| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Adware: Ultra Downloads Notifier // Überschüttet mich mit WerbungWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
02.12.2013, 20:43
| #1 |
| |  Adware: Ultra Downloads Notifier // Überschüttet mich mit Werbung Hallo Trojaner-Board Community, ich habe folgendes Problem: Seit circa einem Monat befindet sich Ultra Downloads Notifier im Add-on Manager von Firefox, es lässt sich nicht deaktivieren, deinstallieren oder sonst irgendwie entfernen. Wenn ich bspw. auf Googlebilder ein Bild anklicke, werde ich zu einer spanischen Errorseite weitergeleitet. Siehe im Anhang "Error-Seite.jpg" Zudem sind Textpassagen, einzelne Wörter und Links, doppelt grün unterstrichen. Wenn ich mit dem Mauszeiger über diese Markierung gehe procct eine Werbeeinblendung mit Titel und link zur Seite auf. Siehe im Anhang "Grüne Unterstreichungen.jpg" Desweiteren erhalte ich, seitdem Ultra Download Notifier auf meinem Pc ist, bei online shopping Seiten bspw. H&M immer einen "Dealfinder" wenn ich über das Bild des Artikels mit dem Mauszeiger gehe, welcher mir weiter unerwünschte Werbung aufzeigt. Siehe im Anhang "Dealfinder.jpg" Außerdem erhalte ich oftmals vor dem starten eines Youtube-Videos eine Werbeeinblendung von Ultra Downloads Notifier, welche durch mein ABP geblockt wird, jedoch ist dort geschrieben "Ads by Ultradownloads Notifier". Ich habe versucht mich über diese Adware zu erkundigen, allerdings fand ich nur unseriöse Seiten geschrieben in schlechtem Deutsch die ein allheilmittel Removaltool zum download bereitstellen, habe davon aber die Finger gelassen. Bspw. hxxp://www.deinstallierenspyware.com/deinstallieren-adware-ultra-downloads-notifier Ich bin komplett unsicher und weiß nicht wie ich dieses Problem lösen soll. Ich hoffe ihr könnt mir weiterhelfen. Zudem ist dies mein erster Post auf Trojaner-Board, so bitte ich fehlende Informationen zu entschuldigen. Ich kann sämtliche Informationen auf Anfrage gerne nachliefern. Vielen Dank im vorraus, P.Jones ____________________________________ Technische Daten: Betriebssystem MS Windows 7 Ultimate 64-bit SP1 CPU AMD Phenom II X6 1090T Thuban 45nm Technologie RAM 8,00 GB Dual-Kanal DDR3 @ 669MHz (9-9-9-24) Motherboard ASUSTeK Computer INC. M4A88TD-V EVO/USB3 (AM3) ____________________________________ |
|
03.12.2013, 06:05
| #2 |
| /// the machine /// TB-Ausbilder    | Adware: Ultra Downloads Notifier // Überschüttet mich mit Werbung hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
03.12.2013, 17:29
| #3 |
| | Adware: Ultra Downloads Notifier // Überschüttet mich mit Werbung Hier die Logfiles vom Farbar Recovery Scan Tool:
__________________FRST.txt FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-12-2013
Ran by Luc (administrator) on LUC-PC on 03-12-2013 17:20:02
Running from C:\Users\Luc\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Hi-Rez Studios) C:\AeriaGames\TribesAscendDE\HiPatchService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
() C:\Program Files (x86)\MagicTune Premium\MagicTuneEngine.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version7\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHelp.exe
(
ASUSTeK Computer Inc.) C:\Program Files\ASUS\GPU Boost Driver\GpuBoostServer.exe
() C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Device Center\ipoint.exe
(VIA Technologies, Inc.) C:\VIA_XHCI\usb3Monitor.exe
(Safer Networking Limited) C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Akamai Technologies, Inc.) C:\Users\Luc\AppData\Local\Akamai\netsession_win.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Akamai Technologies, Inc.) C:\Users\Luc\AppData\Local\Akamai\netsession_win.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Dropbox, Inc.) C:\Users\Luc\AppData\Roaming\Dropbox\bin\Dropbox.exe
(
ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\EPU\EPU.exe
(DeviceVM, Inc.) C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite\QFan4\FanHelp.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Curse) C:\Users\Luc\AppData\Local\Apps\2.0\DAXVM7VJ.39D\0EAAPPVV.VN1\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\CurseClient.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(TeamSpeak Systems GmbH) C:\Users\Luc\AppData\Local\TeamSpeak 3 Client\ts3client_win64.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [IntelliType Pro] - C:\Program Files\Microsoft Device Center\itype.exe [1464928 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [IntelliPoint] - C:\Program Files\Microsoft Device Center\ipoint.exe [2004584 2012-06-26] (Microsoft Corporation)
HKLM\...\Run: [VIAxHCUtl] - C:\VIA_XHCI\usb3Monitor.exe [331776 2012-10-23] (VIA Technologies, Inc.)
HKCU\...\Run: [SpybotSD TeaTimer] - C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Limited)
HKCU\...\Run: [Speech Recognition] - C:\Windows\Speech\Common\sapisvr.exe [44544 2009-07-14] (Microsoft Corporation)
HKCU\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2010-09-30] (AMD)
HKCU\...\Run: [Akamai NetSession Interface] - C:\Users\Luc\AppData\Local\Akamai\netsession_win.exe [4489472 2013-06-05] (Akamai Technologies, Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20549280 2013-10-21] (Skype Technologies S.A.)
HKCU\...\Run: [NTRedirect] - C:\Windows\SysWOW64\rundll32.exe "C:\Users\Luc\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run
HKCU\...\Run: [Google Update] - C:\Users\Luc\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-08-18] (Google Inc.)
MountPoints2: {3de50f26-12a3-11e1-a5dd-bcaec56cb0e7} - G:\AUTOSTARTER.EXE
MountPoints2: {bf3dd1dd-ecfc-11e0-ac69-bcaec56cb0e7} - G:\Startme.exe
MountPoints2: {c1503baf-1cdd-11e1-bb04-bcaec56cb0e7} - H:\Autorun.exe
MountPoints2: {ea78849b-44d8-11e1-849c-bcaec56cb0e7} - G:\Autorun.exe
HKLM-x32\...\Run: [Six Engine] - C:\Program Files (x86)\ASUS\EPU\EPU.exe [5309056 2010-06-14] (
ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [BCU] - C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe [411864 2010-03-05] (DeviceVM, Inc.)
HKLM-x32\...\Run: [TurboV EVO] - C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe [9936512 2010-07-15] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [] - [x]
HKLM-x32\...\Run: [LifeCam] - C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe [119152 2010-05-20] (Microsoft Corporation)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642808 2012-12-19] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [QFan Help] - C:\Program Files (x86)\ASUS\AI Suite\QFan4\FanHelp.exe [888960 2010-03-25] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3806544 2013-11-29] (LogMeIn Inc.)
HKU\Gast\...\Run: [HydraVisionDesktopManager] - C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2010-09-30] (AMD)
Startup: C:\Users\Luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\Luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Luc\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.splashtop.com/asusexpressgate/mb/searchAPI.php?SE=yahoo&QS=http%3A%2F%2Fde.search.yahoo.com%2Fsearch%3Ffr%3Dfp-devicevm%26type%3DWEB01
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
URLSearchHook: HKCU - (No Name) - {b106b661-3e1b-4015-af5c-195e909f35c6} - No File
SearchScopes: HKLM-x32 - DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2801937
SearchScopes: HKCU - DefaultScope {073BAC30-75B9-41fd-96DD-DD4D3776AF03} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
SearchScopes: HKCU - {073BAC30-75B9-41fd-96DD-DD4D3776AF03} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=EGMB
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=046D00FF5E678C6C&affID=119988&tt=288013_icon&tsp=4991
SearchScopes: HKCU - {4327FABE-3C22-4689-8DBF-D226CF777FE9} URL = hxxp://www.searchplusnetwork.com/?sp=vit4&q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2801937
BHO: Ultra Downloads Notifier - {11111111-1111-1111-1111-110311801194} - C:\Program Files (x86)\Ultra Downloads Notifier\Ultra Downloads Notifier-bho64.dll (ultradownloads)
BHO: Mein Gutscheincode Finder zeigt automatisch Shopping-Gutscheine an mit denen Sie beim Online-Einkauf sparen können. - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - C:\Program Files (x86)\Mein Gutscheincode Finder\Internet Explorer\x64\ConversionOneIE.dll (Conversion One GmbH)
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Ultra Downloads Notifier - {11111111-1111-1111-1111-110311801194} - C:\Program Files (x86)\Ultra Downloads Notifier\Ultra Downloads Notifier-bho.dll (ultradownloads)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Mein Gutscheincode Finder zeigt automatisch Shopping-Gutscheine an mit denen Sie beim Online-Einkauf sparen können. - {1ED16E0A-E8C4-40A0-8BC2-79485D21F796} - C:\Program Files (x86)\Mein Gutscheincode Finder\Internet Explorer\x86\ConversionOneIE.dll (Conversion One GmbH)
BHO-x32: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Browser Companion Helper Verifier - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll ( )
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\smart web printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Handler: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - No File
Handler: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - No File
Handler: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - No File
Handler-x32: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - No File
Handler-x32: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - No File
Handler-x32: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - No File
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - No File
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - No File
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @java.com/DTPlugin,version=10.5.0 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.5.0 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.5 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @idsoftware.com/QuakeLive - C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.5.1 - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npnxgameEU.dll (Nexon)
FF Plugin-x32: @nullsoft.com/winampDetector;version=1 - C:\Program Files (x86)\Winamp Detect\npwachk.dll (Nullsoft, Inc.)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Luc\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Luc\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Ultra Downloads Notifier - C:\Users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\Extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com
FF Extension: Adblock Plus - C:\Users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKCU\...\Firefox\Extensions: [finder@meingutscheincode.de] - C:\Program Files (x86)\Mein Gutscheincode Finder\Firefox
FF Extension: preisspion.de - C:\Program Files (x86)\Mein Gutscheincode Finder\Firefox
FF HKCU\...\Firefox\Extensions: [{446cf344-fcaf-42f6-8e3a-645f0449e9c8}] - C:\Program Files (x86)\uLyrics\130.xpi
Chrome:
=======
CHR HomePage: hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=046D00FF5E678C6C&affID=119988&tt=288013_icon&tsp=4991
CHR RestoreOnStartup: "hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=046D00FF5E678C6C&affID=119988&tt=288013_icon&tsp=4991"
CHR Plugin: (Shockwave Flash) - C:\Users\Luc\AppData\Local\Google\Chrome\Application\28.0.1500.95\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Luc\AppData\Local\Google\Chrome\Application\28.0.1500.95\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Luc\AppData\Local\Google\Chrome\Application\28.0.1500.95\pdf.dll No File
CHR Plugin: (Skype Toolbars) - C:\Users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.6.0.8442_0\npSkypeChromePlugin.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.290.11) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U29) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (MSN\u00AE Toolbar) - C:\Program Files (x86)\MSN Toolbar\Platform\4.0.0357.1\npwinext.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Plugin: (VLC Multimedia Plug-in) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll No File
CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Luc\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll No File
CHR Plugin: (Google Update) - C:\Users\Luc\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll No File
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (Browser Companion Helper) - C:\Users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf\1.0.5_0
CHR Extension: (XJZ Survey Remover) - C:\Users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cghbpbbbdbdcljgdhfpfhkpknlaefjhl\3.5.0.1_0
CHR Extension: (Ultra Downloads Notifier) - C:\Users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0
CHR Extension: (preisspion.de) - C:\Users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\jgfpelakfkbbkkdchaaaknckhoadkcbo\3.0.2_0
CHR Extension: (Yontoo) - C:\Users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_0
CHR Extension: (NCH DE) - C:\Users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ommhmgednjnodcljhlljkaiidghdmikk\10.13.20.300_0
CHR HKLM-x32\...\Chrome\Extension: [bodddioamolcibagionmmobehnbhiakf] - C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx
CHR HKLM-x32\...\Chrome\Extension: [gfhdkohbepelnfckgjinfddmecpngnpb] - C:\Program Files (x86)\LyricStar\Chrome.crx
CHR HKLM-x32\...\Chrome\Extension: [jbpkiefagocgkmemidfngdkamloieekf] - C:\Program Files (x86)\TornTV.com\torn10.crx
CHR HKLM-x32\...\Chrome\Extension: [jgfpelakfkbbkkdchaaaknckhoadkcbo] - C:\Program Files (x86)\Mein Gutscheincode Finder\Chrome\chrome-extension.crx
CHR HKLM-x32\...\Chrome\Extension: [mkfipnnefaefkjnklmlbckelgegkbdmn] - C:\Program Files (x86)\uLyrics\130.crx
CHR HKLM-x32\...\Chrome\Extension: [ngnjhfpfhadncgafgbneeljaginimmmk] - C:\Users\Luc\AppData\Local\Temp\tbch.crx
CHR HKLM-x32\...\Chrome\Extension: [ommhmgednjnodcljhlljkaiidghdmikk] - C:\Users\Luc\AppData\Local\CRE\ommhmgednjnodcljhlljkaiidghdmikk.crx
CHR StartMenuInternet: Google Chrome - C:\Users\Luc\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Services (Whitelisted) =================
R2 Akamai; c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll [4569856 2013-07-03] (Akamai Technologies, Inc.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-12-19] (Advanced Micro Devices, Inc.)
S4 AODService; C:\Program Files (x86)\AMD\OverDrive\AODAssist.exe [136616 2010-05-21] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe [109056 2010-06-24] ()
R2 HiPatchService; C:\AeriaGames\TribesAscendDE\HiPatchService.exe [9216 2013-10-25] (Hi-Rez Studios)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377104 2013-10-11] (LogMeIn, Inc.)
R2 MagicTuneEngine; C:\Program Files (x86)\MagicTune Premium\MagicTuneEngine.exe [45056 2007-08-23] ()
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4467488 2013-05-29] (INCA Internet Co., Ltd.)
R2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [759192 2013-09-03] (Tunngle.net GmbH)
==================== Drivers (Whitelisted) ====================
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-04-22] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2011-11-19] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-07-12] (DT Soft Ltd)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2011-11-19] ()
S3 MagicTune; C:\Windows\SysWow64\drivers\MTiCtwl.sys [13312 2006-08-28] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S1 NCPro; C:\Windows\SysWow64\drivers\MTictwl.sys [13312 2006-08-28] ()
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R3 NIWinCDEmu; C:\Windows\System32\DRIVERS\NIWinCDEmu.sys [111696 2013-02-02] ()
S3 NPPTNT2; C:\Windows\SysWow64\npptNT2.sys [4682 2004-12-30] (INCA Internet Co., Ltd.)
S3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [102912 2012-03-15] (Renesas Electronics Corporation)
S3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [220672 2012-03-15] (Renesas Electronics Corporation)
S3 s1018bus; C:\Windows\System32\DRIVERS\s1018bus.sys [113704 2009-03-25] (MCCI Corporation)
S3 s1018mdfl; C:\Windows\System32\DRIVERS\s1018mdfl.sys [19496 2009-03-25] (MCCI Corporation)
S3 s1018mdm; C:\Windows\System32\DRIVERS\s1018mdm.sys [153128 2009-03-25] (MCCI Corporation)
S3 s1018mgmt; C:\Windows\System32\DRIVERS\s1018mgmt.sys [133160 2009-03-25] (MCCI Corporation)
S3 s1018nd5; C:\Windows\System32\DRIVERS\s1018nd5.sys [34856 2009-03-25] (MCCI Corporation)
S3 s1018obex; C:\Windows\System32\DRIVERS\s1018obex.sys [128552 2009-03-25] (MCCI Corporation)
S3 s1018unic; C:\Windows\System32\DRIVERS\s1018unic.sys [146472 2009-03-25] (MCCI Corporation)
S3 Secdrv; C:\Windows\SysWow64\drivers\SECDRV.SYS [11616 2001-08-25] ()
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 VLAN; C:\Windows\System32\DRIVERS\RtVLAN60.sys [29472 2010-01-14] (Windows (R) Codename Longhorn DDK provider)
S3 VUSB3HUB; C:\Windows\System32\DRIVERS\ViaHub3.sys [204800 2012-10-23] (VIA Technologies, Inc.)
S3 xhcdrv; C:\Windows\System32\DRIVERS\xhcdrv.sys [256000 2012-10-23] (VIA Technologies, Inc.)
