd.)
Toolbar: HKLM - No Name - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - No File
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
Toolbar: HKCU - No Name - {855F3B16-6D32-4FE6-8A56-BBB695989046} - No File
Toolbar: HKCU - EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - Hotspot Shield Toolbar - {C95A4E8E-816D-4655-8C79-D736DA1ADB6D} - C:\Program Files\Hotspot_Shield\prxtbHot2.dll (Conduit Ltd.)
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} hxxp://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://go.divx.com/plugin/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll No File
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default
FF user.js: detected! => C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\user.js
FF NewTab: user_pref("browser.newtab.url", "");
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Content Upload Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Content Uploader\npUpload.dll No File
FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF SearchPlugin: C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\BitGuard.xml
FF SearchPlugin: C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\delta.xml
FF SearchPlugin: C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\icqplugin-1.xml
FF SearchPlugin: C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\icqplugin-2.xml
FF SearchPlugin: C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\icqplugin-3.xml
FF SearchPlugin: C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\icqplugin-4.xml
FF SearchPlugin: C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\icqplugin-5.xml
FF SearchPlugin: C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\icqplugin-6.xml
FF SearchPlugin: C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\icqplugin-7.xml
FF SearchPlugin: C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\icqplugin-8.xml
FF SearchPlugin: C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\icqplugin-9.xml
FF SearchPlugin: C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\icqplugin.xml
FF SearchPlugin: C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Giant Savings - C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\Extensions\crossriderapp4479@crossrider.com
FF Extension: Delta Toolbar - C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\Extensions\ffxtlbr@delta.com
FF Extension: Searchqu Toolbar - C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\Extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
FF Extension: Hotspot Shield Community Toolbar - C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\Extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}
FF Extension: AllowClipboard Helper - C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\Extensions\{cda6db95-6aab-414b-803c-40cf34f589b5}
FF Extension: adapter - C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\Extensions\adapter@babylontc.com.xpi
FF Extension: ocr - C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\Extensions\ocr@babylon.com.xpi
FF Extension: defaults - C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
FF Extension: Adblock Plus - C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF Extension: Hotspot Shield Helper (Please allow this installation) - C:\Program Files\Mozilla Firefox\extensions\afurladvisor@anchorfree.com
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
Chrome:
=======
CHR Extension: (Google Docs) - C:\DOCUME~1\MAREIK~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\DOCUME~1\MAREIK~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\DOCUME~1\MAREIK~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\DOCUME~1\MAREIK~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Delta Toolbar) - C:\DOCUME~1\MAREIK~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\1.4_0
CHR Extension: (Chrome In-App Payments service) - C:\DOCUME~1\MAREIK~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\DOCUME~1\MAREIK~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-09-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-07] (Avira Operations GmbH & Co. KG)
R2 BitGuard; C:\Documents and Settings\All Users\Application Data\BitGuard\2.7.1832.68\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [3780064 2013-11-18] ()
R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528608 2008-08-29] (Cisco Systems, Inc.)
R2 DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [110592 2004-08-28] (Matsushita Electric Industrial Co., Ltd.)
S2 gupdate1c9a61d3b7f1e3e; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-03-16] (Google Inc.)
R2 hshld; C:\Program Files\Hotspot Shield\bin\openvpnas.exe [542552 2012-04-11] ()
R2 HssWd; C:\Program Files\Hotspot Shield\bin\hsswd.exe [329544 2012-04-02] ()
R2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"
==================== Drivers (Whitelisted) ====================
R3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [2324480 2005-06-20] (Realtek Semiconductor Corp.)
R2 Aspi32; C:\Windows\System32\Drivers\Aspi32.sys [25244 1999-09-10] (Adaptec)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-09-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-04-21] (Avira Operations GmbH & Co. KG)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R2 cnmpar21; C:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Inst2\cnmpar21.sys [15300 2002-02-01] (CANON INC.)
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R3 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [125328 2008-03-29] (Deterministic Networks, Inc.)
S3 HssDrv; C:\Windows\System32\DRIVERS\HssDrv.sys [37376 2012-04-11] (AnchorFree Inc.)
S3 LVUSBSta; C:\Windows\System32\DRIVERS\LVUSBSta.sys [22016 2005-05-27] (Logitech Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R1 meiudf; C:\Windows\System32\Drivers\meiudf.sys [102384 2005-06-02] (Matsushita Electric Industrial Co.,Ltd.)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R2 Netdevio; C:\Windows\System32\DRIVERS\netdevio.sys [12032 2003-01-29] (TOSHIBA Corporation.)
S3 PID_08A0; C:\Windows\System32\DRIVERS\LV302AV.SYS [913280 2005-05-27] (Logitech Inc.)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2687512 2009-04-30] (Logitech Inc.)
S3 QV2KUX; C:\Windows\System32\DRIVERS\qv2kux.sys [3328 2001-08-17] (Microsoft Corporation)
R3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
S3 SCR3XX2K; C:\Windows\System32\DRIVERS\SCR3XX2K.sys [59776 2012-06-21] (Identive)
R1 SrvcSSIOMngr; C:\Windows\System32\Drivers\SSIoMngr.sys [6400 2004-07-30] (COMPAL ELECTRONIC INC.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-04-21] (Avira GmbH)
S3 STCFUx32; C:\Windows\System32\DRIVERS\STCFUx32.SYS [7680 2011-05-19] (SCM Microsystems Inc.)
R2 STEC3; C:\WINDOWS\system32\STEC3.sys [2368 2009-02-10] (AntiCracking)
R3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2012-03-06] (AnchorFree Inc)
R1 TPwSav; C:\Windows\System32\Drivers\TPwSav.sys [9600 2005-06-03] (TOSHIBA )
R3 Tvs; C:\Windows\System32\DRIVERS\Tvs.sys [30592 2005-07-29] (TOSHIBA Corporation)
S3 vsdatant; C:\WINDOWS\system32\vsdatant.sys [394952 2007-11-14] (Zone Labs, LLC)
R3 w29n51; C:\Windows\System32\DRIVERS\w29n51.sys [3281408 2005-04-30] (Intel® Corporation)
U5 BTHPORT; C:\Windows\System32\Drivers\BTHPORT.sys [272128 2008-06-13] (Microsoft Corporation)
U2 CertPropSvc;
S3 RTL8023xp; system32\DRIVERS\Rtlnicxp.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-23 20:58 - 2013-11-23 20:58 - 00000000 ____D C:\FRST
2013-11-23 20:21 - 2013-11-23 20:21 - 00000784 _____ C:\Documents and Settings\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-23 20:21 - 2013-11-23 20:21 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-11-23 20:21 - 2013-11-23 20:21 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2013-11-23 20:21 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-11-22 19:31 - 2013-11-22 19:31 - 105757824 _____ C:\WINDOWS\system32\뛞踥ƌ
2013-11-22 09:43 - 2013-11-22 09:43 - 105626457 _____ C:\WINDOWS\system32\䔜䟣ƌ
2013-11-21 23:16 - 2013-11-21 23:16 - 105611834 _____ C:\WINDOWS\system32\딛ꂒƌ
2013-11-21 10:43 - 2013-11-21 10:43 - 105483598 _____ C:\WINDOWS\system32\黕뿌ƌ
2013-11-21 10:42 - 2013-11-21 10:42 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\Start Menu\Programs\BitGuard
2013-11-19 17:05 - 2013-11-19 17:05 - 105044098 _____ C:\WINDOWS\system32\즏鬾ƌ
2013-11-18 23:17 - 2013-11-18 23:16 - 00069584 ____H C:\WINDOWS\Minidump\Mini111813-01.dmp
2013-11-18 21:12 - 2013-11-18 21:12 - 104986035 _____ C:\WINDOWS\system32\臩ƌ
2013-11-15 15:46 - 2013-11-15 15:46 - 104401821 _____ C:\WINDOWS\system32\忏듨ƌ
2013-11-14 21:43 - 2013-11-14 21:43 - 00010338 _____ C:\WINDOWS\KB2900986.log
2013-11-14 21:43 - 2013-11-14 21:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2013-11-14 21:43 - 2013-11-14 21:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2013-11-14 21:42 - 2013-11-14 21:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2013-11-14 21:42 - 2013-11-14 21:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2013-11-14 21:41 - 2013-11-14 21:42 - 00012622 _____ C:\WINDOWS\KB2888505-IE8.log
2013-11-14 18:31 - 2013-11-14 21:42 - 00016441 _____ C:\WINDOWS\KB2862152.log
2013-11-14 18:30 - 2013-11-14 21:42 - 00015915 _____ C:\WINDOWS\KB2876331.log
2013-11-14 18:23 - 2013-11-14 21:43 - 00017576 _____ C:\WINDOWS\KB2868626.log
2013-11-12 19:13 - 2013-11-12 19:13 - 103974937 _____ C:\WINDOWS\system32\�ᵩƌ
2013-11-10 20:22 - 2013-11-10 20:22 - 103551423 _____ C:\WINDOWS\system32\뒒冒ƌ
2013-11-07 22:57 - 2013-11-10 23:20 - 00000000 ____D C:\Program Files\Common Files\logishrd
2013-10-30 21:32 - 2013-10-30 21:32 - 104193179 _____ C:\WINDOWS\system32\埶磒ƌ
2013-10-26 08:44 - 2013-10-26 08:44 - 103054676 _____ C:\WINDOWS\system32\፠ƌ
2013-10-24 08:31 - 2013-10-24 08:31 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\Local Settings\Application Data\avgchrome
2013-10-24 08:30 - 2013-11-15 15:26 - 00001813 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2013-10-24 08:30 - 2013-10-24 08:30 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
==================== One Month Modified Files and Folders =======
2013-11-23 20:58 - 2013-11-23 20:58 - 00000000 ____D C:\FRST
2013-11-23 20:50 - 2005-09-15 08:23 - 01577591 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-23 20:45 - 2009-07-01 06:10 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-23 20:45 - 2005-09-15 09:19 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-11-23 20:45 - 2005-09-15 09:19 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-11-23 20:45 - 2005-09-15 08:28 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-23 20:44 - 2007-06-21 00:59 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB935840$
2013-11-23 20:44 - 2006-10-09 22:24 - 00000278 ___SH C:\Documents and Settings\Mareike Foerst\ntuser.ini
2013-11-23 20:44 - 2005-09-15 08:28 - 00032602 _____ C:\WINDOWS\SchedLgU.Txt
2013-11-23 20:43 - 2006-10-09 22:24 - 00000000 ____D C:\Documents and Settings\Mareike Foerst
2013-11-23 20:32 - 2012-03-13 22:09 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\Application Data\Systweak
2013-11-23 20:23 - 2012-04-07 09:16 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-11-23 20:21 - 2013-11-23 20:21 - 00000784 _____ C:\Documents and Settings\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-23 20:21 - 2013-11-23 20:21 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-11-23 20:21 - 2013-11-23 20:21 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2013-11-23 20:12 - 2009-07-01 06:10 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-23 20:02 - 2011-11-26 17:12 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2013-11-22 22:28 - 2013-10-20 10:26 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\Desktop\Taufe Fabio
2013-11-22 22:11 - 2012-11-18 20:07 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\My Documents\Bewerbungen Stipendien und Arbeit
2013-11-22 22:10 - 2012-11-18 20:21 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\My Documents\Studium
2013-11-22 21:58 - 2006-10-09 22:49 - 00002479 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Word.lnk
2013-11-22 19:59 - 2005-09-15 08:22 - 00000000 ____D C:\WINDOWS\Registration
2013-11-22 19:31 - 2013-11-22 19:31 - 105757824 _____ C:\WINDOWS\system32\뛞踥ƌ
2013-11-22 10:34 - 2012-04-06 09:34 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Application Data\Hotspot_Shield
2013-11-22 10:34 - 2011-12-01 23:16 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2013-11-22 09:43 - 2013-11-22 09:43 - 105626457 _____ C:\WINDOWS\system32\䔜䟣ƌ
2013-11-22 00:23 - 2013-10-23 10:12 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\Desktop\ePortfolio Einfuehrung
2013-11-21 23:16 - 2013-11-21 23:16 - 105611834 _____ C:\WINDOWS\system32\딛ꂒƌ
2013-11-21 10:45 - 2013-09-13 19:19 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\BitGuard
2013-11-21 10:43 - 2013-11-21 10:43 - 105483598 _____ C:\WINDOWS\system32\黕뿌ƌ
2013-11-21 10:42 - 2013-11-21 10:42 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\Start Menu\Programs\BitGuard
2013-11-21 10:40 - 2012-05-03 05:40 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-20 13:53 - 2007-08-02 21:49 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-19 23:55 - 2010-12-26 02:35 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\Application Data\vlc
2013-11-19 22:25 - 2011-12-24 20:40 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\Application Data\dvdcss
2013-11-19 17:05 - 2013-11-19 17:05 - 105044098 _____ C:\WINDOWS\system32\즏鬾ƌ
2013-11-19 00:36 - 2007-07-08 21:20 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\Application Data\Skype
2013-11-18 23:21 - 2007-07-08 21:20 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype
2013-11-18 23:16 - 2013-11-18 23:17 - 00069584 ____H C:\WINDOWS\Minidump\Mini111813-01.dmp
2013-11-18 21:12 - 2013-11-18 21:12 - 104986035 _____ C:\WINDOWS\system32\臩ƌ
2013-11-18 21:08 - 2005-09-15 07:09 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl
2013-11-15 15:46 - 2013-11-15 15:46 - 104401821 _____ C:\WINDOWS\system32\忏듨ƌ
2013-11-15 15:26 - 2013-10-24 08:30 - 00001813 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2013-11-15 12:15 - 2012-03-16 12:35 - 00000000 ____D C:\Program Files\Hotspot_Shield
2013-11-15 12:15 - 2012-03-16 12:35 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\Local Settings\Application Data\Hotspot_Shield
2013-11-14 21:43 - 2013-11-14 21:43 - 00010338 _____ C:\WINDOWS\KB2900986.log
2013-11-14 21:43 - 2013-11-14 21:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2013-11-14 21:43 - 2013-11-14 21:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2013-11-14 21:43 - 2013-11-14 18:23 - 00017576 _____ C:\WINDOWS\KB2868626.log
2013-11-14 21:43 - 2011-01-16 18:19 - 00552466 _____ C:\WINDOWS\setupapi.log
2013-11-14 21:43 - 2005-09-15 09:16 - 03611277 ____C C:\WINDOWS\FaxSetup.log
2013-11-14 21:43 - 2005-09-15 09:16 - 01726856 ____C C:\WINDOWS\ocgen.log
2013-11-14 21:43 - 2005-09-15 09:16 - 01387292 ____C C:\WINDOWS\tsoc.log
2013-11-14 21:43 - 2005-09-15 09:16 - 01011844 ____C C:\WINDOWS\comsetup.log
2013-11-14 21:43 - 2005-09-15 09:16 - 00611372 ____C C:\WINDOWS\ntdtcsetup.log
2013-11-14 21:43 - 2005-09-15 09:16 - 00576211 ____C C:\WINDOWS\iis6.log
2013-11-14 21:43 - 2005-09-15 09:16 - 00180584 ____C C:\WINDOWS\msgsocm.log
2013-11-14 21:43 - 2005-09-15 09:16 - 00166739 ____C C:\WINDOWS\ocmsn.log
2013-11-14 21:43 - 2005-09-15 09:16 - 00001393 _____ C:\WINDOWS\imsins.log
2013-11-14 21:43 - 2005-09-15 09:16 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-11-14 21:43 - 2005-09-15 08:46 - 00561643 ____C C:\WINDOWS\updspapi.log
2013-11-14 21:42 - 2013-11-14 21:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2013-11-14 21:42 - 2013-11-14 21:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2013-11-14 21:42 - 2013-11-14 21:41 - 00012622 _____ C:\WINDOWS\KB2888505-IE8.log
2013-11-14 21:42 - 2013-11-14 18:31 - 00016441 _____ C:\WINDOWS\KB2862152.log
2013-11-14 21:42 - 2013-11-14 18:30 - 00015915 _____ C:\WINDOWS\KB2876331.log
2013-11-14 21:41 - 2011-06-20 20:46 - 00000000 ____D C:\WINDOWS\ie8updates
2013-11-14 21:40 - 2013-07-19 02:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-11-14 21:35 - 2006-10-10 01:01 - 80340640 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-11-14 21:34 - 2013-10-06 19:56 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\Desktop\Die Spielsprachschule
2013-11-12 19:13 - 2013-11-12 19:13 - 103974937 _____ C:\WINDOWS\system32\�ᵩƌ
2013-11-10 23:20 - 2013-11-07 22:57 - 00000000 ____D C:\Program Files\Common Files\logishrd
2013-11-10 23:20 - 2009-03-08 14:23 - 00006477 ____C C:\WINDOWS\system32\lvcoinst.log
2013-11-10 20:22 - 2013-11-10 20:22 - 103551423 _____ C:\WINDOWS\system32\뒒冒ƌ
2013-11-07 22:44 - 2009-12-09 13:17 - 00000000 ___RD C:\Program Files\Skype
2013-11-07 21:38 - 2010-12-25 23:07 - 01088000 ___SH C:\Documents and Settings\Mareike Foerst\Desktop\Thumbs.db
2013-11-07 21:38 - 2006-10-28 23:47 - 00000116 ____C C:\WINDOWS\NeroDigital.ini
2013-10-30 21:32 - 2013-10-30 21:32 - 104193179 _____ C:\WINDOWS\system32\埶磒ƌ
2013-10-28 08:05 - 2005-09-15 09:16 - 00522638 ____C C:\WINDOWS\system32\PerfStringBackup.INI
2013-10-26 08:44 - 2013-10-26 08:44 - 103054676 _____ C:\WINDOWS\system32\፠ƌ
2013-10-24 08:31 - 2013-10-24 08:31 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\Local Settings\Application Data\avgchrome
2013-10-24 08:30 - 2013-10-24 08:30 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome
2013-10-24 08:30 - 2007-06-11 23:23 - 00000000 ____D C:\Program Files\Google
Some content of TEMP:
====================
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\AskSLib.dll
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\conduitinstaller.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\DelayInst.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\expertpdf_v4_softonic_deu.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ffunzip.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\firefoxjre_exe.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\FreemakeVideoDownloader_3.5.2.4.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\IcqUpdater.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\installhelper.dll
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\installservice.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\install_reader11_de_mssd_aih.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\Install_WLMessenger.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\instmsi.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\instmsiw.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\jre-6u22-windows-i586-iftw-rv.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\jre-6u37-windows-i586-iftw.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\jre-7u21-windows-i586-iftw.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\jre-7u40-windows-i586-iftw.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\setup.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\setup_wm.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\SRAssetsHelper.dll
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\TB_9.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\TFRE8.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\TOBITCLT.DLL
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\unwise.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\vpnclient_setup.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\wlsetup-cvr.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\_isCC.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\_isD4.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================
--- --- --- Und hier auch noch Addition.txt FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-11-2013 03
Ran by Mareike Foerst at 2013-11-23 21:04:38
Running from C:\Documents and Settings\Mareike Foerst\My Documents\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Disabled - Up to date) {AD166499-45F9-482A-A743-FDD3350758C7}
==================== Installed Programs ======================
Adobe Acrobat 9 Pro - English, Français, Deutsch (Version: 9.0.0)
Adobe AIR (Version: 3.1.0.4880)
Adobe Download Assistant (Version: 1.0.6)
Adobe Flash Player 11 ActiveX (Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (Version: 11.9.900.117)
Adobe Reader XI (11.0.05) - Deutsch (Version: 11.0.05)
ALPS Touch Pad Driver
Apple Application Support (Version: 2.3.4)
Apple Mobile Device Support (Version: 6.1.0.13)
Apple Software Update (Version: 2.1.3.127)
Avira Free Antivirus (Version: 13.0.0.4052)
BitGuard
Bluetooth Monitor 2
Bonjour (Version: 3.0.0.10)
Camera RAW Plug-In for EPSON Creativity Suite (Version: 2.2.0.0)
Canon iP4200
CD/DVD Drive Acoustic Silencer (Version: 1.00.008)
CIB pdf brewer 2.5.26 (Version: 2.5.26)
Cisco Systems VPN Client 5.0.04.0300 (Version: 5.0.4)
Compatibility Pack for the 2007 Office system (Version: 12.0.6612.1000)
DVD-RAM Driver (Version: 5.0.1.8)
EPSON Copy Utility 3 (Version: 3.3.0.0)
EPSON Scan
EPSON Scan Assistant (Version: 1.10.00)
EPSON Stylus CX7300_CX8300_DX7400_DX8400 Handbuch
EPSON Web-To-Page
EPSON-Drucker-Software
FreePDF (Remove only)
Google Chrome (Version: 31.0.1650.57)
Google Update Helper (Version: 1.3.21.165)
Hotspot Shield 2.53 (Version: 2.53)
Hotspot Shield Toolbar (Version: 6.8.5.1)
Intel(R) Graphics Media Accelerator Driver for Mobile (Version: 6.14.10.4363)
InterActual Player
iTunes (Version: 11.0.5.5)
Java 7 Update 40 (Version: 7.0.400)
Java Auto Updater (Version: 2.1.9.8)
Java(TM) 6 Update 7 (Version: 1.6.0.70)
Juniper Networks, Inc. Setup Client (HKCU Version: 7.1.8.19851)
Juniper Networks, Inc. Setup Client Activex Control (Version: 2.1.1.1)
Macromedia Flash Player (Version: 7.0.19.0)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 1.1 (Version: 1.1.4322)
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 1.1 Security Update (KB979906)
Microsoft .NET Framework 2.0 Language Pack - DEU
Microsoft .NET Framework 2.0 Language Pack - DEU (Version: 1.1.50727.42)
Microsoft .NET Framework 2.0 Service Pack 2 (Version: 2.2.30729)
Microsoft .NET Framework 3.0 Service Pack 2 (Version: 3.2.30729)
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Compression Client Pack 1.0 for Windows XP (Version: 1)
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office 2000 Disc 2 (Version: 9.00.2720)
Microsoft Office 2000 Professional (Version: 9.00.2720)
Microsoft Office OneNote 2003 (Version: 11.0.8173.0)
Microsoft Silverlight (Version: 4.0.60531.0)
Microsoft User-Mode Driver Framework Feature Pack 1.0
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053)
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053)
Microsoft_VC90_ATL_x86 (Version: 1.00.0000)
Microsoft_VC90_CRT_x86 (Version: 1.00.0000)
Microsoft_VC90_MFC_x86 (Version: 1.00.0000)
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000)
Mozilla Firefox 25.0.1 (x86 de) (Version: 25.0.1)
Mozilla Maintenance Service (Version: 25.0.1)
MSXML 4.0 SP2 (KB927978) (Version: 4.20.9841.0)
MSXML 4.0 SP2 (KB936181) (Version: 4.20.9848.0)
MSXML 4.0 SP2 (KB954430) (Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
MSXML 6 Service Pack 2 (KB973686) (Version: 6.20.2003.0)
MWSnap 3 (Version: 3.0.0.74)
Nero Suite
Nur Entfernen der CopyTrans Suite möglich (HKCU Version: 2.36)
QuickTime (Version: 7.74.80.86)
Realtek AC'97 Audio (Version: 5.12)
RedMon - Redirection Port Monitor
RUBICon (Version: 2.0.25)
SCR3xxx Smart Card Reader (Version: 8.51)
SD Secure Module (Version: 1.0.2)
Skype™ 6.10 (Version: 6.10.104)
StreamTransport version: 1.0.2.2171
Subtitle Edit 3.3.1 (Version: 3.3.1.1593)
Texas Instruments PCIxx21/x515 drivers. (Version: 1.23.0000)
Tftpd32 Standalone Edition
TIxx21/x515 (Version: 1.23.0000)
TOSHIBA Accessibility (Version: 1.36.0.10C)
TOSHIBA Assist
TOSHIBA ConfigFree (Version: 5.70.09)
TOSHIBA Controls Driver (Version: 2.36.0.4C)
TOSHIBA Hardware Setup (Version: 1.36.0.6C)
TOSHIBA Hotkey Utility (Version: 1.36.0.7C)
TOSHIBA Manuals (Version: 7.03)
TOSHIBA PC Diagnostic Tool
TOSHIBA Power Saver (Version: 7.03.07.C)
TOSHIBA Power Saver Driver (Version: 2.36.0.2C)
TOSHIBA SD Memory Card Format
TOSHIBA Software Modem (Version: 2.1.51 (SM2151ALD05))
TOSHIBA Supervisor Password (Version: 1.36.0.1C)
TOSHIBA Virtual Sound
TOSHIBA Zooming Hook (Version: 2.36.0.1C)
Touch and Launch
TouchPad On/Off Utility (Version: 1.36.0.4C)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (Version: 1)
Update for Windows Internet Explorer 8 (KB2598845) (Version: 1)
Update for Windows XP (KB2141007) (Version: 1)
Update for Windows XP (KB2345886) (Version: 1)
Update for Windows XP (KB2467659) (Version: 1)
Update for Windows XP (KB2541763) (Version: 1)
Update for Windows XP (KB2607712) (Version: 1)
Update for Windows XP (KB2616676-v2) (Version: 2)
Update for Windows XP (KB2641690) (Version: 1)
Update for Windows XP (KB2661254-v2) (Version: 2)
Update for Windows XP (KB2718704) (Version: 1)
Update for Windows XP (KB2736233) (Version: 1)
Update for Windows XP (KB2749655) (Version: 1)
Update for Windows XP (KB2863058) (Version: 1)
Update for Windows XP (KB951072-v2) (Version: 2)
Update for Windows XP (KB951978) (Version: 1)
Update for Windows XP (KB955759) (Version: 1)
Update for Windows XP (KB955839) (Version: 1)
Update for Windows XP (KB961503) (Version: 1)
Update for Windows XP (KB967715) (Version: 1)
Update for Windows XP (KB968389) (Version: 1)
Update for Windows XP (KB971029) (Version: 1)
Update for Windows XP (KB971737) (Version: 1)
Update for Windows XP (KB973687) (Version: 1)
Update for Windows XP (KB973815) (Version: 1)
Update for Windows XP (KB976749) (Version: 1)
Update for Windows XP (KB978207) (Version: 1)
Update for Windows XP (KB980182) (Version: 1)
Utility Common Driver (Version: 0.0.0.1C)
VDM Visual DialectoMetry
VLC media player 2.0.5 (Version: 2.0.5)
WebFldrs XP (Version: 9.50.7523)
Winamp (remove only)
Windows Genuine Advantage Validation Tool (KB892130)
Windows Genuine Advantage Validation Tool (KB892130) (Version: 1.7.0069.2)
Windows Imaging Component (Version: 3.0.0.0)
Windows Internet Explorer 8 (Version: 20090308.140743)
Windows Live Sign-in Assistant (Version: 5.000.818.5)
Windows Live Upload Tool (Version: 14.0.8014.1029)
Windows Media Format 11 runtime
Windows Media Player 10 Hotfix - KB895316
Windows Media Player 11
Windows XP Service Pack 3 (Version: 20080414.031525)
WinRAR
XnView 1.97.8 (Version: 1.97.8)
==================== Restore Points =========================
==================== Hosts content: ==========================
2005-09-15 07:09 - 2004-08-04 13:00 - 00000734 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2013-07-15 18:13 - 2012-08-18 10:31 - 00116224 _____ () C:\WINDOWS\system32\redmonnt.dll
2013-04-21 23:30 - 2013-04-21 23:20 - 00397704 _____ () C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
2011-09-27 06:23 - 2011-09-27 06:23 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 06:22 - 2011-09-27 06:22 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2008-08-29 13:58 - 2008-08-29 13:58 - 00197408 _____ () C:\WINDOWS\system32\vpnapi.dll
2009-03-30 03:34 - 2009-03-30 03:34 - 00280143 _____ () C:\Program Files\Hotspot Shield\bin\libidn-11.dll
2009-03-27 21:02 - 2009-03-27 21:02 - 01554920 _____ () C:\Program Files\Hotspot Shield\bin\libeay32.dll
2009-03-27 21:02 - 2009-03-27 21:02 - 00332254 _____ () C:\Program Files\Hotspot Shield\bin\libssl32.dll
2009-04-04 14:05 - 2008-09-16 19:18 - 00132608 _____ () C:\Program Files\WinRAR\rarext.dll
2011-05-08 15:21 - 2013-11-20 13:51 - 03363952 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Faulty Device Manager Devices =============
Name: Cisco Systems VPN Adapter
Description: Cisco Systems VPN Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Cisco Systems
Service: CVirtA
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/23/2013 07:10:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15985
Error: (11/23/2013 07:10:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15985
Error: (11/23/2013 07:10:57 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/22/2013 10:08:08 PM) (Source: Application Hang) (User: )
Description: Hanging application AcroRd32.exe, version 11.0.4.63, hang module hungapp, version 0.0.0.0, hang address 0x00000000.
Error: (11/22/2013 07:48:27 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine LookupPrivilegeValue. hr = 0x800706ba.
Error: (11/22/2013 07:48:26 PM) (Source: Winlogon) (User: )
Description: A critical system process, C:\WINDOWS\system32\lsass.exe, failed with status code 00000000. The machine
must now be restarted.
Error: (11/22/2013 07:48:24 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x800706ba.
Error: (11/22/2013 07:48:23 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x800706ba.
Error: (11/21/2013 07:22:09 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9125
Error: (11/21/2013 07:22:09 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9125
System errors:
=============
Error: (11/23/2013 08:46:55 PM) (Source: Service Control Manager) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
PCIIde
Error: (11/23/2013 08:46:55 PM) (Source: Service Control Manager) (User: )
Description: The System Restore Service service terminated with the following error:
%%2
Error: (11/23/2013 08:45:18 PM) (Source: SRService) (User: )
Description: The System Restore initialization process failed.
Error: (11/23/2013 07:14:44 PM) (Source: Windows Update Agent) (User: )
Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Security Update for Microsoft Silverlight (KB2890788).
Error: (11/22/2013 07:53:03 PM) (Source: Service Control Manager) (User: )
Description: The System Restore Service service terminated with the following error:
%%2
Error: (11/22/2013 07:51:24 PM) (Source: SRService) (User: )
Description: The System Restore initialization process failed.
Error: (11/22/2013 07:48:19 PM) (Source: Service Control Manager) (User: )
Description: The Windows Driver Foundation - User-mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service.
Error: (11/22/2013 07:48:17 PM) (Source: Service Control Manager) (User: )
Description: The DNS Client service terminated unexpectedly. It has done this 1 time(s).
Error: (11/22/2013 07:48:15 PM) (Source: Service Control Manager) (User: )
Description: The SSDP Discovery Service service terminated unexpectedly. It has done this 1 time(s).
Error: (11/22/2013 07:48:15 PM) (Source: Service Control Manager) (User: )
Description: The TCP/IP NetBIOS Helper service terminated unexpectedly. It has done this 1 time(s).
Microsoft Office Sessions:
=========================
Error: (11/23/2013 07:10:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15985
Error: (11/23/2013 07:10:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15985
Error: (11/23/2013 07:10:57 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/22/2013 10:08:08 PM) (Source: Application Hang)(User: )
Description: AcroRd32.exe11.0.4.63hungapp0.0.0.000000000
Error: (11/22/2013 07:48:27 PM) (Source: VSS)(User: )
Description: LookupPrivilegeValue0x800706ba
Error: (11/22/2013 07:48:26 PM) (Source: Winlogon)(User: )
Description: C:\WINDOWS\system32\lsass.exe00000000
Error: (11/22/2013 07:48:24 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x800706ba
Error: (11/22/2013 07:48:23 PM) (Source: VSS)(User: )
Description: CoCreateInstance0x800706ba
Error: (11/21/2013 07:22:09 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9125
Error: (11/21/2013 07:22:09 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9125
==================== Memory info ===========================
Percentage of memory in use: 55%
Total physical RAM: 1526.42 MB
Available physical RAM: 674.18 MB
Total Pagefile: 2135.97 MB
Available Pagefile: 1234.91 MB
Total Virtual: 2047.88 MB
Available Virtual: 1955.04 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:298.09 GB) (Free:203.88 GB) NTFS ==>[Drive with boot components (Windows XP)]
Drive d: (Festmahl im August) (CDROM) (Total:5.58 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 4708CBA3)
Partition 1: (Active) - (Size=298 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
24.11.2013, 08:59
| #4 |
| /// the machine /// TB-Ausbilder | Trojaner und Malware auf meinem Laptop! Malwarebytes Anti-Malware hat 733 aufgespuert Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
24.11.2013, 16:15
| #5 |
| | Trojaner und Malware auf meinem Laptop! Malwarebytes Anti-Malware hat 733 aufgespuert Hallo Schrauber, danke dir fuer die super schnelle Antwort von heute morgen. Was meinst du denn genau damit: Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden. Soll ich Avira fuer den Zeitraum ausstellen/deaktivieren, in dem "Junkware Removal Tool" laeuft? Und soll ich ebenfalls Malwarebites ausstellen? Danke und liebe Gruesse Ich bin wirklich dankbar Mareike |
|
25.11.2013, 08:17
| #6 |
| /// the machine /// TB-Ausbilder | Trojaner und Malware auf meinem Laptop! Malwarebytes Anti-Malware hat 733 aufgespuert Beides aus machen, genau 
__________________ --> Trojaner und Malware auf meinem Laptop! Malwarebytes Anti-Malware hat 733 aufgespuert |
|
27.11.2013, 21:42
| #7 |
| | Trojaner und Malware auf meinem Laptop! Malwarebytes Anti-Malware hat 733 aufgespuert Hier nun der Logfile von AdwCleaner: Code:
ATTFilter # AdwCleaner v3.013 - Report created 27/11/2013 at 21:13:08
# Updated 24/11/2013 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : Mareike Foerst - YOUR-C36CAA9C21
# Running from : C:\Documents and Settings\Mareike Foerst\My Documents\Downloads\adwcleaner.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : BitGuard
Service Deleted : hshld
Service Deleted : hsswd
***** [ Files / Folders ] *****
Folder Deleted : C:\hotspot shield
Folder Deleted : C:\Documents and Settings\All Users\Application Data\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Application Data\BitGuard
Folder Deleted : C:\Documents and Settings\All Users\Application Data\boost_interprocess
Folder Deleted : C:\Documents and Settings\All Users\Application Data\hotspot shield
Folder Deleted : C:\Documents and Settings\All Users\Application Data\ICQ\ICQToolbar
Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\hotspot shield
Folder Deleted : C:\Program Files\Conduit
Folder Deleted : C:\Program Files\Delta
Folder Deleted : C:\Program Files\hotspot shield
Folder Deleted : C:\Program Files\Hotspot_Shield
Folder Deleted : C:\Program Files\ICQ6Toolbar
Folder Deleted : C:\Program Files\icqtoolbar
Folder Deleted : C:\DOCUME~1\MAREIK~1\LOCALS~1\Temp\AskSearch
Folder Deleted : C:\Documents and Settings\NetworkService\Local Settings\Application Data\Hotspot_Shield
Folder Deleted : C:\Documents and Settings\Mareike Foerst\Local Settings\Application Data\Conduit
Folder Deleted : C:\Documents and Settings\Mareike Foerst\Local Settings\Application Data\Hotspot_Shield
Folder Deleted : C:\Documents and Settings\Mareike Foerst\Application Data\Delta
Folder Deleted : C:\Documents and Settings\Mareike Foerst\Application Data\searchquband
Folder Deleted : C:\Documents and Settings\Mareike Foerst\Application Data\Systweak
Folder Deleted : C:\Documents and Settings\Mareike Foerst\Start Menu\Programs\BitGuard
Folder Deleted : C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\ICQToolbarData
Folder Deleted : C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\Searchqutoolbar
Folder Deleted : C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\Extensions\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
Folder Deleted : C:\Program Files\Mozilla Firefox\Extensions\afurladvisor@anchorfree.com
Folder Deleted : C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\Extensions\ffxtlbr@delta.com
Folder Deleted : C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\Extensions\{c95a4e8e-816d-4655-8c79-d736da1adb6d}
[!] Folder Deleted : C:\Documents and Settings\Mareike Foerst\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
File Deleted : C:\Program Files\Mozilla Firefox\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
File Deleted : C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\Extensions\adapter@babylontc.com.xpi
File Deleted : C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\Extensions\ocr@babylon.com.xpi
File Deleted : C:\DOCUME~1\MAREIK~1\LOCALS~1\Temp\Searchqu.ini
File Deleted : C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\bProtector_extensions.rdf
File Deleted : C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\bprotector_extensions.sqlite
File Deleted : C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\bprotector_prefs.js
File Deleted : C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\invalidprefs.js
File Deleted : C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\Babylon.xml
File Deleted : C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\BitGuard.xml
File Deleted : C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\BrowserDefender.xml
File Deleted : C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\delta.xml
File Deleted : C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\icqplugin.xml
File Deleted : C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\icqplugin-1.xml
File Deleted : C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\icqplugin-2.xml
File Deleted : C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\icqplugin-3.xml
File Deleted : C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\icqplugin-4.xml
File Deleted : C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\icqplugin-5.xml
File Deleted : C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\icqplugin-6.xml
File Deleted : C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\icqplugin-7.xml
File Deleted : C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\icqplugin-8.xml
File Deleted : C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\icqplugin-9.xml
File Deleted : C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\Search_Results.xml
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Search_Results.xml
File Deleted : C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\user.js
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Key Deleted : HKCU\Toolbar
Key Deleted : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Key Deleted : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\HssIE.HssIEApp
Key Deleted : HKLM\SOFTWARE\Classes\HssIE.HssIEApp.1
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs [bProtectTabs]
Key Deleted : HKCU\Software\ded78fb76aed47
Key Deleted : HKLM\SOFTWARE\ded78fb76aed47
Key Deleted : HKLM\SOFTWARE\Classes\XTTB00001.IEToolbar
Key Deleted : HKLM\SOFTWARE\Classes\XTTB00001.IEToolbar.1
Key Deleted : HKLM\SOFTWARE\Classes\XTTB00001.XTTB00001
Key Deleted : HKLM\SOFTWARE\Classes\XTTB00001.XTTB00001.1
Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT1561552
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{87EAB409-97D7-4889-ACFA-C548FC6F3ECF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{87EAB409-97D7-4889-ACFA-C548FC6F3ECF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9E131A93-EED7-4BEB-B015-A0ADB30B5646}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D0F4A166-B8D4-48B8-9D63-80849FE137CB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{87EAB409-97D7-4889-ACFA-C548FC6F3ECF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D6EFA16D-3FAC-49C9-A07E-BF075744D303}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5B80A9AF-65F6-48AA-8F31-72E2298298A4}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{9E131A93-EED7-4BEB-B015-A0ADB30B5646}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{C95A4E8E-816D-4655-8C79-D736DA1ADB6D}]
Value Deleted : HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List [C:\Program Files\Windows Searchqu Toolbar\Datamngr\ToolBar\dtUser.exe]
Key Deleted : HKCU\Software\anchorfree
Key Deleted : HKCU\Software\BabSolution
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\Delta
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\Hotspot_Shield
Key Deleted : HKCU\Software\hotspotshield
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\searchqutoolbar
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKLM\Software\Babylon
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\Delta
Key Deleted : HKLM\Software\Hotspot_Shield
Key Deleted : HKLM\Software\hotspotshield
Key Deleted : HKLM\Software\ICQ\ICQToolbar
Key Deleted : HKLM\Software\SearchquMediabarTb
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\hotspotshield
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Hotspot_Shield Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\claro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Delta
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Giant Savings
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\hotspotshield
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Windows Searchqu Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Hotspot_Shield Toolbar
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536
***** [ Browsers ] *****
-\\ Internet Explorer v8.0.6001.18702
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
-\\ Mozilla Firefox v25.0.1 (de)
[ File : C:\Documents and Settings\LocalService\Application Data\Mozilla\Firefox\Profiles\5ssaodgu.default\prefs.js ]
[ File : C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\prefs.js ]
Line Deleted : user_pref("extensions.claro.admin", false);
Line Deleted : user_pref("extensions.claro.aflt", "babsst");
Line Deleted : user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}");
Line Deleted : user_pref("extensions.claro.dfltLng", "en");
Line Deleted : user_pref("extensions.claro.excTlbr", false);
Line Deleted : user_pref("extensions.claro.id", "f89f3f1600000000000000fff06140e2");
Line Deleted : user_pref("extensions.claro.instlDay", "15635");
Line Deleted : user_pref("extensions.claro.instlRef", "sst");
Line Deleted : user_pref("extensions.claro.prdct", "claro");
Line Deleted : user_pref("extensions.claro.prtnrId", "claro");
Line Deleted : user_pref("extensions.claro.tlbrId", "claro");
Line Deleted : user_pref("extensions.claro.tlbrSrchUrl", "");
Line Deleted : user_pref("extensions.claro.vrsn", "1.8.3.10");
Line Deleted : user_pref("extensions.claro.vrsni", "1.8.3.10");
Line Deleted : user_pref("extensions.claro_i.smplGrp", "none");
Line Deleted : user_pref("extensions.claro_i.vrsnTs", "1.8.3.1019:49:34");
Line Deleted : user_pref("extensions.crossrider.bic", "13fe7f8289a8de25fa64bd99117a387a");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.InstallationThankYouPage", false);
Line Deleted : user_pref("extensions.crossriderapp4479.4479.InstallationTime", 1373986368);
Line Deleted : user_pref("extensions.crossriderapp4479.4479.active", true);
Line Deleted : user_pref("extensions.crossriderapp4479.4479.addressbar", "NA");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.addressbarenhanced", "");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.asyncdb_dbWasSet", true);
Line Deleted : user_pref("extensions.crossriderapp4479.4479.asyncdb_dbWasSet_FF25_FIX", true);
Line Deleted : user_pref("extensions.crossriderapp4479.4479.asyncinternaldb_dbWasSet", true);
Line Deleted : user_pref("extensions.crossriderapp4479.4479.asyncinternaldb_dbWasSet_FF25_FIX", true);
Line Deleted : user_pref("extensions.crossriderapp4479.4479.backgroundjs", "\n\n//\n");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.backgroundver", 43);
Line Deleted : user_pref("extensions.crossriderapp4479.4479.can_run_bg_code", true);
Line Deleted : user_pref("extensions.crossriderapp4479.4479.certdomaininstaller", "");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.changeprevious", false);
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie.InstallationTime.value", "1373986368");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_aoi.value", "1373986368");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_arbitrary_code.expiration", "Wed Nov 27 2013 21:14:13 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_arbitrary_code.value", "%22%28function%28%29%7B_GPL_PLUGIN.st%3D%7B%5C%2274052%26pid%3D1269%5C%22%3A%7Bs%3A%5B%5C%2274052%26pid%3D1695%5C%22%2C[...]
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_blocklist.expiration", "Wed Nov 27 2013 21:14:13 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_blocklist.value", "%22bing.com%2Cfacebook.com%2Cnonexistantdomain.com%22");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_country_code.expiration", "Thu Nov 28 2013 19:20:57 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_country_code.value", "%22DE%22");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_crr.value", "1385578251");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_currenttime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_currenttime.value", "%221383332294%22");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_hotfix20111102645.value", "%221%22");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_ib_delay.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_ib_delay.value", "24");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_ib_disclosure.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_ib_disclosure.value", "1374707355");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_ib_list.expiration", "Thu Nov 28 2013 03:09:14 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_ib_list.value", "%7B%22f7610cf2b37067876b694a05c56f32e2%22%3A%7B%22p%22%3A%22/%22%7D%2C%22d763717b4b2e0a17a877cc642fb80ee4%22%3A%7B%22p%22%3A%2[...]
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_ib_list_temp.expiration", "Wed Nov 27 2013 21:19:13 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_ib_list_temp.value", "1385582953.816");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_installer_params.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_installer_params.value", "%7B%22source_id%22%3A%220%22%2C%22sub_id%22%3A%220%22%2C%22uzid%22%3A%220%22%7D");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_parent_zoneid.value", "%2214019%22");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_pc_20120828.value", "1373986416858");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_product_id.value", "%221171%22");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie._GPL_zoneid.value", "%22290762%22");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.cookie.dbtest.value", "1373986396750");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.description", "Save big with Giant Savings! Coupons display instantly while you're shopping online!");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.domain", "");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.enablesearch", false);
Line Deleted : user_pref("extensions.crossriderapp4479.4479.homepage", "");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.iframe", false);
Line Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3Anull%2C%22installer_verifier%22%3Anull%7D");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_appVer.value", "100");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_lastVersion.value", "0");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_meta.value", "%7B%7D");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_nextCheck.expiration", "Thu Nov 28 2013 01:50:52 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_nextCheck.value", "true");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_queue.value", "%7B%7D");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3Anull%2C%22installer_verifier%22%3Anull%7D%2C%22version%22%3Anull%7D"[...]
Line Deleted : user_pref("extensions.crossriderapp4479.4479.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GPL_=function(){_GPL_PLUGIN.started||_GPL_PLUGIN.prepare({pid:1171,baseCDN:\"giantsavings-a.akamaihd.n[...]
Line Deleted : user_pref("extensions.crossriderapp4479.4479.lastDailyReport", "1385578064283");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.lastUpdate", "1385578034282");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.manifesturl", "");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.name", "Giant Savings");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.newtab", "");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.opensearch", "");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1.code", "appAPI._cr_config={appID:function(){var a=appAPI.appInfo;if(a){return appAPI.appInfo.id;}else{return appAPI.appID;}}};$jquery.exte[...]
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1.name", "base");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1.ver", 8);
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000014.code", "Array.prototype.indexOf||(Array.prototype.indexOf=function(b){if(void 0===this||null===this)throw new TypeError;var c=Object[...]
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000014.name", "GPL Plugin (Loader)");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000014.ver", 16);
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000015.code", "var a=appAPI.db.getList(),cf_ran=!1,_GPL_BG={vars:{},rules:{},started:!1,allowed:!1,log:function(b){console.log(b)},factor:1[...]
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000015.name", "GPL Background (BG)");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_1000015.ver", 39);
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_13.code", "(function(a){a.selectedText=function(e,c){function d(){if(window.getSelection){return window.getSelection();}else{if(document.get[...]
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_13.name", "CrossriderAppUtils");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_13.ver", 5);
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefined\"){appAPI={};}var CR__bIsIEWindow=false;if(typeof window!==\"undefined\"&&typeof window.navigator[...]
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_14.name", "CrossriderUtils");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_14.ver", 9);
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_16.code", "if((typeof isBackground===\"undefined\"||isBackground!==true)&&(typeof _firefoxVersion!==\"undefined\"&&_firefoxVersion>14)&&type[...]
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_16.name", "FFAppAPIWrapper");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_16.ver", 12);
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_17.code", "if(typeof window!==\"undefined\"){\n/*!\n * jQuery JavaScript Library v1.4.2\n * hxxp://jquery.com/\n *\n * Copyright 2010, John [...]
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_17.name", "jQuery");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_17.ver", 4);
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_21.code", "var CrossriderDebugManager=(function(h){var f={appId:appAPI._cr_config.appID(),url:appAPI._cr_config.debug_app};return h.Class.ex[...]
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_21.name", "debug");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_21.ver", 5);
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_22.code", "(function(a){appAPI.queueManager={queue:[],register:function(b){this.queue.push(b);}};appAPI.ready=function(c,b){a.when.apply(nul[...]
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_22.name", "resources");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_22.ver", 5);
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_28.code", "var CrossriderInitializerPlugin=(function(e){var c={appId:appAPI._cr_config.appID()},b,g=new e.Deferred(),f;return e.Class.extend[...]
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_28.name", "initializer");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_28.ver", 4);
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_4.code", "var jQuery = $jquery_171 = $jquery = null;\n\nif (document && typeof document.getElementById !== \"undefined\") {\n\n/*! jQuery v1[...]
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_4.name", "jquery_1_7_1");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_4.ver", 4);
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_47.code", "(function(){appAPI.ready=function(a){appAPI.resources.isReady(a);};}());var CrossRiderResourcesManager=(function(){var C={appId:([...]
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_47.name", "resources_background");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_47.ver", 3);
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_64.code", "(function(){var j=\"__CR_EMPTY_CHANNEL__\";var d=function(e){return(typeof e===\"object\"&&e!==null);};var b=function(e){return(![...]
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_64.name", "appApiMessage");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_64.ver", 3);
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_72.code", "if(appAPI.__should_activate_validation__===true){(function(){var d={WRONG_STRICT_VALUE:\"Parameter %PARAM_NAME% value is not supp[...]
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_72.name", "appApiValidation");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_72.ver", 3);
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_78.code", "if(typeof jQuery!==\"undefined\"&&(jQuery)&&typeof window.navigator!==\"undefined\"&&typeof window.navigator.userAgent!==\"undefi[...]
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_78.name", "CrossriderInfo");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_78.ver", 5);
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_98.code", "(function(){var b={DUMMY_PAGE_URL:\"hxxp://page.our-app.net/blank/resource.html\"};var c=\"cr_\"+appAPI.appID+\"internalMessage\"[...]
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_98.name", "omniCommands");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins.plugin_98.ver", 3);
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins_lists.plugins_0", "4,14,78,16,64,47,72,98,1000015");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins_lists.plugins_1", "17,14,78,13,16,64,4,1,21,22,72,98,1000014,28");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.plugins_lists.plugins_5", "4,14,78,13,16,64,47,72");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/4479/plugins/093/ff/plugins.json");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.pluginsversion", 71);
Line Deleted : user_pref("extensions.crossriderapp4479.4479.publisher", "Innovative Apps");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.setnewtab", false);
Line Deleted : user_pref("extensions.crossriderapp4479.4479.thankyou", "");
Line Deleted : user_pref("extensions.crossriderapp4479.4479.updateinterval", 360);
Line Deleted : user_pref("extensions.crossriderapp4479.4479.ver", 100);
Line Deleted : user_pref("extensions.crossriderapp4479.apps", "4479");
Line Deleted : user_pref("extensions.crossriderapp4479.bic", "13fe7f8289a8de25fa64bd99117a387a");
Line Deleted : user_pref("extensions.crossriderapp4479.cid", 4479);
Line Deleted : user_pref("extensions.crossriderapp4479.firstrun", false);
Line Deleted : user_pref("extensions.crossriderapp4479.hadappinstalled", true);
Line Deleted : user_pref("extensions.crossriderapp4479.installationdate", 1374005751);
Line Deleted : user_pref("extensions.crossriderapp4479.lastcheck", 23064132);
Line Deleted : user_pref("extensions.crossriderapp4479.lastcheckitem", 23064418);
Line Deleted : user_pref("extensions.crossriderapp4479.modetype", "production");
Line Deleted : user_pref("extensions.crossriderapp4479.reportInstall", true);
Line Deleted : user_pref("extensions.crossriderapp4479.statsDailyCounter", 95);
Line Deleted : user_pref("extensions.delta.admin", false);
Line Deleted : user_pref("extensions.delta.aflt", "babsst");
Line Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
Line Deleted : user_pref("extensions.delta.autoRvrt", "false");
Line Deleted : user_pref("extensions.delta.dfltLng", "en");
Line Deleted : user_pref("extensions.delta.excTlbr", false);
Line Deleted : user_pref("extensions.delta.ffxUnstlRst", true);
Line Deleted : user_pref("extensions.delta.id", "f89f3f1600000000000000fff06140e2");
Line Deleted : user_pref("extensions.delta.instlDay", "15895");
Line Deleted : user_pref("extensions.delta.instlRef", "sst");
Line Deleted : user_pref("extensions.delta.newTab", false);
Line Deleted : user_pref("extensions.delta.prdct", "delta");
Line Deleted : user_pref("extensions.delta.prtnrId", "delta");
Line Deleted : user_pref("extensions.delta.rvrt", "false");
Line Deleted : user_pref("extensions.delta.smplGrp", "none");
Line Deleted : user_pref("extensions.delta.tlbrId", "base");
Line Deleted : user_pref("extensions.delta.tlbrSrchUrl", "");
Line Deleted : user_pref("extensions.delta.vrsn", "1.8.21.5");
Line Deleted : user_pref("extensions.delta.vrsnTs", "1.8.21.522:50:50");
Line Deleted : user_pref("extensions.delta.vrsni", "1.8.21.5");
Line Deleted : user_pref("extensions.delta_i.babExt", "");
Line Deleted : user_pref("extensions.delta_i.babTrack", "affID=121563&tsp=4938");
Line Deleted : user_pref("extensions.delta_i.srcExt", "ss");
Line Deleted : user_pref("extensions.enabledAddons", "adapter%40babylontc.com:1.0.0.1,ocr%40babylon.com:1.1,%7Bcda6db95-6aab-414b-803c-40cf34f589b5%7D:1.0.1,crossriderapp4479%40crossrider.com:0.93.100,%7B972ce4c6-7e[...]
[ File : C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\u1283n4k.default\prefs.js ]
-\\ Google Chrome v31.0.1650.57
[ File : C:\Documents and Settings\Mareike Foerst\Local Settings\Application Data\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [38685 octets] - [27/11/2013 21:11:45]
AdwCleaner[S0].txt - [37716 octets] - [27/11/2013 21:13:08]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [37777 octets] ##########
und hier ist das Logfile vom Junkware Removal Tool. Ein neues FRST log folgt. Ganz lieben Dank! Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Microsoft Windows XP x86
Ran by Mareike Foerst on 27/11/2013 at 21:23:05.14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2511545513-3201741632-486240611-1006\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441179}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441179}
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Documents and Settings\Mareike Foerst\appdata\locallow\datamngr"
~~~ FireFox
Successfully deleted: [Folder] C:\Documents and Settings\Mareike Foerst\Application Data\mozilla\firefox\profiles\kdbqmsdu.default\extensions\crossriderapp4479@crossrider.com
Successfully deleted the following from C:\Documents and Settings\Mareike Foerst\Application Data\mozilla\firefox\profiles\kdbqmsdu.default\prefs.js
user_pref("extensions.crossrider.bic", "1429b36185622a13bfcfbe652a03b6cf");
user_pref("extensions.crossriderapp4479.4479.InstallationThankYouPage", false);
user_pref("extensions.crossriderapp4479.4479.InstallationTime", 1385583483);
user_pref("extensions.crossriderapp4479.4479.active", true);
user_pref("extensions.crossriderapp4479.4479.addressbar", "NA");
user_pref("extensions.crossriderapp4479.4479.addressbarenhanced", "");
user_pref("extensions.crossriderapp4479.4479.asyncdb_dbWasSet", true);
user_pref("extensions.crossriderapp4479.4479.asyncdb_dbWasSet_FF25_FIX", true);
user_pref("extensions.crossriderapp4479.4479.asyncinternaldb_dbWasSet", true);
user_pref("extensions.crossriderapp4479.4479.asyncinternaldb_dbWasSet_FF25_FIX", true);
user_pref("extensions.crossriderapp4479.4479.backgroundver", 43);
user_pref("extensions.crossriderapp4479.4479.certdomaininstaller", "");
user_pref("extensions.crossriderapp4479.4479.changeprevious", false);
user_pref("extensions.crossriderapp4479.4479.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp4479.4479.cookie.InstallationTime.value", "1385583483");
user_pref("extensions.crossriderapp4479.4479.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp4479.4479.cookie._GPL_aoi.value", "1385583483");
user_pref("extensions.crossriderapp4479.4479.cookie._GPL_country_code.expiration", "Wed Dec 04 2013 21:18:34 GMT+0100");
user_pref("extensions.crossriderapp4479.4479.cookie._GPL_country_code.value", "%22DE%22");
user_pref("extensions.crossriderapp4479.4479.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp4479.4479.cookie._GPL_crr.value", "1385583515");
user_pref("extensions.crossriderapp4479.4479.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp4479.4479.cookie._GPL_hotfix20111102645.value", "%221%22");
user_pref("extensions.crossriderapp4479.4479.cookie._GPL_installer_params.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp4479.4479.cookie._GPL_installer_params.value", "%7B%22source_id%22%3A%220%22%2C%22sub_id%22%3A%220%22%2C%22uzid%22%3A%220%22%7D");
user_pref("extensions.crossriderapp4479.4479.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp4479.4479.cookie._GPL_parent_zoneid.value", "%2214019%22");
user_pref("extensions.crossriderapp4479.4479.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp4479.4479.cookie._GPL_product_id.value", "%221171%22");
user_pref("extensions.crossriderapp4479.4479.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp4479.4479.cookie._GPL_zoneid.value", "%22440160%22");
user_pref("extensions.crossriderapp4479.4479.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp4479.4479.cookie.dbtest.value", "1385583510823");
user_pref("extensions.crossriderapp4479.4479.description", "Save big with Giant Savings! Coupons display instantly while you're shopping online!");
user_pref("extensions.crossriderapp4479.4479.domain", "");
user_pref("extensions.crossriderapp4479.4479.enablesearch", false);
user_pref("extensions.crossriderapp4479.4479.homepage", "");
user_pref("extensions.crossriderapp4479.4479.iframe", false);
user_pref("extensions.crossriderapp4479.4479.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp4479.4479.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3Anull%2C%22installer_verifier%22%3Anull%7D");
user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_appVer.value", "100");
user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_lastVersion.value", "0");
user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_meta.value", "%7B%7D");
user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_nextCheck.expiration", "Thu Nov 28 2013 03:18:28 GMT+0100");
user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp4479.4479.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.crossriderapp4479.4479.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
user_pref("extensions.crossriderapp4479.4479.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3Anull%2C%22installer_verifier%22%3Anull%7D%2
user_pref("extensions.crossriderapp4479.4479.lastDailyReport", "1385583504539");
user_pref("extensions.crossriderapp4479.4479.lastUpdate", "1385583501135");
user_pref("extensions.crossriderapp4479.4479.manifesturl", "");
user_pref("extensions.crossriderapp4479.4479.name", "Giant Savings");
user_pref("extensions.crossriderapp4479.4479.newtab", "");
user_pref("extensions.crossriderapp4479.4479.opensearch", "");
user_pref("extensions.crossriderapp4479.4479.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/4479/plugins/093/ff/plugins.json");
user_pref("extensions.crossriderapp4479.4479.pluginsversion", 71);
user_pref("extensions.crossriderapp4479.4479.publisher", "Innovative Apps");
user_pref("extensions.crossriderapp4479.4479.searchstatus", 0);
user_pref("extensions.crossriderapp4479.4479.setnewtab", false);
user_pref("extensions.crossriderapp4479.4479.thankyou", "");
user_pref("extensions.crossriderapp4479.4479.updateinterval", 360);
user_pref("extensions.crossriderapp4479.4479.ver", 100);
user_pref("extensions.crossriderapp4479.apps", "4479");
user_pref("extensions.crossriderapp4479.bic", "1429b36185622a13bfcfbe652a03b6cf");
user_pref("extensions.crossriderapp4479.cid", 4479);
user_pref("extensions.crossriderapp4479.firstrun", false);
user_pref("extensions.crossriderapp4479.hadappinstalled", true);
user_pref("extensions.crossriderapp4479.installationdate", 1385583483);
user_pref("extensions.crossriderapp4479.modetype", "production");
user_pref("extensions.crossriderapp4479.reportInstall", true);
user_pref("extensions.crossriderapp4479.statsDailyCounter", 1);
Emptied folder: C:\Documents and Settings\Mareike Foerst\Application Data\mozilla\firefox\profiles\kdbqmsdu.default\minidumps [4 files]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27/11/2013 at 21:29:38.26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 27-11-2013 01
Ran by Mareike Foerst (administrator) on YOUR-C36CAA9C21 on 27-11-2013 21:33:54
Running from C:\Documents and Settings\Mareike Foerst\My Documents\Downloads
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\WINDOWS\system32\scardsvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
(Matsushita Electric Industrial Co., Ltd.) C:\WINDOWS\system32\DVDRAMSV.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(TOSHIBA) C:\Program Files\Toshiba\Bluetooth Monitor\BtMon2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [Acrobat Assistant 8.0] - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-07] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [FreePDF Assistant] - C:\Program Files\FreePDF_XP\fpassist.exe [373760 2013-03-14] (shbox.de)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
MountPoints2: {c5223fda-f0aa-11de-becb-0016d42a930e} - E:\Menu.exe
HKU\Administrator\...\Run: [TOSCDSPD] - C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe [ 2005-04-11] (TOSHIBA)
HKU\Administrator\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
HKU\Default User\...\Run: [TOSCDSPD] - C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe [ 2005-04-11] (TOSHIBA)
HKU\Default User\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
Lsa: [Notification Packages] scecli scecli
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Monitor.lnk
ShortcutTarget: Bluetooth Monitor.lnk -> C:\Program Files\Toshiba\Bluetooth Monitor\BtMon2.exe (TOSHIBA)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
Toolbar: HKCU - EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} hxxp://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://go.divx.com/plugin/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll No File
ShellExecuteHooks: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll [8462848 2012-06-08] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Content Upload Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Content Uploader\npUpload.dll No File
FF Plugin: @java.com/DTPlugin,version=10.40.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF SearchPlugin: C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: AllowClipboard Helper - C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\Extensions\{cda6db95-6aab-414b-803c-40cf34f589b5}
FF Extension: defaults - C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
FF Extension: Adblock Plus - C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Chrome:
=======
CHR Extension: (Google Docs) - C:\DOCUME~1\MAREIK~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\DOCUME~1\MAREIK~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\DOCUME~1\MAREIK~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\DOCUME~1\MAREIK~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Chrome In-App Payments service) - C:\DOCUME~1\MAREIK~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\DOCUME~1\MAREIK~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-09-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-07] (Avira Operations GmbH & Co. KG)
R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528608 2008-08-29] (Cisco Systems, Inc.)