S3 cpuz135; \??\C:\Users\Luc\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
S3 Mv_Process; \??\c:\windows\syswow64\mv_process.sys [x]
S2 NEWDRIVER; \??\C:\Windows\SysWow64\WinVDEdrv6.sys [x]
S3 SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2011.SP4c\WNt500x64\Sandra.sys [x]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
S3 VGPU; System32\drivers\rdvgkmd.sys [x]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [x]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-12-03 17:20 - 2013-12-03 17:21 - 00028023 _____ C:\Users\Luc\Downloads\FRST.txt
2013-12-03 17:19 - 2013-12-03 17:19 - 01959434 _____ (Farbar) C:\Users\Luc\Downloads\FRST64.exe
2013-12-03 17:19 - 2013-12-03 17:19 - 00000000 ____D C:\FRST
2013-12-03 16:53 - 2013-12-03 16:53 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-12-02 20:58 - 2013-12-02 20:58 - 00097081 _____ C:\Users\Luc\Desktop\Hurensohn musik.flp
2013-12-02 19:57 - 2013-12-02 20:39 - 00000000 ____D C:\Users\Luc\Desktop\ultra downloads notifier - Problem
2013-11-29 16:42 - 2013-11-29 16:42 - 00000000 ____D C:\Users\Luc\AppData\Local\LogMeIn
2013-11-29 16:42 - 2013-11-29 16:42 - 00000000 ____D C:\ProgramData\LogMeIn
2013-11-29 16:41 - 2013-11-29 16:41 - 05877760 _____ C:\Users\Luc\Downloads\Hamachi-2.2.0.105.msi
2013-11-27 22:42 - 2013-11-27 22:42 - 00816954 _____ C:\Users\Luc\Downloads\worldedit-5.5.8.zip
2013-11-17 23:39 - 2013-11-27 23:05 - 00000000 ____D C:\Nexon
2013-11-17 18:26 - 2013-11-17 19:42 - 00267812 _____ C:\Users\Luc\Desktop\Romantik.pptx
2013-11-16 11:54 - 2013-11-16 22:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-15 18:43 - 2013-11-15 18:47 - 00102571 _____ C:\Users\Luc\Desktop\Paul Gardner Allen.pptx
2013-11-13 23:40 - 2013-10-12 09:45 - 02241536 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-11-13 23:40 - 2013-10-12 09:45 - 01364992 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-11-13 23:40 - 2013-10-12 09:45 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-11-13 23:40 - 2013-10-12 09:43 - 19269632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-11-13 23:40 - 2013-10-12 09:43 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-11-13 23:40 - 2013-10-12 09:43 - 03959808 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-11-13 23:40 - 2013-10-12 09:43 - 02648576 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-11-13 23:40 - 2013-10-12 09:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-11-13 23:40 - 2013-10-12 09:43 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-11-13 23:40 - 2013-10-12 09:43 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-11-13 23:40 - 2013-10-12 09:43 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-11-13 23:40 - 2013-10-12 09:43 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-11-13 23:40 - 2013-10-12 09:43 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-11-13 23:40 - 2013-10-12 09:43 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-11-13 23:40 - 2013-10-12 08:03 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-11-13 23:40 - 2013-10-12 08:03 - 01138176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-11-13 23:40 - 2013-10-12 08:02 - 14355968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-11-13 23:40 - 2013-10-12 08:02 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-11-13 23:40 - 2013-10-12 08:02 - 02877952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-11-13 23:40 - 2013-10-12 08:02 - 02049024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-11-13 23:40 - 2013-10-12 08:02 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-11-13 23:40 - 2013-10-12 08:02 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-11-13 23:40 - 2013-10-12 08:02 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-11-13 23:40 - 2013-10-12 08:02 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-11-13 23:40 - 2013-10-12 08:02 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-11-13 23:40 - 2013-10-12 08:02 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-11-13 23:40 - 2013-10-12 08:02 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-11-13 23:40 - 2013-10-12 07:35 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-11-13 23:40 - 2013-10-12 07:08 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-11-13 23:40 - 2013-10-12 06:44 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-11-13 23:40 - 2013-10-12 06:15 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-11-13 21:32 - 2013-11-13 21:32 - 00001152 _____ C:\Users\Luc\Desktop\FL Studio 10.lnk
2013-11-13 21:32 - 2009-09-15 10:14 - 01554944 _____ (HMS hxxp://hp.vector.co.jp/authors/VA012897/) C:\Windows\SysWOW64\vorbis.acm
2013-11-13 13:59 - 2013-10-05 21:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-11-13 13:59 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-11-13 13:59 - 2013-10-04 03:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2013-11-13 13:59 - 2013-10-04 03:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2013-11-13 13:59 - 2013-10-04 03:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2013-11-13 13:59 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2013-11-13 13:59 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2013-11-13 13:59 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2013-11-13 13:59 - 2013-09-28 02:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-11-13 13:58 - 2013-10-12 03:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2013-11-13 13:58 - 2013-10-12 03:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2013-11-13 13:58 - 2013-10-12 03:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2013-11-13 13:58 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2013-11-13 13:58 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2013-11-13 13:58 - 2013-10-03 03:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2013-11-13 13:58 - 2013-10-03 03:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2013-11-13 13:58 - 2013-09-25 03:26 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-11-13 13:58 - 2013-09-25 03:26 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-11-13 13:58 - 2013-09-25 03:23 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-11-13 13:58 - 2013-09-25 03:23 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-11-13 13:58 - 2013-09-25 03:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-11-13 13:58 - 2013-09-25 03:22 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-11-13 13:58 - 2013-09-25 03:21 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-11-13 13:58 - 2013-09-25 03:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-11-13 13:58 - 2013-09-25 02:58 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-11-13 13:58 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-11-13 13:58 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-11-13 13:58 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-11-13 13:58 - 2013-09-25 02:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-11-13 13:58 - 2013-07-04 13:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-11-11 19:21 - 2013-11-11 19:21 - 00017437 _____ C:\Windows\DirectX.log
2013-11-10 00:08 - 2013-11-10 00:08 - 00000577 _____ C:\Users\Luc\Downloads\listen.m3u
2013-11-09 14:50 - 2013-11-09 14:50 - 01467128 _____ C:\Users\Luc\Downloads\SystemCheck_deDE(1).exe
2013-11-08 20:35 - 2013-11-08 20:35 - 00066728 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys
2013-11-08 20:35 - 2013-11-08 20:35 - 00000000 ____D C:\Program Files\Virtual Audio Cable
2013-11-08 20:33 - 2013-11-09 00:18 - 00000000 ____D C:\Users\Luc\AppData\Roaming\Winamp
2013-11-08 20:33 - 2013-11-08 20:34 - 00000000 ____D C:\Program Files (x86)\Winamp
2013-11-08 20:33 - 2013-11-08 20:33 - 00000000 ____D C:\Users\Luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in
2013-11-08 20:33 - 2013-11-08 20:33 - 00000000 ____D C:\Program Files (x86)\Winamp Detect
2013-11-08 20:27 - 2013-11-08 20:32 - 00000000 ____D C:\Users\Luc\Desktop\winamp
2013-11-08 20:27 - 2013-11-08 20:27 - 17664368 _____ (Nullsoft, Inc.) C:\Users\Luc\Downloads\winamp565_full_emusic-7plus_all.exe
2013-11-08 20:26 - 2010-03-27 19:14 - 00000000 ____D C:\Users\Luc\Desktop\Virtual Audio Cable 4.10
2013-11-08 18:32 - 2013-11-16 22:16 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-08 18:11 - 2013-11-08 18:11 - 23123208 _____ (Mozilla) C:\Users\Luc\Desktop\Firefox_Setup_25.0.exe
2013-11-08 14:20 - 2013-12-03 17:02 - 00003923 _____ C:\Windows\setupact.log
2013-11-08 14:20 - 2013-11-29 14:20 - 00065268 _____ C:\Windows\PFRO.log
2013-11-08 14:20 - 2013-11-08 14:20 - 00000000 _____ C:\Windows\setuperr.log
2013-11-03 21:18 - 2013-11-03 21:18 - 00096166 _____ C:\Users\Luc\Desktop\Mash.flp
==================== One Month Modified Files and Folders =======
2013-12-03 17:21 - 2013-12-03 17:20 - 00028023 _____ C:\Users\Luc\Downloads\FRST.txt
2013-12-03 17:19 - 2013-12-03 17:19 - 01959434 _____ (Farbar) C:\Users\Luc\Downloads\FRST64.exe
2013-12-03 17:19 - 2013-12-03 17:19 - 00000000 ____D C:\FRST
2013-12-03 17:19 - 2011-08-18 21:40 - 00000000 ____D C:\Users\Luc\AppData\Roaming\Skype
2013-12-03 17:16 - 2011-08-30 20:00 - 00000000 ____D C:\Users\Luc\AppData\Roaming\TS3Client
2013-12-03 17:10 - 2011-08-18 17:02 - 00001112 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-139755560-1312564612-3865908286-1000UA.job
2013-12-03 17:06 - 2011-08-18 13:22 - 01691908 _____ C:\Windows\WindowsUpdate.log
2013-12-03 17:03 - 2012-08-22 23:49 - 00000000 ___RD C:\Users\Luc\Dropbox
2013-12-03 17:03 - 2012-08-22 23:45 - 00000000 ____D C:\Users\Luc\AppData\Roaming\Dropbox
2013-12-03 17:03 - 2012-07-02 16:27 - 00000000 ____D C:\Users\Luc\AppData\Local\Deployment
2013-12-03 17:02 - 2013-11-08 14:20 - 00003923 _____ C:\Windows\setupact.log
2013-12-03 17:02 - 2013-09-14 23:49 - 00002020 _____ C:\Windows\Tasks\Ultra Downloads Notifier-chromeinstaller.job
2013-12-03 17:02 - 2013-09-14 23:49 - 00001944 _____ C:\Windows\Tasks\Ultra Downloads Notifier-firefoxinstaller.job
2013-12-03 17:02 - 2013-09-14 23:49 - 00001382 _____ C:\Windows\Tasks\Ultra Downloads Notifier-updater.job
2013-12-03 17:02 - 2013-09-14 23:49 - 00001286 _____ C:\Windows\Tasks\Ultra Downloads Notifier-codedownloader.job
2013-12-03 17:02 - 2013-09-14 23:49 - 00001186 _____ C:\Windows\Tasks\Ultra Downloads Notifier-enabler.job
2013-12-03 17:02 - 2013-02-24 16:27 - 00000000 ____D C:\Users\Luc\AppData\Local\LogMeIn Hamachi
2013-12-03 17:02 - 2012-12-20 14:29 - 00001100 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-12-03 17:00 - 2009-07-14 05:45 - 00014512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-12-03 17:00 - 2009-07-14 05:45 - 00014512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-12-03 16:56 - 2012-12-20 14:29 - 00001104 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-12-03 16:53 - 2013-12-03 16:53 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi
2013-12-03 16:52 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-12-02 22:46 - 2012-08-29 19:07 - 00000000 ____D C:\Users\Luc\AppData\Roaming\.minecraft
2013-12-02 22:10 - 2011-08-18 17:02 - 00001060 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-139755560-1312564612-3865908286-1000Core.job
2013-12-02 20:58 - 2013-12-02 20:58 - 00097081 _____ C:\Users\Luc\Desktop\Hurensohn musik.flp
2013-12-02 20:56 - 2011-08-24 17:23 - 00000000 ____D C:\Program Files (x86)\Steam
2013-12-02 20:39 - 2013-12-02 19:57 - 00000000 ____D C:\Users\Luc\Desktop\ultra downloads notifier - Problem
2013-12-02 20:31 - 2012-04-13 13:05 - 00059228 _____ C:\Windows\system32\lvcoinst.log
2013-12-02 18:35 - 2011-08-24 17:44 - 00000000 ____D C:\Users\Luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2013-12-01 04:26 - 2011-08-19 11:53 - 00000000 ____D C:\Users\Luc\AppData\Roaming\ICQ
2013-11-29 16:42 - 2013-11-29 16:42 - 00000000 ____D C:\Users\Luc\AppData\Local\LogMeIn
2013-11-29 16:42 - 2013-11-29 16:42 - 00000000 ____D C:\ProgramData\LogMeIn
2013-11-29 16:41 - 2013-11-29 16:41 - 05877760 _____ C:\Users\Luc\Downloads\Hamachi-2.2.0.105.msi
2013-11-29 16:41 - 2011-08-22 17:30 - 00000000 ____D C:\Users\Luc\AppData\Roaming\Hamachi
2013-11-29 14:20 - 2013-11-08 14:20 - 00065268 _____ C:\Windows\PFRO.log
2013-11-28 22:05 - 2011-08-18 17:02 - 00004082 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-139755560-1312564612-3865908286-1000UA
2013-11-28 22:05 - 2011-08-18 17:02 - 00003686 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-139755560-1312564612-3865908286-1000Core
2013-11-27 23:05 - 2013-11-17 23:39 - 00000000 ____D C:\Nexon
2013-11-27 22:42 - 2013-11-27 22:42 - 00816954 _____ C:\Users\Luc\Downloads\worldedit-5.5.8.zip
2013-11-27 22:34 - 2012-11-23 17:49 - 00000000 ____D C:\Users\Luc\Desktop\MINECRAFT
2013-11-26 19:40 - 2013-10-05 21:45 - 00000000 ____D C:\ProgramData\Tunngle
2013-11-26 19:40 - 2011-12-17 15:17 - 00000000 ____D C:\Users\Luc\AppData\Roaming\Tunngle
2013-11-25 15:07 - 2013-01-10 17:10 - 00000000 ____D C:\Windows\rescache
2013-11-19 11:21 - 2011-08-18 14:00 - 00267936 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2013-11-18 00:30 - 2011-08-18 14:10 - 00001912 _____ C:\Windows\epplauncher.mif
2013-11-18 00:29 - 2011-08-18 14:10 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2013-11-18 00:29 - 2011-08-18 14:09 - 00000000 ____D C:\Program Files\Microsoft Security Client
2013-11-17 19:42 - 2013-11-17 18:26 - 00267812 _____ C:\Users\Luc\Desktop\Romantik.pptx
2013-11-16 22:23 - 2013-11-16 11:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-11-16 22:16 - 2013-11-08 18:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-11-15 21:09 - 2013-02-20 12:36 - 00000000 ____D C:\Users\Luc\AppData\Roaming\vlc
2013-11-15 18:47 - 2013-11-15 18:43 - 00102571 _____ C:\Users\Luc\Desktop\Paul Gardner Allen.pptx
2013-11-15 17:44 - 2013-10-17 21:56 - 00001981 _____ C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2013-11-14 22:59 - 2013-10-17 21:56 - 00000000 ____D C:\Program Files\McAfee Security Scan
2013-11-14 10:53 - 2011-08-18 14:15 - 00000000 ____D C:\Windows\Panther
2013-11-13 23:40 - 2011-08-18 16:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-11-13 23:39 - 2013-07-18 15:34 - 00000000 ____D C:\Windows\system32\MRT
2013-11-13 23:36 - 2011-08-18 14:30 - 82896128 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-11-13 21:33 - 2013-10-31 20:46 - 00000795 _____ C:\Users\Luc\Desktop\ASIO4ALL v2 Instruction Manual.lnk
2013-11-13 21:32 - 2013-11-13 21:32 - 00001152 _____ C:\Users\Luc\Desktop\FL Studio 10.lnk
2013-11-13 21:32 - 2012-06-20 10:44 - 00000000 ____D C:\Users\Luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Image-Line
2013-11-13 21:32 - 2012-06-19 20:45 - 00000000 ____D C:\Program Files (x86)\Vstplugins
2013-11-11 22:00 - 2012-11-11 00:49 - 00000000 ____D C:\Users\Luc\AppData\Local\PMB Files
2013-11-11 22:00 - 2012-11-11 00:49 - 00000000 ____D C:\ProgramData\PMB Files
2013-11-11 19:21 - 2013-11-11 19:21 - 00017437 _____ C:\Windows\DirectX.log
2013-11-10 00:08 - 2013-11-10 00:08 - 00000577 _____ C:\Users\Luc\Downloads\listen.m3u
2013-11-09 14:50 - 2013-11-09 14:50 - 01467128 _____ C:\Users\Luc\Downloads\SystemCheck_deDE(1).exe
2013-11-09 10:05 - 2009-07-14 06:08 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2013-11-09 00:18 - 2013-11-08 20:33 - 00000000 ____D C:\Users\Luc\AppData\Roaming\Winamp
2013-11-08 20:58 - 2011-11-19 13:58 - 00000000 ____D C:\Program Files (x86)\JDownloader
2013-11-08 20:35 - 2013-11-08 20:35 - 00066728 _____ (Eugene V. Muzychenko) C:\Windows\system32\Drivers\vrtaucbl.sys