R2 DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [110592 2004-08-28] (Matsushita Electric Industrial Co., Ltd.)
S2 gupdate1c9a61d3b7f1e3e; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-03-16] (Google Inc.)
S2 MBAMScheduler; C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"
==================== Drivers (Whitelisted) ====================
R3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [2324480 2005-06-20] (Realtek Semiconductor Corp.)
R2 Aspi32; C:\Windows\System32\Drivers\Aspi32.sys [25244 1999-09-10] (Adaptec)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-09-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-04-21] (Avira Operations GmbH & Co. KG)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R2 cnmpar21; C:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Inst2\cnmpar21.sys [15300 2002-02-01] (CANON INC.)
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R3 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [125328 2008-03-29] (Deterministic Networks, Inc.)
S3 HssDrv; C:\Windows\System32\DRIVERS\HssDrv.sys [37376 2012-04-11] (AnchorFree Inc.)
S3 LVUSBSta; C:\Windows\System32\DRIVERS\LVUSBSta.sys [22016 2005-05-27] (Logitech Inc.)
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22856 2013-04-04] (Malwarebytes Corporation)
R1 meiudf; C:\Windows\System32\Drivers\meiudf.sys [102384 2005-06-02] (Matsushita Electric Industrial Co.,Ltd.)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R2 Netdevio; C:\Windows\System32\DRIVERS\netdevio.sys [12032 2003-01-29] (TOSHIBA Corporation.)
S3 PID_08A0; C:\Windows\System32\DRIVERS\LV302AV.SYS [913280 2005-05-27] (Logitech Inc.)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2687512 2009-04-30] (Logitech Inc.)
S3 QV2KUX; C:\Windows\System32\DRIVERS\qv2kux.sys [3328 2001-08-17] (Microsoft Corporation)
R3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
S3 SCR3XX2K; C:\Windows\System32\DRIVERS\SCR3XX2K.sys [59776 2012-06-21] (Identive)
R1 SrvcSSIOMngr; C:\Windows\System32\Drivers\SSIoMngr.sys [6400 2004-07-30] (COMPAL ELECTRONIC INC.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-04-21] (Avira GmbH)
S3 STCFUx32; C:\Windows\System32\DRIVERS\STCFUx32.SYS [7680 2011-05-19] (SCM Microsystems Inc.)
R2 STEC3; C:\WINDOWS\system32\STEC3.sys [2368 2009-02-10] (AntiCracking)
R3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2012-03-06] (AnchorFree Inc)
R1 TPwSav; C:\Windows\System32\Drivers\TPwSav.sys [9600 2005-06-03] (TOSHIBA )
R3 Tvs; C:\Windows\System32\DRIVERS\Tvs.sys [30592 2005-07-29] (TOSHIBA Corporation)
S3 vsdatant; C:\WINDOWS\system32\vsdatant.sys [394952 2007-11-14] (Zone Labs, LLC)
R3 w29n51; C:\Windows\System32\DRIVERS\w29n51.sys [3281408 2005-04-30] (Intel® Corporation)
U5 BTHPORT; C:\Windows\System32\Drivers\BTHPORT.sys [272128 2008-06-13] (Microsoft Corporation)
U2 CertPropSvc;
S3 RTL8023xp; system32\DRIVERS\Rtlnicxp.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-27 21:29 - 2013-11-27 21:29 - 00008513 _____ C:\Documents and Settings\Mareike Foerst\Desktop\JRT.txt
2013-11-27 21:23 - 2013-11-27 21:23 - 00000000 ____D C:\WINDOWS\ERUNT
2013-11-27 21:13 - 2013-11-27 21:13 - 00000000 ____D C:\Hotspot Shield
2013-11-27 21:11 - 2013-11-27 21:13 - 00000000 ____D C:\AdwCleaner
2013-11-24 15:46 - 2013-11-24 15:46 - 105952601 _____ C:\WINDOWS\system32\ᔤ自ƌ
2013-11-23 20:58 - 2013-11-23 20:58 - 00000000 ____D C:\FRST
2013-11-23 20:21 - 2013-11-23 20:21 - 00000784 _____ C:\Documents and Settings\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-23 20:21 - 2013-11-23 20:21 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-11-23 20:21 - 2013-11-23 20:21 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2013-11-23 20:21 - 2013-04-04 14:50 - 00022856 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2013-11-22 19:31 - 2013-11-22 19:31 - 105757824 _____ C:\WINDOWS\system32\뛞踥ƌ
2013-11-22 09:43 - 2013-11-22 09:43 - 105626457 _____ C:\WINDOWS\system32\䔜䟣ƌ
2013-11-21 23:16 - 2013-11-21 23:16 - 105611834 _____ C:\WINDOWS\system32\딛ꂒƌ
2013-11-21 10:43 - 2013-11-21 10:43 - 105483598 _____ C:\WINDOWS\system32\黕뿌ƌ
2013-11-19 17:05 - 2013-11-19 17:05 - 105044098 _____ C:\WINDOWS\system32\즏鬾ƌ
2013-11-18 23:17 - 2013-11-18 23:16 - 00069584 ____H C:\WINDOWS\Minidump\Mini111813-01.dmp
2013-11-18 21:12 - 2013-11-18 21:12 - 104986035 _____ C:\WINDOWS\system32\臩ƌ
2013-11-15 15:46 - 2013-11-15 15:46 - 104401821 _____ C:\WINDOWS\system32\忏듨ƌ
2013-11-14 21:43 - 2013-11-14 21:43 - 00010338 _____ C:\WINDOWS\KB2900986.log
2013-11-14 21:43 - 2013-11-14 21:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2013-11-14 21:43 - 2013-11-14 21:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2013-11-14 21:42 - 2013-11-14 21:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2013-11-14 21:42 - 2013-11-14 21:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2013-11-14 21:41 - 2013-11-14 21:42 - 00012622 _____ C:\WINDOWS\KB2888505-IE8.log
2013-11-14 18:31 - 2013-11-14 21:42 - 00016441 _____ C:\WINDOWS\KB2862152.log
2013-11-14 18:30 - 2013-11-14 21:42 - 00015915 _____ C:\WINDOWS\KB2876331.log
2013-11-14 18:23 - 2013-11-14 21:43 - 00017576 _____ C:\WINDOWS\KB2868626.log
2013-11-12 19:13 - 2013-11-12 19:13 - 103974937 _____ C:\WINDOWS\system32\�ᵩƌ
2013-11-10 20:22 - 2013-11-10 20:22 - 103551423 _____ C:\WINDOWS\system32\뒒冒ƌ
2013-11-07 22:57 - 2013-11-10 23:20 - 00000000 ____D C:\Program Files\Common Files\logishrd
2013-10-30 21:32 - 2013-10-30 21:32 - 104193179 _____ C:\WINDOWS\system32\埶磒ƌ
==================== One Month Modified Files and Folders =======
2013-11-27 21:29 - 2013-11-27 21:29 - 00008513 _____ C:\Documents and Settings\Mareike Foerst\Desktop\JRT.txt
2013-11-27 21:23 - 2013-11-27 21:23 - 00000000 ____D C:\WINDOWS\ERUNT
2013-11-27 21:23 - 2012-04-07 09:16 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-11-27 21:21 - 2005-09-15 08:23 - 01684559 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-27 21:16 - 2009-07-01 06:10 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-27 21:16 - 2005-09-15 09:19 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-11-27 21:16 - 2005-09-15 09:19 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-11-27 21:16 - 2005-09-15 08:28 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-27 21:15 - 2006-10-09 22:24 - 00000278 ___SH C:\Documents and Settings\Mareike Foerst\ntuser.ini
2013-11-27 21:15 - 2005-09-15 08:28 - 00032642 _____ C:\WINDOWS\SchedLgU.Txt
2013-11-27 21:14 - 2006-10-09 22:24 - 00000000 ____D C:\Documents and Settings\Mareike Foerst
2013-11-27 21:13 - 2013-11-27 21:13 - 00000000 ____D C:\Hotspot Shield
2013-11-27 21:13 - 2013-11-27 21:11 - 00000000 ____D C:\AdwCleaner
2013-11-27 21:12 - 2009-07-01 06:10 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-27 21:09 - 2013-10-06 19:56 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\Desktop\Die Spielsprachschule
2013-11-27 19:38 - 2005-09-15 07:09 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl
2013-11-25 21:25 - 2007-07-08 21:20 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\Application Data\Skype
2013-11-24 15:46 - 2013-11-24 15:46 - 105952601 _____ C:\WINDOWS\system32\ᔤ自ƌ
2013-11-23 20:58 - 2013-11-23 20:58 - 00000000 ____D C:\FRST
2013-11-23 20:44 - 2007-06-21 00:59 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB935840$
2013-11-23 20:21 - 2013-11-23 20:21 - 00000784 _____ C:\Documents and Settings\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2013-11-23 20:21 - 2013-11-23 20:21 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-11-23 20:21 - 2013-11-23 20:21 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
2013-11-23 20:02 - 2011-11-26 17:12 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2013-11-22 22:28 - 2013-10-20 10:26 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\Desktop\Taufe Fabio
2013-11-22 22:11 - 2012-11-18 20:07 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\My Documents\Bewerbungen Stipendien und Arbeit
2013-11-22 22:10 - 2012-11-18 20:21 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\My Documents\Studium
2013-11-22 21:58 - 2006-10-09 22:49 - 00002479 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Word.lnk
2013-11-22 19:59 - 2005-09-15 08:22 - 00000000 ____D C:\WINDOWS\Registration
2013-11-22 19:31 - 2013-11-22 19:31 - 105757824 _____ C:\WINDOWS\system32\뛞踥ƌ
2013-11-22 10:34 - 2011-12-01 23:16 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2013-11-22 09:43 - 2013-11-22 09:43 - 105626457 _____ C:\WINDOWS\system32\䔜䟣ƌ
2013-11-22 00:23 - 2013-10-23 10:12 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\Desktop\ePortfolio Einfuehrung
2013-11-21 23:16 - 2013-11-21 23:16 - 105611834 _____ C:\WINDOWS\system32\딛ꂒƌ
2013-11-21 10:43 - 2013-11-21 10:43 - 105483598 _____ C:\WINDOWS\system32\黕뿌ƌ
2013-11-21 10:40 - 2012-05-03 05:40 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-20 13:53 - 2007-08-02 21:49 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-19 23:55 - 2010-12-26 02:35 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\Application Data\vlc
2013-11-19 22:25 - 2011-12-24 20:40 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\Application Data\dvdcss
2013-11-19 17:05 - 2013-11-19 17:05 - 105044098 _____ C:\WINDOWS\system32\즏鬾ƌ
2013-11-18 23:21 - 2007-07-08 21:20 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype
2013-11-18 23:16 - 2013-11-18 23:17 - 00069584 ____H C:\WINDOWS\Minidump\Mini111813-01.dmp
2013-11-18 21:12 - 2013-11-18 21:12 - 104986035 _____ C:\WINDOWS\system32\臩ƌ
2013-11-15 15:46 - 2013-11-15 15:46 - 104401821 _____ C:\WINDOWS\system32\忏듨ƌ
2013-11-15 15:26 - 2013-10-24 08:30 - 00001813 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2013-11-14 21:43 - 2013-11-14 21:43 - 00010338 _____ C:\WINDOWS\KB2900986.log
2013-11-14 21:43 - 2013-11-14 21:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2013-11-14 21:43 - 2013-11-14 21:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2013-11-14 21:43 - 2013-11-14 18:23 - 00017576 _____ C:\WINDOWS\KB2868626.log
2013-11-14 21:43 - 2011-01-16 18:19 - 00552466 _____ C:\WINDOWS\setupapi.log
2013-11-14 21:43 - 2005-09-15 09:16 - 03611277 ____C C:\WINDOWS\FaxSetup.log
2013-11-14 21:43 - 2005-09-15 09:16 - 01726856 ____C C:\WINDOWS\ocgen.log
2013-11-14 21:43 - 2005-09-15 09:16 - 01387292 ____C C:\WINDOWS\tsoc.log
2013-11-14 21:43 - 2005-09-15 09:16 - 01011844 ____C C:\WINDOWS\comsetup.log
2013-11-14 21:43 - 2005-09-15 09:16 - 00611372 ____C C:\WINDOWS\ntdtcsetup.log
2013-11-14 21:43 - 2005-09-15 09:16 - 00576211 ____C C:\WINDOWS\iis6.log
2013-11-14 21:43 - 2005-09-15 09:16 - 00180584 ____C C:\WINDOWS\msgsocm.log
2013-11-14 21:43 - 2005-09-15 09:16 - 00166739 ____C C:\WINDOWS\ocmsn.log
2013-11-14 21:43 - 2005-09-15 09:16 - 00001393 _____ C:\WINDOWS\imsins.log
2013-11-14 21:43 - 2005-09-15 09:16 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-11-14 21:43 - 2005-09-15 08:46 - 00561643 ____C C:\WINDOWS\updspapi.log
2013-11-14 21:42 - 2013-11-14 21:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2013-11-14 21:42 - 2013-11-14 21:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2013-11-14 21:42 - 2013-11-14 21:41 - 00012622 _____ C:\WINDOWS\KB2888505-IE8.log
2013-11-14 21:42 - 2013-11-14 18:31 - 00016441 _____ C:\WINDOWS\KB2862152.log
2013-11-14 21:42 - 2013-11-14 18:30 - 00015915 _____ C:\WINDOWS\KB2876331.log
2013-11-14 21:41 - 2011-06-20 20:46 - 00000000 ____D C:\WINDOWS\ie8updates
2013-11-14 21:40 - 2013-07-19 02:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-11-14 21:35 - 2006-10-10 01:01 - 80340640 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-11-12 19:13 - 2013-11-12 19:13 - 103974937 _____ C:\WINDOWS\system32\�ᵩƌ
2013-11-10 23:20 - 2013-11-07 22:57 - 00000000 ____D C:\Program Files\Common Files\logishrd
2013-11-10 23:20 - 2009-03-08 14:23 - 00006477 ____C C:\WINDOWS\system32\lvcoinst.log
2013-11-10 20:22 - 2013-11-10 20:22 - 103551423 _____ C:\WINDOWS\system32\뒒冒ƌ
2013-11-07 22:44 - 2009-12-09 13:17 - 00000000 ___RD C:\Program Files\Skype
2013-11-07 21:38 - 2010-12-25 23:07 - 01088000 ___SH C:\Documents and Settings\Mareike Foerst\Desktop\Thumbs.db
2013-11-07 21:38 - 2006-10-28 23:47 - 00000116 ____C C:\WINDOWS\NeroDigital.ini
2013-10-30 21:32 - 2013-10-30 21:32 - 104193179 _____ C:\WINDOWS\system32\埶磒ƌ
2013-10-28 08:05 - 2005-09-15 09:16 - 00522638 ____C C:\WINDOWS\system32\PerfStringBackup.INI
Some content of TEMP:
====================
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\AskSLib.dll
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\conduitinstaller.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\DelayInst.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\expertpdf_v4_softonic_deu.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ffunzip.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\firefoxjre_exe.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\FreemakeVideoDownloader_3.5.2.4.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\IcqUpdater.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\installhelper.dll
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\installservice.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\install_reader11_de_mssd_aih.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\Install_WLMessenger.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\instmsi.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\instmsiw.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\jre-6u22-windows-i586-iftw-rv.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\jre-6u37-windows-i586-iftw.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\jre-7u21-windows-i586-iftw.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\jre-7u40-windows-i586-iftw.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\setup.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\setup_wm.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\SRAssetsHelper.dll
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\TB_9.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\TFRE8.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\TOBITCLT.DLL
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\unwise.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\vpnclient_setup.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\wlsetup-cvr.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\_isCC.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\_isD4.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================
--- --- --- |
|
28.11.2013, 13:22
| #8 |
| /// the machine /// TB-Ausbilder | Trojaner und Malware auf meinem Laptop! Malwarebytes Anti-Malware hat 733 aufgespuertESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
29.11.2013, 10:41
| #9 |
| | Trojaner und Malware auf meinem Laptop! Malwarebytes Anti-Malware hat 733 aufgespuert Anbei das Logfile von ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=e27d824bfad4594192c0a0a38ba3513b
# engine=16066
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2013-11-28 11:17:17
# local_time=2013-11-29 12:17:17 (+0100, W. Europe Standard Time)
# country="United Kingdom"
# lang=1033
# osver=5.1.2600 NT Service Pack 3
# compatibility_mode=1799 16775165 100 97 379963 156348342 99051 0
# scanned=161242
# found=1
# cleaned=0
# scan_time=12469
sh=67BC1828AD4BE9545C345D684207568984360C23 ft=0 fh=0000000000000000 vn="Win32/LockScreen.AHO trojan" ac=I fn="C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\G5IPMJCJ\main[1]"
Code:
ATTFilter Results of screen317's Security Check version 0.99.76
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Security Center service is not running! This report may not be accurate!
Windows Firewall Enabled!
Avira Free Antivirus
Avira successfully updated!
`````````Anti-malware/Other Utilities Check:`````````
Java 7 Update 40
Java(TM) 6 Update 7
Java version out of Date!
Adobe Flash Player 11.9.900.117
Adobe Reader XI
Mozilla Firefox (25.0.1)
Google Chrome 30.0.1599.101
Google Chrome 31.0.1650.57
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 15% Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-11-2013
Ran by Mareike Foerst (administrator) on YOUR-C36CAA9C21 on 29-11-2013 10:30:25
Running from C:\Documents and Settings\Mareike Foerst\My Documents\Downloads
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Microsoft Corporation) C:\WINDOWS\system32\scardsvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
(Matsushita Electric Industrial Co., Ltd.) C:\WINDOWS\system32\DVDRAMSV.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(TOSHIBA) C:\Program Files\Toshiba\Bluetooth Monitor\BtMon2.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Avira Operations GmbH & Co. KG) C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\SELFUPDATE\update.exe
(Avira Operations GmbH & Co. KG) C:\Documents and Settings\All Users\Application Data\Avira\AntiVir Desktop\TEMP\SELFUPDATE\updrgui.exe
(Oracle Corporation) C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\jre-7u45-windows-i586-iftw.exe
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Farbar) C:\Documents and Settings\Mareike Foerst\My Documents\Downloads\FRST(1).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [Acrobat Assistant 8.0] - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-07] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [FreePDF Assistant] - C:\Program Files\FreePDF_XP\fpassist.exe [373760 2013-03-14] (shbox.de)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKCU\...\RunOnce: [FlashPlayerUpdate] - C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_9_900_117_Plugin.exe -update plugin [829832 2013-10-12] (Adobe Systems Incorporated)
MountPoints2: {c5223fda-f0aa-11de-becb-0016d42a930e} - E:\Menu.exe
HKU\Administrator\...\Run: [TOSCDSPD] - C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe [ 2005-04-11] (TOSHIBA)
HKU\Administrator\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
HKU\Default User\...\Run: [TOSCDSPD] - C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe [ 2005-04-11] (TOSHIBA)
HKU\Default User\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
Lsa: [Notification Packages] scecli scecli
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Monitor.lnk
ShortcutTarget: Bluetooth Monitor.lnk -> C:\Program Files\Toshiba\Bluetooth Monitor\BtMon2.exe (TOSHIBA)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
Toolbar: HKCU - EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} hxxp://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://go.divx.com/plugin/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll No File
ShellExecuteHooks: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll [8462848 2012-06-08] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Content Upload Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Content Uploader\npUpload.dll No File
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF SearchPlugin: C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: AllowClipboard Helper - C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\Extensions\{cda6db95-6aab-414b-803c-40cf34f589b5}
FF Extension: defaults - C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
FF Extension: Adblock Plus - C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Chrome:
=======
CHR Extension: (Google Docs) - C:\DOCUME~1\MAREIK~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\DOCUME~1\MAREIK~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\DOCUME~1\MAREIK~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\DOCUME~1\MAREIK~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Chrome In-App Payments service) - C:\DOCUME~1\MAREIK~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\DOCUME~1\MAREIK~1\LOCALS~1\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [84024 2013-09-07] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-07] (Avira Operations GmbH & Co. KG)
R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528608 2008-08-29] (Cisco Systems, Inc.)
R2 DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [110592 2004-08-28] (Matsushita Electric Industrial Co., Ltd.)
S2 gupdate1c9a61d3b7f1e3e; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-03-16] (Google Inc.)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"
==================== Drivers (Whitelisted) ====================
R3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [2324480 2005-06-20] (Realtek Semiconductor Corp.)
R2 Aspi32; C:\Windows\System32\Drivers\Aspi32.sys [25244 1999-09-10] (Adaptec)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [88840 2013-09-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [136672 2013-09-07] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-04-21] (Avira Operations GmbH & Co. KG)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R2 cnmpar21; C:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Inst2\cnmpar21.sys [15300 2002-02-01] (CANON INC.)
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R3 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [125328 2008-03-29] (Deterministic Networks, Inc.)
S3 HssDrv; C:\Windows\System32\DRIVERS\HssDrv.sys [37376 2012-04-11] (AnchorFree Inc.)
S3 LVUSBSta; C:\Windows\System32\DRIVERS\LVUSBSta.sys [22016 2005-05-27] (Logitech Inc.)
R1 meiudf; C:\Windows\System32\Drivers\meiudf.sys [102384 2005-06-02] (Matsushita Electric Industrial Co.,Ltd.)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R2 Netdevio; C:\Windows\System32\DRIVERS\netdevio.sys [12032 2003-01-29] (TOSHIBA Corporation.)
S3 PID_08A0; C:\Windows\System32\DRIVERS\LV302AV.SYS [913280 2005-05-27] (Logitech Inc.)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2687512 2009-04-30] (Logitech Inc.)
S3 QV2KUX; C:\Windows\System32\DRIVERS\qv2kux.sys [3328 2001-08-17] (Microsoft Corporation)
R3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
S3 SCR3XX2K; C:\Windows\System32\DRIVERS\SCR3XX2K.sys [59776 2012-06-21] (Identive)
R1 SrvcSSIOMngr; C:\Windows\System32\Drivers\SSIoMngr.sys [6400 2004-07-30] (COMPAL ELECTRONIC INC.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-04-21] (Avira GmbH)
S3 STCFUx32; C:\Windows\System32\DRIVERS\STCFUx32.SYS [7680 2011-05-19] (SCM Microsystems Inc.)
R2 STEC3; C:\WINDOWS\system32\STEC3.sys [2368 2009-02-10] (AntiCracking)
R3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2012-03-06] (AnchorFree Inc)
R1 TPwSav; C:\Windows\System32\Drivers\TPwSav.sys [9600 2005-06-03] (TOSHIBA )
R3 Tvs; C:\Windows\System32\DRIVERS\Tvs.sys [30592 2005-07-29] (TOSHIBA Corporation)
S3 vsdatant; C:\WINDOWS\system32\vsdatant.sys [394952 2007-11-14] (Zone Labs, LLC)
R3 w29n51; C:\Windows\System32\DRIVERS\w29n51.sys [3281408 2005-04-30] (Intel® Corporation)
U5 BTHPORT; C:\Windows\System32\Drivers\BTHPORT.sys [272128 2008-06-13] (Microsoft Corporation)
U2 CertPropSvc;
S3 RTL8023xp; system32\DRIVERS\Rtlnicxp.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-11-29 10:29 - 2013-10-08 07:50 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-11-29 10:29 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-11-29 10:29 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-11-29 10:29 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-11-29 10:28 - 2013-11-29 10:29 - 00004113 _____ C:\WINDOWS\system32\jupdate-1.7.0_45-b18.log
2013-11-29 10:07 - 2013-11-29 10:07 - 00007680 ___SH C:\WINDOWS\Thumbs.db
2013-11-27 21:29 - 2013-11-27 21:29 - 00008513 _____ C:\Documents and Settings\Mareike Foerst\Desktop\JRT.txt
2013-11-27 21:23 - 2013-11-27 21:23 - 00000000 ____D C:\WINDOWS\ERUNT
2013-11-27 21:13 - 2013-11-27 21:13 - 00000000 ____D C:\Hotspot Shield
2013-11-27 21:11 - 2013-11-27 21:13 - 00000000 ____D C:\AdwCleaner
2013-11-24 15:46 - 2013-11-24 15:46 - 105952601 _____ C:\WINDOWS\system32\ᔤ自ƌ
2013-11-23 20:58 - 2013-11-23 20:58 - 00000000 ____D C:\FRST
2013-11-23 20:21 - 2013-11-28 20:34 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-11-22 19:31 - 2013-11-22 19:31 - 105757824 _____ C:\WINDOWS\system32\뛞踥ƌ
2013-11-22 09:43 - 2013-11-22 09:43 - 105626457 _____ C:\WINDOWS\system32\䔜䟣ƌ
2013-11-21 23:16 - 2013-11-21 23:16 - 105611834 _____ C:\WINDOWS\system32\딛ꂒƌ
2013-11-21 10:43 - 2013-11-21 10:43 - 105483598 _____ C:\WINDOWS\system32\黕뿌ƌ
2013-11-19 17:05 - 2013-11-19 17:05 - 105044098 _____ C:\WINDOWS\system32\즏鬾ƌ
2013-11-18 23:17 - 2013-11-18 23:16 - 00069584 ____H C:\WINDOWS\Minidump\Mini111813-01.dmp
2013-11-18 21:12 - 2013-11-18 21:12 - 104986035 _____ C:\WINDOWS\system32\臩ƌ
2013-11-15 15:46 - 2013-11-15 15:46 - 104401821 _____ C:\WINDOWS\system32\忏듨ƌ
2013-11-14 21:43 - 2013-11-14 21:43 - 00010338 _____ C:\WINDOWS\KB2900986.log
2013-11-14 21:43 - 2013-11-14 21:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2013-11-14 21:43 - 2013-11-14 21:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2013-11-14 21:42 - 2013-11-14 21:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2013-11-14 21:42 - 2013-11-14 21:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2013-11-14 21:41 - 2013-11-14 21:42 - 00012622 _____ C:\WINDOWS\KB2888505-IE8.log
2013-11-14 18:31 - 2013-11-14 21:42 - 00016441 _____ C:\WINDOWS\KB2862152.log
2013-11-14 18:30 - 2013-11-14 21:42 - 00015915 _____ C:\WINDOWS\KB2876331.log
2013-11-14 18:23 - 2013-11-14 21:43 - 00017576 _____ C:\WINDOWS\KB2868626.log
2013-11-12 19:13 - 2013-11-12 19:13 - 103974937 _____ C:\WINDOWS\system32\�ᵩƌ
2013-11-10 20:22 - 2013-11-10 20:22 - 103551423 _____ C:\WINDOWS\system32\뒒冒ƌ
2013-11-07 22:57 - 2013-11-10 23:20 - 00000000 ____D C:\Program Files\Common Files\logishrd
2013-10-30 21:32 - 2013-10-30 21:32 - 104193179 _____ C:\WINDOWS\system32\埶磒ƌ
==================== One Month Modified Files and Folders =======
2013-11-29 10:29 - 2013-11-29 10:28 - 00004113 _____ C:\WINDOWS\system32\jupdate-1.7.0_45-b18.log
2013-11-29 10:29 - 2005-09-15 08:45 - 00000000 ____D C:\Program Files\Java
2013-11-29 10:23 - 2012-04-07 09:16 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-11-29 10:18 - 2005-09-15 08:23 - 01723780 _____ C:\WINDOWS\WindowsUpdate.log
2013-11-29 10:12 - 2009-07-01 06:10 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-11-29 10:07 - 2013-11-29 10:07 - 00007680 ___SH C:\WINDOWS\Thumbs.db
2013-11-28 20:34 - 2013-11-23 20:21 - 00000000 ____D C:\Program Files\Malwarebytes' Anti-Malware
2013-11-27 23:22 - 2011-11-26 17:12 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2013-11-27 22:01 - 2005-09-15 08:22 - 00000000 ____D C:\WINDOWS\Registration
2013-11-27 21:29 - 2013-11-27 21:29 - 00008513 _____ C:\Documents and Settings\Mareike Foerst\Desktop\JRT.txt
2013-11-27 21:23 - 2013-11-27 21:23 - 00000000 ____D C:\WINDOWS\ERUNT
2013-11-27 21:16 - 2009-07-01 06:10 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-11-27 21:16 - 2005-09-15 09:19 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-11-27 21:16 - 2005-09-15 09:19 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-11-27 21:16 - 2005-09-15 08:28 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-11-27 21:15 - 2006-10-09 22:24 - 00000278 ___SH C:\Documents and Settings\Mareike Foerst\ntuser.ini
2013-11-27 21:15 - 2005-09-15 08:28 - 00032642 _____ C:\WINDOWS\SchedLgU.Txt
2013-11-27 21:14 - 2006-10-09 22:24 - 00000000 ____D C:\Documents and Settings\Mareike Foerst
2013-11-27 21:13 - 2013-11-27 21:13 - 00000000 ____D C:\Hotspot Shield
2013-11-27 21:13 - 2013-11-27 21:11 - 00000000 ____D C:\AdwCleaner
2013-11-27 21:13 - 2010-01-10 21:45 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ICQ
2013-11-27 21:09 - 2013-10-06 19:56 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\Desktop\Die Spielsprachschule
2013-11-27 19:38 - 2005-09-15 07:09 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl
2013-11-25 21:25 - 2007-07-08 21:20 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\Application Data\Skype
2013-11-24 15:46 - 2013-11-24 15:46 - 105952601 _____ C:\WINDOWS\system32\ᔤ自ƌ
2013-11-23 20:58 - 2013-11-23 20:58 - 00000000 ____D C:\FRST
2013-11-23 20:44 - 2007-06-21 00:59 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB935840$
2013-11-22 22:28 - 2013-10-20 10:26 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\Desktop\Taufe Fabio
2013-11-22 22:11 - 2012-11-18 20:07 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\My Documents\Bewerbungen Stipendien und Arbeit
2013-11-22 22:10 - 2012-11-18 20:21 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\My Documents\Studium
2013-11-22 21:58 - 2006-10-09 22:49 - 00002479 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Word.lnk
2013-11-22 19:31 - 2013-11-22 19:31 - 105757824 _____ C:\WINDOWS\system32\뛞踥ƌ
2013-11-22 10:34 - 2011-12-01 23:16 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2013-11-22 09:43 - 2013-11-22 09:43 - 105626457 _____ C:\WINDOWS\system32\䔜䟣ƌ
2013-11-22 00:23 - 2013-10-23 10:12 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\Desktop\ePortfolio Einfuehrung
2013-11-21 23:16 - 2013-11-21 23:16 - 105611834 _____ C:\WINDOWS\system32\딛ꂒƌ
2013-11-21 10:43 - 2013-11-21 10:43 - 105483598 _____ C:\WINDOWS\system32\黕뿌ƌ
2013-11-21 10:40 - 2012-05-03 05:40 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-20 13:53 - 2007-08-02 21:49 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-19 23:55 - 2010-12-26 02:35 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\Application Data\vlc
2013-11-19 22:25 - 2011-12-24 20:40 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\Application Data\dvdcss
2013-11-19 17:05 - 2013-11-19 17:05 - 105044098 _____ C:\WINDOWS\system32\즏鬾ƌ
2013-11-18 23:21 - 2007-07-08 21:20 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype
2013-11-18 23:16 - 2013-11-18 23:17 - 00069584 ____H C:\WINDOWS\Minidump\Mini111813-01.dmp
2013-11-18 21:12 - 2013-11-18 21:12 - 104986035 _____ C:\WINDOWS\system32\臩ƌ
2013-11-15 15:46 - 2013-11-15 15:46 - 104401821 _____ C:\WINDOWS\system32\忏듨ƌ
2013-11-15 15:26 - 2013-10-24 08:30 - 00001813 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2013-11-14 21:43 - 2013-11-14 21:43 - 00010338 _____ C:\WINDOWS\KB2900986.log
2013-11-14 21:43 - 2013-11-14 21:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2013-11-14 21:43 - 2013-11-14 21:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2013-11-14 21:43 - 2013-11-14 18:23 - 00017576 _____ C:\WINDOWS\KB2868626.log
2013-11-14 21:43 - 2011-01-16 18:19 - 00552466 _____ C:\WINDOWS\setupapi.log
2013-11-14 21:43 - 2005-09-15 09:16 - 03611277 ____C C:\WINDOWS\FaxSetup.log
2013-11-14 21:43 - 2005-09-15 09:16 - 01726856 ____C C:\WINDOWS\ocgen.log
2013-11-14 21:43 - 2005-09-15 09:16 - 01387292 ____C C:\WINDOWS\tsoc.log
2013-11-14 21:43 - 2005-09-15 09:16 - 01011844 ____C C:\WINDOWS\comsetup.log
2013-11-14 21:43 - 2005-09-15 09:16 - 00611372 ____C C:\WINDOWS\ntdtcsetup.log
2013-11-14 21:43 - 2005-09-15 09:16 - 00576211 ____C C:\WINDOWS\iis6.log
2013-11-14 21:43 - 2005-09-15 09:16 - 00180584 ____C C:\WINDOWS\msgsocm.log
2013-11-14 21:43 - 2005-09-15 09:16 - 00166739 ____C C:\WINDOWS\ocmsn.log
2013-11-14 21:43 - 2005-09-15 09:16 - 00001393 _____ C:\WINDOWS\imsins.log
2013-11-14 21:43 - 2005-09-15 09:16 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-11-14 21:43 - 2005-09-15 08:46 - 00561643 ____C C:\WINDOWS\updspapi.log
2013-11-14 21:42 - 2013-11-14 21:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2013-11-14 21:42 - 2013-11-14 21:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2013-11-14 21:42 - 2013-11-14 21:41 - 00012622 _____ C:\WINDOWS\KB2888505-IE8.log
2013-11-14 21:42 - 2013-11-14 18:31 - 00016441 _____ C:\WINDOWS\KB2862152.log
2013-11-14 21:42 - 2013-11-14 18:30 - 00015915 _____ C:\WINDOWS\KB2876331.log
2013-11-14 21:41 - 2011-06-20 20:46 - 00000000 ____D C:\WINDOWS\ie8updates
2013-11-14 21:40 - 2013-07-19 02:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-11-14 21:35 - 2006-10-10 01:01 - 80340640 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-11-12 19:13 - 2013-11-12 19:13 - 103974937 _____ C:\WINDOWS\system32\�ᵩƌ
2013-11-10 23:20 - 2013-11-07 22:57 - 00000000 ____D C:\Program Files\Common Files\logishrd
2013-11-10 23:20 - 2009-03-08 14:23 - 00006477 ____C C:\WINDOWS\system32\lvcoinst.log
2013-11-10 20:22 - 2013-11-10 20:22 - 103551423 _____ C:\WINDOWS\system32\뒒冒ƌ
2013-11-07 22:44 - 2009-12-09 13:17 - 00000000 ___RD C:\Program Files\Skype
2013-11-07 21:38 - 2010-12-25 23:07 - 01088000 ___SH C:\Documents and Settings\Mareike Foerst\Desktop\Thumbs.db
2013-11-07 21:38 - 2006-10-28 23:47 - 00000116 ____C C:\WINDOWS\NeroDigital.ini
2013-10-30 21:32 - 2013-10-30 21:32 - 104193179 _____ C:\WINDOWS\system32\埶磒ƌ
Some content of TEMP:
====================
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\AskSLib.dll
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\conduitinstaller.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\DelayInst.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\expertpdf_v4_softonic_deu.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\ffunzip.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\firefoxjre_exe.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\FreemakeVideoDownloader_3.5.2.4.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\IcqUpdater.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\installhelper.dll
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\installservice.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\install_reader11_de_mssd_aih.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\Install_WLMessenger.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\instmsi.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\instmsiw.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\jre-6u22-windows-i586-iftw-rv.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\jre-6u37-windows-i586-iftw.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\jre-7u21-windows-i586-iftw.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\jre-7u40-windows-i586-iftw.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\jre-7u45-windows-i586-iftw.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\setup.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\setup_wm.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\SRAssetsHelper.dll
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\TB_9.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\TFRE8.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\TOBITCLT.DLL
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\unwise.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\vpnclient_setup.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\wlsetup-cvr.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\_isCC.exe
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\_isD4.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================
--- --- --- --- --- --- Ich habe nun alles soweit gemacht. Wie bekomme ich denn nun heraus, ob ich Trojaner, Wurm, Maleware frei bin? Soll ich alles, was ich bis jetzt heruntergeladen habe wieder von meinem Computer runterschmeissen? Koenntest du mir noch einen Tipp bezueglich eines freien Virenprogramms geben? Sonst noch Tipps dazu, wie ich Trojaner etc. vermeide? Ganz liebe Gruesse und danke Mareike P.S.: Ich habe in einem logfile gerade gelesen, dass mein Computer mal wieder defragmentiert werden muesste. Ich weiss, dass das eigentlich nicht das ist, wozu ihr beraet. Dennoch, magst du mir verraten, wie man das macht? |
|
30.11.2013, 13:58
| #10 |
| /// the machine /// TB-Ausbilder | Trojaner und Malware auf meinem Laptop! Malwarebytes Anti-Malware hat 733 aufgespuert Java updaten. Downloade Dir bitte TFC ( von Oldtimer ) und speichere die Datei auf dem Desktop. Schließe nun alle offenen Programme und trenne Dich von dem Internet. Doppelklick auf die TFC.exe und drücke auf Start. Sollte TFC nicht alle Dateien löschen können wird es einen Neustart verlangen. Dies bitte zulassen. Downloade dir bitte  Farbar Service Scanner
Poste bitte den Inhalt hier. Defragmentierung: Verbessern der Leistung durch Defragmentierung der Festplatte rest besprechen wir im Anschluss
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.12.2013, 14:18
| #11 |
| | Trojaner und Malware auf meinem Laptop! Malwarebytes Anti-Malware hat 733 aufgespuert Hallo Schrauber, Java ist nun up to date, TFC habe ich auch drueber laufen lassen und hier nun das logfile vom Farbar Service Scanner: Code:
ATTFilter Farbar Service Scanner Version: 23-11-2013
Ran by Mareike Foerst (administrator) on 01-12-2013 at 14:16:48
Running from "C:\Documents and Settings\Mareike Foerst\My Documents\Downloads"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
Srservice Service is not running. Checking service configuration:
The start type of Srservice service is OK.
The ImagePath of Srservice service is OK.
The ServiceDll of Srservice: "C:\WINDOWS\system32\srsvc.dll".
sr Service is not running. Checking service configuration:
The start type of sr service is set to Disabled. The default start type is Boot.
The ImagePath of sr: "\SystemRoot\system32\DRIVERS\sr.sys".
System Restore Disabled Policy:
========================
Security Center:
============
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is set to Demand. The default start type is Auto.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Other Services:
==============
File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
Extra List:
=======
DNE(9) Gpc(6) HssDrv(10) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x0A0000000400000001000000020000000300000008000000050000000600000007000000090000000A000000
IpSec Tag value is correct.
**** End of log ****
|
|
02.12.2013, 10:29
| #12 |
| /// the machine /// TB-Ausbilder | Trojaner und Malware auf meinem Laptop! Malwarebytes Anti-Malware hat 733 aufgespuert Downloade dir bitte Windows Repair (All In One) von hier.
Danach bitte ein frisches FRST und FSS logfile. Noch Probleme?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.12.2013, 21:10
| #13 |
| | Trojaner und Malware auf meinem Laptop! Malwarebytes Anti-Malware hat 733 aufgespuert Hallo Schrauber, Windows Repair (All in One) hat sich etwas veraendert und es gibt nun mehr Ankreuzmoeglichkeiten. Ich habe aber nur diejenigen angehakt, die hier mit aufgefuehrt sind. Man muss nun zudem noch einfach nur auf Start klicken und danach werden die Anhakoptionen angezeigt. Hier nun das FSS logfile: Code:
ATTFilter Farbar Service Scanner Version: 23-11-2013
Ran by Mareike Foerst (administrator) on 04-12-2013 at 21:02:06
Running from "C:\Documents and Settings\Mareike Foerst\My Documents\Downloads"
Microsoft Windows XP Home Edition Service Pack 3 (X86)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
Srservice Service is not running. Checking service configuration:
The start type of Srservice service is OK.
The ImagePath of Srservice service is OK.
The ServiceDll of Srservice: "C:\WINDOWS\system32\srsvc.dll".
sr Service is not running. Checking service configuration:
The start type of sr service is set to Disabled. The default start type is Boot.
The ImagePath of sr: "\SystemRoot\system32\DRIVERS\sr.sys".
System Restore Disabled Policy:
========================
Security Center:
============
Windows Update:
============
Windows Autoupdate Disabled Policy:
============================
Other Services:
==============
File Check:
========
C:\WINDOWS\system32\dhcpcsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\afd.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\netbt.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\tcpip.sys => MD5 is legit
C:\WINDOWS\system32\Drivers\ipsec.sys => MD5 is legit
C:\WINDOWS\system32\dnsrslvr.dll => MD5 is legit
C:\WINDOWS\system32\ipnathlp.dll => MD5 is legit
C:\WINDOWS\system32\netman.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\srsvc.dll => MD5 is legit
C:\WINDOWS\system32\Drivers\sr.sys => MD5 is legit
C:\WINDOWS\system32\wscsvc.dll => MD5 is legit
C:\WINDOWS\system32\wbem\WMIsvc.dll => MD5 is legit
C:\WINDOWS\system32\wuauserv.dll => MD5 is legit
C:\WINDOWS\system32\qmgr.dll => MD5 is legit
C:\WINDOWS\system32\es.dll => MD5 is legit
C:\WINDOWS\system32\cryptsvc.dll => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
Extra List:
=======
DNE(9) Gpc(6) HssDrv(10) IPSec(4) NetBT(5) PSched(7) Tcpip(3)
0x0A0000000400000001000000020000000300000008000000050000000600000007000000090000000A000000
IpSec Tag value is correct.
**** End of log ****
anbei noch das FRST logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-12-2013 01
Ran by Mareike Foerst (administrator) on YOUR-C36CAA9C21 on 04-12-2013 21:06:13
Running from C:\Documents and Settings\Mareike Foerst\My Documents\Downloads
Microsoft Windows XP Home Edition Service Pack 3 (X86) OS Language: English(US)
Internet Explorer Version 6
Boot Mode: Normal
==================== Processes (Whitelisted) ===================
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
(Cisco Systems, Inc.) C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe
(Matsushita Electric Industrial Co., Ltd.) C:\WINDOWS\system32\DVDRAMSV.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\jqs.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
(Adobe Systems Inc.) C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
(shbox.de) C:\Program Files\FreePDF_XP\fpassist.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(TOSHIBA) C:\Program Files\Toshiba\Bluetooth Monitor\BtMon2.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Farbar) C:\Documents and Settings\Mareike Foerst\My Documents\Downloads\FRST(1).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [Adobe Acrobat Speed Launcher] - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrobat_sl.exe [37232 2008-06-12] (Adobe Systems Incorporated)
HKLM\...\Run: [] - [x]
HKLM\...\Run: [Acrobat Assistant 8.0] - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\acrotray.exe [640376 2008-06-11] (Adobe Systems Inc.)
HKLM\...\Run: [APSDaemon] - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [avgnt] - C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [683576 2013-11-29] (Avira Operations GmbH & Co. KG)
HKLM\...\Run: [QuickTime Task] - C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [FreePDF Assistant] - C:\Program Files\FreePDF_XP\fpassist.exe [373760 2013-03-14] (shbox.de)
HKLM\...\Run: [iTunesHelper] - C:\Program Files\iTunes\iTunesHelper.exe [152392 2013-08-16] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKCU\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
MountPoints2: {c5223fda-f0aa-11de-becb-0016d42a930e} - E:\Menu.exe
HKU\Administrator\...\Run: [TOSCDSPD] - C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe [ 2005-04-11] (TOSHIBA)
HKU\Administrator\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
HKU\Default User\...\Run: [TOSCDSPD] - C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe [ 2005-04-11] (TOSHIBA)
HKU\Default User\...\Run: [MSMSGS] - C:\Program Files\Messenger\msmsgs.exe [ 2008-04-14] (Microsoft Corporation)
Lsa: [Notification Packages] scecli scecli
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Monitor.lnk
ShortcutTarget: Bluetooth Monitor.lnk -> C:\Program Files\Toshiba\Bluetooth Monitor\BtMon2.exe (TOSHIBA)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll No File
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
BHO: SmartSelect Class - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - &Address - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\system32\browseui.dll (Microsoft Corporation)
Toolbar: HKCU - &Links - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\system32\shell32.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
Toolbar: HKCU - EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll (SEIKO EPSON CORPORATION)
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} hxxp://download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} hxxp://go.divx.com/plugin/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: x-sdch - {B1759355-3EEC-4C1E-B0F1-B719FE26E377} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_A8904FB862BD9564.dll No File
ShellExecuteHooks: URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\system32\shell32.dll [8462848 2012-06-08] (Microsoft Corporation)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @divx.com/DivX Content Upload Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Content Uploader\npUpload.dll No File
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll No File
FF SearchPlugin: C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: AllowClipboard Helper - C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\Extensions\{cda6db95-6aab-414b-803c-40cf34f589b5}
FF Extension: defaults - C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
FF Extension: Adblock Plus - C:\Documents and Settings\Mareike Foerst\Application Data\Mozilla\Firefox\Profiles\kdbqmsdu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
Chrome:
=======
CHR Extension: (Google Docs) - C:\Documents and Settings\Mareike Foerst\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Documents and Settings\Mareike Foerst\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Documents and Settings\Mareike Foerst\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Documents and Settings\Mareike Foerst\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Chrome In-App Payments service) - C:\Documents and Settings\Mareike Foerst\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Documents and Settings\Mareike Foerst\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
========================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files\Avira\AntiVir Desktop\sched.exe [440376 2013-11-29] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [440376 2013-11-29] (Avira Operations GmbH & Co. KG)
R2 CVPND; C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe [1528608 2008-08-29] (Cisco Systems, Inc.)
R2 DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [110592 2004-08-28] (Matsushita Electric Industrial Co., Ltd.)
S2 gupdate1c9a61d3b7f1e3e; C:\Program Files\Google\Update\GoogleUpdate.exe [133104 2009-03-16] (Google Inc.)
R2 JavaQuickStarterService; "C:\Program Files\Java\jre7\bin\jqs.exe" -service -config "C:\Program Files\Java\jre7\lib\deploy\jqs\jqs.conf"
==================== Drivers (Whitelisted) ====================
R3 ALCXWDM; C:\Windows\System32\drivers\ALCXWDM.SYS [2324480 2005-06-20] (Realtek Semiconductor Corp.)
R2 Aspi32; C:\Windows\System32\Drivers\Aspi32.sys [25244 1999-09-10] (Adaptec)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [90400 2013-11-29] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [137208 2013-11-29] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [37352 2013-11-29] (Avira Operations GmbH & Co. KG)
S3 CCDECODE; C:\Windows\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R2 cnmpar21; C:\Documents and Settings\All Users\Application Data\CanonBJ\IJPrinter\CNMWINDOWS\Canon iP4200 Installer\Inst2\cnmpar21.sys [15300 2002-02-01] (CANON INC.)
S3 CVirtA; C:\Windows\System32\DRIVERS\CVirtA.sys [5275 2007-01-18] (Cisco Systems, Inc.)
R3 DNE; C:\Windows\System32\DRIVERS\dne2000.sys [125328 2008-03-29] (Deterministic Networks, Inc.)
S3 HssDrv; C:\Windows\System32\DRIVERS\HssDrv.sys [37376 2012-04-11] (AnchorFree Inc.)
S3 LVUSBSta; C:\Windows\System32\DRIVERS\LVUSBSta.sys [22016 2005-05-27] (Logitech Inc.)
R1 meiudf; C:\Windows\System32\Drivers\meiudf.sys [102384 2005-06-02] (Matsushita Electric Industrial Co.,Ltd.)
S3 NdisIP; C:\Windows\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R2 Netdevio; C:\Windows\System32\DRIVERS\netdevio.sys [12032 2003-01-29] (TOSHIBA Corporation.)
S3 PID_08A0; C:\Windows\System32\DRIVERS\LV302AV.SYS [913280 2005-05-27] (Logitech Inc.)
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2687512 2009-04-30] (Logitech Inc.)
S3 QV2KUX; C:\Windows\System32\DRIVERS\qv2kux.sys [3328 2001-08-17] (Microsoft Corporation)
R3 rtl8139; C:\Windows\System32\DRIVERS\RTL8139.SYS [20992 2004-08-03] (Realtek Semiconductor Corporation)
S3 SCR3XX2K; C:\Windows\System32\DRIVERS\SCR3XX2K.sys [59776 2012-06-21] (Identive)
R1 SrvcSSIOMngr; C:\Windows\System32\Drivers\SSIoMngr.sys [6400 2004-07-30] (COMPAL ELECTRONIC INC.)
R1 ssmdrv; C:\Windows\System32\DRIVERS\ssmdrv.sys [28520 2013-04-21] (Avira GmbH)
S3 STCFUx32; C:\Windows\System32\DRIVERS\STCFUx32.SYS [7680 2011-05-19] (SCM Microsystems Inc.)