2013-11-08 20:35 - 2013-11-08 20:35 - 00000000 ____D C:\Program Files\Virtual Audio Cable
2013-11-08 20:34 - 2013-11-08 20:33 - 00000000 ____D C:\Program Files (x86)\Winamp
2013-11-08 20:33 - 2013-11-08 20:33 - 00000000 ____D C:\Users\Luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Erkennungs-Plug-in
2013-11-08 20:33 - 2013-11-08 20:33 - 00000000 ____D C:\Program Files (x86)\Winamp Detect
2013-11-08 20:32 - 2013-11-08 20:27 - 00000000 ____D C:\Users\Luc\Desktop\winamp
2013-11-08 20:27 - 2013-11-08 20:27 - 17664368 _____ (Nullsoft, Inc.) C:\Users\Luc\Downloads\winamp565_full_emusic-7plus_all.exe
2013-11-08 18:46 - 2011-11-04 18:36 - 00000000 ____D C:\Users\Luc\AppData\Local\Facebook
2013-11-08 18:32 - 2011-08-18 14:30 - 00000000 ____D C:\Users\Luc\AppData\Roaming\Mozilla
2013-11-08 18:26 - 2013-08-31 17:33 - 00000000 ____D C:\Program Files (x86)\diamondata
2013-11-08 18:23 - 2011-12-12 22:51 - 00000000 ____D C:\Windows\system32\appmgmt
2013-11-08 18:22 - 2011-08-18 17:20 - 00002792 _____ C:\ProgramData\hpzinstall.log
2013-11-08 18:21 - 2011-08-24 16:25 - 00000000 ____D C:\Users\Luc\Pokemon Online
2013-11-08 18:20 - 2011-08-18 13:27 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2013-11-08 18:19 - 2012-03-09 01:32 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2013-11-08 18:19 - 2011-08-18 17:21 - 00000000 ____D C:\Program Files (x86)\HP
2013-11-08 18:18 - 2011-08-18 21:40 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-11-08 18:18 - 2011-08-18 21:40 - 00000000 ____D C:\ProgramData\Skype
2013-11-08 18:17 - 2012-11-19 19:21 - 00000000 ____D C:\Users\Luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Joymax
2013-11-08 18:17 - 2012-11-19 19:17 - 00000000 ____D C:\Program Files (x86)\SilkroadR
2013-11-08 18:15 - 2011-08-24 19:23 - 00000000 ____D C:\Users\Luc\AppData\Local\Conduit
2013-11-08 18:14 - 2012-07-28 18:06 - 00000000 ____D C:\Program Files (x86)\Noel Danjou
2013-11-08 18:12 - 2013-05-25 00:34 - 00000000 ____D C:\Users\Luc\AppData\Roaming\GameRanger
2013-11-08 18:11 - 2013-11-08 18:11 - 23123208 _____ (Mozilla) C:\Users\Luc\Desktop\Firefox_Setup_25.0.exe
2013-11-08 17:46 - 2012-02-26 19:20 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2013-11-08 14:20 - 2013-11-08 14:20 - 00000000 _____ C:\Windows\setuperr.log
2013-11-07 23:48 - 2011-08-30 20:00 - 00000000 ____D C:\Users\Luc\AppData\Local\TeamSpeak 3 Client
2013-11-07 23:18 - 2013-01-06 02:14 - 00000000 ____D C:\Users\Luc\AppData\Roaming\uTorrent
2013-11-07 23:18 - 2011-09-27 21:40 - 00000000 ____D C:\Windows\Minidump
2013-11-03 21:18 - 2013-11-03 21:18 - 00096166 _____ C:\Users\Luc\Desktop\Mash.flp
Files to move or delete:
====================
C:\Users\Luc\CoHLauncher.exe
C:\Users\Luc\SilkroadOnline_SROROfficial_v1_052.exe
Some content of TEMP:
====================
C:\Users\Luc\AppData\Local\Temp\jansi-32-git-Bukkit-1.6.4-R2.0-b2918jnks.dll
C:\Users\Luc\AppData\Local\Temp\jansi-64-git-Bukkit-1.5.2-R1.0-b2788jnks.dll
C:\Users\Luc\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.2-R0.1-b2838jnks.dll
C:\Users\Luc\AppData\Local\Temp\jansi-64-git-Bukkit-1.6.4-R2.0-b2918jnks.dll
C:\Users\Luc\AppData\Local\Temp\speccycpuid.dll
C:\Users\Luc\AppData\Local\Temp\tbWin2.dll
C:\Users\Luc\AppData\Local\Temp\_is4119.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2013-11-25 14:59
==================== End Of Log ============================
--- --- --- Addition.txt Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-12-2013
Ran by Luc at 2013-12-03 17:21:38
Running from C:\Users\Luc\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
==================== Installed Programs ======================
µTorrent (x32 Version: 3.2.3.28705)
64 Bit HP CIO Components Installer (Version: 7.2.4)
7-Zip 9.20 (x64 edition) (Version: 9.20.00.0)
ACID Music Studio 8.0 (x32 Version: 8.0.178)
Adobe Flash Player 11 ActiveX (x32 Version: 11.3.300.265)
Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
Adobe Reader X (10.1.5) - Deutsch (x32 Version: 10.1.5)
Advanced Archive Password Recovery (HKCU Version: 4.53)
Aeria Ignite (x32 Version: 1.13.3296)
Age of Empires III - The WarChiefs (x32 Version: 1.00.0000)
Age of Empires III (x32 Version: 1.00.0000)
Age of Empires Online (x32)
AI Suite (x32 Version: 1.06.20)
AION Free-To-Play (x32 Version: 2.70.0000)
Akamai NetSession Interface (HKCU)
Akamai NetSession Interface Service (x32)
Alice Madness Returns (x32 Version: 1.0.0.0)
Aliens vs. Predator 2 (x32)
AMD Accelerated Video Transcoding (Version: 12.5.100.21219)
AMD APP SDK Runtime (Version: 10.0.1084.4)
AMD Catalyst Install Manager (Version: 8.0.903.0)
AMD Drag and Drop Transcoding (Version: 2.00.0000)
AMD Fuel (Version: 2012.1219.1521.27485)
AMD Media Foundation Decoders (Version: 1.0.71219.1540)
AMD OverDrive (x32 Version: 3.2.2.0452)
AMD Steady Video Plug-In (Version: 2.04.0000)
AMD VISION Engine Control Center (x32 Version: 2012.1219.1521.27485)
Antares Auto-Tune Evo VST (x32 Version: 6.00.0009)
Any Video Converter 3.3.3 (x32)
AOE2ColorFix (remove only) (x32)
ASIO4ALL (x32 Version: 2.10)
ASUSUpdate (x32 Version: 7.18.03)
ATI AVIVO64 Codecs (Version: 11.6.0.50930)
ATI Problem Report Wizard (Version: 3.0.795.0)
Battlefield 2(TM) Demo (x32)
Battlefield Play4Free (HKCU)
Battlefield: Bad Company™ 2 (x32 Version: 1.0.0.0)
BattleForge™ (x32 Version: 1.0.0.0)
BioShock (HKCU Version: 2.62.0000)
Bome's Mouse Keyboard 2.00 (x32)
Browser Configuration Utility (x32 Version: 1.0.12.1)
BrowserCompanion (x32)
BufferChm (x32 Version: 140.0.212.000)
C410 (x32 Version: 140.0.273.000)
CameraHelperMsi (x32 Version: 13.51.815.0)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.1219.1521.27485)
Catalyst Control Center InstallProxy (x32 Version: 2012.1219.1521.27485)
Catalyst Control Center Localization All (x32 Version: 2012.1219.1521.27485)
CCC Help Chinese Standard (x32 Version: 2012.1219.1520.27485)
CCC Help Chinese Traditional (x32 Version: 2012.1219.1520.27485)
CCC Help Czech (x32 Version: 2012.1219.1520.27485)
CCC Help Danish (x32 Version: 2012.1219.1520.27485)
CCC Help Dutch (x32 Version: 2012.1219.1520.27485)
CCC Help English (x32 Version: 2012.1219.1520.27485)
CCC Help Finnish (x32 Version: 2012.1219.1520.27485)
CCC Help French (x32 Version: 2012.1219.1520.27485)
CCC Help German (x32 Version: 2012.1219.1520.27485)
CCC Help Greek (x32 Version: 2012.1219.1520.27485)
CCC Help Hungarian (x32 Version: 2012.1219.1520.27485)
CCC Help Italian (x32 Version: 2012.1219.1520.27485)
CCC Help Japanese (x32 Version: 2012.1219.1520.27485)
CCC Help Korean (x32 Version: 2012.1219.1520.27485)
CCC Help Norwegian (x32 Version: 2012.1219.1520.27485)
CCC Help Polish (x32 Version: 2012.1219.1520.27485)
CCC Help Portuguese (x32 Version: 2012.1219.1520.27485)
CCC Help Russian (x32 Version: 2012.1219.1520.27485)
CCC Help Spanish (x32 Version: 2012.1219.1520.27485)
CCC Help Swedish (x32 Version: 2012.1219.1520.27485)
CCC Help Thai (x32 Version: 2012.1219.1520.27485)
CCC Help Turkish (x32 Version: 2012.1219.1520.27485)
ccc-utility64 (Version: 2012.1219.1521.27485)
CCleaner (Version: 3.21)
Cheat Engine 6.1 (x32)
Cinema 4D version R12 (x32 Version: R12)
Combat Arms EU (x32)
Company of Heroes - FAKEMSI (x32 Version: 2.0.0.0)
Company of Heroes (x32 Version: 2.0.0.1)
Counter-Strike: Global Offensive (x32)
Crimecraft: BLEEDOUT (x32)
Curse Client (HKCU Version: 5.1.1.792)
D3DX10 (x32 Version: 15.4.2368.0902)
DAEMON Tools Lite (x32 Version: 4.45.4.0315)
DC Universe Online Live (HKCU)
DC Universe Online PSG (HKCU Version: 1.0.3.183)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition
Destinations (x32 Version: 140.0.77.000)
DeviceDiscovery (x32 Version: 140.0.212.000)
Diablo III (x32)
DIE SIEDLER - Aufstieg eines Königreichs (x32 Version: 1.00.0000)
DiRT 3 (x32)
Dota 2 (x32)
Dropbox (HKCU Version: 2.0.22)
EdenEternal-DE (x32)
EE-ZDE (x32)
Empire Earth II (x32 Version: 1.02)
EPU (x32 Version: 1.02.21)
erLT (x32 Version: 1.20.138.34)
Fax (x32 Version: 140.0.212.000)
Firebird SQL Server - MAGIX Edition (x32 Version: 2.1.27.0)
FL Studio 10 (x32)
FL Studio 11 (x32)
FlowStone FL 3.0 (x32)
Fraps (x32)
FreeMind (x32 Version: 0.9.0)
FunnyGames - Happy Wheels (HKCU Version: 1)
GIMP 2.6.8
Google Chrome (HKCU Version: 31.0.1650.57)
Google Update Helper (x32 Version: 1.3.21.165)
GPBaseService2 (x32 Version: 140.0.211.000)
GPU Boost Driver (x32 Version: 1.01.15)
Guild Wars 2 (x32)
Hardcopy (C:\Program Files (x86)\Hardcopy) (x32 Version: 2011.07.02)
High-Definition Video Playback (x32 Version: 7.3.10900.8.0)
HP Customer Participation Program 14.0 (Version: 14.0)
HP Imaging Device Functions 14.0 (Version: 14.0)
HP Photosmart Prem C410 All-In-One Driver Software 14.0 Rel. 7 (Version: 14.0)
HP Smart Web Printing 4.60 (Version: 4.60)
HP Solution Center 14.0 (Version: 14.0)
HP Update (x32 Version: 5.002.002.002)
HPAppStudio (x32 Version: 140.0.95.000)
HPPhotoGadget (x32 Version: 140.0.524.000)
HPProductAssistant (x32 Version: 140.0.212.000)
HydraVision (x32 Version: 4.2.180.0)
ICQ7.6 (x32 Version: 7.6)
IL Download Manager (x32)
IL Shared Libraries (x32)
Java Auto Updater (x32 Version: 2.1.6.0)
Java(TM) 6 Update 29 (x32 Version: 6.0.290)
Java(TM) 7 Update 5 (64-bit) (Version: 7.0.50)
Java(TM) 7 Update 5 (x32 Version: 7.0.50)
JavaFX 2.1.1 (x32 Version: 2.1.1)
JDownloader 0.9 (x32 Version: 0.9)
Knights Of Honor (x32 Version: 1.00)
League of Legends (x32 Version: 1.3)
Loaris Trojan Remover 1.2 (x32)
Logitech Webcam-Software (x32 Version: 2.51)
LogMeIn Hamachi (x32 Version: 2.2.0.109)
LWS Facebook (x32 Version: 13.50.854.0)
LWS Gallery (x32 Version: 13.51.827.0)
LWS Help_main (x32 Version: 13.51.828.0)
LWS Launcher (x32 Version: 13.51.828.0)
LWS Motion Detection (x32 Version: 13.51.815.0)
LWS Pictures And Video (x32 Version: 13.51.815.0)
LWS Twitter (x32 Version: 13.30.1346.0)
LWS Webcam Software (x32 Version: 13.51.815.0)
LWS WLM Plugin (x32 Version: 1.30.1201.0)
LWS YouTube Plugin (x32 Version: 13.31.1038.0)
MagicTune Premium (x32 Version: 1.0 Beta)
MAGIX Music Maker 17 Download-Version (x32 Version: 17.0.0.16)
MAGIX Music Maker 17 Trial (Soundpaket) (x32 Version: 1.0.0.0)
MAGIX Screenshare (x32 Version: 4.3.6.1987)
MAGIX Speed burnR (MSI) (x32 Version: 7.0.2.6)
MarketResearch (x32 Version: 140.0.212.000)
Mass Effect 2 (x32 Version: 1.00)
McAfee Security Scan Plus (Version: 3.8.130.10)
Mein Gutscheincode Finder 1.0.0.0 (x32 Version: 1.0.0.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Age of Empires (x32)
Microsoft Age of Empires Expansion (x32)
Microsoft Age of Empires II (x32)
Microsoft Age of Empires II: The Conquerors Expansion (x32)
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2)
Microsoft Application Error Reporting (Version: 12.0.6015.5000)
Microsoft Corporation (Version: 9.0.30729.1)
Microsoft Corporation (x32 Version: 9.0.30729.1)
Microsoft Games for Windows - LIVE Redistributable (x32 Version: 3.5.92.0)
Microsoft Games for Windows Marketplace (x32 Version: 3.5.50.0)
Microsoft LifeCam (Version: 3.22.270.0)
Microsoft Office 2010 Service Pack 1 (SP1)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.6029.1000)
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Professional Plus 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (English) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (French) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proof (Italian) 2010 (Version: 14.0.6029.1000)
Microsoft Office Proofing (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared 32-bit MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Office Word MUI (German) 2010 (Version: 14.0.6029.1000)
Microsoft Security Client (Version: 4.4.0304.0)
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 4.4.304.0)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.59193)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (Version: 10.0.30319)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (x32 Version: 10.0.30319)
Microsoft-Maus- und Tastatur-Center (Version: 1.1.500.0)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0)
MSVCRT (x32 Version: 15.4.2862.0708)
MSXML 4.0 SP2 (KB954430) (x32 Version: 4.20.9870.0)
MSXML 4.0 SP2 (KB973688) (x32 Version: 4.20.9876.0)
Native Instruments Abbey Road 60s Drummer (Version: 1.1.0.003)
Native Instruments Abbey Road 60s Drummer (x32)
Native Instruments Abbey Road 60s Drums (Version: 1.2.0.003)
Native Instruments Abbey Road 60s Drums (x32)
Native Instruments Abbey Road 70s Drummer (Version: 1.1.0.003)
Native Instruments Abbey Road 70s Drummer (x32)
Native Instruments Abbey Road 70s Drums (Version: 1.2.0.004)
Native Instruments Abbey Road 70s Drums (x32)
Native Instruments Abbey Road 80s Drummer (Version: 1.1.0.003)
Native Instruments Abbey Road 80s Drummer (x32)
Native Instruments Abbey Road 80s Drums (Version: 1.1.0.005)
Native Instruments Abbey Road 80s Drums (x32)
Native Instruments Abbey Road Modern Drummer (Version: 1.1.0.002)
Native Instruments Abbey Road Modern Drummer (x32)
Native Instruments Abbey Road Modern Drums (Version: 1.1.0.006)
Native Instruments Abbey Road Modern Drums (x32)
Native Instruments Absynth 5 (Version: 5.1.1.1141)
Native Instruments Absynth 5 (x32)
Native Instruments Alicias Keys (Version: 1.3.0.005)
Native Instruments Alicias Keys (x32)
Native Instruments Balinese Gamelan (Version: 1.1.0.006)
Native Instruments Balinese Gamelan (x32)
Native Instruments Battery 3 (Version: 3.2.3.637)
Native Instruments Battery 3 (x32)
Native Instruments Battery Library Importer for Maschine (Version: 1.0.0.003)
Native Instruments Battery Library Importer for Maschine (x32)
Native Instruments Berlin Concert Grand (Version: 1.3.0.005)
Native Instruments Berlin Concert Grand (Version: 1.4.0.002)
Native Instruments Berlin Concert Grand (x32)
Native Instruments Conant Gardens (Version: 1.0.0.002)
Native Instruments Conant Gardens (x32)
Native Instruments Controller Editor (Version: 1.5.4.1182)
Native Instruments Controller Editor (x32 Version: 1.5.4.1182)
Native Instruments Damage (Version: 1.0.0.003)
Native Instruments Damage (x32)
Native Instruments Driver (Version: 1.0.1.288)
Native Instruments Driver (x32 Version: 1.0.1.288)
Native Instruments Evolve Mutations (Version: 1.1.0.004)
Native Instruments Evolve Mutations (x32)
Native Instruments Evolve Mutations 2 (Version: 1.1.0.006)
Native Instruments Evolve Mutations 2 (x32)
Native Instruments FM8 (Version: 1.2.1.1119)
Native Instruments FM8 (x32)
Native Instruments George Duke Soul Treasures (Version: 1.2.0.002)
Native Instruments George Duke Soul Treasures (x32)
Native Instruments Guitar Rig 5 (Version: 5.1.1.2673)
Native Instruments Guitar Rig 5 (x32)
Native Instruments Guitar Rig Factory Selection for Maschine (Version: 1.0.0.001)
Native Instruments Guitar Rig Factory Selection for Maschine (x32)
Native Instruments Guitar Rig Pro Library for Maschine (x32)
Native Instruments Komplete 8 Players (Version: 8.0.0.003)
Native Instruments Komplete 8 Players (x32)
Native Instruments Komplete 8 Ultimate (Version: 8.1.0.001)
Native Instruments Komplete 8 Ultimate (x32)
Native Instruments Kontakt 4 (Version: 4.2.4.5316)
Native Instruments Kontakt 4 (x32)
Native Instruments Kontakt 5 (Version: 5.1.0.6066)
Native Instruments Kontakt 5 (x32)
Native Instruments Kontakt Factory Library (Version: 1.0.1.003)
Native Instruments Kontakt Factory Library (x32)
Native Instruments Kontakt Factory Selection (Version: 1.2.0.004)
Native Instruments Kontakt Factory Selection (x32)
Native Instruments Maschine (Version: 1.8.2.247)
Native Instruments Maschine (x32)
Native Instruments Maschine Controller Driver (Version: 3.0.1.648)