R2 STEC3; C:\WINDOWS\system32\STEC3.sys [2368 2009-02-10] (AntiCracking)
R3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2012-03-06] (AnchorFree Inc)
R1 TPwSav; C:\Windows\System32\Drivers\TPwSav.sys [9600 2005-06-03] (TOSHIBA )
R3 Tvs; C:\Windows\System32\DRIVERS\Tvs.sys [30592 2005-07-29] (TOSHIBA Corporation)
S3 vsdatant; C:\WINDOWS\system32\vsdatant.sys [394952 2007-11-14] (Zone Labs, LLC)
R3 w29n51; C:\Windows\System32\DRIVERS\w29n51.sys [3281408 2005-04-30] (Intel® Corporation)
U5 BTHPORT; C:\Windows\System32\Drivers\BTHPORT.sys [272128 2008-06-13] (Microsoft Corporation)
U2 CertPropSvc;
S3 RTL8023xp; system32\DRIVERS\Rtlnicxp.sys [x]
U5 ScsiPort; C:\Windows\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-04 01:11 - 2013-12-04 01:11 - 00003758 _____ C:\WINDOWS\bitssetup.log
2013-12-04 01:03 - 2013-12-04 01:03 - 00000000 ____D C:\Documents and Settings\LocalService\Start Menu\Programs\Accessories
2013-12-03 22:17 - 2013-12-04 01:12 - 00181064 _____ (Sysinternals) C:\WINDOWS\PSEXESVC.EXE
2013-12-03 19:45 - 2013-12-03 19:45 - 00000000 ____D C:\Program Files\Tweaking.com
2013-12-03 19:45 - 2013-12-03 19:45 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Tweaking.com
2013-12-03 00:20 - 2008-04-14 01:12 - 00116224 ____C (Xerox) C:\WINDOWS\system32\dllcache\xrxwiadr.dll
2013-12-03 00:20 - 2008-04-14 01:12 - 00018944 ____C () C:\WINDOWS\system32\dllcache\xrxscnui.dll
2013-12-03 00:20 - 2001-08-17 22:37 - 00027648 ____C () C:\WINDOWS\system32\dllcache\xrxftplt.exe
2013-12-03 00:20 - 2001-08-17 22:36 - 00023040 ____C (Xerox Corporation) C:\WINDOWS\system32\dllcache\xrxwbtmp.dll
2013-12-03 00:19 - 2008-04-14 01:12 - 00008192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wshirda.dll
2013-12-03 00:19 - 2008-04-13 19:36 - 00008832 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wmiacpi.sys
2013-12-03 00:19 - 2004-08-03 22:29 - 00019455 ____C (Intel(R) Corporation) C:\WINDOWS\system32\dllcache\wvchntxx.sys
2013-12-03 00:19 - 2004-08-03 22:29 - 00012063 ____C (Intel(R) Corporation) C:\WINDOWS\system32\dllcache\wsiintxx.sys
2013-12-03 00:19 - 2001-08-17 22:37 - 00099865 ____C (Eicon Technology) C:\WINDOWS\system32\dllcache\xlog.exe
2013-12-03 00:19 - 2001-08-17 22:37 - 00004608 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\xrxflnch.exe
2013-12-03 00:19 - 2001-08-17 12:11 - 00016970 ____C (US Robotics MCD (Megahertz)) C:\WINDOWS\system32\dllcache\xem336n5.sys
2013-12-03 00:18 - 2004-08-04 13:00 - 00041600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\weitekp9.dll
2013-12-03 00:18 - 2004-08-04 13:00 - 00031232 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\weitekp9.sys
2013-12-03 00:18 - 2004-08-03 22:31 - 00154624 ____C (Lucent Technologies) C:\WINDOWS\system32\dllcache\wlluc48.sys
2013-12-03 00:18 - 2004-08-03 22:29 - 00023615 ____C (Intel(R) Corporation) C:\WINDOWS\system32\dllcache\wch7xxnt.sys
2013-12-03 00:18 - 2001-08-17 22:36 - 00087040 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wiafbdrv.dll
2013-12-03 00:18 - 2001-08-17 22:36 - 00053760 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wiamsmud.dll
2013-12-03 00:18 - 2001-08-17 13:28 - 00771581 ____C (Rockwell) C:\WINDOWS\system32\dllcache\winacisa.sys
2013-12-03 00:18 - 2001-08-17 13:28 - 00701386 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\wdhaalba.sys
2013-12-03 00:18 - 2001-08-17 12:12 - 00034890 ____C (Raytheon Corp.) C:\WINDOWS\system32\dllcache\wlandrv2.sys
2013-12-03 00:17 - 2008-04-13 19:45 - 00031744 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\wceusbsh.sys
2013-12-03 00:17 - 2004-08-04 13:00 - 00048256 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\w32.dll
2013-12-03 00:17 - 2004-08-03 22:29 - 00033599 ____C (Intel(R) Corporation) C:\WINDOWS\system32\dllcache\watv04nt.sys
2013-12-03 00:17 - 2004-08-03 22:29 - 00029311 ____C (Intel(R) Corporation) C:\WINDOWS\system32\dllcache\watv01nt.sys
2013-12-03 00:17 - 2004-08-03 22:29 - 00019551 ____C (Intel(R) Corporation) C:\WINDOWS\system32\dllcache\watv02nt.sys
2013-12-03 00:17 - 2004-08-03 22:29 - 00012415 ____C (Intel(R) Corporation) C:\WINDOWS\system32\dllcache\wadv01nt.sys
2013-12-03 00:17 - 2004-08-03 22:29 - 00012127 ____C (Intel(R) Corporation) C:\WINDOWS\system32\dllcache\wadv02nt.sys
2013-12-03 00:17 - 2004-08-03 22:29 - 00011775 ____C (Intel(R) Corporation) C:\WINDOWS\system32\dllcache\wadv05nt.sys
2013-12-03 00:17 - 2001-08-17 12:13 - 00019528 ____C (Winbond Electronics Corporation) C:\WINDOWS\system32\dllcache\w840nd.sys
2013-12-03 00:17 - 2001-08-17 12:13 - 00019016 ____C (Winbond Electronics Corporation) C:\WINDOWS\system32\dllcache\w926nd.sys
2013-12-03 00:17 - 2001-08-17 12:13 - 00016925 ____C (Winbond Electronics Corporation) C:\WINDOWS\system32\dllcache\w940nd.sys
2013-12-03 00:17 - 2001-08-17 12:10 - 00035871 ____C (Winbond Electronics Corp.) C:\WINDOWS\system32\dllcache\wbfirdma.sys
2013-12-03 00:16 - 2008-04-13 19:40 - 00005376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\viaide.sys
2013-12-03 00:16 - 2001-08-17 13:49 - 00024576 ____C (VIA Technologies, Inc.) C:\WINDOWS\system32\dllcache\viairda.sys
2013-12-03 00:16 - 2001-08-17 13:28 - 00604253 ____C (PCTEL, INC.) C:\WINDOWS\system32\dllcache\vmodem.sys
2013-12-03 00:16 - 2001-08-17 13:28 - 00397502 ____C (PCtel, Inc.) C:\WINDOWS\system32\dllcache\vpctcom.sys
2013-12-03 00:16 - 2001-08-17 13:28 - 00064605 ____C (PCtel, Inc.) C:\WINDOWS\system32\dllcache\vvoice.sys
2013-12-03 00:16 - 2001-08-17 12:14 - 00249402 ____C (Xircom) C:\WINDOWS\system32\dllcache\vinwm.sys
2013-12-03 00:15 - 2001-08-17 13:28 - 00794399 ____C (U.S. Robotics, Inc.) C:\WINDOWS\system32\dllcache\usr1806v.sys
2013-12-03 00:15 - 2001-08-17 13:28 - 00765884 ____C (U.S. Robotics, Inc.) C:\WINDOWS\system32\dllcache\usrti.sys
2013-12-03 00:15 - 2001-08-17 13:28 - 00687999 ____C (U.S. Robotics Corporation) C:\WINDOWS\system32\dllcache\usrwdxjs.sys
2013-12-03 00:15 - 2001-08-17 13:28 - 00224802 ____C (U.S. Robotics Corporation) C:\WINDOWS\system32\dllcache\usr1807a.sys
2013-12-03 00:15 - 2001-08-17 13:28 - 00113762 ____C (U.S. Robotics Corporation) C:\WINDOWS\system32\dllcache\usrpda.sys
2013-12-03 00:15 - 2001-08-17 13:28 - 00007556 ____C (U.S. Robotics Corporation) C:\WINDOWS\system32\dllcache\usroslba.sys
2013-12-03 00:14 - 2008-04-13 19:45 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbser.sys
2013-12-03 00:14 - 2008-04-13 19:45 - 00017152 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\usbohci.sys
2013-12-03 00:14 - 2004-08-03 22:31 - 00032384 ____C (KLSI USA, Inc.) C:\WINDOWS\system32\dllcache\usb101et.sys
2013-12-03 00:14 - 2001-08-17 22:36 - 00094720 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\umaxud32.dll
2013-12-03 00:14 - 2001-08-17 22:36 - 00069632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\umaxu12.dll
2013-12-03 00:14 - 2001-08-17 22:36 - 00028160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\umaxu40.dll
2013-12-03 00:14 - 2001-08-17 22:36 - 00026624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\umaxu22.dll
2013-12-03 00:14 - 2001-08-17 13:28 - 00794654 ____C (U.S. Robotics, Inc.) C:\WINDOWS\system32\dllcache\usr1801.sys
2013-12-03 00:14 - 2001-08-17 13:28 - 00793598 ____C (U.S. Robotics, Inc.) C:\WINDOWS\system32\dllcache\usr1806.sys
2013-12-03 00:13 - 2001-08-17 22:36 - 00216064 ____C (UMAX Data Systems Inc.) C:\WINDOWS\system32\dllcache\um34scan.dll
2013-12-03 00:13 - 2001-08-17 22:36 - 00211968 ____C (UMAX Data Systems Inc.) C:\WINDOWS\system32\dllcache\um54scan.dll
2013-12-03 00:13 - 2001-08-17 22:36 - 00050688 ____C (UMAX DATA SYSTEMS INC.) C:\WINDOWS\system32\dllcache\umaxscan.dll
2013-12-03 00:13 - 2001-08-17 22:36 - 00050176 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\umaxp60.dll
2013-12-03 00:13 - 2001-08-17 22:36 - 00047616 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\umaxcam.dll
2013-12-03 00:13 - 2001-08-17 13:58 - 00022912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\umaxpcls.sys
2013-12-03 00:12 - 2004-08-04 13:00 - 00014336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tsprof.exe
2013-12-03 00:12 - 2001-08-17 22:36 - 00525568 ____C (Trident Microsystems Inc.) C:\WINDOWS\system32\dllcache\tridxp.dll
2013-12-03 00:12 - 2001-08-17 14:56 - 00440576 ____C (Trident Microsystems Inc.) C:\WINDOWS\system32\dllcache\tridkb.dll
2013-12-03 00:12 - 2001-08-17 13:52 - 00036736 ____C (Promise Technology, Inc.) C:\WINDOWS\system32\dllcache\ultra.sys
2013-12-03 00:12 - 2001-08-17 13:48 - 00011520 ____C (IBM Corporation) C:\WINDOWS\system32\dllcache\twotrack.sys
2013-12-03 00:12 - 2001-08-17 12:51 - 00166784 ____C (Trident Microsystems Inc.) C:\WINDOWS\system32\dllcache\tridxpm.sys
2013-12-03 00:12 - 2001-08-17 12:51 - 00159232 ____C (Trident Microsystems Inc.) C:\WINDOWS\system32\dllcache\tridkbm.sys
2013-12-03 00:11 - 2008-04-14 01:12 - 00082944 ____C (IBM Corporation) C:\WINDOWS\system32\dllcache\tp4mon.exe
2013-12-03 00:11 - 2001-08-17 22:36 - 00031744 ____C (IBM Corporation) C:\WINDOWS\system32\dllcache\tp4.dll
2013-12-03 00:11 - 2001-08-17 22:35 - 00042496 ____C (IBM Corporation) C:\WINDOWS\system32\dllcache\tp4res.dll
2013-12-03 00:11 - 2001-08-17 14:56 - 00315520 ____C (Trident Microsystems Inc.) C:\WINDOWS\system32\dllcache\trid3d.dll
2013-12-03 00:11 - 2001-08-17 13:51 - 00004992 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\toside.sys
2013-12-03 00:11 - 2001-08-17 12:51 - 00222336 ____C (Trident Microsystems Inc.) C:\WINDOWS\system32\dllcache\trid3dm.sys
2013-12-03 00:11 - 2001-08-17 12:12 - 00034375 ____C (Intel Corporation) C:\WINDOWS\system32\dllcache\tpro4.sys
2013-12-03 00:10 - 2008-04-13 19:40 - 00149376 ____C (M-Systems) C:\WINDOWS\system32\dllcache\tffsport.sys
2013-12-03 00:10 - 2004-08-04 13:00 - 00019464 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tdspx.sys
2013-12-03 00:10 - 2001-08-17 14:56 - 00081408 ____C (Trident Microsystems Inc.) C:\WINDOWS\system32\dllcache\tgiul50.dll
2013-12-03 00:10 - 2001-08-17 14:02 - 00230912 ____C (Toshiba Corporation) C:\WINDOWS\system32\dllcache\tosdvd03.sys
2013-12-03 00:10 - 2001-08-17 14:01 - 00241664 ____C (Toshiba Corporation) C:\WINDOWS\system32\dllcache\tosdvd02.sys
2013-12-03 00:10 - 2001-08-17 12:51 - 00138528 ____C (Trident Microsystems Inc.) C:\WINDOWS\system32\dllcache\tgiulnt5.sys
2013-12-03 00:10 - 2001-08-17 12:14 - 00123995 ____C (Tiger Jet Network) C:\WINDOWS\system32\dllcache\tjisdn.sys
2013-12-03 00:10 - 2001-08-17 12:10 - 00028232 ____C (TOSHIBA Corporation) C:\WINDOWS\system32\dllcache\tos4mo.sys
2013-12-03 00:09 - 2004-08-04 13:00 - 00021896 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tdipx.sys
2013-12-03 00:09 - 2004-08-04 13:00 - 00013192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tdasync.sys
2013-12-03 00:09 - 2001-08-17 14:56 - 00172768 ____C (Number Nine Visual Technology) C:\WINDOWS\system32\dllcache\t2r4disp.dll
2013-12-03 00:09 - 2001-08-17 13:52 - 00007040 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\tandqic.sys
2013-12-03 00:09 - 2001-08-17 13:49 - 00030464 ____C (Toshiba Corporation) C:\WINDOWS\system32\dllcache\tbatm155.sys
2013-12-03 00:09 - 2001-08-17 12:50 - 00036640 ____C (Number Nine Visual Technology Corp.) C:\WINDOWS\system32\dllcache\t2r4mini.sys
2013-12-03 00:09 - 2001-08-17 12:13 - 00037961 ____C (TDK Corporation) C:\WINDOWS\system32\dllcache\tdk100b.sys
2013-12-03 00:09 - 2001-08-17 12:13 - 00017129 ____C (TDK Corporation) C:\WINDOWS\system32\dllcache\tdkcd31.sys
2013-12-03 00:08 - 2001-08-17 22:36 - 00094293 ____C (Perle Systems Ltd. ) C:\WINDOWS\system32\dllcache\sxports.dll
2013-12-03 00:08 - 2001-08-17 14:07 - 00032640 ____C (LSI Logic) C:\WINDOWS\system32\dllcache\symc8xx.sys
2013-12-03 00:08 - 2001-08-17 14:07 - 00030688 ____C (LSI Logic) C:\WINDOWS\system32\dllcache\sym_u3.sys
2013-12-03 00:08 - 2001-08-17 14:07 - 00028384 ____C (LSI Logic) C:\WINDOWS\system32\dllcache\sym_hi.sys
2013-12-03 00:08 - 2001-08-17 14:07 - 00016256 ____C (Symbios Logic Inc.) C:\WINDOWS\system32\dllcache\symc810.sys
2013-12-03 00:08 - 2001-08-17 14:02 - 00003968 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\swusbflt.sys
2013-12-03 00:08 - 2001-08-17 13:50 - 00103936 ____C (Perle Systems Ltd. ) C:\WINDOWS\system32\dllcache\sx.sys
2013-12-03 00:07 - 2001-08-17 22:36 - 00155648 ____C (Stallion Technologies) C:\WINDOWS\system32\dllcache\stlnprop.dll
2013-12-03 00:07 - 2001-08-17 22:36 - 00053760 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sw_wheel.dll
2013-12-03 00:07 - 2001-08-17 22:36 - 00053248 ____C (Stallion Technologies) C:\WINDOWS\system32\dllcache\stlncoin.dll
2013-12-03 00:07 - 2001-08-17 22:36 - 00041472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sw_effct.dll
2013-12-03 00:07 - 2001-08-17 22:36 - 00010240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\swpidflt.dll
2013-12-03 00:07 - 2001-08-17 22:36 - 00010240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\swpdflt2.dll
2013-12-03 00:07 - 2001-08-17 12:18 - 00285760 ____C (Stallion Technologies) C:\WINDOWS\system32\dllcache\stlnata.sys
2013-12-03 00:06 - 2004-08-04 13:00 - 00101376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\srusbusd.dll
2013-12-03 00:06 - 2001-08-17 22:36 - 00106584 ____C (Perle Systems Ltd.) C:\WINDOWS\system32\dllcache\spdports.dll
2013-12-03 00:06 - 2001-08-17 22:36 - 00099328 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\srusd.dll
2013-12-03 00:06 - 2001-08-17 22:36 - 00024660 ____C (Perle Systems Ltd.) C:\WINDOWS\system32\dllcache\spxupchk.dll
2013-12-03 00:06 - 2001-08-17 14:07 - 00019072 ____C (Adaptec, Inc.) C:\WINDOWS\system32\dllcache\sparrow.sys
2013-12-03 00:06 - 2001-08-17 13:51 - 00061824 ____C (Perle Systems Ltd.) C:\WINDOWS\system32\dllcache\speed.sys
2013-12-03 00:06 - 2001-08-17 13:51 - 00016896 ____C (SCM Microsystems, Inc.) C:\WINDOWS\system32\dllcache\stcusb.sys
2013-12-03 00:06 - 2001-08-17 12:11 - 00048736 ____C (3Com) C:\WINDOWS\system32\dllcache\srwlnd5.sys
2013-12-03 00:05 - 2008-04-13 19:40 - 00007552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sonyait.sys
2013-12-03 00:05 - 2004-08-04 13:00 - 00010240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snmpstup.dll
2013-12-03 00:05 - 2001-08-17 22:36 - 00114688 ____C (Sony Corporation) C:\WINDOWS\system32\dllcache\sonypi.dll
2013-12-03 00:05 - 2001-08-17 22:36 - 00012288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_smtpctrs.dll
2013-12-03 00:05 - 2001-08-17 22:36 - 00007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_snprfdll.dll
2013-12-03 00:05 - 2001-08-17 13:56 - 00007552 ____C (Sony Corporation) C:\WINDOWS\system32\dllcache\sonypvu1.sys
2013-12-03 00:05 - 2001-08-17 13:53 - 00009600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sonymc.sys
2013-12-03 00:05 - 2001-08-17 13:53 - 00007040 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\snyaitmc.sys
2013-12-03 00:05 - 2001-08-17 12:51 - 00037040 ____C (Sony Corporation) C:\WINDOWS\system32\dllcache\sonypi.sys
2013-12-03 00:05 - 2001-08-17 12:51 - 00020752 ____C (Sony Corporation) C:\WINDOWS\system32\dllcache\sonync.sys
2013-12-03 00:04 - 2008-04-13 19:36 - 00016000 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smbbatt.sys
2013-12-03 00:04 - 2008-04-13 19:36 - 00006912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smbclass.sys
2013-12-03 00:04 - 2004-08-04 13:00 - 00031744 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smb6w.dll
2013-12-03 00:04 - 2004-08-04 13:00 - 00015872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smierrsm.dll
2013-12-03 00:04 - 2004-08-04 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smimsgif.dll
2013-12-03 00:04 - 2004-08-04 13:00 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smierrsy.dll
2013-12-03 00:04 - 2001-08-17 14:56 - 00147200 ____C (Silicon Motion Inc.) C:\WINDOWS\system32\dllcache\smidispb.dll
2013-12-03 00:04 - 2001-08-17 13:57 - 00006784 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smbhc.sys
2013-12-03 00:04 - 2001-08-17 12:51 - 00058368 ____C (Silicon Motion Inc.) C:\WINDOWS\system32\dllcache\smiminib.sys
2013-12-03 00:04 - 2001-08-17 12:12 - 00025034 ____C (SMC Networks, Inc.) C:\WINDOWS\system32\dllcache\smcpwr2n.sys
2013-12-03 00:04 - 2001-08-17 12:12 - 00024576 ____C (SMC Networks, Inc.) C:\WINDOWS\system32\dllcache\smc8000n.sys
2013-12-03 00:04 - 2001-08-17 12:10 - 00035913 ____C (SMC) C:\WINDOWS\system32\dllcache\smcirda.sys
2013-12-03 00:03 - 2004-08-04 13:00 - 00038912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm9aw.dll
2013-12-03 00:03 - 2004-08-04 13:00 - 00031744 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sma3w.dll
2013-12-03 00:03 - 2004-08-04 13:00 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm87w.dll
2013-12-03 00:03 - 2004-08-04 13:00 - 00030208 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm81w.dll
2013-12-03 00:03 - 2004-08-04 13:00 - 00029184 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm8cw.dll
2013-12-03 00:03 - 2004-08-04 13:00 - 00026624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm93w.dll
2013-12-03 00:03 - 2004-08-04 13:00 - 00026624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm92w.dll
2013-12-03 00:03 - 2004-08-04 13:00 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm90w.dll
2013-12-03 00:03 - 2004-08-04 13:00 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm8dw.dll
2013-12-03 00:03 - 2004-08-04 13:00 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm8aw.dll
2013-12-03 00:03 - 2004-08-04 13:00 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm89w.dll
2013-12-03 00:03 - 2004-08-04 13:00 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm59w.dll
2013-12-03 00:03 - 2004-08-03 22:31 - 00063547 ____C (Symbol Technologies) C:\WINDOWS\system32\dllcache\sla30nd5.sys
2013-12-03 00:03 - 2001-08-17 22:36 - 00045568 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smb3w.dll
2013-12-03 00:03 - 2001-08-17 22:36 - 00033792 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\smb0w.dll
2013-12-03 00:03 - 2001-08-17 22:36 - 00028672 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sma0w.dll
2013-12-03 00:03 - 2001-08-17 22:36 - 00028160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sm91w.dll
2013-12-03 00:03 - 2001-08-17 12:12 - 00094698 ____C (SysKonnect GmbH.) C:\WINDOWS\system32\dllcache\sk98xwin.sys
2013-12-03 00:03 - 2001-08-17 12:12 - 00091294 ____C (SysKonnect, a business unit of Schneider & Koch & Co. Datensysteme GmbH.) C:\WINDOWS\system32\dllcache\skfpwin.sys
2013-12-03 00:02 - 2004-08-03 22:31 - 00032768 ____C (SiS Corporation) C:\WINDOWS\system32\dllcache\sisnic.sys
2013-12-03 00:02 - 2001-08-17 22:36 - 00238592 ____C (Silicon Integrated Systems Corporation) C:\WINDOWS\system32\dllcache\sisgrv.dll
2013-12-03 00:02 - 2001-08-17 14:56 - 00252032 ____C (Silicon Integrated Systems Corporation) C:\WINDOWS\system32\dllcache\sis300iv.dll
2013-12-03 00:02 - 2001-08-17 14:56 - 00157696 ____C (Silicon Integrated Systems Corporation) C:\WINDOWS\system32\dllcache\sisv256.dll
2013-12-03 00:02 - 2001-08-17 14:56 - 00150144 ____C (Silicon Integrated Systems Corporation) C:\WINDOWS\system32\dllcache\sis6306v.dll
2013-12-03 00:02 - 2001-08-17 12:50 - 00104064 ____C (Silicon Integrated Systems Corporation) C:\WINDOWS\system32\dllcache\sisgrp.sys
2013-12-03 00:02 - 2001-08-17 12:50 - 00068608 ____C (Silicon Integrated Systems Corporation) C:\WINDOWS\system32\dllcache\sis6306p.sys
2013-12-03 00:02 - 2001-08-17 12:50 - 00050432 ____C (Silicon Integrated Systems Corporation) C:\WINDOWS\system32\dllcache\sisv.sys
2013-12-03 00:01 - 2004-08-04 13:00 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\simptcp.dll
2013-12-03 00:01 - 2001-08-17 22:36 - 00386560 ____C (Trident Microsystems Inc.) C:\WINDOWS\system32\dllcache\sgiul50.dll
2013-12-03 00:01 - 2001-08-17 12:51 - 00098080 ____C (Trident Microsystems Inc.) C:\WINDOWS\system32\dllcache\sgiulnt5.sys
2013-12-03 00:01 - 2001-08-17 12:50 - 00101760 ____C (Silicon Integrated Systems Corporation) C:\WINDOWS\system32\dllcache\sis300ip.sys
2013-12-03 00:01 - 2001-08-17 12:19 - 00036480 ____C (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\sfmanm.sys
2013-12-03 00:01 - 2001-07-21 14:29 - 00161568 ____C (Micro Systemation) C:\WINDOWS\system32\dllcache\sgsmusb.sys
2013-12-03 00:01 - 2001-07-21 14:29 - 00018400 ____C (Micro Systemation) C:\WINDOWS\system32\dllcache\sgsmld.sys
2013-12-03 00:00 - 2008-04-13 19:45 - 00011520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\scsiscan.sys
2013-12-03 00:00 - 2001-08-17 22:36 - 00057856 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_scripto.dll
2013-12-03 00:00 - 2001-08-17 22:36 - 00026112 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_seos.dll
2013-12-03 00:00 - 2001-08-17 13:53 - 00006912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\seaddsmc.sys
2013-12-03 00:00 - 2001-08-17 13:53 - 00006784 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\serscan.sys
2013-12-03 00:00 - 2001-08-17 13:52 - 00011648 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\scsiprnt.sys
2013-12-03 00:00 - 2001-08-17 13:51 - 00017280 ____C (SCM Microsystems) C:\WINDOWS\system32\dllcache\scr111.sys
2013-12-03 00:00 - 2001-08-17 13:51 - 00016640 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\scmstcs.sys
2013-12-03 00:00 - 2001-08-17 13:48 - 00017664 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sermouse.sys
2013-12-02 23:59 - 2008-04-13 19:40 - 00043904 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\sbp2port.sys
2013-12-02 23:59 - 2001-08-17 22:36 - 00495616 ____C (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\sblfx.dll
2013-12-02 23:59 - 2001-08-17 14:56 - 00245632 ____C (S3 Graphics, Inc.) C:\WINDOWS\system32\dllcache\s3savmx.dll
2013-12-02 23:59 - 2001-08-17 14:56 - 00198400 ____C (S3 Incorporated) C:\WINDOWS\system32\dllcache\s3sav4.dll
2013-12-02 23:59 - 2001-08-17 13:51 - 00023936 ____C (OMNIKEY AG) C:\WINDOWS\system32\dllcache\sccmusbm.sys
2013-12-02 23:59 - 2001-08-17 13:51 - 00023936 ____C (OMNIKEY AG) C:\WINDOWS\system32\dllcache\sccmn50m.sys
2013-12-02 23:59 - 2001-08-17 12:50 - 00077824 ____C (S3 Incorporated) C:\WINDOWS\system32\dllcache\s3sav4m.sys
2013-12-02 23:59 - 2001-08-17 12:50 - 00075392 ____C (S3 Graphics, Inc.) C:\WINDOWS\system32\dllcache\s3savmxm.sys
2013-12-02 23:58 - 2001-08-17 22:36 - 00062496 ____C (S3 Incorporated) C:\WINDOWS\system32\dllcache\s3mtrio.dll
2013-12-02 23:58 - 2001-08-17 14:56 - 00210496 ____C (S3 Incorporated) C:\WINDOWS\system32\dllcache\s3mvirge.dll
2013-12-02 23:58 - 2001-08-17 14:56 - 00182272 ____C (S3 Incorporated) C:\WINDOWS\system32\dllcache\s3mt3d.dll
2013-12-02 23:58 - 2001-08-17 14:56 - 00179264 ____C (S3 Incorporated) C:\WINDOWS\system32\dllcache\s3sav3d.dll
2013-12-02 23:58 - 2001-08-17 13:57 - 00065664 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\s3legacy.sys
2013-12-02 23:58 - 2001-08-17 12:50 - 00166720 ____C (S3 Incorporated) C:\WINDOWS\system32\dllcache\s3m.sys
2013-12-02 23:58 - 2001-08-17 12:50 - 00061504 ____C (S3 Incorporated) C:\WINDOWS\system32\dllcache\s3sav3dm.sys
2013-12-02 23:58 - 2001-08-17 12:50 - 00041216 ____C (S3 Incorporated) C:\WINDOWS\system32\dllcache\s3mt3d.sys
2013-12-02 23:57 - 2008-04-14 01:12 - 00029696 ____C (Ricoh Co., Ltd.) C:\WINDOWS\system32\dllcache\rw450ext.dll
2013-12-02 23:57 - 2008-04-14 01:12 - 00027648 ____C (Ricoh Co., Ltd.) C:\WINDOWS\system32\dllcache\rw430ext.dll
2013-12-02 23:57 - 2004-08-04 13:00 - 00079872 ____C (Ricoh Co., Ltd.) C:\WINDOWS\system32\dllcache\rwia330.dll
2013-12-02 23:57 - 2004-08-04 13:00 - 00079872 ____C (Ricoh Co., Ltd.) C:\WINDOWS\system32\dllcache\rwia001.dll
2013-12-02 23:57 - 2001-08-17 22:36 - 00082432 ____C (Ricoh Co., Ltd.) C:\WINDOWS\system32\dllcache\rwia450.dll
2013-12-02 23:57 - 2001-08-17 22:36 - 00079872 ____C (Ricoh Co., Ltd.) C:\WINDOWS\system32\dllcache\rwia430.dll
2013-12-02 23:57 - 2001-08-17 22:36 - 00009216 ____C (Brother Industries, Ltd.) C:\WINDOWS\system32\dllcache\rsmgrstr.dll
2013-12-02 23:57 - 2001-08-17 12:19 - 00030720 ____C (Conexant Systems Inc.) C:\WINDOWS\system32\dllcache\rthwcls.sys
2013-12-02 23:57 - 2001-08-17 12:19 - 00003840 ____C (Conexant Systems Inc.) C:\WINDOWS\system32\dllcache\rpfun.sys