Native Instruments Maschine Controller Driver (x32)
Native Instruments Maschine Drum Selection (Version: 1.1.0.005)
Native Instruments Maschine Drum Selection (x32)
Native Instruments Massive (Version: 1.3.1.129)
Native Instruments Massive (x32)
Native Instruments Mikro Prism (Version: 1.0.0.001)
Native Instruments Mikro Prism (x32)
Native Instruments New York Concert Grand (Version: 1.3.0.005)
Native Instruments New York Concert Grand (x32)
Native Instruments Rammfire (Version: 1.1.0.003)
Native Instruments Rammfire (x32)
Native Instruments Rammfire for Maschine (Version: 1.0.0.005)
Native Instruments Rammfire for Maschine (x32)
Native Instruments Razor (Version: 1.3.0.001)
Native Instruments Razor (x32)
Native Instruments Reaktor 5 (Version: 5.8.0.550)
Native Instruments Reaktor 5 (x32)
Native Instruments Reaktor Factory Selection (Version: 1.1.0.002)
Native Instruments Reaktor Factory Selection (x32)
Native Instruments Reaktor Prism (Version: 1.3.0.001)
Native Instruments Reaktor Prism (x32)
Native Instruments Reaktor Spark R2 (Version: 1.2.0.001)
Native Instruments Reaktor Spark R2 (x32)
Native Instruments Reflektor (Version: 1.2.0.003)
Native Instruments Reflektor (x32)
Native Instruments Reflektor for Maschine (Version: 1.0.0.004)
Native Instruments Reflektor for Maschine (x32)
Native Instruments Retro Machines Mk2 (Version: 1.0.0.007)
Native Instruments Retro Machines Mk2 (x32)
Native Instruments Rig Kontrol 3 (Version: 3.0.0.625)
Native Instruments Rig Kontrol 3 (x32)
Native Instruments Scarbee Funk Guitarist (Version: 1.1.0.007)
Native Instruments Scarbee Funk Guitarist (x32)
Native Instruments Scarbee Jay-Bass (Version: 1.1.0.005)
Native Instruments Scarbee Jay-Bass (x32)
Native Instruments Scarbee MM-Bass (Version: 1.2.0.006)
Native Instruments Scarbee MM-Bass (x32)
Native Instruments Scarbee MM-Bass Amped (Version: 1.1.0.003)
Native Instruments Scarbee MM-Bass Amped (x32)
Native Instruments Scarbee Pre-Bass (Version: 1.1.0.004)
Native Instruments Scarbee Pre-Bass (x32)
Native Instruments Scarbee Pre-Bass Amped (Version: 1.1.0.003)
Native Instruments Scarbee Pre-Bass Amped (x32)
Native Instruments Scarbee Vintage Keys (Version: 1.1.0.004)
Native Instruments Scarbee Vintage Keys (x32)
Native Instruments Service Center (Version: 2.2.6.676)
Native Instruments Service Center (x32)
Native Instruments Session Strings Pro (Version: 1.2.0.004)
Native Instruments Session Strings Pro (x32)
Native Instruments Skanner (Version: 1.0.0.005)
Native Instruments Skanner (x32)
Native Instruments Solid Bus Comp (Version: 1.0.0.003)
Native Instruments Solid Bus Comp (x32)
Native Instruments Solid Bus Comp for Maschine (Version: 1.0.0.005)
Native Instruments Solid Bus Comp for Maschine (x32)
Native Instruments Solid Dynamics (Version: 1.0.0.002)
Native Instruments Solid Dynamics (x32)
Native Instruments Solid Dynamics for Maschine (Version: 1.0.0.005)
Native Instruments Solid Dynamics for Maschine (x32)
Native Instruments Solid EQ (Version: 1.0.0.001)
Native Instruments Solid EQ (x32)
Native Instruments Solid EQ for Maschine (Version: 1.0.0.005)
Native Instruments Solid EQ for Maschine (x32)
Native Instruments Studio Drummer (Version: 1.2.0.007)
Native Instruments Studio Drummer (x32)
Native Instruments The Finger R2 (Version: 1.2.0.001)
Native Instruments The Finger R2 (x32)
Native Instruments The Giant (Version: 1.0.0.004)
Native Instruments The Giant (x32)
Native Instruments The Mouth (Version: 1.2.0.001)
Native Instruments The Mouth (x32)
Native Instruments Traktor 2 (Version: 2.6.0.14627)
Native Instruments Traktor 2 (x32)
Native Instruments Traktor Audio 6 (x32)
Native Instruments Traktor Audio 6 Driver (Version: 3.0.3.696)
Native Instruments Traktor Audio 6 Driver (x32)
Native Instruments Traktors 12 (Version: 1.1.0.002)
Native Instruments Traktors 12 (x32)
Native Instruments Traktors 12 for Maschine (Version: 1.0.0.005)
Native Instruments Traktors 12 for Maschine (x32)
Native Instruments Transient Master (Version: 1.0.0.004)
Native Instruments Transient Master (x32)
Native Instruments Transient Master for Maschine (Version: 1.0.0.005)
Native Instruments Transient Master for Maschine (x32)
Native Instruments Transient Master FX (Version: 1.0.0.235)
Native Instruments Transient Master FX (x32)
Native Instruments Transistor Punch (Version: 1.0.0.001)
Native Instruments Transistor Punch (x32)
Native Instruments Upright Piano (Version: 1.3.0.005)
Native Instruments Upright Piano (x32)
Native Instruments VC 160 (Version: 1.1.0.001)
Native Instruments VC 160 (x32)
Native Instruments VC 160 for Maschine (Version: 1.0.0.004)
Native Instruments VC 160 for Maschine (x32)
Native Instruments VC 160 FX (Version: 1.0.0.246)
Native Instruments VC 160 FX (x32)
Native Instruments VC 2A (Version: 1.1.0.001)
Native Instruments VC 2A (x32)
Native Instruments VC 2A for Maschine (Version: 1.0.0.004)
Native Instruments VC 2A for Maschine (x32)
Native Instruments VC 2A FX (Version: 1.0.0.246)
Native Instruments VC 2A FX (x32)
Native Instruments VC 76 (Version: 1.1.0.001)
Native Instruments VC 76 (x32)
Native Instruments VC 76 for Maschine (Version: 1.0.0.004)
Native Instruments VC 76 for Maschine (x32)
Native Instruments VC 76 FX (Version: 1.0.0.246)
Native Instruments VC 76 FX (x32)
Native Instruments Vienna Concert Grand (Version: 1.3.0.005)
Native Instruments Vienna Concert Grand (x32)
Native Instruments Vintage Heat (Version: 1.0.0.002)
Native Instruments Vintage Heat (x32)
Native Instruments Vintage Organs (Version: 1.1.0.007)
Native Instruments Vintage Organs (x32)
Native Instruments West Africa (Version: 1.1.0.004)
Native Instruments West Africa (x32)
Natural Color Pro (x32 Version: 1.00.0005)
Need For Speed™ World (x32 Version: 1.0.0.659)
Nero 10 Kwik Themes 1 (x32 Version: 10.6.10000.1.0)
Nero 10 Movie ThemePack Basic (x32 Version: 10.6.10000.1.0)
Nero BurnRights 10 (x32 Version: 4.4.10300.1.100)
Nero BurnRights 10 Help (CHM) (x32 Version: 10.5.10000)
Nero Control Center 10 (x32 Version: 10.6.13000.0.11)
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.5.10000)
Nero Core Components 10 (x32 Version: 2.0.19800.9.10)
Nero CoverDesigner 10 (x32 Version: 5.6.10500.3.100)
Nero CoverDesigner 10 Help (CHM) (x32 Version: 10.5.10000)
Nero DiscSpeed 10 (x32 Version: 6.4.10400.0.100)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 10.5.10000)
Nero Express 10 (x32 Version: 10.6.10600.4.100)
Nero Express 10 Help (CHM) (x32 Version: 10.5.10300)
Nero InfoTool 10 (x32 Version: 7.4.10200.0.100)
Nero InfoTool 10 Help (CHM) (x32 Version: 10.5.10000)
Nero MediaHub 10 Help (CHM) (x32 Version: 10.5.10000)
Nero Multimedia Suite 10 Essentials (x32 Version: 10.5.10400)
Nero RescueAgent 10 (x32 Version: 3.6.10500.3.100)
Nero RescueAgent 10 Help (CHM) (x32 Version: 10.5.10000)
Nero StartSmart 10 (x32 Version: 10.6.10400.2.100)
Nero StartSmart 10 Help (CHM) (x32 Version: 10.5.10000)
Nero Update (x32 Version: 11.0.10022.15.0)
Network64 (Version: 140.0.215.000)
Nexon Game Manager (x32)
NVIDIA PhysX (x32 Version: 9.10.0129)
Orcs Must Die! (x32)
Pando Media Booster (x32 Version: 2.6.0.8)
PC Probe II (x32 Version: 1.04.86)
PDFCreator (x32 Version: 1.2.2)
PhotoScape (x32)
PlanetSide 2 (HKCU Version: 1.0.3.183)
Platform (x32 Version: 1.38)
Portal 2 (x32)
PS_AIO_07_C410_SW_Min (x32 Version: 140.0.273.000)
Quake Live Mozilla Plugin (x32 Version: 1.0.520)
QuickTransfer (x32 Version: 140.0.98.000)
Rappelz (x32 Version: Rappelz)
Rapture3D 2.4.8 Game (x32)
Realtek Ethernet Controller Driver For Windows 7 (x32 Version: 7.23.623.2010)
Realtek Ethernet Diagnostic Utility (x32 Version: 1.00.0000)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6151)
Renaissance Heroes (x32)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.16.0)
Risen (x32 Version: 1.00.0000)
Rome - Total War - Gold Edition (x32 Version: 1.6)
Samplitude Music Studio MX Content Pack (x32 Version: 1.0.0.0)
Samplitude Music Studio MX Download-Version (Vita Pack 1) (x32 Version: 1.1.0.0)
Samplitude Music Studio MX Download-Version (Vita Pack 2) (x32 Version: 1.1.0.0)
Samplitude Music Studio MX Download-Version (Vita Pack 3) (x32 Version: 1.1.0.0)
Samplitude Music Studio MX Download-Version (VST PlugIns) (x32 Version: 1.1.0.0)
Samplitude Music Studio MX Download-Version (x32 Version: 18.0.0.43)
Scan (x32 Version: 140.0.80.000)
Skype™ 6.10 (x32 Version: 6.10.104)
SmartWebPrinting (x32 Version: 140.0.186.000)
SolutionCenter (x32 Version: 140.0.214.000)
Sony Ericsson PC Companion 1.60.13 (x32 Version: 1.60.13)
Speccy (Version: 1.11)
Spotify (HKCU Version: 0.9.4.178.g259772ba)
Spybot - Search & Destroy (x32 Version: 1.6.2)
Status (x32 Version: 140.0.256.000)
Steam (x32 Version: 1.0.0.0)
Steinberg Cubase 5 (x32 Version: 5.0.0)
Steinberg Groove Agent ONE Content (x32 Version: 1.0.0.003)
Steinberg HALionOne (x32 Version: 1.1.0.457)
Steinberg HALionOne Expression Set (x32 Version: 1.0.1.0)
Steinberg HALionOne GM Drum Set (x32 Version: 1.0.1.457)
Steinberg HALionOne GM Set (x32 Version: 1.0.1.457)
Steinberg HALionOne Pro Set (x32 Version: 1.0.1.457)
Steinberg HALionOne Studio Drum Set (x32 Version: 1.0.1.457)
Steinberg HALionOne Studio Set (x32 Version: 1.0.1.457)
Steinberg LoopMash Content (x32 Version: 1.0.0.005)
Steinberg REVerence Content 01 (x32 Version: 1.0.0.006)
Stronghold 2 (x32 Version: 1.10)
TeamSpeak 3 Client (HKCU Version: 3.0.13.1)
TeamViewer 7 (x32 Version: 7.0.12979)
TechPowerUp GPU-Z (x32)
Text-To-Speech-Runtime (x32 Version: 1.0.0.0)
TI USB3 Host Driver (x32 Version: 1.12.7.0)
TmNationsForever (x32)
Tom Clancy's Rainbow Six Vegas (x32 Version: 1.00.000)
Tom Clancy's Rainbow Six Vegas 2 (x32 Version: 1.00)
Tom Clancy's Splinter Cell Conviction (x32 Version: 1.00.000)
Toolbox (x32 Version: 140.0.428.000)
TP-LINK Wireless Client Utility (x32 Version: 7.0)
TrackMania 2 - Canyon (x32 Version: v1.0)
TrayApp (x32 Version: 140.0.212.000)
Tribes Ascend (x32 Version: 1.0.1268.1)
Tribes Ascend DE (x32)
TuneUp Utilities Language Pack (de-DE) (x32 Version: 12.0.3600.73)
Tunngle beta (x32)
TurboV EVO (x32 Version: 1.02.32)
Ubisoft Game Launcher (x32 Version: 1.0.0.0)
Ultra Downloads Notifier (x32 Version: 1.28.153.2)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (x32 Version: 3)
Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553065)
Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition
Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition
Update for Microsoft Office 2010 (KB2566458)
Update for Microsoft Office 2010 (KB2589298) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 64-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 64-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition
Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition
Update for Microsoft Office 2010 (KB2826026) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition
Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition
Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition
Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition
Update for Microsoft Word 2010 (KB2827323) 64-Bit Edition
VIA Plattform-Geräte-Manager (x32 Version: 1.38)
Virtual Audio Cable 4.10
VLC media player 2.0.5 (Version: 2.0.5)
WAR OF THE RING™ DER RINGKRIEG™ (x32 Version: 1.0)
WebReg (x32 Version: 140.0.212.017)
Winamp (x32 Version: 5.65 )
Winamp Erkennungs-Plug-in (HKCU Version: 1.0.0.1)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3502.0922)
Windows Live Essentials (x32 Version: 15.4.3538.0513)
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
Windows Live Installer (x32 Version: 15.4.3502.0922)
Windows Live Language Selector (Version: 15.4.3538.0513)
Windows Live Messenger (x32 Version: 15.4.3538.0513)
Windows Live Photo Common (x32 Version: 15.4.3502.0922)
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
Windows Live SOXE (x32 Version: 15.4.3502.0922)
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
Windows Live UX Platform (x32 Version: 15.4.3502.0922)
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
WinRAR 4.01 (64-Bit) (Version: 4.01.0)
WinZip 15.0 (x32 Version: 15.0.9411)
World of Warcraft (x32)
XSplit Broadcaster (x32 Version: 1.3.1309.0603)
==================== Restore Points =========================
02-12-2013 15:28:14 Windows Update
==================== Hosts content: ==========================
2009-07-14 03:34 - 2011-09-21 13:42 - 00000950 ____N C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 mp02.maniaplanet.com
127.0.0.1 mp01.maniaplanet.com
127.0.0.1 mp03.maniaplanet.com
127.0.0.1 game.maniaplanet.com
==================== Scheduled Tasks (whitelisted) =============
Task: {085DFB5C-0B2A-40EF-93A7-C212EB41E8A9} - System32\Tasks\hcdll2_ex_Win32 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_Win32.exe [2011-03-18] ()
Task: {0C513AD8-2585-4313-B34C-E590F6D0B755} - System32\Tasks\Ultra Downloads Notifier-firefoxinstaller => C:\Program Files (x86)\Ultra Downloads Notifier\Ultra Downloads Notifier-firefoxinstaller.exe [2013-09-14] (ultradownloads)
Task: {13CC11E9-D76C-4799-A473-228CEC163DA2} - System32\Tasks\hcdll2_ex_x64 => C:\Program Files (x86)\Hardcopy\hcdll2_ex_x64.exe [2011-03-18] ()
Task: {2F38187C-1081-452C-B3BC-8F05C031CE76} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-20] (Google Inc.)
Task: {2FC81D29-D4E6-4571-A811-1AB062045111} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-07-24] (Piriform Ltd)
Task: {3D426021-416D-4A1E-9488-CC325A7441A0} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {5A5211FE-D338-4D73-A3C5-C56B05721EE8} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {5D020A25-3F67-4BCE-8635-2FDB5011033A} - System32\Tasks\ASUS\TurboVHelp => C:\Program Files (x86)\ASUS\TurboV EVO\TurboVHelp.exe [2010-07-07] (ASUSTeK Computer Inc.)
Task: {5D398AE0-50D8-456C-A251-4685E66598D2} - System32\Tasks\ASUS\Gpu Boost Driver => C:\Program Files\ASUS\GPU Boost Driver\GpuBoostServer.exe [2010-03-27] (
ASUSTeK Computer Inc.)
Task: {6E841137-3753-4AF7-AFE0-8126B27F30D7} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-139755560-1312564612-3865908286-1000Core => C:\Users\Luc\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-18] (Google Inc.)
Task: {6E9150BE-E0D9-4810-92BE-1C3F5E2CF539} - System32\Tasks\{7E416753-410E-4A0E-813E-0B523EE3141B} => C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe [2006-09-01] (Ensemble Studios)
Task: {751F274B-912B-4651-90D6-377A4DF08401} - System32\Tasks\Ultra Downloads Notifier-updater => C:\Program Files (x86)\Ultra Downloads Notifier\Ultra Downloads Notifier-updater.exe [2013-09-14] (ultradownloads)
Task: {7BEC87A1-5B68-4ED7-8E37-230D66CA5D45} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-139755560-1312564612-3865908286-1000UA => C:\Users\Luc\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-18] (Google Inc.)
Task: {8CC4E1A3-C975-413D-B828-5B6DB7C99D09} - System32\Tasks\Ultra Downloads Notifier-enabler => C:\Program Files (x86)\Ultra Downloads Notifier\Ultra Downloads Notifier-enabler.exe [2013-10-15] (ultradownloads)
Task: {9F0276F4-F494-4972-B7D3-FC7185C42D14} - System32\Tasks\Microsoft_Hardware_Launch_devicecenter_exe => C:\Program Files\Microsoft Device Center\DeviceCenter.exe [2012-06-26] (Microsoft)
Task: {A48EEEB7-E4A0-4069-BDED-CBBA6135AF69} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Device Center\itype.exe [2012-06-26] (Microsoft Corporation)
Task: {AA1DDE78-2DFA-4C8F-9C9D-BCEF87C8C200} - System32\Tasks\Go for FilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe
Task: {B535B889-07CD-44CD-A841-FC76F335C25F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-20] (Google Inc.)