2013-12-02 23:57 - 2001-08-17 12:12 - 00019017 ____C (Realtek Semiconductor Corporation) C:\WINDOWS\system32\dllcache\rtl8029.sys
2013-12-02 23:56 - 2008-04-13 19:40 - 00079104 ____C (Comtrol Corporation) C:\WINDOWS\system32\dllcache\rocket.sys
2013-12-02 23:56 - 2004-08-04 13:00 - 00016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\quser.exe
2013-12-02 23:56 - 2004-08-04 13:00 - 00014848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\register.exe
2013-12-02 23:56 - 2001-08-17 22:36 - 00086097 ____C (Xircom) C:\WINDOWS\system32\dllcache\reslog32.dll
2013-12-02 23:56 - 2001-08-17 22:36 - 00041472 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\qvusd.dll
2013-12-02 23:56 - 2001-08-17 22:36 - 00023040 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_regtrace.exe
2013-12-02 23:56 - 2001-08-17 13:51 - 00019584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\rasirda.sys
2013-12-02 23:56 - 2001-08-17 13:28 - 00899146 ____C (Xircom, Inc.) C:\WINDOWS\system32\dllcache\r2mdkxga.sys
2013-12-02 23:56 - 2001-08-17 13:28 - 00714762 ____C (Xircom, Inc.) C:\WINDOWS\system32\dllcache\r2mdmkxx.sys
2013-12-02 23:56 - 2001-08-17 12:12 - 00037563 ____C (RadioLAN) C:\WINDOWS\system32\dllcache\rlnet5.sys
2013-12-02 23:55 - 2008-04-13 19:40 - 00006016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\qic157.sys
2013-12-02 23:55 - 2004-08-04 13:00 - 00009728 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\query.exe
2013-12-02 23:55 - 2001-08-17 13:52 - 00049024 ____C (QLogic Corporation) C:\WINDOWS\system32\dllcache\ql1280.sys
2013-12-02 23:55 - 2001-08-17 13:52 - 00045312 ____C (QLogic Corporation) C:\WINDOWS\system32\dllcache\ql12160.sys
2013-12-02 23:55 - 2001-08-17 13:52 - 00040448 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ql1240.sys
2013-12-02 23:55 - 2001-08-17 13:52 - 00040320 ____C (QLogic Corporation) C:\WINDOWS\system32\dllcache\ql1080.sys
2013-12-02 23:55 - 2001-08-17 13:52 - 00033152 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ql10wnt.sys
2013-12-02 23:55 - 2001-08-17 13:28 - 00130942 ____C (PCTEL, INC.) C:\WINDOWS\system32\dllcache\ptserlv.sys
2013-12-02 23:54 - 2008-04-14 01:12 - 00363520 ____C C:\WINDOWS\system32\dllcache\psisdecd.dll
2013-12-02 23:54 - 2008-04-14 01:12 - 00159232 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ptpusd.dll
2013-12-02 23:54 - 2008-04-14 01:12 - 00033280 ____C C:\WINDOWS\system32\dllcache\psisrndr.ax
2013-12-02 23:54 - 2008-04-13 19:41 - 00017664 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ppa3.sys
2013-12-02 23:54 - 2008-04-13 19:40 - 00008832 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\powerfil.sys
2013-12-02 23:54 - 2001-08-17 22:36 - 00035328 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\psisload.dll
2013-12-02 23:54 - 2001-08-17 22:36 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ptpusb.dll
2013-12-02 23:54 - 2001-08-17 13:53 - 00017792 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ppa.sys
2013-12-02 23:54 - 2001-08-17 13:51 - 00016128 ____C (SCM Microsystems, Inc.) C:\WINDOWS\system32\dllcache\pscr.sys
2013-12-02 23:54 - 2001-08-17 13:28 - 00128286 ____C (PCTEL, INC.) C:\WINDOWS\system32\dllcache\ptserli.sys
2013-12-02 23:54 - 2001-08-17 13:28 - 00112574 ____C (PCTEL, INC.) C:\WINDOWS\system32\dllcache\ptserlp.sys
2013-12-02 23:53 - 2004-08-04 13:00 - 00131584 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pmxviceo.dll
2013-12-02 23:53 - 2004-08-04 13:00 - 00011264 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pmxmcro.dll
2013-12-02 23:53 - 2004-08-04 13:00 - 00006144 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pmxgl.dll
2013-12-02 23:53 - 2001-08-17 22:36 - 00121344 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\phvfwext.dll
2013-12-02 23:53 - 2001-08-17 22:36 - 00016384 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\philcam1.dll
2013-12-02 23:53 - 2001-08-17 14:07 - 00019840 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\philtune.sys
2013-12-02 23:53 - 2001-08-17 14:04 - 00173696 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\philcam2.sys
2013-12-02 23:53 - 2001-08-17 14:04 - 00092416 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\phildec.sys
2013-12-02 23:53 - 2001-08-17 14:04 - 00075776 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\philcam1.sys
2013-12-02 23:53 - 2001-08-17 13:53 - 00007168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\pnrmc.sys
2013-12-02 23:52 - 2008-04-14 01:10 - 00259328 ____C (Microsoft Corp., 3Dlabs Inc. Ltd.) C:\WINDOWS\system32\dllcache\perm3dd.dll
2013-12-02 23:52 - 2008-04-14 01:10 - 00211584 ____C (Microsoft Corp., 3Dlabs Inc. Ltd.) C:\WINDOWS\system32\dllcache\perm2dll.dll
2013-12-02 23:52 - 2008-04-13 19:44 - 00028032 ____C (Microsoft Corp., 3Dlabs Inc. Ltd.) C:\WINDOWS\system32\dllcache\perm3.sys
2013-12-02 23:52 - 2008-04-13 19:44 - 00027904 ____C (Microsoft Corp., 3Dlabs Inc. Ltd.) C:\WINDOWS\system32\dllcache\perm2.sys
2013-12-02 23:52 - 2004-08-03 22:06 - 00169984 ____C (Cisco Systems) C:\WINDOWS\system32\dllcache\pcx500.sys
2013-12-02 23:52 - 2001-08-17 22:37 - 00105984 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\phdsext.ax
2013-12-02 23:52 - 2001-08-17 22:36 - 00086016 ____C (PCtel, Inc.) C:\WINDOWS\system32\dllcache\pctspk.exe
2013-12-02 23:52 - 2001-08-17 14:07 - 00027296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\perc2.sys
2013-12-02 23:52 - 2001-08-17 14:07 - 00005504 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\perc2hib.sys
2013-12-02 23:52 - 2001-08-17 12:11 - 00035328 ____C (AMD Inc.) C:\WINDOWS\system32\dllcache\pcntpci5.sys
2013-12-02 23:52 - 2001-08-17 12:11 - 00029769 ____C (AMD Inc.) C:\WINDOWS\system32\dllcache\pcntn5m.sys
2013-12-02 23:51 - 2004-08-03 22:31 - 00029502 ____C (Marconi Communications, Inc.) C:\WINDOWS\system32\dllcache\pca200e.sys
2013-12-02 23:51 - 2001-08-17 22:36 - 00044544 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ovui2.dll
2013-12-02 23:51 - 2001-08-17 22:36 - 00041984 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ovui2rc.dll
2013-12-02 23:51 - 2001-08-17 22:36 - 00039424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ovcoms.exe
2013-12-02 23:51 - 2001-08-17 14:05 - 00025216 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ovsound2.sys
2013-12-02 23:51 - 2001-08-17 12:12 - 00030495 ____C (Linksys) C:\WINDOWS\system32\dllcache\pc100nds.sys
2013-12-02 23:51 - 2001-08-17 12:12 - 00026153 ____C (Linksys) C:\WINDOWS\system32\dllcache\pcmlm56.sys
2013-12-02 23:51 - 2001-08-17 12:11 - 00030282 ____C (AMD Inc.) C:\WINDOWS\system32\dllcache\pcntn5hl.sys
2013-12-02 23:50 - 2001-08-17 22:36 - 00116736 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ovcodec2.dll
2013-12-02 23:50 - 2001-08-17 22:36 - 00020480 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ovcomc.dll
2013-12-02 23:50 - 2001-08-17 14:05 - 00351616 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ovcodek2.sys
2013-12-02 23:50 - 2001-08-17 14:05 - 00048000 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ovcam2.sys
2013-12-02 23:50 - 2001-08-17 14:05 - 00031872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ovce.sys
2013-12-02 23:50 - 2001-08-17 14:05 - 00028032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ovcd.sys
2013-12-02 23:50 - 2001-08-17 14:05 - 00025088 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ovca.sys
2013-12-02 23:50 - 2001-08-17 13:28 - 00054186 ____C (Ositech Communications, Inc.) C:\WINDOWS\system32\dllcache\otcsercb.sys
2013-12-02 23:49 - 2001-08-17 22:36 - 00123776 ____C (NVIDIA Corporation) C:\WINDOWS\system32\dllcache\nv3.dll
2013-12-02 23:49 - 2001-08-17 22:36 - 00038912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_ntfsdrv.dll
2013-12-02 23:49 - 2001-08-17 12:50 - 00198144 ____C (NVIDIA Corporation) C:\WINDOWS\system32\dllcache\nv3.sys
2013-12-02 23:49 - 2001-08-17 12:49 - 00051552 ____C (Kensington Technology Group) C:\WINDOWS\system32\dllcache\ntgrip.sys
2013-12-02 23:49 - 2001-08-17 12:20 - 00054528 ____C (Yamaha Corp.) C:\WINDOWS\system32\dllcache\opl3sax.sys
2013-12-02 23:49 - 2001-08-17 12:12 - 00043689 ____C (Ositech Communications, Inc.) C:\WINDOWS\system32\dllcache\otceth5.sys
2013-12-02 23:49 - 2001-08-17 12:12 - 00027209 ____C (Ositech Communications, Inc.) C:\WINDOWS\system32\dllcache\otc06x5.sys
2013-12-02 23:48 - 2008-04-13 19:54 - 00028672 ____C (National Semiconductor Corporation) C:\WINDOWS\system32\dllcache\nscirda.sys
2013-12-02 23:48 - 2004-08-03 22:31 - 00132695 ____C (802.11b) C:\WINDOWS\system32\dllcache\netwlan5.sys
2013-12-02 23:48 - 2001-08-17 13:53 - 00007552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\nsmmc.sys
2013-12-02 23:48 - 2001-08-17 13:47 - 00009344 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ntapm.sys
2013-12-02 23:48 - 2001-08-17 12:50 - 00039264 ____C (NeoMagic Corporation) C:\WINDOWS\system32\dllcache\neo20xx.sys
2013-12-02 23:48 - 2001-08-17 12:20 - 00126080 ____C (NeoMagic Corporation) C:\WINDOWS\system32\dllcache\nm5a2wdm.sys
2013-12-02 23:48 - 2001-08-17 12:20 - 00087040 ____C (NeoMagic Corporation) C:\WINDOWS\system32\dllcache\nm6wdm.sys
2013-12-02 23:48 - 2001-08-17 12:12 - 00032840 ____C (NETGEAR Corporation.) C:\WINDOWS\system32\dllcache\ngrpci.sys
2013-12-02 23:48 - 2001-08-17 12:11 - 00065278 ____C (Compaq Computer Corporation) C:\WINDOWS\system32\dllcache\netflx3.sys
2013-12-02 23:47 - 2001-08-17 22:36 - 00060480 ____C (NeoMagic Corporation) C:\WINDOWS\system32\dllcache\neo20xx.dll
2013-12-02 23:47 - 2001-08-17 22:36 - 00059104 ____C (Number Nine Visual Technology Corp.) C:\WINDOWS\system32\dllcache\n9i128v2.dll
2013-12-02 23:47 - 2001-08-17 14:56 - 00091488 ____C (Number Nine Visual Technology Corp.) C:\WINDOWS\system32\dllcache\n9i3disp.dll
2013-12-02 23:47 - 2001-08-17 14:56 - 00035392 ____C (Number Nine Visual Technology Corp.) C:\WINDOWS\system32\dllcache\n9i128.dll
2013-12-02 23:47 - 2001-08-17 13:49 - 00015872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ne2000.sys
2013-12-02 23:47 - 2001-08-17 12:50 - 00033088 ____C (Number Nine Visual Technology Corp.) C:\WINDOWS\system32\dllcache\n9i128v2.sys
2013-12-02 23:47 - 2001-08-17 12:50 - 00027936 ____C (Number Nine Visual Technology Corp.) C:\WINDOWS\system32\dllcache\n9i3d.sys
2013-12-02 23:47 - 2001-08-17 12:50 - 00013664 ____C (Number Nine Visual Technology Corp.) C:\WINDOWS\system32\dllcache\n9i128.sys
2013-12-02 23:46 - 2001-08-17 22:36 - 00019968 ____C (Moxa Technologies Co., Ltd) C:\WINDOWS\system32\dllcache\mxicfg.dll
2013-12-02 23:46 - 2001-08-17 22:36 - 00007168 ____C (Moxa Technologies Co., Ltd) C:\WINDOWS\system32\dllcache\mxport.dll
2013-12-02 23:46 - 2001-08-17 13:50 - 00075520 ____C (Moxa Technologies Co., Ltd.) C:\WINDOWS\system32\dllcache\mxport.sys
2013-12-02 23:46 - 2001-08-17 13:50 - 00021888 ____C (Moxa Technologies Co., Ltd.) C:\WINDOWS\system32\dllcache\mxcard.sys
2013-12-02 23:46 - 2001-08-17 13:49 - 00019968 ____C (Macronix International Co., Ltd. ) C:\WINDOWS\system32\dllcache\mxnic.sys
2013-12-02 23:46 - 2001-08-17 12:50 - 00103296 ____C (Matrox Graphics Inc) C:\WINDOWS\system32\dllcache\mtxvideo.sys
2013-12-02 23:46 - 2001-08-17 12:11 - 00128000 ____C (Compaq Computer Corporation) C:\WINDOWS\system32\dllcache\n100325.sys
2013-12-02 23:46 - 2001-08-17 12:11 - 00052255 ____C (Compaq Computer Corporation) C:\WINDOWS\system32\dllcache\n1000nt5.sys
2013-12-02 23:45 - 2008-04-14 01:12 - 00056832 ____C C:\WINDOWS\system32\dllcache\msdvbnp.ax
2013-12-02 23:45 - 2008-04-13 19:54 - 00022016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msircomm.sys
2013-12-02 23:45 - 2008-04-13 19:46 - 00051200 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msdv.sys
2013-12-02 23:45 - 2008-04-13 19:46 - 00049024 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mstape.sys
2013-12-02 23:45 - 2001-08-17 14:02 - 00035200 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msgame.sys
2013-12-02 23:45 - 2001-08-17 14:00 - 00002944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msmpu401.sys
2013-12-02 23:45 - 2001-08-17 13:48 - 00012416 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msriffwv.sys
2013-12-02 23:45 - 2001-08-17 13:48 - 00006016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\msfsio.sys
2013-12-02 23:44 - 2008-04-13 19:46 - 00015232 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mpe.sys
2013-12-02 23:44 - 2008-04-13 19:41 - 00026112 ____C (Sony Corporation) C:\WINDOWS\system32\dllcache\memstpci.sys
2013-12-02 23:44 - 2004-08-04 13:00 - 00092416 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mga.sys
2013-12-02 23:44 - 2004-08-04 13:00 - 00092032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mga.dll
2013-12-02 23:44 - 2004-08-04 13:00 - 00034304 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\migisol.exe
2013-12-02 23:44 - 2001-08-17 22:36 - 00047616 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\memgrp.dll
2013-12-02 23:44 - 2001-08-17 14:56 - 00235648 ____C (Matrox Graphics Inc.) C:\WINDOWS\system32\dllcache\mgaud.dll
2013-12-02 23:44 - 2001-08-17 13:57 - 00016128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\modemcsa.sys
2013-12-02 23:44 - 2001-08-17 13:52 - 00017280 ____C (American Megatrends Inc.) C:\WINDOWS\system32\dllcache\mraid35x.sys
2013-12-02 23:44 - 2001-08-17 13:52 - 00006528 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\miniqic.sys
2013-12-02 23:44 - 2001-08-17 12:50 - 00320384 ____C (Matrox Graphics Inc.) C:\WINDOWS\system32\dllcache\mgaum.sys
2013-12-02 23:43 - 2004-08-03 22:39 - 00020864 ____C (Logitech Inc.) C:\WINDOWS\system32\dllcache\lwadihid.sys
2013-12-02 23:43 - 2001-08-17 22:36 - 00065536 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_mailmsg.dll
2013-12-02 23:43 - 2001-08-17 22:36 - 00058880 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\m3092dc.dll
2013-12-02 23:43 - 2001-08-17 22:36 - 00058368 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\m3091dc.dll
2013-12-02 23:43 - 2001-08-17 13:58 - 00008320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\memcard.sys
2013-12-02 23:43 - 2001-08-17 13:52 - 00007424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\mammoth.sys
2013-12-02 23:43 - 2001-08-17 12:49 - 00022848 ____C (Logitech Inc.) C:\WINDOWS\system32\dllcache\lwusbhid.sys
2013-12-02 23:43 - 2001-08-17 12:19 - 00048768 ____C (ESS Technology, Inc.) C:\WINDOWS\system32\dllcache\maestro.sys
2013-12-02 23:43 - 2001-08-17 12:12 - 00164586 ____C (Madge Networks Ltd) C:\WINDOWS\system32\dllcache\mdgndis5.sys
2013-12-02 23:42 - 2008-04-13 19:40 - 00007040 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ltotape.sys
2013-12-02 23:42 - 2004-08-03 22:41 - 00606684 ____C (LT) C:\WINDOWS\system32\dllcache\ltmdmnt.sys
2013-12-02 23:42 - 2004-08-03 22:41 - 00420992 ____C (LT) C:\WINDOWS\system32\dllcache\ltmdmntt.sys
2013-12-02 23:42 - 2001-08-17 13:53 - 00004992 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\loop.sys
2013-12-02 23:42 - 2001-08-17 13:28 - 00802683 ____C (Lucent Technologies) C:\WINDOWS\system32\dllcache\ltsm.sys
2013-12-02 23:42 - 2001-08-17 13:28 - 00797500 ____C (LT) C:\WINDOWS\system32\dllcache\ltsmt.sys
2013-12-02 23:42 - 2001-08-17 13:28 - 00727786 ____C (Xircom, Inc.) C:\WINDOWS\system32\dllcache\ltck000c.sys
2013-12-02 23:42 - 2001-08-17 13:28 - 00576746 ____C (LT) C:\WINDOWS\system32\dllcache\ltmdmntl.sys
2013-12-02 23:42 - 2001-08-17 12:12 - 00070730 ____C (Linksys Group, Inc.) C:\WINDOWS\system32\dllcache\lne100tx.sys
2013-12-02 23:42 - 2001-08-17 12:12 - 00020573 ____C (The Linksts Group ) C:\WINDOWS\system32\dllcache\lne100.sys
2013-12-02 23:42 - 2001-08-17 12:11 - 00025065 ____C (D-Link) C:\WINDOWS\system32\dllcache\lmndis3.sys
2013-12-02 23:41 - 2008-04-14 01:11 - 00253952 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kdsusd.dll
2013-12-02 23:41 - 2008-04-14 01:11 - 00048640 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kdsui.dll
2013-12-02 23:41 - 2008-04-14 01:11 - 00028160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irmon.dll
2013-12-02 23:41 - 2008-04-13 19:40 - 00034688 ____C (Toshiba Corp.) C:\WINDOWS\system32\dllcache\lbrtfdc.sys
2013-12-02 23:41 - 2008-04-13 19:39 - 00014592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kbdhid.sys
2013-12-02 23:41 - 2004-08-04 13:00 - 00018432 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\jupiw.dll
2013-12-02 23:41 - 2001-08-17 22:36 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\kousd.dll
2013-12-02 23:41 - 2001-08-17 13:51 - 00018688 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irsir.sys
2013-12-02 23:41 - 2001-08-17 13:51 - 00015744 ____C (Litronic Industries) C:\WINDOWS\system32\dllcache\lit220p.sys
2013-12-02 23:41 - 2001-08-17 13:49 - 00026624 ____C (SigmaTel, Inc.) C:\WINDOWS\system32\dllcache\irstusb.sys
2013-12-02 23:41 - 2001-08-17 12:12 - 00026442 ____C (SMSC) C:\WINDOWS\system32\dllcache\lanepic5.sys
2013-12-02 23:41 - 2001-08-17 12:12 - 00019016 ____C (Kingston Technology Company ) C:\WINDOWS\system32\dllcache\ktc111.sys
2013-12-02 23:40 - 2008-04-14 01:12 - 00151552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irftp.exe
2013-12-02 23:40 - 2008-04-13 19:54 - 00088192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\irda.sys
2013-12-02 23:40 - 2001-08-17 22:36 - 00372824 ____C (Xircom) C:\WINDOWS\system32\dllcache\iconf32.dll
2013-12-02 23:40 - 2001-08-17 22:36 - 00090200 ____C (Perle Systems Ltd. ) C:\WINDOWS\system32\dllcache\io8ports.dll
2013-12-02 23:40 - 2001-08-17 13:52 - 00016000 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ini910u.sys
2013-12-02 23:40 - 2001-08-17 13:50 - 00038784 ____C (Perle Systems Ltd. ) C:\WINDOWS\system32\dllcache\io8.sys
2013-12-02 23:40 - 2001-08-17 13:49 - 00023552 ____C (MKNet Corporation) C:\WINDOWS\system32\dllcache\irmk7.sys
2013-12-02 23:40 - 2001-08-17 13:47 - 00013056 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\inport.sys
2013-12-02 23:40 - 2001-08-17 12:12 - 00045632 ____C (Interphase (R) Corporation a Windows (R) 2000 DDK Driver Provider) C:\WINDOWS\system32\dllcache\ip5515.sys
2013-12-02 23:39 - 2001-08-17 22:36 - 00091136 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icam4com.dll
2013-12-02 23:39 - 2001-08-17 22:36 - 00061952 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icam4ext.dll
2013-12-02 23:39 - 2001-08-17 22:36 - 00045056 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icam5com.dll
2013-12-02 23:39 - 2001-08-17 22:36 - 00026624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icam3ext.dll
2013-12-02 23:39 - 2001-08-17 22:36 - 00020480 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icam5ext.dll
2013-12-02 23:39 - 2001-08-17 14:06 - 00154496 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icam4usb.sys
2013-12-02 23:39 - 2001-08-17 14:06 - 00100992 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icam5usb.sys
2013-12-02 23:39 - 2001-08-17 14:06 - 00038528 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ibmvcap.sys
2013-12-02 23:39 - 2001-08-17 14:05 - 00141056 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\icam3.sys
2013-12-02 23:38 - 2008-04-14 01:11 - 00702845 ____C (Intel(R) Corporation) C:\WINDOWS\system32\dllcache\i81xdnt5.dll
2013-12-02 23:38 - 2008-04-13 19:41 - 00018560 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\i2omp.sys
2013-12-02 23:38 - 2008-04-13 19:41 - 00008576 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\i2omgmt.sys
2013-12-02 23:38 - 2004-08-03 22:29 - 00161020 ____C (Intel(R) Corporation) C:\WINDOWS\system32\dllcache\i81xnt5.sys
2013-12-02 23:38 - 2001-08-17 22:34 - 00009216 ____C (IBM Corporation) C:\WINDOWS\system32\dllcache\ibmsgnet.dll
2013-12-02 23:38 - 2001-08-17 14:56 - 00353184 ____C (Intel Corporation) C:\WINDOWS\system32\dllcache\i740dnt5.dll
2013-12-02 23:38 - 2001-08-17 13:28 - 00488383 ____C (Conexant) C:\WINDOWS\system32\dllcache\hsf_v124.sys
2013-12-02 23:38 - 2001-08-17 12:49 - 00058592 ____C (Intel Corporation) C:\WINDOWS\system32\dllcache\i740nt5.sys
2013-12-02 23:38 - 2001-08-17 12:12 - 00109085 ____C (IBM Corporation) C:\WINDOWS\system32\dllcache\ibmtrp.sys
2013-12-02 23:38 - 2001-08-17 12:12 - 00100936 ____C (IBM Corporation) C:\WINDOWS\system32\dllcache\ibmtok.sys
2013-12-02 23:38 - 2001-08-17 12:11 - 00028700 ____C (IBM Corp.) C:\WINDOWS\system32\dllcache\ibmexmp.sys
2013-12-02 23:37 - 2001-08-17 22:36 - 00009759 ____C (Conexant) C:\WINDOWS\system32\dllcache\hsf_inst.dll
2013-12-02 23:37 - 2001-08-17 13:28 - 00542879 ____C (Conexant) C:\WINDOWS\system32\dllcache\hsf_msft.sys
2013-12-02 23:37 - 2001-08-17 13:28 - 00391199 ____C (Conexant) C:\WINDOWS\system32\dllcache\hsf_k56k.sys
2013-12-02 23:37 - 2001-08-17 13:28 - 00199711 ____C (Conexant) C:\WINDOWS\system32\dllcache\hsf_faxx.sys
2013-12-02 23:37 - 2001-08-17 13:28 - 00115807 ____C (Conexant) C:\WINDOWS\system32\dllcache\hsf_fsks.sys
2013-12-02 23:37 - 2001-08-17 13:28 - 00073279 ____C (Conexant) C:\WINDOWS\system32\dllcache\hsf_spkp.sys
2013-12-02 23:37 - 2001-08-17 13:28 - 00057471 ____C (Conexant) C:\WINDOWS\system32\dllcache\hsf_samp.sys
2013-12-02 23:37 - 2001-08-17 13:28 - 00050751 ____C (Conexant) C:\WINDOWS\system32\dllcache\hsf_tone.sys
2013-12-02 23:37 - 2001-08-17 13:28 - 00044863 ____C (Conexant) C:\WINDOWS\system32\dllcache\hsf_soar.sys
2013-12-02 23:36 - 2001-08-17 22:36 - 00324608 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hpojwia.dll
2013-12-02 23:36 - 2001-08-17 22:36 - 00068608 ____C (Avisioin) C:\WINDOWS\system32\dllcache\hpgt53tk.dll
2013-12-02 23:36 - 2001-08-17 22:36 - 00032768 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hpgtmcro.dll
2013-12-02 23:36 - 2001-08-17 22:36 - 00019456 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hr1w.dll
2013-12-02 23:36 - 2001-08-17 22:36 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hpsjmcro.dll
2013-12-02 23:36 - 2001-08-17 14:07 - 00025952 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hpn.sys
2013-12-02 23:36 - 2001-08-17 13:52 - 00005760 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hpt4qic.sys
2013-12-02 23:36 - 2001-08-17 13:28 - 00289887 ____C (Conexant) C:\WINDOWS\system32\dllcache\hsf_fall.sys
2013-12-02 23:36 - 2001-08-17 13:28 - 00150239 ____C (Conexant) C:\WINDOWS\system32\dllcache\hsf_amos.sys
2013-12-02 23:36 - 2001-08-17 13:28 - 00067167 ____C (Conexant) C:\WINDOWS\system32\dllcache\hsf_bsc2.sys
2013-12-02 23:35 - 2001-08-17 22:36 - 00165888 ____C () C:\WINDOWS\system32\dllcache\hpgt53.dll
2013-12-02 23:35 - 2001-08-17 22:36 - 00126976 ____C (Hewlett Packard) C:\WINDOWS\system32\dllcache\hpgt34tk.dll
2013-12-02 23:35 - 2001-08-17 22:36 - 00123392 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hpgt21tk.dll
2013-12-02 23:35 - 2001-08-17 22:36 - 00119296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hpdigwia.dll
2013-12-02 23:35 - 2001-08-17 22:36 - 00101376 ____C () C:\WINDOWS\system32\dllcache\hpgt34.dll
2013-12-02 23:35 - 2001-08-17 22:36 - 00093696 ____C () C:\WINDOWS\system32\dllcache\hpgt42.dll
2013-12-02 23:35 - 2001-08-17 22:36 - 00089088 ____C () C:\WINDOWS\system32\dllcache\hpgt33.dll
2013-12-02 23:35 - 2001-08-17 22:36 - 00083968 ____C () C:\WINDOWS\system32\dllcache\hpgt21.dll
2013-12-02 23:35 - 2001-08-17 22:36 - 00048128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hpgt33tk.dll
2013-12-02 23:35 - 2001-08-17 22:36 - 00031232 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hpgt42tk.dll
2013-12-02 23:34 - 2008-04-14 01:11 - 00021504 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidserv.dll
2013-12-02 23:34 - 2008-04-13 19:45 - 00059136 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\gckernel.sys
2013-12-02 23:34 - 2008-04-13 19:45 - 00010624 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\gameenum.sys
2013-12-02 23:34 - 2008-04-13 19:40 - 00028288 ____C (Gemplus) C:\WINDOWS\system32\dllcache\grserial.sys
2013-12-02 23:34 - 2008-04-13 19:36 - 00020352 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidbatt.sys
2013-12-02 23:34 - 2001-08-17 14:56 - 01733120 ____C (Matrox Graphics Inc.) C:\WINDOWS\system32\dllcache\g400d.dll
2013-12-02 23:34 - 2001-08-17 14:56 - 00470144 ____C (Matrox Graphics Inc.) C:\WINDOWS\system32\dllcache\g200d.dll
2013-12-02 23:34 - 2001-08-17 14:02 - 00008576 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidgame.sys