Task: {BF08B174-00D0-403F-922E-9EB9CE139743} - System32\Tasks\{93BF7CE2-76C5-4BE4-890C-397487E651AB} => C:\Program Files (x86)\EA Games\Battlefield 2 Demo\BF2.exe [2005-06-07] ()
Task: {BF8CB030-0377-431C-ACE4-253D88C1F52E} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Device Center\ipoint.exe [2012-06-26] (Microsoft Corporation)
Task: {C0DED22F-6F78-4405-944E-4E6A1329B97E} - System32\Tasks\Ultra Downloads Notifier-codedownloader => C:\Program Files (x86)\Ultra Downloads Notifier\Ultra Downloads Notifier-codedownloader.exe [2013-09-14] (ultradownloads)
Task: {CEA9AF45-1E33-4A6F-8413-3251F68A1622} - System32\Tasks\Ultra Downloads Notifier-chromeinstaller => C:\Program Files (x86)\Ultra Downloads Notifier\Ultra Downloads Notifier-chromeinstaller.exe [2013-09-14] (ultradownloads)
Task: {D0B4AD28-8BA4-43ED-A180-8F29E4FF2701} - System32\Tasks\{BFEB4307-E291-4AA0-A7CF-3F6961C2C55E} => E:\World of Warcraft\Launcher.exe
Task: {EB704E45-3259-4D4B-BE56-B7A7CCF2AC82} - System32\Tasks\GoforFilesUpdate => C:\Program Files (x86)\GoforFiles\GFFUpdater.exe
Task: {FF6EC0D5-792E-4DC1-B424-C16B5C3D27BF} - System32\Tasks\{2233C62A-65C8-4DD5-A4E0-50D584B3232B} => C:\Program Files (x86)\Microsoft Games\Age of Empires III\age3.exe [2006-09-01] (Ensemble Studios)
Task: {FFDD1619-A116-40C8-84ED-89AE5F093070} - System32\Tasks\ASUS\ASUS RegRun Loader => C:\Program Files (x86)\ASUS\AASP\1.01.05\AsLoader.exe [2010-01-13] (ASUSTeK Computer Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-139755560-1312564612-3865908286-1000Core.job => C:\Users\Luc\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-139755560-1312564612-3865908286-1000UA.job => C:\Users\Luc\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Ultra Downloads Notifier-chromeinstaller.job => C:\Program Files (x86)\Ultra Downloads Notifier\Ultra Downloads Notifier-chromeinstaller.exe
Task: C:\Windows\Tasks\Ultra Downloads Notifier-codedownloader.job => C:\Program Files (x86)\Ultra Downloads Notifier\Ultra Downloads Notifier-codedownloader.exe
Task: C:\Windows\Tasks\Ultra Downloads Notifier-enabler.job => C:\Program Files (x86)\Ultra Downloads Notifier\Ultra Downloads Notifier-enabler.exe
Task: C:\Windows\Tasks\Ultra Downloads Notifier-firefoxinstaller.job => C:\Program Files (x86)\Ultra Downloads Notifier\Ultra Downloads Notifier-firefoxinstaller.exe
Task: C:\Windows\Tasks\Ultra Downloads Notifier-updater.job => C:\Program Files (x86)\Ultra Downloads Notifier\Ultra Downloads Notifier-updater.exe
==================== Loaded Modules (whitelisted) =============
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-05-20 18:33 - 2013-05-20 18:33 - 00014848 ____N () C:\Users\Luc\AppData\Local\Apps\2.0\DAXVM7VJ.39D\0EAAPPVV.VN1\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.CurseClient.WowDb.dll
2013-05-20 18:33 - 2013-05-20 18:33 - 00035840 ____N () C:\Users\Luc\AppData\Local\Apps\2.0\DAXVM7VJ.39D\0EAAPPVV.VN1\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.Advertising.dll
2013-05-20 18:33 - 2013-05-20 18:33 - 00099840 ____N () C:\Users\Luc\AppData\Local\Apps\2.0\DAXVM7VJ.39D\0EAAPPVV.VN1\curs..tion_9e9e83ddf3ed3ead_0005.0001_181b5e0542e9eb6c\Curse.CurseClient.CMOD2.dll
2012-12-19 15:32 - 2012-12-19 15:32 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2011-03-18 16:51 - 2011-03-18 16:51 - 00030208 _____ () C:\Users\Luc\AppData\Local\TeamSpeak 3 Client\imageformats\_old_qgif4.dll
2011-03-18 16:51 - 2011-03-18 16:51 - 00236032 _____ () C:\Users\Luc\AppData\Local\TeamSpeak 3 Client\imageformats\_old_qjpeg4.dll
2011-08-24 10:26 - 2013-10-24 17:36 - 00302056 _____ () C:\Users\Luc\AppData\Local\TeamSpeak 3 Client\soundbackends\directsound_win64.dll
2011-08-24 10:26 - 2013-10-24 17:36 - 00320488 _____ () C:\Users\Luc\AppData\Local\TeamSpeak 3 Client\soundbackends\windowsaudiosession_win64.dll
2011-08-24 10:26 - 2013-10-24 17:36 - 00565224 _____ () C:\Users\Luc\AppData\Local\TeamSpeak 3 Client\plugins\clientquery_plugin.dll
2013-09-14 00:22 - 2013-10-24 17:36 - 00700904 _____ () C:\Users\Luc\AppData\Local\TeamSpeak 3 Client\plugins\teamspeak_control_plugin.dll
2011-08-18 15:12 - 2008-12-30 07:29 - 00077824 _____ () C:\Program Files (x86)\MagicTune Premium\MagicTuneCore.dll
2011-08-18 15:12 - 2009-02-25 13:32 - 00045056 _____ () C:\Program Files (x86)\MagicTune Premium\VESADll.dll
2011-08-18 15:12 - 2009-02-25 13:32 - 00045056 _____ () C:\Program Files (x86)\MagicTune Premium\IPROFILE.dll
2011-08-18 15:12 - 2009-02-25 13:32 - 00040960 _____ () C:\Program Files (x86)\MagicTune Premium\DPROFILE.dll
2011-08-18 15:12 - 2009-02-25 13:32 - 00040960 _____ () C:\Program Files (x86)\MagicTune Premium\EPROFILE.dll
2011-08-18 15:12 - 2009-02-25 13:32 - 00040960 _____ () C:\Program Files (x86)\MagicTune Premium\DEVICEINTERFACE.dll
2011-08-18 13:50 - 2010-02-08 16:19 - 00053248 _____ () C:\Program Files (x86)\ASUS\TurboV EVO\HookKey32.dll
2011-08-18 13:50 - 2010-06-01 09:38 - 00253952 _____ () C:\Program Files (x86)\ASUS\TurboV EVO\pngio.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-03-13 21:48 - 2013-03-13 21:48 - 24978944 _____ () C:\Users\Luc\AppData\Roaming\Dropbox\bin\libcef.dll
2011-08-18 13:29 - 2009-04-22 19:20 - 00179712 _____ () C:\Program Files (x86)\ASUS\EPU\ASUSSERVICE.DLL
2011-08-18 13:29 - 2010-01-08 16:17 - 00565248 _____ () C:\Program Files (x86)\ASUS\EPU\pngio.dll
2011-08-18 13:29 - 2010-01-08 16:17 - 00053248 _____ () C:\Program Files (x86)\ASUS\EPU\AsSpindownTimeout.dll
2009-07-31 20:39 - 2009-07-31 20:39 - 00503202 _____ () C:\Program Files (x86)\DeviceVM\Browser Configuration Utility\sqlite3.dll
2011-08-18 13:50 - 2010-06-01 09:38 - 00061440 _____ () C:\Program Files (x86)\ASUS\TurboV EVO\flashobj.dll
2013-11-16 11:54 - 2013-11-16 11:54 - 03363952 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-11 15:07 - 2013-09-11 15:07 - 16177544 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\Microsoft:Chr3XvMFQnFx2yA0ekU9ZeNAwD7WYG
AlternateDataStreams: C:\ProgramData\Microsoft:p3mJlk6GAdbhJAN5x5MOLq
AlternateDataStreams: C:\Users\Luc\AppData\Local\Temporary Internet Files:Mzk3Ci7VlK1H8C811EH
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinFLAdrv.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
==================== Faulty Device Manager Devices =============
Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Photosmart Prem C410 series
Description: Photosmart Prem C410 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/02/2013 08:44:12 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 25.0.1.5064, Zeitstempel: 0x5282f204
Name des fehlerhaften Moduls: xul.dll, Version: 25.0.1.5064, Zeitstempel: 0x5282f10e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00118f87
ID des fehlerhaften Prozesses: 0x1534
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3
Error: (12/01/2013 11:52:29 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ilbridge64.exe, Version: 1.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000018e5d
ID des fehlerhaften Prozesses: 0x1a68
Startzeit der fehlerhaften Anwendung: 0xilbridge64.exe0
Pfad der fehlerhaften Anwendung: ilbridge64.exe1
Pfad des fehlerhaften Moduls: ilbridge64.exe2
Berichtskennung: ilbridge64.exe3
Error: (11/24/2013 09:41:02 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ilbridge64.exe, Version: 1.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000018cb2
ID des fehlerhaften Prozesses: 0xff0
Startzeit der fehlerhaften Anwendung: 0xilbridge64.exe0
Pfad der fehlerhaften Anwendung: ilbridge64.exe1
Pfad des fehlerhaften Moduls: ilbridge64.exe2
Berichtskennung: ilbridge64.exe3
Error: (11/24/2013 01:35:30 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ilbridge64.exe, Version: 1.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000018cb2
ID des fehlerhaften Prozesses: 0xa80
Startzeit der fehlerhaften Anwendung: 0xilbridge64.exe0
Pfad der fehlerhaften Anwendung: ilbridge64.exe1
Pfad des fehlerhaften Moduls: ilbridge64.exe2
Berichtskennung: ilbridge64.exe3
Error: (11/24/2013 01:34:35 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ilbridge64.exe, Version: 1.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000018e5d
ID des fehlerhaften Prozesses: 0xef8
Startzeit der fehlerhaften Anwendung: 0xilbridge64.exe0
Pfad der fehlerhaften Anwendung: ilbridge64.exe1
Pfad des fehlerhaften Moduls: ilbridge64.exe2
Berichtskennung: ilbridge64.exe3
Error: (11/23/2013 00:45:55 AM) (Source: Application Hang) (User: )
Description: Programm dota.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 2900
Startzeit: 01cee7b77efac5c1
Endzeit: 0
Anwendungspfad: C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
Berichts-ID:
Error: (11/21/2013 09:40:01 PM) (Source: Application Hang) (User: )
Description: Programm FL.exe, Version 0.0.0.0 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.
Prozess-ID: 182c
Startzeit: 01cee6f92969711d
Endzeit: 43
Anwendungspfad: C:\Program Files (x86)\Image-Line\FL Studio 10\FL.exe
Berichts-ID: 127cbed4-52ed-11e3-968e-bcaec56cb0e7
Error: (11/21/2013 09:39:28 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ilbridge64.exe, Version: 1.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521eaf24
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000018e5d
ID des fehlerhaften Prozesses: 0x1528
Startzeit der fehlerhaften Anwendung: 0xilbridge64.exe0
Pfad der fehlerhaften Anwendung: ilbridge64.exe1
Pfad des fehlerhaften Moduls: ilbridge64.exe2
Berichtskennung: ilbridge64.exe3
Error: (11/21/2013 06:43:59 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: FlashPlayerPlugin_11_8_800_168.exe, Version: 11.8.800.168, Zeitstempel: 0x52223bb7
Name des fehlerhaften Moduls: FlashPlayerPlugin_11_8_800_168.exe, Version: 11.8.800.168, Zeitstempel: 0x52223bb7
Ausnahmecode: 0x40000015
Fehleroffset: 0x00017e40
ID des fehlerhaften Prozesses: 0x1320
Startzeit der fehlerhaften Anwendung: 0xFlashPlayerPlugin_11_8_800_168.exe0
Pfad der fehlerhaften Anwendung: FlashPlayerPlugin_11_8_800_168.exe1
Pfad des fehlerhaften Moduls: FlashPlayerPlugin_11_8_800_168.exe2
Berichtskennung: FlashPlayerPlugin_11_8_800_168.exe3
Error: (11/13/2013 10:06:19 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ilbridge64.exe, Version: 1.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb1677
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00000000000013c6
ID des fehlerhaften Prozesses: 0x1820
Startzeit der fehlerhaften Anwendung: 0xilbridge64.exe0
Pfad der fehlerhaften Anwendung: ilbridge64.exe1
Pfad des fehlerhaften Moduls: ilbridge64.exe2
Berichtskennung: ilbridge64.exe3
System errors:
=============
Error: (12/03/2013 04:54:04 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalStart{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)
Error: (12/03/2013 04:53:54 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "LogMeIn Hamachi Tunneling Engine" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
Error: (12/03/2013 04:53:05 PM) (Source: Service Control Manager) (User: )
Description: Das Laden folgender Boot- oder Systemstarttreiber ist fehlgeschlagen:
NCPro
Error: (12/03/2013 04:52:43 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "NEWDRIVER" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/03/2013 04:52:37 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "AODDriver4.2" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/03/2013 04:52:04 PM) (Source: Application Popup) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\MTictwl.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (12/02/2013 09:43:54 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "DARIO-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{DE5BB557-AC82-4B5A-A97F-016676545E57}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (12/02/2013 09:31:57 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "DARIO-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{DE5BB557-AC82-4B5A-A97F-016676545E57}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (12/02/2013 09:19:55 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "DARIO-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{DE5BB557-AC82-4B5A-A97F-016676545E57}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (12/02/2013 08:55:55 PM) (Source: bowser) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "DARIO-PC",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{DE5BB557-AC82-4B5A-A97F-016676545E57}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Microsoft Office Sessions:
=========================
Error: (12/02/2013 08:44:12 PM) (Source: Application Error)(User: )
Description: firefox.exe25.0.1.50645282f204xul.dll25.0.1.50645282f10ec000000500118f87153401ceef78fd0d8655C:\Program Files (x86)\Mozilla Firefox\firefox.exeC:\Program Files (x86)\Mozilla Firefox\xul.dll1d88f5fe-5b8a-11e3-9290-bcaec56cb0e7
Error: (12/01/2013 11:52:29 PM) (Source: Application Error)(User: )
Description: ilbridge64.exe1.0.0.000000000ntdll.dll6.1.7601.18247521eaf24c00000050000000000018e5d1a6801ceeee161c5a69eC:\Program Files (x86)\Image-Line\FL Studio 10\System\Tools\Bridge\ilbridge64.exeC:\Windows\SYSTEM32\ntdll.dll40f735d6-5adb-11e3-95a4-bcaec56cb0e7
Error: (11/24/2013 09:41:02 PM) (Source: Application Error)(User: )
Description: ilbridge64.exe1.0.0.000000000ntdll.dll6.1.7601.18247521eaf24c00000050000000000018cb2ff001cee9552e410fc8C:\Program Files (x86)\Image-Line\FL Studio 10\System\Tools\Bridge\ilbridge64.exeC:\Windows\SYSTEM32\ntdll.dllbad1faf9-5548-11e3-926d-bcaec56cb0e7
Error: (11/24/2013 01:35:30 PM) (Source: Application Error)(User: )
Description: ilbridge64.exe1.0.0.000000000ntdll.dll6.1.7601.18247521eaf24c00000050000000000018cb2a8001cee9113924e659C:\Program Files (x86)\Image-Line\FL Studio 10\System\Tools\Bridge\ilbridge64.exeC:\Windows\SYSTEM32\ntdll.dlle6d61207-5504-11e3-926d-bcaec56cb0e7
Error: (11/24/2013 01:34:35 PM) (Source: Application Error)(User: )
Description: ilbridge64.exe1.0.0.000000000ntdll.dll6.1.7601.18247521eaf24c00000050000000000018e5def801cee9112870af4cC:\Program Files (x86)\Image-Line\FL Studio 10\System\Tools\Bridge\ilbridge64.exeC:\Windows\SYSTEM32\ntdll.dllc6467aea-5504-11e3-926d-bcaec56cb0e7
Error: (11/23/2013 00:45:55 AM) (Source: Application Hang)(User: )
Description: dota.exe0.0.0.0290001cee7b77efac5c10C:\Program Files (x86)\Steam\steamapps\common\dota 2 beta\dota.exe
Error: (11/21/2013 09:40:01 PM) (Source: Application Hang)(User: )
Description: FL.exe0.0.0.0182c01cee6f92969711d43C:\Program Files (x86)\Image-Line\FL Studio 10\FL.exe127cbed4-52ed-11e3-968e-bcaec56cb0e7
Error: (11/21/2013 09:39:28 PM) (Source: Application Error)(User: )
Description: ilbridge64.exe1.0.0.000000000ntdll.dll6.1.7601.18247521eaf24c00000050000000000018e5d152801cee6f98b8d8f3eC:\Program Files (x86)\Image-Line\FL Studio 10\System\Tools\Bridge\ilbridge64.exeC:\Windows\SYSTEM32\ntdll.dll03802946-52ed-11e3-968e-bcaec56cb0e7
Error: (11/21/2013 06:43:59 PM) (Source: Application Error)(User: )
Description: FlashPlayerPlugin_11_8_800_168.exe11.8.800.16852223bb7FlashPlayerPlugin_11_8_800_168.exe11.8.800.16852223bb74000001500017e40132001cee6d4646c104bC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exeC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe7fe2aa2a-52d4-11e3-968e-bcaec56cb0e7
Error: (11/13/2013 10:06:19 PM) (Source: Application Error)(User: )
Description: ilbridge64.exe1.0.0.000000000KERNELBASE.dll6.1.7601.1822951fb1677c000000500000000000013c6182001cee0b36a4d1e58C:\Program Files (x86)\Image-Line\FL Studio 10\System\Tools\Bridge\ilbridge64.exeC:\Windows\system32\KERNELBASE.dll70b824ac-4ca7-11e3-934e-bcaec56cb0e7
==================== Memory info ===========================
Percentage of memory in use: 36%
Total physical RAM: 8191.18 MB
Available physical RAM: 5172.95 MB
Total Pagefile: 16380.53 MB
Available Pagefile: 12874.8 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:310.41 GB) (Free:9.38 GB) NTFS
Drive d: (Daten1) (Fixed) (Total:310.5 GB) (Free:23.49 GB) NTFS
Drive e: (Daten2) (Fixed) (Total:310.5 GB) (Free:66.85 GB) NTFS
Drive f: (Daten3) (Fixed) (Total:267.43 GB) (Free:160.69 GB) NTFS
Drive g: (Daten4) (Fixed) (Total:264.38 GB) (Free:262.64 GB) NTFS
Drive n: (NI) (Fixed) (Total:399.71 GB) (Free:161.48 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: C32B84D3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=310 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=311 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=311 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 963F00AA)
Partition 1: (Not Active) - (Size=267 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=264 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=400 GB) - (Type=07 NTFS)
==================== End Of Log ============================
Geändert von P.Jones (03.12.2013 um 17:40 Uhr) |
|
04.12.2013, 10:55
| #4 |
| /// the machine /// TB-Ausbilder | Adware: Ultra Downloads Notifier // Überschüttet mich mit Werbung hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
07.12.2013, 14:12
| #5 |
| | Adware: Ultra Downloads Notifier // Überschüttet mich mit WerbungCode:
ATTFilter ComboFix 13-12-06.01 - Luc 06.12.2013 22:38:23.1.6 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.8191.4532 [GMT 1:00]
ausgeführt von:: c:\users\Luc\Desktop\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
c:\program files (x86)\BrowserCompanion
c:\program files (x86)\BrowserCompanion\blabbers-ch.crx
c:\program files (x86)\BrowserCompanion\blabbers-ff-full.xpi
c:\program files (x86)\BrowserCompanion\jsloader.dll
c:\program files (x86)\BrowserCompanion\logo.ico
c:\program files (x86)\BrowserCompanion\tdataprotocol.dll
c:\program files (x86)\BrowserCompanion\terms.lnk.url
c:\program files (x86)\BrowserCompanion\toolbar.dll
c:\program files (x86)\BrowserCompanion\uninstall.exe
c:\program files (x86)\BrowserCompanion\updatebhoWin32.dll
c:\program files (x86)\BrowserCompanion\updater.ini
c:\program files (x86)\BrowserCompanion\widgetserv.exe
c:\program files (x86)\HappyLyrics
c:\program files (x86)\LyricStar
c:\program files (x86)\Ultra Downloads Notifier\UlTRa downloads notifier-bho.dll
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome.manifest
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api\asyncDB.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api\background.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api\browserAction.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api\contextMenu.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api\dbManager.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api\dom_bg.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api\fileManager.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api\firefox.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api\firefoxNotifications.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api\firefoxOmnibox.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api\message.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api\pageAction.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api\request.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api\tabs.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api\webRequest.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\background.html
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\baseObject.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\browser.xul
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\console.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\consts.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\delegate.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\extensionDataStore.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\folderIOWrapper.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\httpObserver.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\IDBWrapper.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\installer.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\logFile.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\prefs.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\progressListenerObserver.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\registry.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\reloadObserver.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\reports.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\requestObject.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\searchSettings.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\uninstallObserver.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\updateManager.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\utils.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\xhr.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\dialog.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\main.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\options.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\options.xul
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\search_dialog.xul
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\defaults\preferences\prefs.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\manifest.xml
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins.json
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\1_base.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\101_cortica_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\102_dealply_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\103_intext_5_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\104_jollywallet_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\105_corticas_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\107_coupish_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\108_icm_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\116_ads_only_5_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\117_coupons_intext_ads_5_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\119_similar_web_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\120_luck_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\123_intext_adv_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\124_superfish_no_search_no_coupons_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\125_arcadi2_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\126_revizer_ws_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\127_revizer_p_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\128_superfish_pricora_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\129_widdit_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\135_arcadi3_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\138_getdeal_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\14_CrossriderUtils.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\141_corticas_ru_m.js.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\142_intext_fa_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\155_ibario_pops_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\158_50onred_ads_only_no_fb_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\159_cortica_rollover_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\16_FFAppAPIWrapper.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\17_jQuery.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\170_icm1_5_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\171_arcadi2_sourceID_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\175_coolmirage_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\178_revizer_ws_dynamic_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\179_revizer_p_dynamic_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\180_bpo_serp_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\21_debug.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\22_resources.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\28_initializer.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\4_jquery_1_7_1.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\47_resources_background.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\5_notifications.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\64_appApiMessage.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\7_hooks.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\72_appApiValidation.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\78_CrossriderInfo.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\87_ginyas_wrapper.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\9_search_engine_hook.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\91_monetizationLoader.js.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\92_superfish_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\98_omniCommands.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\userCode\background.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\userCode\extension.js
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\install.rdf
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\locale\en-US\translations.dtd
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\skin\button1.png
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\skin\button2.png
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\skin\button3.png
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\skin\button4.png
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\skin\button5.png
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\skin\crossrider_statusbar.png
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\skin\icon128.png
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\skin\icon16.png
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\skin\icon24.png
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\skin\icon48.png
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\skin\panelarrow-up.png
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\skin\popup.html
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\skin\skin.css
c:\users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\skin\update.css
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\background.html
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\crossriderManifest.json
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\manifest.xml
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins.json
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\1_base.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\101_cortica_m.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\102_dealply_m.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\103_intext_5_m.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\104_jollywallet_m.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\105_corticas_m.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\107_coupish_m.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\108_icm_m.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\116_ads_only_5_m.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\117_coupons_intext_ads_5_m.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\119_similar_web_m.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\120_luck_m.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\123_intext_adv_m.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\124_superfish_no_search_no_coupons_m.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\125_arcadi2_m.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\126_revizer_ws_m.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\127_revizer_p_m.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\128_superfish_pricora_m.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\129_widdit_m.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\135_arcadi3_m.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\138_getdeal_m.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\14_CrossriderUtils.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\141_corticas_ru_m.js.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\142_intext_fa_m.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\155_ibario_pops_m.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\158_50onred_ads_only_no_fb_m.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\159_cortica_rollover_m.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\17_jQuery.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\19_CHAppAPIWrapper.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\21_debug.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\22_resources.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\28_initializer.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\4_jquery_1_7_1.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\47_resources_background.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\5_notifications.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\64_appApiMessage.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\7_hooks.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\72_appApiValidation.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\78_CrossriderInfo.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\80_CHPopupAppAPI.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\87_ginyas_wrapper.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\9_search_engine_hook.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\91_monetizationLoader.js.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\92_superfish_m.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\plugins\97_resourceApiWrapper.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\userCode\background.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\extensionData\userCode\extension.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\icons\actions\1.png
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\icons\icon128.png
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\icons\icon16.png
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\icons\icon48.png
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\js\api\chrome.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\js\api\cookie.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\js\api\message.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\js\api\pageAction.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\js\api\pageActionBG.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\js\background.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\js\lib\app_api.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\js\lib\bg_app_api.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\js\lib\consts.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\js\lib\cookie_store.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\js\lib\crossriderAPI.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\js\lib\delegate.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\js\lib\events.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\js\lib\extensionDataStore.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\js\lib\installer.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\js\lib\logFile.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\js\lib\logging.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\js\lib\onBGDocumentLoad.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\js\lib\popupResource\newPopup.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\js\lib\popupResource\popup.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\js\lib\reports.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\js\lib\storageWrapper.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\js\lib\updateManager.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\js\lib\util.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\js\lib\xhr.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\js\main.js
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\manifest.json
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbdnpbkbcnlgddopkdpjignbjhiobhk\1.24.43_0\popup.html
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
c:\users\Luc\AppData\Local\Google\Chrome\User Data\Default\Preferences
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome.manifest
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api\asyncDB.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api\background.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api\browserAction.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api\contextMenu.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api\dbManager.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api\dom_bg.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api\fileManager.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api\firefox.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api\firefoxNotifications.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api\firefoxOmnibox.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api\message.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api\pageAction.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api\request.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api\tabs.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\api\webRequest.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\background.html
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\baseObject.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\browser.xul
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\console.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\consts.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\delegate.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\extensionDataStore.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\folderIOWrapper.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\httpObserver.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\IDBWrapper.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\installer.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\logFile.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\prefs.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\progressListenerObserver.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\registry.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\reloadObserver.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\reports.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\requestObject.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\searchSettings.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\uninstallObserver.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\updateManager.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\utils.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\core\xhr.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\dialog.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\main.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\options.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\options.xul
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\chrome\content\search_dialog.xul
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\defaults\preferences\prefs.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\manifest.xml
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins.json
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\1_base.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\101_cortica_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\102_dealply_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\103_intext_5_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\104_jollywallet_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\105_corticas_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\108_icm_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\116_ads_only_5_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\117_coupons_intext_ads_5_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\119_similar_web_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\120_luck_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\123_intext_adv_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\124_superfish_no_search_no_coupons_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\125_arcadi2_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\126_revizer_ws_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\127_revizer_p_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\128_superfish_pricora_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\129_widdit_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\13_CrossriderAppUtils.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\135_arcadi3_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\138_getdeal_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\14_CrossriderUtils.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\141_corticas_ru_m.js.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\142_intext_fa_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\155_ibario_pops_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\158_50onred_ads_only_no_fb_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\159_cortica_rollover_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\16_FFAppAPIWrapper.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\17_jQuery.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\170_icm1_5_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\171_arcadi2_sourceID_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\175_coolmirage_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\177_crossriderDashboard.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\178_revizer_ws_dynamic_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\179_revizer_p_dynamic_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\180_bpo_serp_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\182_openUrl.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\184_noproblemppc_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\189_active_sanity.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\190_pops_5_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\191_ciuvo_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\192_revizer_ws_dynamic_b2b_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\193_revizer_p_dynamic_b2b_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\194_retargeting_bi_m.js.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\195_icm_convertmedia_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\197_kreapixel_pops_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\198_superfish_no_search_no_coupons_plushd_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\199_superfish_no_coupons_plushd_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\200_foxydeal_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\21_debug.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\22_resources.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\28_initializer.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\4_jquery_1_7_1.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\47_resources_background.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\5_notifications.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\64_appApiMessage.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\7_hooks.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\72_appApiValidation.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\78_CrossriderInfo.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\87_ginyas_wrapper.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\9_search_engine_hook.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\91_monetizationLoader.js.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\92_superfish_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\93_superfish_no_coupons_m.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\plugins\98_omniCommands.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\userCode\background.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\extensionData\userCode\extension.js
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\install.rdf
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\locale\en-US\translations.dtd
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\skin\button1.png
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\skin\button2.png
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\skin\button3.png
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\skin\button4.png
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\skin\button5.png
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\skin\crossrider_statusbar.png
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\skin\icon128.png
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\skin\icon16.png
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\skin\icon24.png
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\skin\icon48.png
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\skin\panelarrow-up.png
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\skin\popup.html
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\skin\skin.css
c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com\skin\update.css
c:\users\Luc\Documents\~WRL3052.tmp
c:\windows\SysWow64\frapsvid.dll
c:\windows\SysWow64\server.log
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_NEWDRIVER
-------\Service_NEWDRIVER
.
.
((((((((((((((((((((((( Dateien erstellt von 2013-11-07 bis 2013-12-07 ))))))))))))))))))))))))))))))
.
.
2013-12-07 01:17 . 2013-12-07 01:17 75888 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1D86E2C2-A6EE-4156-A2EC-A537A586C7CC}\offreg.dll
2013-12-07 01:16 . 2013-11-08 03:12 10285968 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1D86E2C2-A6EE-4156-A2EC-A537A586C7CC}\mpengine.dll
2013-12-06 14:04 . 2013-10-19 00:41 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{9941A7AF-023B-428C-880D-6CC396253FB1}\gapaengine.dll
2013-12-06 14:03 . 2013-11-08 03:12 10285968 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-12-03 16:19 . 2013-12-03 16:19 -------- d-----w- C:\FRST
2013-12-03 15:53 . 2013-12-03 15:53 -------- d-----w- c:\program files (x86)\LogMeIn Hamachi
2013-11-29 15:42 . 2013-11-29 15:42 -------- d-----w- c:\users\Luc\AppData\Local\LogMeIn
2013-11-29 15:42 . 2013-11-29 15:42 -------- d-----w- c:\programdata\LogMeIn
2013-11-17 22:39 . 2013-11-27 22:05 -------- d-----w- C:\Nexon
2013-11-13 20:32 . 2009-09-15 09:14 1554944 ----a-w- c:\windows\SysWow64\vorbis.acm
2013-11-13 12:59 . 2013-10-05 20:25 1474048 ----a-w- c:\windows\system32\crypt32.dll
2013-11-13 12:59 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-11-13 12:59 . 2013-09-28 01:09 497152 ----a-w- c:\windows\system32\drivers\afd.sys
2013-11-13 12:59 . 2013-10-04 02:28 190464 ----a-w- c:\windows\system32\SmartcardCredentialProvider.dll
2013-11-13 12:59 . 2013-10-04 02:25 197120 ----a-w- c:\windows\system32\credui.dll
2013-11-13 12:59 . 2013-10-04 02:24 1930752 ----a-w- c:\windows\system32\authui.dll
2013-11-13 12:59 . 2013-10-04 01:58 152576 ----a-w- c:\windows\SysWow64\SmartcardCredentialProvider.dll
2013-11-13 12:59 . 2013-10-04 01:56 168960 ----a-w- c:\windows\SysWow64\credui.dll
2013-11-13 12:59 . 2013-10-04 01:56 1796096 ----a-w- c:\windows\SysWow64\authui.dll
2013-11-08 19:35 . 2013-11-08 19:35 -------- d-----w- c:\program files\Virtual Audio Cable
2013-11-08 19:35 . 2013-11-08 19:35 66728 ----a-w- c:\windows\system32\drivers\vrtaucbl.sys
2013-11-08 19:33 . 2013-11-08 19:33 -------- d-----w- c:\program files (x86)\Winamp Detect
2013-11-08 19:33 . 2013-11-08 19:33 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2013-11-08 19:33 . 2013-11-08 23:18 -------- d-----w- c:\users\Luc\AppData\Roaming\Winamp
2013-11-08 19:33 . 2013-11-08 19:34 -------- d-----w- c:\program files (x86)\Winamp
2013-11-08 17:32 . 2013-11-16 21:16 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-11-19 10:21 . 2011-08-18 13:00 267936 ------w- c:\windows\system32\MpSigStub.exe
2013-11-13 22:36 . 2011-08-18 13:30 82896128 ----a-w- c:\windows\system32\MRT.exe
2013-10-19 00:41 . 2011-09-08 11:11 965000 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2013-09-27 08:53 . 2013-09-27 08:53 248240 ----a-w- c:\windows\system32\drivers\MpFilter.sys
2013-09-27 08:53 . 2011-04-27 13:25 134944 ----a-w- c:\windows\system32\drivers\NisDrvWFP.sys
2013-09-14 18:08 . 2012-06-28 20:56 426184 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-14 18:08 . 2011-08-18 13:35 70344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-11 14:07 . 2013-06-12 13:07 9430408 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Luc\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Luc\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Luc\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 130736 ----a-w- c:\users\Luc\AppData\Roaming\Dropbox\bin\DropboxExt.19.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-01-26 2144088]
"Speech Recognition"="c:\windows\Speech\Common\sapisvr.exe" [2009-07-14 44544]
"HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2010-09-30 393216]
"Akamai NetSession Interface"="c:\users\Luc\AppData\Local\Akamai\netsession_win.exe" [2013-06-04 4489472]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2013-11-14 20584608]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Six Engine"="c:\program files (x86)\ASUS\EPU\EPU.exe" [2010-06-14 5309056]
"BCU"="c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCU.exe" [2010-03-05 411864]
"TurboV EVO"="c:\program files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe" [2010-07-15 9936512]
"LifeCam"="c:\program files (x86)\Microsoft LifeCam\LifeExp.exe" [2010-05-20 119152]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-12-19 642808]
"QFan Help"="c:\program files (x86)\ASUS\AI Suite\QFan4\FanHelp.exe" [2010-03-25 888960]
"LogMeIn Hamachi Ui"="c:\program files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" [2013-11-29 3806544]
.
c:\users\Luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
CurseClientStartup.ccip [2013-10-13 0]
Dropbox.lnk - c:\users\Luc\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2013-5-25 27776968]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
McAfee Security Scan Plus.lnk - c:\program files\McAfee Security Scan\3.8.130\SSScheduler.exe [2013-9-6 324320]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
R2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 athur;Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
R3 cpuz135;cpuz135;c:\users\Luc\AppData\Local\Temp\cpuz135\cpuz135_x64.sys;c:\users\Luc\AppData\Local\Temp\cpuz135\cpuz135_x64.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [x]
R3 McComponentHostService;McAfee Security Scan Component Host Service;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe;c:\program files\McAfee Security Scan\3.8.130\McCHSvc.exe [x]
R3 Mv_Process;Marvell process notification.;c:\windows\syswow64\mv_process.sys;c:\windows\syswow64\mv_process.sys [x]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTTEAMPT;Realtek Teaming Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
R3 RTVLANPT;Realtek Vlan Protocol Driver (NDIS 6.2);c:\windows\system32\DRIVERS\RtVlan60.sys;c:\windows\SYSNATIVE\DRIVERS\RtVlan60.sys [x]
R3 s1018bus;Sony Ericsson Device 1018 driver (WDM);c:\windows\system32\DRIVERS\s1018bus.sys;c:\windows\SYSNATIVE\DRIVERS\s1018bus.sys [x]
R3 s1018mdfl;Sony Ericsson Device 1018 USB WMC Modem Filter;c:\windows\system32\DRIVERS\s1018mdfl.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mdfl.sys [x]
R3 s1018mdm;Sony Ericsson Device 1018 USB WMC Modem Driver;c:\windows\system32\DRIVERS\s1018mdm.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mdm.sys [x]
R3 s1018mgmt;Sony Ericsson Device 1018 USB WMC Device Management Drivers (WDM);c:\windows\system32\DRIVERS\s1018mgmt.sys;c:\windows\SYSNATIVE\DRIVERS\s1018mgmt.sys [x]
R3 s1018nd5;Sony Ericsson Device 1018 USB Ethernet Emulation (NDIS);c:\windows\system32\DRIVERS\s1018nd5.sys;c:\windows\SYSNATIVE\DRIVERS\s1018nd5.sys [x]
R3 s1018obex;Sony Ericsson Device 1018 USB WMC OBEX Interface;c:\windows\system32\DRIVERS\s1018obex.sys;c:\windows\SYSNATIVE\DRIVERS\s1018obex.sys [x]
R3 s1018unic;Sony Ericsson Device 1018 USB Ethernet Emulation (WDM);c:\windows\system32\DRIVERS\s1018unic.sys;c:\windows\SYSNATIVE\DRIVERS\s1018unic.sys [x]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TEAM;Realtek Virtual Miniport Driver for Teaming (NDIS 6.2);c:\windows\system32\DRIVERS\RtTeam60.sys;c:\windows\SYSNATIVE\DRIVERS\RtTeam60.sys [x]
R3 tihub3;TI USB3 Hub Service;c:\windows\system32\DRIVERS\tihub3.sys;c:\windows\SYSNATIVE\DRIVERS\tihub3.sys [x]
R3 tixhci;TI XHCI Service;c:\windows\system32\DRIVERS\tixhci.sys;c:\windows\SYSNATIVE\DRIVERS\tixhci.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 VLAN;Realtek Virtual Miniport Driver for VLAN (NDIS 6.2);c:\windows\system32\DRIVERS\RtVLAN60.sys;c:\windows\SYSNATIVE\DRIVERS\RtVLAN60.sys [x]
R3 VUSB3HUB;VIA USB 3 Root Hub Service;c:\windows\system32\DRIVERS\ViaHub3.sys;c:\windows\SYSNATIVE\DRIVERS\ViaHub3.sys [x]
R3 X6va012;X6va012;c:\windows\SysWOW64\Drivers\X6va012;c:\windows\SysWOW64\Drivers\X6va012 [x]
R3 xhcdrv;VIA USB eXtensible Host Controller Service;c:\windows\system32\DRIVERS\xhcdrv.sys;c:\windows\SYSNATIVE\DRIVERS\xhcdrv.sys [x]
R4 AODService;AODService;c:\program files (x86)\AMD\OverDrive\AODAssist.exe;c:\program files (x86)\AMD\OverDrive\AODAssist.exe [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.01;AODDriver4.01;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 BCUService;Browser Configuration Utility Service;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe;c:\program files (x86)\DeviceVM\Browser Configuration Utility\BCUService.exe [x]
S2 Fabs;FABS - Helping agent for MAGIX media database;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe;c:\program files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\aeriagames\TribesAscendDE\HiPatchService.exe;c:\aeriagames\TribesAscendDE\HiPatchService.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [x]
S2 RtNdPt60;Realtek NDIS Protocol Driver;c:\windows\system32\DRIVERS\RtNdPt60.sys;c:\windows\SYSNATIVE\DRIVERS\RtNdPt60.sys [x]
S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [x]
S2 TeamViewer7;TeamViewer 7;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version7\TeamViewer_Service.exe [x]
S3 amdiox64;AMD IO Driver;c:\windows\system32\DRIVERS\amdiox64.sys;c:\windows\SYSNATIVE\DRIVERS\amdiox64.sys [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 CompFilter64;UVCCompositeFilter;c:\windows\system32\DRIVERS\lvbflt64.sys;c:\windows\SYSNATIVE\DRIVERS\lvbflt64.sys [x]
S3 EuMusDesignVirtualAudioCableWdm;Virtual Audio Cable (WDM);c:\windows\system32\DRIVERS\vrtaucbl.sys;c:\windows\SYSNATIVE\DRIVERS\vrtaucbl.sys [x]
S3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
S3 LVUVC64;Logitech HD Pro Webcam C910(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
S3 NIWinCDEmu;ISO Mounter driver;c:\windows\system32\DRIVERS\NIWinCDEmu.sys;c:\windows\SYSNATIVE\DRIVERS\NIWinCDEmu.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0);c:\windows\system32\DRIVERS\rusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\rusb3hub.sys [x]
S3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0);c:\windows\system32\DRIVERS\rusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\rusb3xhc.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
Akamai REG_MULTI_SZ Akamai
.