2013-12-02 23:34 - 2001-08-17 14:02 - 00002688 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\hidswvd.sys
2013-12-02 23:34 - 2001-08-17 13:51 - 00082304 ____C (Gemplus) C:\WINDOWS\system32\dllcache\grclass.sys
2013-12-02 23:34 - 2001-08-17 13:51 - 00017408 ____C (Gemplus) C:\WINDOWS\system32\dllcache\gpr400.sys
2013-12-02 23:34 - 2001-08-17 13:28 - 00907456 ____C (Conexant) C:\WINDOWS\system32\dllcache\hcf_msft.sys
2013-12-02 23:34 - 2001-08-17 12:49 - 00322432 ____C (Matrox Graphics Inc.) C:\WINDOWS\system32\dllcache\g400m.sys
2013-12-02 23:34 - 2001-08-17 12:49 - 00320384 ____C (Matrox Graphics Inc.) C:\WINDOWS\system32\dllcache\g200m.sys
2013-12-02 23:33 - 2004-08-04 13:00 - 00132608 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsclntr.dll
2013-12-02 23:33 - 2004-08-04 13:00 - 00111104 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxscfgwz.dll
2013-12-02 23:33 - 2004-08-04 13:00 - 00031744 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxsroute.dll
2013-12-02 23:33 - 2004-08-04 13:00 - 00014848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\flattemp.exe
2013-12-02 23:33 - 2004-08-04 13:00 - 00011264 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fxssend.exe
2013-12-02 23:33 - 2004-08-03 22:31 - 00034173 ____C (Marconi Communications, Inc.) C:\WINDOWS\system32\dllcache\forehe.sys
2013-12-02 23:33 - 2001-08-17 22:36 - 00092160 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fuusd.dll
2013-12-02 23:33 - 2001-08-17 22:36 - 00071680 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\fnfilter.dll
2013-12-02 23:33 - 2001-08-17 12:15 - 00455680 ____C (AVM GmbH) C:\WINDOWS\system32\dllcache\fus2base.sys
2013-12-02 23:33 - 2001-08-17 12:15 - 00455296 ____C (AVM GmbH) C:\WINDOWS\system32\dllcache\fusbbase.sys
2013-12-02 23:33 - 2001-08-17 12:15 - 00454912 ____C (AVM GmbH) C:\WINDOWS\system32\dllcache\fxusbase.sys
2013-12-02 23:33 - 2001-08-17 12:15 - 00442240 ____C (AVM GmbH) C:\WINDOWS\system32\dllcache\fpnpbase.sys
2013-12-02 23:33 - 2001-08-17 12:14 - 00444416 ____C (AVM GmbH) C:\WINDOWS\system32\dllcache\fpcibase.sys
2013-12-02 23:33 - 2001-08-17 12:14 - 00441728 ____C (AVM GmbH) C:\WINDOWS\system32\dllcache\fpcmbase.sys
2013-12-02 23:32 - 2004-08-04 13:00 - 00045056 ____C (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esunid.dll
2013-12-02 23:32 - 2004-08-04 13:00 - 00025856 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\et4000.sys
2013-12-02 23:32 - 2001-08-17 22:36 - 00045568 ____C (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esunib.dll
2013-12-02 23:32 - 2001-08-17 22:36 - 00045568 ____C (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esuni.dll
2013-12-02 23:32 - 2001-08-17 22:36 - 00043520 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_fcachdll.dll
2013-12-02 23:32 - 2001-08-17 13:52 - 00007040 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\exabyte2.sys
2013-12-02 23:32 - 2001-08-17 12:13 - 00027165 ____C (VIA Technologies, Inc. ) C:\WINDOWS\system32\dllcache\fetnd5.sys
2013-12-02 23:32 - 2001-08-17 12:12 - 00024618 ____C (NETGEAR) C:\WINDOWS\system32\dllcache\fa410nd5.sys
2013-12-02 23:32 - 2001-08-17 12:12 - 00016998 ____C (Intel Corporation) C:\WINDOWS\system32\dllcache\ex10.sys
2013-12-02 23:32 - 2001-08-17 12:12 - 00016074 ____C (NETGEAR Corp.) C:\WINDOWS\system32\dllcache\fa312nd5.sys
2013-12-02 23:32 - 2001-08-17 12:11 - 00012362 ____C (FUJITSU LIMITED) C:\WINDOWS\system32\dllcache\f3ab18xi.sys
2013-12-02 23:32 - 2001-08-17 12:11 - 00011850 ____C (FUJITSU LIMITED) C:\WINDOWS\system32\dllcache\f3ab18xj.sys
2013-12-02 23:32 - 2001-08-17 12:10 - 00022090 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\fem556n5.sys
2013-12-02 23:31 - 2004-08-04 13:00 - 00057856 ____C (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esuimgd.dll
2013-12-02 23:31 - 2004-08-04 13:00 - 00031744 ____C (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esucmd.dll
2013-12-02 23:31 - 2004-08-03 22:32 - 00137088 ____C (ESS Technology, Inc.) C:\WINDOWS\system32\dllcache\essm2e.sys
2013-12-02 23:31 - 2001-08-17 22:36 - 00061952 ____C (Equinox Systems Inc.) C:\WINDOWS\system32\dllcache\eqnloop.exe
2013-12-02 23:31 - 2001-08-17 22:36 - 00043008 ____C (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esucm.dll
2013-12-02 23:31 - 2001-08-17 22:36 - 00034816 ____C (SEIKO EPSON CORP.) C:\WINDOWS\system32\dllcache\esuimg.dll
2013-12-02 23:31 - 2001-08-17 13:28 - 00595647 ____C (ESS Technology, Inc.) C:\WINDOWS\system32\dllcache\es56cvmp.sys
2013-12-02 23:31 - 2001-08-17 13:28 - 00594238 ____C (ESS Technology, Inc.) C:\WINDOWS\system32\dllcache\es56hpi.sys
2013-12-02 23:31 - 2001-08-17 13:28 - 00347550 ____C (ESS Technology, Inc.) C:\WINDOWS\system32\dllcache\es56tpi.sys
2013-12-02 23:31 - 2001-08-17 12:19 - 00174464 ____C (ESS Technology, Inc.) C:\WINDOWS\system32\dllcache\es198x.sys
2013-12-02 23:31 - 2001-08-17 12:19 - 00072192 ____C (ESS Technology Inc.) C:\WINDOWS\system32\dllcache\es1969.sys
2013-12-02 23:31 - 2001-08-17 12:19 - 00063360 ____C (ESS Technology, Inc.) C:\WINDOWS\system32\dllcache\ess.sys
2013-12-02 23:31 - 2001-08-17 12:19 - 00040704 ____C (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\es1371mp.sys
2013-12-02 23:31 - 2001-08-17 12:19 - 00037120 ____C (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\es1370mp.sys
2013-12-02 23:30 - 2001-08-17 22:36 - 00053248 ____C (Equinox Systems Inc.) C:\WINDOWS\system32\dllcache\eqndiag.exe
2013-12-02 23:30 - 2001-08-17 22:36 - 00051200 ____C (Equinox Systems Inc.) C:\WINDOWS\system32\dllcache\eqnlogr.exe
2013-12-02 23:30 - 2001-08-17 13:53 - 00007296 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\elmsmc.sys
2013-12-02 23:30 - 2001-08-17 13:50 - 00144896 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\epcfw2k.sys
2013-12-02 23:30 - 2001-08-17 13:50 - 00114944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\epstw2k.sys
2013-12-02 23:30 - 2001-08-17 12:19 - 00283904 ____C (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\emu10k1m.sys
2013-12-02 23:30 - 2001-08-17 12:17 - 00629952 ____C (Equinox Systems Inc.) C:\WINDOWS\system32\dllcache\eqn.sys
2013-12-02 23:30 - 2001-08-17 12:12 - 00018503 ____C (Intel Corporation) C:\WINDOWS\system32\dllcache\epro4.sys
2013-12-02 23:30 - 2001-08-17 12:11 - 00455199 ____C (3Com Corporation.) C:\WINDOWS\system32\dllcache\el985n51.sys
2013-12-02 23:30 - 2001-08-17 12:11 - 00171520 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\el99xn51.sys
2013-12-02 23:30 - 2001-08-17 12:11 - 00070174 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\el98xn5.sys
2013-12-02 23:30 - 2001-08-17 12:10 - 00025159 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\elnk3.sys
2013-12-02 23:30 - 2001-08-17 12:10 - 00019996 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\em556n4.sys
2013-12-02 23:29 - 2008-04-14 01:12 - 00020992 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dshowext.ax
2013-12-02 23:29 - 2004-08-04 13:00 - 00514587 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\edb500.dll
2013-12-02 23:29 - 2001-08-17 14:07 - 00020192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dpti2o.sys
2013-12-02 23:29 - 2001-08-17 13:28 - 00634134 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\el656ct5.sys
2013-12-02 23:29 - 2001-08-17 13:28 - 00241206 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\el656se5.sys
2013-12-02 23:29 - 2001-08-17 12:20 - 00334208 ____C (Yamaha Corp.) C:\WINDOWS\system32\dllcache\ds1wdm.sys
2013-12-02 23:29 - 2001-08-17 12:12 - 00117760 ____C (Intel Corporation) C:\WINDOWS\system32\dllcache\e100b325.sys
2013-12-02 23:29 - 2001-08-17 12:12 - 00050719 ____C (Intel Corporation) C:\WINDOWS\system32\dllcache\e1000nt5.sys
2013-12-02 23:29 - 2001-08-17 12:12 - 00019594 ____C (Intel Corporation) C:\WINDOWS\system32\dllcache\e100isa4.sys
2013-12-02 23:29 - 2001-08-17 12:11 - 00153631 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\el90xnd5.sys
2013-12-02 23:29 - 2001-08-17 12:11 - 00077386 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\el656nd5.sys
2013-12-02 23:29 - 2001-08-17 12:11 - 00069194 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\el656cd5.sys
2013-12-02 23:29 - 2001-08-17 12:11 - 00066591 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\el90xbc5.sys
2013-12-02 23:29 - 2001-08-17 12:10 - 00069692 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\el575nd5.sys
2013-12-02 23:29 - 2001-08-17 12:10 - 00055999 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\el556nd5.sys
2013-12-02 23:29 - 2001-08-17 12:10 - 00044103 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\el515.sys
2013-12-02 23:29 - 2001-08-17 12:10 - 00026141 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\el589nd5.sys
2013-12-02 23:29 - 2001-08-17 12:10 - 00024653 ____C (3Com Corporation) C:\WINDOWS\system32\dllcache\el574nd4.sys
2013-12-02 23:28 - 2008-04-13 19:40 - 00008320 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dlttape.sys
2013-12-02 23:28 - 2008-04-13 19:39 - 00206976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dot4.sys
2013-12-02 23:28 - 2001-08-17 22:36 - 00614429 ____C (Digi International Inc.) C:\WINDOWS\system32\dllcache\digiview.exe
2013-12-02 23:28 - 2001-08-17 22:36 - 00236060 ____C (Eicon Technology) C:\WINDOWS\system32\dllcache\ditrace.exe
2013-12-02 23:28 - 2001-08-17 22:36 - 00038985 ____C (Eicon Technology) C:\WINDOWS\system32\dllcache\disrvsu.dll
2013-12-02 23:28 - 2001-08-17 22:36 - 00037962 ____C C:\WINDOWS\system32\dllcache\divaprop.dll
2013-12-02 23:28 - 2001-08-17 22:36 - 00031305 ____C (Eicon Technology) C:\WINDOWS\system32\dllcache\disrvpp.dll
2013-12-02 23:28 - 2001-08-17 22:36 - 00029768 ____C C:\WINDOWS\system32\dllcache\divasu.dll
2013-12-02 23:28 - 2001-08-17 22:36 - 00006729 ____C (Eicon Technology) C:\WINDOWS\system32\dllcache\disrvci.dll
2013-12-02 23:28 - 2001-08-17 22:36 - 00006216 ____C C:\WINDOWS\system32\dllcache\divaci.dll
2013-12-02 23:28 - 2001-08-17 13:47 - 00023808 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dot4usb.sys
2013-12-02 23:28 - 2001-08-17 13:47 - 00012928 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dot4prt.sys
2013-12-02 23:28 - 2001-08-17 13:47 - 00008704 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dot4scan.sys
2013-12-02 23:28 - 2001-08-17 12:17 - 00042432 ____C (Digi International, Inc.) C:\WINDOWS\system32\dllcache\digirlpt.sys
2013-12-02 23:28 - 2001-08-17 12:14 - 00952007 ____C (Eicon Technology) C:\WINDOWS\system32\dllcache\diwan.sys
2013-12-02 23:28 - 2001-08-17 12:13 - 00091305 ____C (Eicon Technology) C:\WINDOWS\system32\dllcache\dimaint.sys
2013-12-02 23:28 - 2001-08-17 12:12 - 00028062 ____C (National Semiconductor Coproration) C:\WINDOWS\system32\dllcache\dp83820.sys
2013-12-02 23:28 - 2001-08-17 12:11 - 00029696 ____C (CNet Technology, Inc. ) C:\WINDOWS\system32\dllcache\dm9pci5.sys
2013-12-02 23:28 - 2001-08-17 12:11 - 00026698 ____C (D-Link Corporation) C:\WINDOWS\system32\dllcache\dlh5xnd5.sys
2013-12-02 23:27 - 2001-08-17 22:36 - 00419357 ____C (Digi International) C:\WINDOWS\system32\dllcache\dgconfig.dll
2013-12-02 23:27 - 2001-08-17 22:36 - 00256512 ____C (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\devcon32.dll
2013-12-02 23:27 - 2001-08-17 22:36 - 00229462 ____C (Digi International Inc.) C:\WINDOWS\system32\dllcache\digifwrk.dll
2013-12-02 23:27 - 2001-08-17 22:36 - 00159828 ____C (Digi International Inc.) C:\WINDOWS\system32\dllcache\digihlc.dll
2013-12-02 23:27 - 2001-08-17 22:36 - 00131156 ____C (Digi International Inc.) C:\WINDOWS\system32\dllcache\digidbp.dll
2013-12-02 23:27 - 2001-08-17 22:36 - 00110621 ____C (Digi International, Inc.) C:\WINDOWS\system32\dllcache\digirlpt.dll
2013-12-02 23:27 - 2001-08-17 22:36 - 00110592 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dc260usd.dll
2013-12-02 23:27 - 2001-08-17 22:36 - 00102484 ____C (Digi International Inc.) C:\WINDOWS\system32\dllcache\digiinf.dll
2013-12-02 23:27 - 2001-08-17 22:36 - 00065622 ____C (Digi International Inc.) C:\WINDOWS\system32\dllcache\digiasyn.dll
2013-12-02 23:27 - 2001-08-17 22:36 - 00041046 ____C (Digi International Inc.) C:\WINDOWS\system32\dllcache\digiisdn.dll
2013-12-02 23:27 - 2001-08-17 22:36 - 00024064 ____C (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\devldr32.exe
2013-12-02 23:27 - 2001-08-17 13:52 - 00007424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ddsmc.sys
2013-12-02 23:27 - 2001-08-17 12:17 - 00090525 ____C (Digi International Inc.) C:\WINDOWS\system32\dllcache\digifep5.sys
2013-12-02 23:27 - 2001-08-17 12:17 - 00029531 ____C (Digi International Inc.) C:\WINDOWS\system32\dllcache\dgapci.sys
2013-12-02 23:27 - 2001-08-17 12:14 - 00021606 ____C (Digi International Inc.) C:\WINDOWS\system32\dllcache\digiisdn.sys
2013-12-02 23:27 - 2001-08-17 12:13 - 00103044 ____C (Digi International Inc.) C:\WINDOWS\system32\dllcache\digidxb.sys
2013-12-02 23:27 - 2001-08-17 12:13 - 00037735 ____C (Digi International Inc.) C:\WINDOWS\system32\dllcache\digiasyn.sys
2013-12-02 23:27 - 2001-08-17 12:11 - 00024649 ____C (D-Link) C:\WINDOWS\system32\dllcache\dfe650d.sys
2013-12-02 23:27 - 2001-08-17 12:11 - 00024648 ____C (D-Link) C:\WINDOWS\system32\dllcache\dfe650.sys
2013-12-02 23:27 - 2001-08-17 12:11 - 00020928 ____C (Digital Networks, LLC) C:\WINDOWS\system32\dllcache\defpa.sys
2013-12-02 23:26 - 2004-08-03 22:32 - 00048640 ____C (Crystal Semiconductor Corp.) C:\WINDOWS\system32\dllcache\cwrwdm.sys
2013-12-02 23:26 - 2001-08-17 22:36 - 00086016 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dc240usd.dll
2013-12-02 23:26 - 2001-08-17 22:36 - 00080896 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dc210usd.dll
2013-12-02 23:26 - 2001-08-17 22:36 - 00028672 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyycoins.dll
2013-12-02 23:26 - 2001-08-17 22:36 - 00027648 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyzports.dll
2013-12-02 23:26 - 2001-08-17 22:36 - 00027648 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyyports.dll
2013-12-02 23:26 - 2001-08-17 22:36 - 00027136 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyzcoins.dll
2013-12-02 23:26 - 2001-08-17 22:36 - 00025600 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dc210_32.dll
2013-12-02 23:26 - 2001-08-17 13:52 - 00179584 ____C (Mylex Corporation) C:\WINDOWS\system32\dllcache\dac2w2k.sys
2013-12-02 23:26 - 2001-08-17 13:52 - 00014720 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\dac960nt.sys
2013-12-02 23:26 - 2001-08-17 13:50 - 00050176 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyyport.sys
2013-12-02 23:26 - 2001-08-17 13:50 - 00049792 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyzport.sys
2013-12-02 23:26 - 2001-08-17 13:50 - 00017152 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyclad-z.sys
2013-12-02 23:26 - 2001-08-17 13:50 - 00014848 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cyclom-y.sys
2013-12-02 23:26 - 2001-08-17 12:19 - 00111872 ____C (Crystal Semiconductor Corp.) C:\WINDOWS\system32\dllcache\cwcspud.sys
2013-12-02 23:26 - 2001-08-17 12:19 - 00093952 ____C (Crystal Semiconductor Corp.) C:\WINDOWS\system32\dllcache\cwcwdm.sys
2013-12-02 23:26 - 2001-08-17 12:19 - 00072832 ____C (Crystal Semiconductor Corp.) C:\WINDOWS\system32\dllcache\cwbwdm.sys
2013-12-02 23:26 - 2001-08-17 12:19 - 00003584 ____C (Crystal Semiconductor Corp.) C:\WINDOWS\system32\dllcache\cwcosnt5.sys
2013-12-02 23:26 - 2001-08-17 12:12 - 00117760 ____C (Intel Corporation) C:\WINDOWS\system32\dllcache\d100ib5.sys
2013-12-02 23:26 - 2001-08-17 12:12 - 00063208 ____C (Intel Corporation.) C:\WINDOWS\system32\dllcache\dc21x4.sys
2013-12-02 23:25 - 2008-04-14 01:11 - 00249856 ____C (Comtrol® Corporation) C:\WINDOWS\system32\dllcache\ctmasetp.dll
2013-12-02 23:25 - 2008-04-14 01:11 - 00121856 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camext30.dll
2013-12-02 23:25 - 2008-04-13 19:40 - 00008192 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\changer.sys
2013-12-02 23:25 - 2004-08-04 13:00 - 00066594 ____C C:\WINDOWS\system32\dllcache\c_858.nls
2013-12-02 23:25 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_870.nls
2013-12-02 23:25 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_21025.nls
2013-12-02 23:25 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20924.nls
2013-12-02 23:25 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20880.nls
2013-12-02 23:25 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20871.nls
2013-12-02 23:25 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20838.nls
2013-12-02 23:25 - 2004-08-04 13:00 - 00054528 ____C (Philips Semiconductors GmbH) C:\WINDOWS\system32\dllcache\cap7146.sys
2013-12-02 23:25 - 2004-08-04 13:00 - 00018944 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cprofile.exe
2013-12-02 23:25 - 2004-08-04 13:00 - 00015872 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chgport.exe
2013-12-02 23:25 - 2004-08-04 13:00 - 00014336 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chgusr.exe
2013-12-02 23:25 - 2004-08-04 13:00 - 00013312 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\chglogon.exe
2013-12-02 23:25 - 2004-08-04 13:00 - 00009728 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\change.exe
2013-12-02 23:25 - 2001-08-17 22:37 - 00244224 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camext20.ax
2013-12-02 23:25 - 2001-08-17 22:37 - 00116736 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camext30.ax
2013-12-02 23:25 - 2001-08-17 22:37 - 00073216 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camexo20.ax
2013-12-02 23:25 - 2001-08-17 22:36 - 00236032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camext20.dll
2013-12-02 23:25 - 2001-08-17 22:36 - 00216064 ____C (COMPAQ Inc.) C:\WINDOWS\system32\dllcache\cpscan.dll
2013-12-02 23:25 - 2001-08-17 22:36 - 00175104 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\csamsp.dll
2013-12-02 23:25 - 2001-08-17 22:36 - 00074240 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camexo20.dll
2013-12-02 23:25 - 2001-08-17 22:36 - 00044032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cnusd.dll
2013-12-02 23:25 - 2001-08-17 22:36 - 00032256 ____C (Eicon Technology Corporation) C:\WINDOWS\system32\dllcache\diapi2NT.dll
2013-12-02 23:25 - 2001-08-17 22:36 - 00004096 ____C (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\ctwdm32.dll
2013-12-02 23:25 - 2001-08-17 14:56 - 00170880 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cl546x.dll
2013-12-02 23:25 - 2001-08-17 14:56 - 00111232 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cl5465.dll
2013-12-02 23:25 - 2001-08-17 14:56 - 00091264 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cirrus.dll
2013-12-02 23:25 - 2001-08-17 14:05 - 00314752 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camdro21.sys
2013-12-02 23:25 - 2001-08-17 14:04 - 00223232 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camdrv21.sys
2013-12-02 23:25 - 2001-08-17 14:04 - 00171264 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\camdrv30.sys
2013-12-02 23:25 - 2001-08-17 14:02 - 00272640 ____C (RAVISENT Technologies Inc.) C:\WINDOWS\system32\dllcache\cinemclc.sys
2013-12-02 23:25 - 2001-08-17 13:57 - 00248064 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cl546xm.sys
2013-12-02 23:25 - 2001-08-17 13:57 - 00045696 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cirrus.sys
2013-12-02 23:25 - 2001-08-17 13:52 - 00014976 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cpqarray.sys
2013-12-02 23:25 - 2001-08-17 13:52 - 00007680 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\cd20xrnt.sys
2013-12-02 23:25 - 2001-08-17 13:51 - 00020736 ____C (OMNIKEY AG) C:\WINDOWS\system32\dllcache\cmbp0wdm.sys
2013-12-02 23:25 - 2001-08-17 13:51 - 00006656 ____C (CMD Technology, Inc.) C:\WINDOWS\system32\dllcache\cmdide.sys
2013-12-02 23:25 - 2001-08-17 13:28 - 00714698 ____C (Xircom, Inc.) C:\WINDOWS\system32\dllcache\cbmdmkxx.sys
2013-12-02 23:25 - 2001-08-17 12:19 - 00096256 ____C (Copyright (C) Creative Technology Ltd. 1994-2001) C:\WINDOWS\system32\dllcache\ctlsb16.sys
2013-12-02 23:25 - 2001-08-17 12:19 - 00042112 ____C (Conexant Systems Inc.) C:\WINDOWS\system32\dllcache\crtaud.sys
2013-12-02 23:25 - 2001-08-17 12:19 - 00006912 ____C (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\ctlfacem.sys
2013-12-02 23:25 - 2001-08-17 12:19 - 00003712 ____C (Creative Technology Ltd.) C:\WINDOWS\system32\dllcache\ctljystk.sys
2013-12-02 23:25 - 2001-08-17 12:19 - 00003072 ____C (Crystal Semiconductor Corp.) C:\WINDOWS\system32\dllcache\cwbmidi.sys
2013-12-02 23:25 - 2001-08-17 12:19 - 00003072 ____C (Crystal Semiconductor Corp.) C:\WINDOWS\system32\dllcache\cwbase.sys
2013-12-02 23:25 - 2001-08-17 12:13 - 00980034 ____C (Xircom) C:\WINDOWS\system32\dllcache\cicap.sys
2013-12-02 23:25 - 2001-08-17 12:13 - 00164923 ____C (Eicon Technology) C:\WINDOWS\system32\dllcache\diapi2.sys
2013-12-02 23:25 - 2001-08-17 12:13 - 00049182 ____C (Xircom, Inc.) C:\WINDOWS\system32\dllcache\cem56n5.sys
2013-12-02 23:25 - 2001-08-17 12:13 - 00046108 ____C (Xircom, Inc.) C:\WINDOWS\system32\dllcache\cben5.sys
2013-12-02 23:25 - 2001-08-17 12:13 - 00027164 ____C (Xircom, Inc.) C:\WINDOWS\system32\dllcache\ce3n5.sys
2013-12-02 23:25 - 2001-08-17 12:13 - 00022044 ____C (Xircom, Inc.) C:\WINDOWS\system32\dllcache\cem33n5.sys
2013-12-02 23:25 - 2001-08-17 12:13 - 00022044 ____C (Xircom, Inc.) C:\WINDOWS\system32\dllcache\cem28n5.sys
2013-12-02 23:25 - 2001-08-17 12:13 - 00021533 ____C (Compaq Computer Corporation) C:\WINDOWS\system32\dllcache\cpqndis5.sys
2013-12-02 23:25 - 2001-08-17 12:13 - 00021530 ____C (Xircom, Inc.) C:\WINDOWS\system32\dllcache\ce2n5.sys
2013-12-02 23:25 - 2001-08-17 12:12 - 00039680 ____C (Silicom Ltd.) C:\WINDOWS\system32\dllcache\cb325.sys
2013-12-02 23:25 - 2001-08-17 12:12 - 00037916 ____C (Fast Ethernet Controller Provider) C:\WINDOWS\system32\dllcache\cb102.sys
2013-12-02 23:25 - 2001-08-17 12:11 - 00060970 ____C (Compaq Computer Corp.) C:\WINDOWS\system32\dllcache\cpqtrnd5.sys
2013-12-02 23:25 - 2001-08-17 12:11 - 00039936 ____C (Conexant Systems, Inc.) C:\WINDOWS\system32\dllcache\cnxt1803.sys
2013-12-02 23:24 - 2008-04-14 01:12 - 00018432 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bdaplgin.ax
2013-12-02 23:24 - 2008-04-13 19:46 - 00038912 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\avc.sys
2013-12-02 23:24 - 2008-04-13 19:46 - 00013696 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\avcstrm.sys
2013-12-02 23:24 - 2008-04-13 19:46 - 00011776 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bdasup.sys
2013-12-02 23:24 - 2004-08-04 13:00 - 00187938 ____C C:\WINDOWS\system32\dllcache\c_20005.nls
2013-12-02 23:24 - 2004-08-04 13:00 - 00186402 ____C C:\WINDOWS\system32\dllcache\c_20001.nls
2013-12-02 23:24 - 2004-08-04 13:00 - 00185378 ____C C:\WINDOWS\system32\dllcache\c_20003.nls
2013-12-02 23:24 - 2004-08-04 13:00 - 00180258 ____C C:\WINDOWS\system32\dllcache\c_20004.nls
2013-12-02 23:24 - 2004-08-04 13:00 - 00173602 ____C C:\WINDOWS\system32\dllcache\c_20002.nls
2013-12-02 23:24 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20833.nls
2013-12-02 23:24 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20424.nls
2013-12-02 23:24 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20423.nls
2013-12-02 23:24 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20420.nls
2013-12-02 23:24 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20297.nls
2013-12-02 23:24 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20285.nls
2013-12-02 23:24 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20284.nls
2013-12-02 23:24 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20280.nls
2013-12-02 23:24 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20278.nls
2013-12-02 23:24 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20277.nls
2013-12-02 23:24 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20273.nls
2013-12-02 23:24 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20269.nls
2013-12-02 23:24 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20108.nls
2013-12-02 23:24 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20107.nls