Inhalt des "geplante Tasks" Ordners
.
2013-12-07 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-20 13:29]
.
2013-12-07 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-20 13:29]
.
2013-12-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-139755560-1312564612-3865908286-1000Core.job
- c:\users\Luc\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-18 16:02]
.
2013-12-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-139755560-1312564612-3865908286-1000UA.job
- c:\users\Luc\AppData\Local\Google\Update\GoogleUpdate.exe [2011-08-18 16:02]
.
2013-12-07 c:\windows\Tasks\Ultra Downloads Notifier-chromeinstaller.job
- c:\program files (x86)\Ultra Downloads Notifier\Ultra Downloads Notifier-chromeinstaller.exe [2013-09-14 22:49]
.
2013-12-07 c:\windows\Tasks\Ultra Downloads Notifier-codedownloader.job
- c:\program files (x86)\Ultra Downloads Notifier\Ultra Downloads Notifier-codedownloader.exe [2013-09-14 22:49]
.
2013-12-07 c:\windows\Tasks\Ultra Downloads Notifier-enabler.job
- c:\program files (x86)\Ultra Downloads Notifier\Ultra Downloads Notifier-enabler.exe [2013-09-14 16:49]
.
2013-12-07 c:\windows\Tasks\Ultra Downloads Notifier-firefoxinstaller.job
- c:\program files (x86)\Ultra Downloads Notifier\Ultra Downloads Notifier-firefoxinstaller.exe [2013-09-14 22:49]
.
2013-12-07 c:\windows\Tasks\Ultra Downloads Notifier-updater.job
- c:\program files (x86)\Ultra Downloads Notifier\Ultra Downloads Notifier-updater.exe [2013-09-14 22:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Luc\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Luc\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Luc\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-05-25 00:36 164016 ----a-w- c:\users\Luc\AppData\Roaming\Dropbox\bin\DropboxExt64.19.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
"IntelliType Pro"="c:\program files\Microsoft Device Center\itype.exe" [2012-06-26 1464928]
"IntelliPoint"="c:\program files\Microsoft Device Center\ipoint.exe" [2012-06-26 2004584]
"VIAxHCUtl"="c:\via_xhci\usb3Monitor.exe" [2012-10-23 331776]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.splashtop.com/asusexpressgate/mb/searchAPI.php?SE=yahoo&QS=http%3A%2F%2Fde.search.yahoo.com%2Fsearch%3Ffr%3Dfp-devicevm%26type%3DWEB01
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>
uSearchAssistant = hxxp://cloud-search.linkury.com/results.htm?cx=partner-pub-7890126930977991:1926905636&cof=FORID:11&q={searchTerms}&sa=Search&siteurl=search.linkury.com
mSearchAssistant = about:blank
IE: An OneNote s&enden - c:\progra~1\MICROS~3\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~1\MICROS~3\Office14\EXCEL.EXE/3000
IE: {{7644E42D-B096-457F-8B5B-901238FC81AE} - c:\program files (x86)\ICQ7.6\ICQ.exe
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath - c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\
FF - ExtSQL: 2013-11-08 18:37; {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}; c:\users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
FF - ExtSQL: !HIDDEN! 2011-08-18 18:25; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
URLSearchHooks-{b106b661-3e1b-4015-af5c-195e909f35c6} - (no file)
BHO-{11111111-1111-1111-1111-110311801194} - c:\program files (x86)\Ultra Downloads Notifier\Ultra Downloads Notifier-bho.dll
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
SafeBoot-WinFLAdrv.sys
AddRemove-BrowserCompanion - c:\program files (x86)\BrowserCompanion\uninstall.exe
AddRemove-Native Instruments Guitar Rig Pro Library for Maschine - c:\programdata\{0209395A-8E4A-48E1-A5E3-C830292F263C}\Guitar Rig Pro Library for Maschine Setup PC.exe
AddRemove-Native Instruments Traktor Audio 6 - c:\programdata\{B9749AED-27CA-43BE-BA6E-20B2C5D77A25}\Traktor Audio 6 Setup PC.exe
AddRemove-{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1 - c:\program files (x86)\Electronic Arts\Need For Speed World\unins000.exe
.
.
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\Akamai]
"ServiceDll"="c:\program files (x86)\common files\akamai/netsession_win_8fa3539.dll"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\services\X6va012]
"ImagePath"="\??\c:\windows\SysWOW64\Drivers\X6va012"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-139755560-1312564612-3865908286-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*º:ýnm**€¤*]
@Class="Shell"
.
[HKEY_USERS\S-1-5-21-139755560-1312564612-3865908286-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.*º:ýnm**€¤*\OpenWithList]
@Class="Shell"
"a"="vlc.exe"
"MRUList"="a"
.
[HKEY_USERS\S-1-5-21-139755560-1312564612-3865908286-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:a9,95,07,d7,37,e6,ff,a6,f1,74,a3,32,81,2c,ab,43,bb,49,21,d2,ac,ab,f3,
bf,90,89,36,b8,fb,25,1c,38,e1,bd,a5,df,3a,6a,69,8a,5e,88,1f,12,ea,c0,a8,2a,\
"??"=hex:41,e0,42,8c,cf,55,c7,95,2b,14,4d,f8,66,7b,0c,1b
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_3_300_265_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_3_300_265.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]
@Denied: (A 2) (Everyone)
@="IFlashBroker4"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\ASUS\TurboV EVO\TurboVHELP.exe
c:\program files\ASUS\GPU Boost Driver\GpuBoostServer.exe
c:\users\Luc\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\windows\SysWOW64\DllHost.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2013-12-07 13:54:14 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2013-12-07 12:54
.
Vor Suchlauf: 17 Verzeichnis(se), 14.863.745.024 Bytes frei
Nach Suchlauf: 23 Verzeichnis(se), 15.433.052.160 Bytes frei
.
- - End Of File - - 4CE800887B7A4C29D0725E646323EC12
A36C5E4F47E84449FF07ED3517B43A31
|
|
08.12.2013, 07:05
| #6 |
| /// the machine /// TB-Ausbilder | Adware: Ultra Downloads Notifier // Überschüttet mich mit Werbung Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> Adware: Ultra Downloads Notifier // Überschüttet mich mit Werbung |
|
11.12.2013, 21:44
| #7 |
| | Adware: Ultra Downloads Notifier // Überschüttet mich mit Werbung Hier die Logfiles, tut mir leid für die Verspätung hatte heute erst Zeit die Scans durchzuführen. Malwarebytes Code:
ATTFilter Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Datenbank Version: v2013.12.11.05 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 11.0.9600.16428 Luc :: LUC-PC [Administrator] 11.12.2013 20:39:58 mbam-log-2013-12-11 (20-39-58).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 252442 Laufzeit: 8 Minute(n), 58 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 24 HKCR\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\TypeLib\{955B782E-CDC8-4CEE-B6F6-AD7D541A8D8A} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\updatebho.TimerBHO.1 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\updatebho.TimerBHO (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ultra Downloads Notifier (PUP.Optional.UltraDownloads.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CrossriderApp0038094.BHO (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CrossriderApp0038094.Sandbox (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CrossriderApp0038094.Sandbox.1 (PUP.Optional.CrossRider.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\PROTOCOLS\HANDLER\BASE64 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\PROTOCOLS\HANDLER\CHROME (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\PROTOCOLS\HANDLER\PROX (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\1ClickDownload (PUP.Optional.1ClickDownload.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\delta LTD (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCU\Software\InstalledBrowserExtensions\ultradownloads (PUP.Optional.UltraDownloads.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\diamondata (PUP.Optional.Diamondata.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Ultra Downloads Notifier (PUP.Optional.UltraDownloads.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311801194} (PUP.Optional.CrossRider.M) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\CLSID\{11111111-1111-1111-1111-110311801194} (PUP.Optional.CrossRider.M) -> Erfolgreich gelöscht und in Quarantäne gestellt. HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311801194} (PUP.Optional.CrossRider.M) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Registrierungswerte: 3 HKCR\protocols\Handler\base64|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\protocols\Handler\chrome|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Erfolgreich gelöscht und in Quarantäne gestellt. HKCR\protocols\Handler\prox|CLSID (PUP.Blabbers) -> Daten: {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 10 C:\Program Files (x86)\Ultra Downloads Notifier (PUP.Optional.UltraDownloads.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\Local\Smartbar (PUP.Optional.SmartBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\Local\Smartbar\Linkury.exe_StrongName_vuedtbpoockmp1sq45awfxuouevabx0i (PUP.Optional.SmartBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\Local\Smartbar\Linkury.exe_StrongName_vuedtbpoockmp1sq45awfxuouevabx0i\1.2.0.0 (PUP.Optional.SmartBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\Roaming\OpenCandy (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\Roaming\OpenCandy\43D709688A994BFC8B3E765253C2881A (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\Roaming\OpenCandy\OpenCandy_43D709688A994BFC8B3E765253C2881A (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. Infizierte Dateien: 153 C:\Users\Luc\AppData\Roaming\OpenCandy\43D709688A994BFC8B3E765253C2881A\LinkuryInstaller.msi (PUP.Optional.SmartBar) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\Roaming\OpenCandy\43D709688A994BFC8B3E765253C2881A\LinkuryInstaller_p1v12.exe (PUP.Optional.SmartBar) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\Downloads\Brothersoft_downloader_For_Hamachi.exe (PUP.Optional.BSDownloader) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\Downloads\DOTA-2-Dragon-Knight_1920x1080.exe (PUP.Optional.UltraDownloads.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\Downloads\SoftonicDownloader_fuer_gameranger.exe (PUP.Optional.Softonic) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\Downloads\SoftonicDownloader_fuer_minecraft-server.exe (PUP.Optional.Softonic) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\Downloads\SoftonicDownloader_fuer_picture-converter.exe (PUP.Optional.Softonic) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\Downloads\winamp565_full_emusic-7plus_all.exe (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\Downloads\XSplit.full.rar_downloader_de_99138.exe (PUP.Optional.ExpressFiles.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Ultra Downloads Notifier\background.html (PUP.Optional.UltraDownloads.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Ultra Downloads Notifier\38094.crx (PUP.Optional.UltraDownloads.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Ultra Downloads Notifier\38094.xpi (PUP.Optional.UltraDownloads.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Ultra Downloads Notifier\Installer.log (PUP.Optional.UltraDownloads.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Ultra Downloads Notifier\Ultra Downloads Notifier-bg.exe (PUP.Optional.UltraDownloads.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Ultra Downloads Notifier\Ultra Downloads Notifier-bho64.dll (PUP.Optional.UltraDownloads.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Ultra Downloads Notifier\Ultra Downloads Notifier-buttonutil.dll (PUP.Optional.UltraDownloads.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Ultra Downloads Notifier\Ultra Downloads Notifier-buttonutil.exe (PUP.Optional.UltraDownloads.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Ultra Downloads Notifier\Ultra Downloads Notifier-buttonutil64.dll (PUP.Optional.UltraDownloads.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Ultra Downloads Notifier\Ultra Downloads Notifier-buttonutil64.exe (PUP.Optional.UltraDownloads.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Ultra Downloads Notifier\Ultra Downloads Notifier-chromeinstaller.exe (PUP.Optional.UltraDownloads.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Ultra Downloads Notifier\Ultra Downloads Notifier-codedownloader.exe (PUP.Optional.UltraDownloads.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Ultra Downloads Notifier\Ultra Downloads Notifier-enabler.exe (PUP.Optional.UltraDownloads.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Ultra Downloads Notifier\Ultra Downloads Notifier-firefoxinstaller.exe (PUP.Optional.UltraDownloads.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Ultra Downloads Notifier\Ultra Downloads Notifier-helper.exe (PUP.Optional.UltraDownloads.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Ultra Downloads Notifier\Ultra Downloads Notifier-updater.exe (PUP.Optional.UltraDownloads.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Ultra Downloads Notifier\Ultra Downloads Notifier.ico (PUP.Optional.UltraDownloads.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Ultra Downloads Notifier\Uninstall.exe (PUP.Optional.UltraDownloads.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Program Files (x86)\Ultra Downloads Notifier\utils.exe (PUP.Optional.UltraDownloads.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Tasks\Ultra Downloads Notifier-chromeinstaller.job (PUP.Optional.UltraDownloads.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Tasks\Ultra Downloads Notifier-codedownloader.job (PUP.Optional.UltraDownloads.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Tasks\Ultra Downloads Notifier-enabler.job (PUP.Optional.UltraDownloads.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Tasks\Ultra Downloads Notifier-firefoxinstaller.job (PUP.Optional.UltraDownloads.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Windows\Tasks\Ultra Downloads Notifier-updater.job (PUP.Optional.UltraDownloads.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\BCHelper.exe (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\fix2.js (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\fix3.js (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\fix4.js (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\icon.png (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\jquery4toolbar.js (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\lock.js (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\witapi.js (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\witmain.js (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\wittoolbar.js (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\witwidgetapi.js (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\0324adea3b6ec02af09ea4ae9424591b (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\0324adea3b6ec02af09ea4ae9424591b_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\150b7566b7871fb6e0ef44753d0c6dc3_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\170f337942c410233f577de5778810a6 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\170f337942c410233f577de5778810a6_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\1bcf5a8f2429c4942ad539ef2c5df336 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\1bcf5a8f2429c4942ad539ef2c5df336_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\231785d024a11371bfc94ffff0a4b741_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\292124057d00cb0fa73db6b90d079658 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\292124057d00cb0fa73db6b90d079658_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\2a86ac4f3322238b4f27d14a09839275 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\2a86ac4f3322238b4f27d14a09839275_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\2e0dda2d2281da01c330dc3e12b45a9d_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\2e74403c227112bec523796d5a77d77e (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\2e74403c227112bec523796d5a77d77e_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\38207d71d9cc86fb6daebc118ce6286c_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\3b507b6d0186efd3615b9b9233c5f708 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\3b507b6d0186efd3615b9b9233c5f708_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\3b6b74d5a92c729ce36a9d055d3db8e9 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\3b6b74d5a92c729ce36a9d055d3db8e9_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\4713e82e27fb9719d76577d1585acb00_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\477f5134e73f0099219c494cb23f6657_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\4ad053d40dfa5cab7948e9251df6e3d9 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\4ad053d40dfa5cab7948e9251df6e3d9_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\4d3d10bd28ff623813254a49b26be41f_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\5f4ce27504a73ff97d1936c597c769e5 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\5f4ce27504a73ff97d1936c597c769e5_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\61e2ae11ba3d1cbe8887ea80f192e299 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\61e2ae11ba3d1cbe8887ea80f192e299_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\6496a43cad388e4b78f1ecce8fcffc27_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\6d091eb0bf44b762a039ee138e6b165c_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\6f8b3140943075f95ae0c74c1a13b752_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\6ff6ea009817b27df633b37777d528cd (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\6ff6ea009817b27df633b37777d528cd_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\897979c67bed116efad1a04f5f229ecd_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\8a8dc36effa0a0300d6fb1a383936a49 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\8a8dc36effa0a0300d6fb1a383936a49_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\8ccfda3ab1ab5bbc5d7af38840ba022b (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\8ccfda3ab1ab5bbc5d7af38840ba022b_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\8fd0e5f2c42f56c41599ca329ef70350_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\8ffbb13aa6f702b0cafab391f90d1db7 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\8ffbb13aa6f702b0cafab391f90d1db7_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\92014bb7f6462cb491e652ca4941f1d2 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\92014bb7f6462cb491e652ca4941f1d2_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\9803c283e94e743374151c4bbe60a5df (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\9803c283e94e743374151c4bbe60a5df_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\9c2afdb0a6d9bf59b300144154b58c67_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\9c86b973456448ae01f1cbc0d6cf607a_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\a227f4517bd7937e697182f46906a6b4_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\a38dbdd1af07f4236d43e8fd995f57a6 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\a38dbdd1af07f4236d43e8fd995f57a6_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\a4cc6ab573e4a5fee2a418e22d3c14dc (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\a4cc6ab573e4a5fee2a418e22d3c14dc_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\a6d4447986c4e442d92ed00b149c14f3_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\a74277a9a3c0203a3093f810f43fbc11 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\a74277a9a3c0203a3093f810f43fbc11_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\a95092a9bd34f5cfc98f78ca74502f36_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\aa36bceec49c832079e270icmc219ats (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\b3688636ecfdc491aea728939c15f43e_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\b5080fd498f4580cd85cbf8ff41766c5_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\b5bc7084382de95cb69790e5d10db338 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\b5bc7084382de95cb69790e5d10db338_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\bf73732e1f0b76bac435293ba3880579 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\bf73732e1f0b76bac435293ba3880579_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\c6d8337e4b016a68fdbb60b29e7d254d (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\c6d8337e4b016a68fdbb60b29e7d254d_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\cbb647c72e5b13b52d1392c603dcfde6 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\cbb647c72e5b13b52d1392c603dcfde6_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\cbb69a449d3e39b3a3781ffb1d7fa52b (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\cbb69a449d3e39b3a3781ffb1d7fa52b_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\d2458fd784f4eb7cff549c598cd14651 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\d2458fd784f4eb7cff549c598cd14651_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\d5747e13728fd7df356bc13545143ea6_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\d6418e300158fb16d8396d122d4b423b_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\d83bb387de1d7c4401815e133de06c6b (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\d83bb387de1d7c4401815e133de06c6b_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\d89bfd841403290d610bcf662008b443 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\d89bfd841403290d610bcf662008b443_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\dc6668d28979688b1e2066d1dcaef0f6 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\dc6668d28979688b1e2066d1dcaef0f6_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\df4525cd4117d8ae1c7453b139759242 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\df4525cd4117d8ae1c7453b139759242_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\e02b35320e5111f1b626466c13c70a0a (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\e02b35320e5111f1b626466c13c70a0a_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\e3cd5b2c64ca319aadec7c28c6c6feba_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\e6c109bf52ef89fe99f9a9379617ab0e_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\e7215b147326809c45f6cf0952274624 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\e7215b147326809c45f6cf0952274624_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\e72174145ae7671ff95578a2089c26b2 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\e72174145ae7671ff95578a2089c26b2_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\e919434ec29526b28593c426e4264271_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\e9e14a99847657c53e1cc29cc55ab7af_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\ece5f266221b5245c6e3d7e27ddee963 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\ece5f266221b5245c6e3d7e27ddee963_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\ece71b71690fad200cbed95871ef4bb2 (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\ece71b71690fad200cbed95871ef4bb2_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\eeab68dd74d26245087956fb3caf6937_DE (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\f03527c67e08602d2e4c18ae7867300d_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\fa74672918974682c82b8d91dfbe0d6b_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\LocalLow\bbrs_002.tb\content\cache\ff4d692d5e7cccbc4b3e9ef4062b1c6f_expire (PUP.Blabbers) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\Local\Smartbar\Linkury.exe_StrongName_vuedtbpoockmp1sq45awfxuouevabx0i\1.2.0.0\user.config (PUP.Optional.SmartBar.A) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\Roaming\OpenCandy\43D709688A994BFC8B3E765253C2881A\2787.ico (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\Roaming\OpenCandy\43D709688A994BFC8B3E765253C2881A\EBB77268-338F-4C6A-8590-AD88FED26F4A (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. C:\Users\Luc\AppData\Roaming\OpenCandy\43D709688A994BFC8B3E765253C2881A\OCBrowserHelper_1.0.3.85.dll (PUP.Optional.OpenCandy) -> Erfolgreich gelöscht und in Quarantäne gestellt. (Ende) Code:
ATTFilter # AdwCleaner v3.015 - Bericht erstellt am 11/12/2013 um 21:18:34
# Updated 10/12/2013 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : Luc - LUC-PC
# Gestartet von : C:\Users\Luc\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
Dienst Gelöscht : BCUService
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\DeviceVM
Ordner Gelöscht : C:\ProgramData\NCH Software
Ordner Gelöscht : C:\ProgramData\Tarma Installer
Ordner Gelöscht : C:\Program Files (x86)\Conduit
Ordner Gelöscht : C:\Program Files (x86)\DeviceVM
Ordner Gelöscht : C:\Program Files (x86)\diamondata
Ordner Gelöscht : C:\Program Files (x86)\Mein Gutscheincode Finder
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Program Files (x86)\NCH Software
Ordner Gelöscht : C:\Program Files (x86)\TornTV.com
Ordner Gelöscht : C:\Users\Luc\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\Luc\AppData\Local\Ilivid Player
Ordner Gelöscht : C:\Users\Luc\AppData\Local\Linkury
Ordner Gelöscht : C:\Users\Luc\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Luc\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Luc\AppData\LocalLow\facemoods.com
Ordner Gelöscht : C:\Users\Luc\AppData\LocalLow\PriceGong
Ordner Gelöscht : C:\Users\Luc\AppData\Roaming\BrowserCompanion
Ordner Gelöscht : C:\Users\Luc\AppData\Roaming\DeviceVM
Ordner Gelöscht : C:\Users\Luc\AppData\Roaming\goforfiles
Ordner Gelöscht : C:\Users\Luc\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Luc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com
Ordner Gelöscht : C:\Users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf
Ordner Gelöscht : C:\Users\Luc\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Windows\System32\Tasks\GoforFilesUpdate
Datei Gelöscht : C:\Windows\System32\Tasks\NCH Software
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\gfhdkohbepelnfckgjinfddmecpngnpb
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AddressBarSearch.SearchHook.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\tdataprotocol.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\updatebho.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\LinkurySmartBar.DockingPanel
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkuryMenuForm
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBar
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\LinkurySmartBar.LinkurySmartBarBandObject
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\tdataprotocol.CTData
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\tdataprotocol.CTData.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\facemoodssrv_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\GoforFiles_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [BCU]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Toolbar.CT2319825
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_malwarebytes-anti-malware_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_malwarebytes-anti-malware_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_amcap_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_amcap_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_fl-studio_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_fl-studio_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_fraps_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_fraps_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_freemind_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_freemind_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_furmark_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_furmark_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_gameranger_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_gameranger_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_mcpatcher_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_mcpatcher_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft-server_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_minecraft-server_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_morphvox_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_morphvox_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_photoscape_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_photoscape_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_samplitude-music-studio-mx_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_samplitude-music-studio-mx_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{373ED12D-B306-43AC-9485-A7C5133DC34C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{ED6535E7-F778-48A5-A060-549D30024511}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{63E471BB-23F1-3A92-8D43-4079E7B7FA8E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B397BC55-576C-39E6-BF64-9E2A96317447}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B973AB12-952F-31C4-A321-E8FA6FE4421E}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EC5983DF-8DE2-31B5-989F-850F265E7F3C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322802294}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355805594}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366806694}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{77AA6435-2488-4A94-9FE5-49519DD2ED9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{830B56CB-FD22-44AA-9887-7898F4F4158D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{8830DDF0-3042-404D-A62C-384A85E34833}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{4327FABE-3C22-4689-8DBF-D226CF777FE9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{63E471BB-23F1-3A92-8D43-4079E7B7FA8E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{B397BC55-576C-39E6-BF64-9E2A96317447}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{B973AB12-952F-31C4-A321-E8FA6FE4421E}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EC5983DF-8DE2-31B5-989F-850F265E7F3C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322802294}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{0FA32667-9A8A-4E9C-902F-CA3323180003}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{817923CB-4744-4216-B250-CF7EDA8F1767}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{9F0C17EB-EF2C-4278-9136-2D547656BC03}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355805594}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366806694}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1ED16E0A-E8C4-40A0-8BC2-79485D21F796}
Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : HKCU\Software\Blabbers
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\DeviceVM
Schlüssel Gelöscht : HKCU\Software\GoforFiles
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\NCH Software
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\PriceGong
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartBar
Schlüssel Gelöscht : HKLM\Software\BrowserCompanion
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\Software\DeviceVM
Schlüssel Gelöscht : HKLM\Software\GoforFiles
Schlüssel Gelöscht : HKLM\Software\Iminent
Schlüssel Gelöscht : HKLM\Software\NCH Software
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BrowserCompanion
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16428
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default]
-\\ Mozilla Firefox v25.0.1 (de)
[ Datei : C:\Users\Luc\AppData\Roaming\Mozilla\Firefox\Profiles\v7v8ybwe.default\prefs.js ]
Zeile gelöscht : user_pref("extensions.a5e303593d0594ae3a11d8a91cdbdd8c99f8368f305e54dfe9f027bf4726fa8f8com38094.38094.cookie.CrossriderNotifier_channels.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a5e303593d0594ae3a11d8a91cdbdd8c99f8368f305e54dfe9f027bf4726fa8f8com38094.38094.cookie.CrossriderNotifier_channels.value", "%7B%22app0%22%3A%22app0%22%2C%22app38094%22%3A%22app38[...]
Zeile gelöscht : user_pref("extensions.a5e303593d0594ae3a11d8a91cdbdd8c99f8368f305e54dfe9f027bf4726fa8f8com38094.38094.cookie.CrossriderNotifier_css.expiration", "Thu Dec 12 2013 20:28:39 GMT+0100");
Zeile gelöscht : user_pref("extensions.a5e303593d0594ae3a11d8a91cdbdd8c99f8368f305e54dfe9f027bf4726fa8f8com38094.38094.cookie.CrossriderNotifier_css.value", "%22.%25CSSClass%25%20%7B%5Cn%5Ctdisplay%3Anone%3B%5Cn%7D%5C[...]
Zeile gelöscht : user_pref("extensions.a5e303593d0594ae3a11d8a91cdbdd8c99f8368f305e54dfe9f027bf4726fa8f8com38094.38094.cookie.CrossriderNotifier_geolocation.expiration", "Sun Dec 15 2013 14:38:05 GMT+0100");
Zeile gelöscht : user_pref("extensions.a5e303593d0594ae3a11d8a91cdbdd8c99f8368f305e54dfe9f027bf4726fa8f8com38094.38094.cookie.CrossriderNotifier_geolocation.value", "%22DE%22");
Zeile gelöscht : user_pref("extensions.a5e303593d0594ae3a11d8a91cdbdd8c99f8368f305e54dfe9f027bf4726fa8f8com38094.38094.cookie.CrossriderNotifier_messages.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a5e303593d0594ae3a11d8a91cdbdd8c99f8368f305e54dfe9f027bf4726fa8f8com38094.38094.cookie.CrossriderNotifier_messages.value", "%7B%22data%22%3A%7B%22592%22%3A%7B%22id%22%3A592%2C%22[...]
Zeile gelöscht : user_pref("extensions.a5e303593d0594ae3a11d8a91cdbdd8c99f8368f305e54dfe9f027bf4726fa8f8com38094.38094.cookie.CrossriderNotifier_metadata.expiration", "Wed Dec 11 2013 21:28:39 GMT+0100");
Zeile gelöscht : user_pref("extensions.a5e303593d0594ae3a11d8a91cdbdd8c99f8368f305e54dfe9f027bf4726fa8f8com38094.38094.cookie.CrossriderNotifier_metadata.value", "%7B%22appId%22%3A38094%2C%22appName%22%3A%22Ultra%20Do[...]
Zeile gelöscht : user_pref("extensions.a5e303593d0594ae3a11d8a91cdbdd8c99f8368f305e54dfe9f027bf4726fa8f8com38094.38094.internaldb.Resources_meta.value", "%7B%22style.css%22%3A%7B%22id%22%3A212397%2C%22ver%22%3A5%2C%22[...]
Zeile gelöscht : user_pref("extensions.crossrider.bic", "1423c4f250cf3031d3e2c55f8fe6bd8c");
[ Datei : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\kru0ao3z.default\prefs.js ]
Zeile gelöscht : user_pref("extensions.a5e303593d0594ae3a11d8a91cdbdd8c99f8368f305e54dfe9f027bf4726fa8f8com38094.38094.cookie.CrossriderNotifier_channels.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a5e303593d0594ae3a11d8a91cdbdd8c99f8368f305e54dfe9f027bf4726fa8f8com38094.38094.cookie.CrossriderNotifier_channels.value", "%7B%22app0%22%3A%22app0%22%2C%22app38094%22%3A%22app38[...]
Zeile gelöscht : user_pref("extensions.a5e303593d0594ae3a11d8a91cdbdd8c99f8368f305e54dfe9f027bf4726fa8f8com38094.38094.cookie.CrossriderNotifier_css.expiration", "Tue Dec 10 2013 17:30:12 GMT+0100");
Zeile gelöscht : user_pref("extensions.a5e303593d0594ae3a11d8a91cdbdd8c99f8368f305e54dfe9f027bf4726fa8f8com38094.38094.cookie.CrossriderNotifier_css.value", "%22.%25CSSClass%25%20%7B%5Cn%5Ctdisplay%3Anone%3B%5Cn%7D%5C[...]
Zeile gelöscht : user_pref("extensions.a5e303593d0594ae3a11d8a91cdbdd8c99f8368f305e54dfe9f027bf4726fa8f8com38094.38094.cookie.CrossriderNotifier_geolocation.expiration", "Mon Dec 16 2013 17:30:10 GMT+0100");
Zeile gelöscht : user_pref("extensions.a5e303593d0594ae3a11d8a91cdbdd8c99f8368f305e54dfe9f027bf4726fa8f8com38094.38094.cookie.CrossriderNotifier_geolocation.value", "%22DE%22");
Zeile gelöscht : user_pref("extensions.a5e303593d0594ae3a11d8a91cdbdd8c99f8368f305e54dfe9f027bf4726fa8f8com38094.38094.cookie.CrossriderNotifier_messages.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a5e303593d0594ae3a11d8a91cdbdd8c99f8368f305e54dfe9f027bf4726fa8f8com38094.38094.cookie.CrossriderNotifier_messages.value", "%7B%22data%22%3A%7B%22592%22%3A%7B%22id%22%3A592%2C%22[...]
Zeile gelöscht : user_pref("extensions.a5e303593d0594ae3a11d8a91cdbdd8c99f8368f305e54dfe9f027bf4726fa8f8com38094.38094.cookie.CrossriderNotifier_metadata.expiration", "Mon Dec 09 2013 18:30:11 GMT+0100");
Zeile gelöscht : user_pref("extensions.a5e303593d0594ae3a11d8a91cdbdd8c99f8368f305e54dfe9f027bf4726fa8f8com38094.38094.cookie.CrossriderNotifier_metadata.value", "%7B%22appId%22%3A38094%2C%22appName%22%3A%22Ultra%20Do[...]
Zeile gelöscht : user_pref("extensions.a5e303593d0594ae3a11d8a91cdbdd8c99f8368f305e54dfe9f027bf4726fa8f8com38094.38094.internaldb.Resources_meta.value", "%7B%22style.css%22%3A%7B%22id%22%3A212397%2C%22ver%22%3A5%2C%22[...]
Zeile gelöscht : user_pref("extensions.a5e303593d0594ae3a11d8a91cdbdd8c99f8368f305e54dfe9f027bf4726fa8f8com38094.38094.internaldb.cache/2a71b3b28494cf1854d333288ccc18ba_DE.value", "%22var%20cat_2a71b3b28494cf1854d3332[...]
Zeile gelöscht : user_pref("extensions.a5e303593d0594ae3a11d8a91cdbdd8c99f8368f305e54dfe9f027bf4726fa8f8com38094.38094.internaldb.cache/3518e1eac042730aa1274618984462b3_DE.value", "%22var%20cat_3518e1eac042730aa127461[...]
Zeile gelöscht : user_pref("extensions.a5e303593d0594ae3a11d8a91cdbdd8c99f8368f305e54dfe9f027bf4726fa8f8com38094.38094.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9.value", "%22function%20tcmMarkWindow%28a%29%7Bva[...]
Zeile gelöscht : user_pref("extensions.a5e303593d0594ae3a11d8a91cdbdd8c99f8368f305e54dfe9f027bf4726fa8f8com38094.38094.internaldb.cache/d5baae4ef839769f8eb7e9f9d82d8a40_DE.value", "%22var%20cat_d5baae4ef839769f8eb7e9f[...]
Zeile gelöscht : user_pref("extensions.crossrider.bic", "1412b87231a1ce938d76916bba28e97c");
*************************
AdwCleaner[R0].txt - [22026 octets] - [11/12/2013 21:17:42]
AdwCleaner[S0].txt - [20318 octets] - [11/12/2013 21:18:34]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [20379 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.8 (11.05.2013:1)
OS: Windows 7 Ultimate x64
Ran by Luc on 11.12.2013 at 21:27:14,68
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-139755560-1312564612-3865908286-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\linkurysmartbar.bandobjectattribute
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\HappyLyrics_2802-7edf9df5_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\HappyLyrics_2802-7edf9df5_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricStarUpdater_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricStarUpdater_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\HappyLyrics_2802-7edf9df5_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\HappyLyrics_2802-7edf9df5_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\LyricStarUpdater_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\LyricStarUpdater_RASMANCS
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Luc\appdata\local\cre"
Successfully deleted: [Empty Folder] C:\Users\Luc\appdata\local\{00073FD1-B50A-4DD1-86DE-A3CEAAB4A27C}
Successfully deleted: [Empty Folder] C:\Users\Luc\appdata\local\{0E3A3F62-5F91-44F0-A098-6318549E110A}
Successfully deleted: [Empty Folder] C:\Users\Luc\appdata\local\{913B03D0-987F-4C17-AB32-2981C17994E7}
Successfully deleted: [Empty Folder] C:\Users\Luc\appdata\local\{B42D837B-20F1-4168-8403-77C2F68EFF3B}
~~~ FireFox
Successfully deleted: [Folder] C:\Users\Luc\AppData\Roaming\mozilla\firefox\profiles\v7v8ybwe.default\extensions\5e303593-d059-4ae3-a11d-8a91cdbdd8c9@9f8368f3-05e5-4dfe-9f02-7bf4726fa8f8.com
Emptied folder: C:\Users\Luc\AppData\Roaming\mozilla\firefox\profiles\v7v8ybwe.default\minidumps [15 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.12.2013 at 21:32:13,05
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
12.12.2013, 11:54
| #8 |
| /// the machine /// TB-Ausbilder | Adware: Ultra Downloads Notifier // Überschüttet mich mit WerbungESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Adware: Ultra Downloads Notifier // Überschüttet mich mit Werbung |
| adware, daten, doppelt, firefox, geblockt, links, problem, pup.blabbers, pup.optional.1clickdownload.a, pup.optional.bsdownloader, pup.optional.crossrider.a, pup.optional.crossrider.m, pup.optional.delta.a, pup.optional.diamondata.a, pup.optional.expressfiles.a, pup.optional.opencandy, pup.optional.smartbar, pup.optional.smartbar.a, pup.optional.softonic, pup.optional.ultradownloads.a, removaltool, ultra downloads, ultra downloads notifier, unerwünschte werbung, unseriöse seiten, windows 7 |
WARNUNG an die MITLESER: 
Linear-Darstellung