2013-12-02 23:24 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20106.nls
2013-12-02 23:24 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_20105.nls
2013-12-02 23:24 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1149.nls
2013-12-02 23:24 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1148.nls
2013-12-02 23:24 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1147.nls
2013-12-02 23:24 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1146.nls
2013-12-02 23:24 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1145.nls
2013-12-02 23:24 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1144.nls
2013-12-02 23:24 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1143.nls
2013-12-02 23:24 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1142.nls
2013-12-02 23:24 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1141.nls
2013-12-02 23:24 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1140.nls
2013-12-02 23:24 - 2004-08-04 13:00 - 00066082 ____C C:\WINDOWS\system32\dllcache\c_1047.nls
2013-12-02 23:24 - 2004-08-03 22:31 - 00036224 ____C (ADMtek Incorporated.) C:\WINDOWS\system32\dllcache\an983.sys
2013-12-02 23:24 - 2001-08-17 22:36 - 00144384 ____C (AVM GmbH) C:\WINDOWS\system32\dllcache\avmenum.dll
2013-12-02 23:24 - 2001-08-17 22:36 - 00102400 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\binlsvc.dll
2013-12-02 23:24 - 2001-08-17 22:36 - 00087552 ____C (AVM GmbH) C:\WINDOWS\system32\dllcache\avmcoxp.dll
2013-12-02 23:24 - 2001-08-17 22:36 - 00081408 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\brmfcwia.dll
2013-12-02 23:24 - 2001-08-17 22:36 - 00045056 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_aqadmin.dll
2013-12-02 23:24 - 2001-08-17 22:36 - 00041472 ____C (Brother Industries, Ltd.) C:\WINDOWS\system32\dllcache\brmfusb.dll
2013-12-02 23:24 - 2001-08-17 22:36 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\atievxx.exe
2013-12-02 23:24 - 2001-08-17 22:36 - 00032256 ____C (Brother Industries, Ltd.) C:\WINDOWS\system32\dllcache\brmfrsmg.exe
2013-12-02 23:24 - 2001-08-17 22:36 - 00029696 ____C (Brother Industries, Ltd.) C:\WINDOWS\system32\dllcache\brmflpt.dll
2013-12-02 23:24 - 2001-08-17 22:36 - 00019456 ____C (Brother Industries, Ltd.) C:\WINDOWS\system32\dllcache\brbidiif.dll
2013-12-02 23:24 - 2001-08-17 22:36 - 00015360 ____C (Brother Industries, Ltd.) C:\WINDOWS\system32\dllcache\brmfbidi.dll
2013-12-02 23:24 - 2001-08-17 22:36 - 00012800 ____C (Brother Industries, Ltd.) C:\WINDOWS\system32\dllcache\brevif.dll
2013-12-02 23:24 - 2001-08-17 22:36 - 00009728 ____C (Brother Industries, Ltd.) C:\WINDOWS\system32\dllcache\brserif.dll
2013-12-02 23:24 - 2001-08-17 22:36 - 00009728 ____C (Brother Industries Ltd.) C:\WINDOWS\system32\dllcache\brcoinst.dll
2013-12-02 23:24 - 2001-08-17 22:36 - 00005120 ____C (Brother Industries,Ltd.) C:\WINDOWS\system32\dllcache\brscnrsm.dll
2013-12-02 23:24 - 2001-08-17 14:56 - 00342336 ____C (3Dfx Interactive, Inc.) C:\WINDOWS\system32\dllcache\banshee.dll
2013-12-02 23:24 - 2001-08-17 14:56 - 00268160 ____C (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atidvai.dll
2013-12-02 23:24 - 2001-08-17 14:56 - 00137216 ____C (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atidrae.dll
2013-12-02 23:24 - 2001-08-17 14:56 - 00104832 ____C (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atiraged.dll
2013-12-02 23:24 - 2001-08-17 14:55 - 00382592 ____C (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atidrab.dll
2013-12-02 23:24 - 2001-08-17 14:55 - 00096128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\ati.dll
2013-12-02 23:24 - 2001-08-17 14:01 - 00036096 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\avcaudio.sys
2013-12-02 23:24 - 2001-08-17 13:57 - 00077568 ____C (ATI Technologies, Inc.) C:\WINDOWS\system32\dllcache\ati.sys
2013-12-02 23:24 - 2001-08-17 13:52 - 00026496 ____C (Advanced System Products, Inc.) C:\WINDOWS\system32\dllcache\asc.sys
2013-12-02 23:24 - 2001-08-17 13:52 - 00022400 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\asc3350p.sys
2013-12-02 23:24 - 2001-08-17 13:52 - 00012032 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\amsint.sys
2013-12-02 23:24 - 2001-08-17 13:51 - 00014848 ____C (Advanced System Products, Inc.) C:\WINDOWS\system32\dllcache\asc3550.sys
2013-12-02 23:24 - 2001-08-17 13:51 - 00013824 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\bulltlp3.sys
2013-12-02 23:24 - 2001-08-17 13:51 - 00005248 ____C (Acer Laboratories Inc.) C:\WINDOWS\system32\dllcache\aliide.sys
2013-12-02 23:24 - 2001-08-17 13:49 - 00026624 ____C (Acer Laboratories Inc.) C:\WINDOWS\system32\dllcache\alifir.sys
2013-12-02 23:24 - 2001-08-17 13:47 - 00006272 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\apmbatt.sys
2013-12-02 23:24 - 2001-08-17 13:28 - 00871388 ____C (BCM) C:\WINDOWS\system32\dllcache\bcmdm.sys
2013-12-02 23:24 - 2001-08-17 13:12 - 00060416 ____C (Brother Industries Ltd.) C:\WINDOWS\system32\dllcache\brserwdm.sys
2013-12-02 23:24 - 2001-08-17 13:12 - 00039552 ____C (Brother Industries Ltd.) C:\WINDOWS\system32\dllcache\brparwdm.sys
2013-12-02 23:24 - 2001-08-17 13:12 - 00012160 ____C (Brother Industries, Ltd.) C:\WINDOWS\system32\dllcache\brfiltlo.sys
2013-12-02 23:24 - 2001-08-17 13:12 - 00011008 ____C (Brother Industries Ltd.) C:\WINDOWS\system32\dllcache\brusbmdm.sys
2013-12-02 23:24 - 2001-08-17 13:12 - 00010368 ____C (Brother Industries Ltd.) C:\WINDOWS\system32\dllcache\brusbscn.sys
2013-12-02 23:24 - 2001-08-17 13:12 - 00003968 ____C (Brother Industries, Ltd.) C:\WINDOWS\system32\dllcache\brfiltup.sys
2013-12-02 23:24 - 2001-08-17 13:12 - 00003168 ____C (Brother Industries Ltd.) C:\WINDOWS\system32\dllcache\brparimg.sys
2013-12-02 23:24 - 2001-08-17 13:12 - 00002944 ____C (Brother Industries Ltd.) C:\WINDOWS\system32\dllcache\brfilt.sys
2013-12-02 23:24 - 2001-08-17 12:49 - 00075136 ____C (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atimpae.sys
2013-12-02 23:24 - 2001-08-17 12:49 - 00049920 ____C C:\WINDOWS\system32\dllcache\atirtcap.sys
2013-12-02 23:24 - 2001-08-17 12:49 - 00046464 ____C C:\WINDOWS\system32\dllcache\atibt829.sys
2013-12-02 23:24 - 2001-08-17 12:49 - 00026880 ____C C:\WINDOWS\system32\dllcache\atirtsnd.sys
2013-12-02 23:24 - 2001-08-17 12:49 - 00026624 ____C C:\WINDOWS\system32\dllcache\ativxbar.sys
2013-12-02 23:24 - 2001-08-17 12:49 - 00023552 ____C C:\WINDOWS\system32\dllcache\atixbar.sys
2013-12-02 23:24 - 2001-08-17 12:49 - 00019456 ____C C:\WINDOWS\system32\dllcache\ativttxx.sys
2013-12-02 23:24 - 2001-08-17 12:49 - 00017152 ____C C:\WINDOWS\system32\dllcache\atitvsnd.sys
2013-12-02 23:24 - 2001-08-17 12:49 - 00017152 ____C C:\WINDOWS\system32\dllcache\atitunep.sys
2013-12-02 23:24 - 2001-08-17 12:49 - 00010240 ____C C:\WINDOWS\system32\dllcache\atipcxxx.sys
2013-12-02 23:24 - 2001-08-17 12:49 - 00009472 ____C C:\WINDOWS\system32\dllcache\ativmdcd.sys
2013-12-02 23:24 - 2001-08-17 12:48 - 00289664 ____C (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atimpab.sys
2013-12-02 23:24 - 2001-08-17 12:48 - 00281600 ____C (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atimtai.sys
2013-12-02 23:24 - 2001-08-17 12:48 - 00070528 ____C (ATI Technologies Inc.) C:\WINDOWS\system32\dllcache\atiragem.sys
2013-12-02 23:24 - 2001-08-17 12:48 - 00036128 ____C (3Dfx Interactive, Inc.) C:\WINDOWS\system32\dllcache\banshee.sys
2013-12-02 23:24 - 2001-08-17 12:19 - 00036992 ____C (Aztech Systems Ltd) C:\WINDOWS\system32\dllcache\aztw2320.sys
2013-12-02 23:24 - 2001-08-17 12:13 - 00089952 ____C (AVM GmbH) C:\WINDOWS\system32\dllcache\b1cbase.sys
2013-12-02 23:24 - 2001-08-17 12:13 - 00037568 ____C (AVM GmbH) C:\WINDOWS\system32\dllcache\avmwan.sys
2013-12-02 23:24 - 2001-08-17 12:12 - 00097354 ____C (Bay Networks, Inc.) C:\WINDOWS\system32\dllcache\aspndis3.sys
2013-12-02 23:24 - 2001-08-17 12:11 - 00096640 ____C (Broadcom Corporation) C:\WINDOWS\system32\dllcache\b57xp32.sys
2013-12-02 23:24 - 2001-08-17 12:11 - 00066557 ____C (Broadcom Corporation) C:\WINDOWS\system32\dllcache\bcm42u.sys
2013-12-02 23:24 - 2001-08-17 12:11 - 00054271 ____C (Broadcom Corporation) C:\WINDOWS\system32\dllcache\bcm42xx5.sys
2013-12-02 23:24 - 2001-08-17 12:11 - 00031529 ____C (BreezeCOM) C:\WINDOWS\system32\dllcache\brzwlan.sys
2013-12-02 23:24 - 2001-08-17 12:11 - 00026568 ____C (Broadcom Corporation) C:\WINDOWS\system32\dllcache\bcm4e5.sys
2013-12-02 23:24 - 2001-08-17 12:11 - 00016969 ____C (AmbiCom, Inc.) C:\WINDOWS\system32\dllcache\amb8002.sys
2013-12-02 23:23 - 2008-04-13 19:46 - 00048128 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\61883.sys
2013-12-02 23:23 - 2008-04-13 19:40 - 00012288 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\4mmdat.sys
2013-12-02 23:23 - 2004-08-03 22:32 - 00231552 ____C (Acer Laboratories Inc.) C:\WINDOWS\system32\dllcache\ac97ali.sys
2013-12-02 23:23 - 2004-08-03 22:32 - 00084480 ____C (VIA Technologies, Inc.) C:\WINDOWS\system32\dllcache\ac97via.sys
2013-12-02 23:23 - 2004-08-03 22:32 - 00010880 ____C (Aureal, Inc.) C:\WINDOWS\system32\dllcache\admjoy.sys
2013-12-02 23:23 - 2001-08-17 22:37 - 00024576 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\agcgauge.ax
2013-12-02 23:23 - 2001-08-17 22:36 - 00462848 ____C (Aureal Inc.) C:\WINDOWS\system32\dllcache\a3dapi.dll
2013-12-02 23:23 - 2001-08-17 22:36 - 00098304 ____C (Aureal Semiconductor) C:\WINDOWS\system32\dllcache\a3d.dll
2013-12-02 23:23 - 2001-08-17 22:36 - 00061440 ____C (Color Flatbed Scanner) C:\WINDOWS\system32\dllcache\acerscad.dll
2013-12-02 23:23 - 2001-08-17 22:36 - 00005632 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\EXCH_adsiisex.dll
2013-12-02 23:23 - 2001-08-17 14:56 - 00066048 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\s3legacy.dll
2013-12-02 23:23 - 2001-08-17 14:55 - 00689216 ____C (3dfx Interactive, Inc.) C:\WINDOWS\system32\dllcache\3dfxvs.dll
2013-12-02 23:23 - 2001-08-17 14:55 - 00038400 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\8514a.dll
2013-12-02 23:23 - 2001-08-17 14:07 - 00101888 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\adpu160m.sys
2013-12-02 23:23 - 2001-08-17 14:07 - 00056960 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aic78xx.sys
2013-12-02 23:23 - 2001-08-17 14:07 - 00055168 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aic78u2.sys
2013-12-02 23:23 - 2001-08-17 14:06 - 00011264 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\1394vdbg.sys
2013-12-02 23:23 - 2001-08-17 13:53 - 00007424 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\adicvls.sys
2013-12-02 23:23 - 2001-08-17 13:52 - 00023552 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\abp480n5.sys
2013-12-02 23:23 - 2001-08-17 13:52 - 00012800 ____C (Microsoft Corporation) C:\WINDOWS\system32\dllcache\aha154x.sys
2013-12-02 23:23 - 2001-08-17 13:28 - 00762780 ____C (3Com, Inc.) C:\WINDOWS\system32\dllcache\3cwmcru.sys
2013-12-02 23:23 - 2001-08-17 12:48 - 00148352 ____C (3dfx Interactive, Inc.) C:\WINDOWS\system32\dllcache\3dfxvsm.sys
2013-12-02 23:23 - 2001-08-17 12:20 - 00297728 ____C (Silicon Integrated Systems Corp.) C:\WINDOWS\system32\dllcache\ac97sis.sys
2013-12-02 23:23 - 2001-08-17 12:20 - 00096256 ____C (Intel Corporation) C:\WINDOWS\system32\dllcache\ac97intc.sys
2013-12-02 23:23 - 2001-08-17 12:19 - 00747392 ____C (Aureal, Inc.) C:\WINDOWS\system32\dllcache\adm8830.sys
2013-12-02 23:23 - 2001-08-17 12:19 - 00584448 ____C (Aureal, Inc.) C:\WINDOWS\system32\dllcache\adm8810.sys
2013-12-02 23:23 - 2001-08-17 12:19 - 00553984 ____C (Aureal, Inc.) C:\WINDOWS\system32\dllcache\adm8820.sys
2013-12-02 23:23 - 2001-08-17 12:11 - 00046112 ____C (Adaptec, Inc ) C:\WINDOWS\system32\dllcache\adptsf50.sys
2013-12-02 23:23 - 2001-08-17 12:11 - 00027678 ____C (Acer Laboratories Inc.) C:\WINDOWS\system32\dllcache\ali5261.sys
2013-12-02 23:23 - 2001-08-17 12:11 - 00020160 ____C (ADMtek Incorporated) C:\WINDOWS\system32\dllcache\adm8511.sys
2013-11-29 10:29 - 2013-10-08 07:50 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2013-11-29 10:29 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2013-11-29 10:29 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2013-11-29 10:29 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2013-11-29 10:28 - 2013-11-29 10:29 - 00004113 _____ C:\WINDOWS\system32\jupdate-1.7.0_45-b18.log
2013-11-29 10:07 - 2013-11-29 10:07 - 00007680 ___SH C:\WINDOWS\Thumbs.db
2013-11-27 21:23 - 2013-11-27 21:23 - 00000000 ____D C:\WINDOWS\ERUNT
2013-11-27 21:13 - 2013-11-27 21:13 - 00000000 ____D C:\Hotspot Shield
2013-11-27 21:11 - 2013-11-27 21:13 - 00000000 ____D C:\AdwCleaner
2013-11-24 15:46 - 2013-11-24 15:46 - 105952601 _____ C:\WINDOWS\system32\ᔤ自ƌ
2013-11-23 20:58 - 2013-11-23 20:58 - 00000000 ____D C:\FRST
2013-11-22 19:31 - 2013-11-22 19:31 - 105757824 _____ C:\WINDOWS\system32\뛞踥ƌ
2013-11-22 09:43 - 2013-11-22 09:43 - 105626457 _____ C:\WINDOWS\system32\䔜䟣ƌ
2013-11-21 23:16 - 2013-11-21 23:16 - 105611834 _____ C:\WINDOWS\system32\딛ꂒƌ
2013-11-21 10:43 - 2013-11-21 10:43 - 105483598 _____ C:\WINDOWS\system32\黕뿌ƌ
2013-11-19 17:05 - 2013-11-19 17:05 - 105044098 _____ C:\WINDOWS\system32\즏鬾ƌ
2013-11-18 23:17 - 2013-11-18 23:16 - 00069584 ____H C:\WINDOWS\Minidump\Mini111813-01.dmp
2013-11-18 21:12 - 2013-11-18 21:12 - 104986035 _____ C:\WINDOWS\system32\臩ƌ
2013-11-15 15:46 - 2013-11-15 15:46 - 104401821 _____ C:\WINDOWS\system32\忏듨ƌ
2013-11-14 21:43 - 2013-11-14 21:43 - 00010338 _____ C:\WINDOWS\KB2900986.log
2013-11-14 21:43 - 2013-11-14 21:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2013-11-14 21:43 - 2013-11-14 21:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2013-11-14 21:42 - 2013-11-14 21:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2013-11-14 21:42 - 2013-11-14 21:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2013-11-14 21:41 - 2013-11-14 21:42 - 00012622 _____ C:\WINDOWS\KB2888505-IE8.log
2013-11-14 18:31 - 2013-11-14 21:42 - 00016441 _____ C:\WINDOWS\KB2862152.log
2013-11-14 18:30 - 2013-11-14 21:42 - 00015915 _____ C:\WINDOWS\KB2876331.log
2013-11-14 18:23 - 2013-11-14 21:43 - 00017576 _____ C:\WINDOWS\KB2868626.log
2013-11-12 19:13 - 2013-11-12 19:13 - 103974937 _____ C:\WINDOWS\system32\�ᵩƌ
2013-11-10 20:22 - 2013-11-10 20:22 - 103551423 _____ C:\WINDOWS\system32\뒒冒ƌ
2013-11-07 22:57 - 2013-11-10 23:20 - 00000000 ____D C:\Program Files\Common Files\logishrd
==================== One Month Modified Files and Folders =======
2013-12-04 20:49 - 2005-09-15 08:23 - 01883351 _____ C:\WINDOWS\WindowsUpdate.log
2013-12-04 20:44 - 2009-07-01 06:10 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-04 01:23 - 2012-04-07 09:16 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2013-12-04 01:15 - 2005-09-15 09:15 - 03633560 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2013-12-04 01:14 - 2005-09-15 09:19 - 00000159 _____ C:\WINDOWS\wiadebug.log
2013-12-04 01:14 - 2005-09-15 09:19 - 00000050 _____ C:\WINDOWS\wiaservc.log
2013-12-04 01:14 - 2005-09-15 08:28 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2013-12-04 01:13 - 2009-07-01 06:10 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-04 01:13 - 2006-10-09 22:24 - 00000278 ___SH C:\Documents and Settings\Mareike Foerst\ntuser.ini
2013-12-04 01:13 - 2006-10-09 22:24 - 00000000 ____D C:\Documents and Settings\Mareike Foerst
2013-12-04 01:13 - 2005-09-15 08:28 - 00032574 _____ C:\WINDOWS\SchedLgU.Txt
2013-12-04 01:12 - 2013-12-03 22:17 - 00181064 _____ (Sysinternals) C:\WINDOWS\PSEXESVC.EXE
2013-12-04 01:11 - 2013-12-04 01:11 - 00003758 _____ C:\WINDOWS\bitssetup.log
2013-12-04 01:03 - 2013-12-04 01:03 - 00000000 ____D C:\Documents and Settings\LocalService\Start Menu\Programs\Accessories
2013-12-04 01:03 - 2005-09-15 08:28 - 00000000 __SHD C:\Documents and Settings\LocalService
2013-12-04 01:03 - 2005-09-15 08:24 - 00023392 _____ C:\WINDOWS\system32\nscompat.tlb
2013-12-04 01:03 - 2005-09-15 08:24 - 00016832 _____ C:\WINDOWS\system32\amcompat.tlb
2013-12-04 00:38 - 2005-09-15 09:16 - 00522638 ____C C:\WINDOWS\system32\PerfStringBackup.INI
2013-12-03 20:04 - 2012-03-16 03:12 - 00000803 _____ C:\Documents and Settings\Mareike Foerst\Start Menu\Programs\Internet Explorer.lnk
2013-12-03 20:04 - 2006-10-09 22:24 - 00000000 ___RD C:\Documents and Settings\Mareike Foerst\Start Menu\Programs\Accessories
2013-12-03 20:04 - 2005-09-15 09:11 - 00000000 ____D C:\WINDOWS\Help
2013-12-03 20:02 - 2011-11-27 16:12 - 00061618 _____ C:\WINDOWS\ie8Uninst.log
2013-12-03 20:02 - 2011-06-20 20:46 - 00000000 ____D C:\WINDOWS\ie8updates
2013-12-03 20:02 - 2005-09-15 09:16 - 01389651 ____C C:\WINDOWS\tsoc.log
2013-12-03 20:02 - 2005-09-15 09:16 - 01013867 ____C C:\WINDOWS\comsetup.log
2013-12-03 20:02 - 2005-09-15 09:16 - 00612602 ____C C:\WINDOWS\ntdtcsetup.log
2013-12-03 20:02 - 2005-09-15 09:16 - 00577155 ____C C:\WINDOWS\iis6.log
2013-12-03 20:02 - 2005-09-15 09:16 - 00167081 ____C C:\WINDOWS\ocmsn.log
2013-12-03 20:02 - 2005-09-15 09:16 - 00001374 _____ C:\WINDOWS\imsins.log
2013-12-03 20:02 - 2005-09-15 09:11 - 00000000 ____D C:\WINDOWS\Media
2013-12-03 20:02 - 2005-09-15 08:46 - 00576493 ____C C:\WINDOWS\updspapi.log
2013-12-03 20:01 - 2011-01-16 18:19 - 00554571 _____ C:\WINDOWS\setupapi.log
2013-12-03 20:01 - 2005-09-15 09:16 - 03617460 ____C C:\WINDOWS\FaxSetup.log
2013-12-03 20:01 - 2005-09-15 09:16 - 01729812 ____C C:\WINDOWS\ocgen.log
2013-12-03 20:01 - 2005-09-15 09:16 - 00180893 ____C C:\WINDOWS\msgsocm.log
2013-12-03 19:45 - 2013-12-03 19:45 - 00000000 ____D C:\Program Files\Tweaking.com
2013-12-03 19:45 - 2013-12-03 19:45 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Tweaking.com
2013-12-02 22:27 - 2005-09-15 07:09 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl
2013-12-01 20:56 - 2005-09-15 09:15 - 00209181 _____ C:\WINDOWS\setupact.log
2013-11-29 10:34 - 2011-12-01 23:16 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2013-11-29 10:32 - 2013-04-21 23:30 - 00137208 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2013-11-29 10:32 - 2013-04-21 23:30 - 00090400 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2013-11-29 10:32 - 2013-04-21 23:30 - 00037352 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2013-11-29 10:29 - 2013-11-29 10:28 - 00004113 _____ C:\WINDOWS\system32\jupdate-1.7.0_45-b18.log
2013-11-29 10:29 - 2005-09-15 08:45 - 00000000 ____D C:\Program Files\Java
2013-11-29 10:07 - 2013-11-29 10:07 - 00007680 ___SH C:\WINDOWS\Thumbs.db
2013-11-27 23:22 - 2011-11-26 17:12 - 00000000 ____D C:\WINDOWS\system32\NtmsData
2013-11-27 22:01 - 2005-09-15 08:22 - 00000000 ____D C:\WINDOWS\Registration
2013-11-27 21:23 - 2013-11-27 21:23 - 00000000 ____D C:\WINDOWS\ERUNT
2013-11-27 21:13 - 2013-11-27 21:13 - 00000000 ____D C:\Hotspot Shield
2013-11-27 21:13 - 2013-11-27 21:11 - 00000000 ____D C:\AdwCleaner
2013-11-27 21:13 - 2010-01-10 21:45 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\ICQ
2013-11-27 21:09 - 2013-10-06 19:56 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\Desktop\Die Spielsprachschule
2013-11-25 21:25 - 2007-07-08 21:20 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\Application Data\Skype
2013-11-24 15:46 - 2013-11-24 15:46 - 105952601 _____ C:\WINDOWS\system32\ᔤ自ƌ
2013-11-23 20:58 - 2013-11-23 20:58 - 00000000 ____D C:\FRST
2013-11-23 20:44 - 2007-06-21 00:59 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB935840$
2013-11-22 22:28 - 2013-10-20 10:26 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\Desktop\Taufe Fabio
2013-11-22 22:11 - 2012-11-18 20:07 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\My Documents\Bewerbungen Stipendien und Arbeit
2013-11-22 22:10 - 2012-11-18 20:21 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\My Documents\Studium
2013-11-22 21:58 - 2006-10-09 22:49 - 00002479 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Microsoft Word.lnk
2013-11-22 19:31 - 2013-11-22 19:31 - 105757824 _____ C:\WINDOWS\system32\뛞踥ƌ
2013-11-22 09:43 - 2013-11-22 09:43 - 105626457 _____ C:\WINDOWS\system32\䔜䟣ƌ
2013-11-22 00:23 - 2013-10-23 10:12 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\Desktop\ePortfolio Einfuehrung
2013-11-21 23:16 - 2013-11-21 23:16 - 105611834 _____ C:\WINDOWS\system32\딛ꂒƌ
2013-11-21 10:43 - 2013-11-21 10:43 - 105483598 _____ C:\WINDOWS\system32\黕뿌ƌ
2013-11-21 10:40 - 2012-05-03 05:40 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-11-20 13:53 - 2007-08-02 21:49 - 00000000 ____D C:\Program Files\Mozilla Firefox
2013-11-19 23:55 - 2010-12-26 02:35 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\Application Data\vlc
2013-11-19 22:25 - 2011-12-24 20:40 - 00000000 ____D C:\Documents and Settings\Mareike Foerst\Application Data\dvdcss
2013-11-19 17:05 - 2013-11-19 17:05 - 105044098 _____ C:\WINDOWS\system32\즏鬾ƌ
2013-11-18 23:21 - 2007-07-08 21:20 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Skype
2013-11-18 23:16 - 2013-11-18 23:17 - 00069584 ____H C:\WINDOWS\Minidump\Mini111813-01.dmp
2013-11-18 21:12 - 2013-11-18 21:12 - 104986035 _____ C:\WINDOWS\system32\臩ƌ
2013-11-15 15:46 - 2013-11-15 15:46 - 104401821 _____ C:\WINDOWS\system32\忏듨ƌ
2013-11-14 21:43 - 2013-11-14 21:43 - 00010338 _____ C:\WINDOWS\KB2900986.log
2013-11-14 21:43 - 2013-11-14 21:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2900986$
2013-11-14 21:43 - 2013-11-14 21:43 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2868626$
2013-11-14 21:43 - 2013-11-14 18:23 - 00017576 _____ C:\WINDOWS\KB2868626.log
2013-11-14 21:43 - 2005-09-15 09:16 - 00001393 _____ C:\WINDOWS\imsins.BAK
2013-11-14 21:42 - 2013-11-14 21:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2876331$
2013-11-14 21:42 - 2013-11-14 21:42 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB2862152$
2013-11-14 21:42 - 2013-11-14 21:41 - 00012622 _____ C:\WINDOWS\KB2888505-IE8.log
2013-11-14 21:42 - 2013-11-14 18:31 - 00016441 _____ C:\WINDOWS\KB2862152.log
2013-11-14 21:42 - 2013-11-14 18:30 - 00015915 _____ C:\WINDOWS\KB2876331.log
2013-11-14 21:40 - 2013-07-19 02:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2013-11-14 21:35 - 2006-10-10 01:01 - 80340640 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2013-11-12 19:13 - 2013-11-12 19:13 - 103974937 _____ C:\WINDOWS\system32\�ᵩƌ
2013-11-10 23:20 - 2013-11-07 22:57 - 00000000 ____D C:\Program Files\Common Files\logishrd
2013-11-10 23:20 - 2009-03-08 14:23 - 00006477 ____C C:\WINDOWS\system32\lvcoinst.log
2013-11-10 20:22 - 2013-11-10 20:22 - 103551423 _____ C:\WINDOWS\system32\뒒冒ƌ
2013-11-07 22:44 - 2009-12-09 13:17 - 00000000 ___RD C:\Program Files\Skype
2013-11-07 21:38 - 2010-12-25 23:07 - 01088000 ___SH C:\Documents and Settings\Mareike Foerst\Desktop\Thumbs.db
2013-11-07 21:38 - 2006-10-28 23:47 - 00000116 ____C C:\WINDOWS\NeroDigital.ini
Some content of TEMP:
====================
C:\Documents and Settings\Mareike Foerst\Local Settings\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
==================== End Of Log ============================
--- --- --- |
|
05.12.2013, 12:24
| #14 |
| /// the machine /// TB-Ausbilder | Trojaner und Malware auf meinem Laptop! Malwarebytes Anti-Malware hat 733 aufgespuert XP CD zur Hand`?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
05.12.2013, 12:55
| #15 |
| | Trojaner und Malware auf meinem Laptop! Malwarebytes Anti-Malware hat 733 aufgespuert Hallo Schrauber, nein. Leider nicht. Das Programm hatte ich mir damals von einem Freund in England drauf ziehen lassen. Ich könnte aber schauen, ob ich eine irgendwo herbekomme. Eine andere Idee? LG Mareike |
|
| Themen zu Trojaner und Malware auf meinem Laptop! Malwarebytes Anti-Malware hat 733 aufgespuert |
| administrator, browser, f.txt, filescout.exe, hotspot, install.exe, malwarebytes, microsoft, pup.bprotector, pup.optional.advancedsystemprotector.a, pup.optional.babsolution.a, pup.optional.babylon.a, pup.optional.bandoo.a, pup.optional.bprotector.a, pup.optional.conduit.a, pup.optional.datamngr.a, pup.optional.delta, pup.optional.delta.a, pup.optional.filescout.a, pup.optional.installcore.a, pup.optional.opencandy, pup.optional.pcperformer.a, pup.optional.pricegong.a, pup.optional.regcleanerpro.a, pup.optional.searchqu, pup.optional.searchqu.a, regclean, system32, systweak |
Linear-Darstellung
