Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 18.05.2014, 22:16   #1
ajourmuster
 
TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3 - Standard

TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3



Hallo,
ich habe von Avira gemeldet bekommen, dass die im Titel genannten Dateien/Trojaner gefunden wurden. Mein Computer ist seit drei Wochen super langsam, im Internet überall fragwürdige Werbeanzeigen und so weiter...
Ich habe versucht alle Anweisungen zu den Logfiles zu befolgen, jetzt habe ich folgendes:

1. FRST
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-05-2014
Ran by coolelisa (administrator) on LISALAPTOP on 18-05-2014 22:19:45
Running from C:\Users\coolelisa\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(ArcSoft, Inc.) C:\Program Files (x86)\MSI\ArcSoft\TotalMedia\TMMonitor.exe
(Dropbox, Inc.) C:\Users\coolelisa\AppData\Roaming\Dropbox\bin\Dropbox.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
() C:\Users\coolelisa\Downloads\UltimateCodec.exe
(                                                            ) C:\Users\coolelisa\AppData\Local\Temp\is357113909\3726848_stp\SmartWrapper.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [862088 2011-01-28] (Acer Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Windows7FirewallControl] => C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe [1126400 2012-04-12] (Sphinx Software)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-14] (Intel Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1077328 2011-02-14] (Dritek System Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-05-30] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [348664 2012-08-17] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-06-07] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1325642598-3495664763-1817961077-1001\...\Run: [YouTube Mini] => C:\Program Files (x86)\YoutubeDownloader.org\YouTubeDownloader\YouTube Mini.exe
HKU\S-1-5-21-1325642598-3495664763-1817961077-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1325642598-3495664763-1817961077-501\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_8_800_168_Plugin.exe [815496 2013-09-29] (Adobe Systems Incorporated)
HKU\S-1-5-21-1325642598-3495664763-1817961077-501\...\MountPoints2: E - E:\LaunchU3.exe -a
Lsa: [Notification Packages] scecli EgisPwdFilter EgisDSPwdFilter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\MSI\ArcSoft\TotalMedia\TMMonitor.exe (ArcSoft, Inc.)
Startup: C:\Users\coolelisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\coolelisa\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\coolelisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.landing.savetubevideo.com/index.php?from=3
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
URLSearchHook: HKCU - (No Name) - {32b29df0-2237-4370-9a29-37cebb730e9b} - No File
SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2704262
SearchScopes: HKCU - DefaultScope {2877A654-1C9F-4cb5-8438-16022B2FDD9C} URL = hxxp://www.landing.savetubevideo.com/results.php?q={searchTerms}
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {2877A654-1C9F-4cb5-8438-16022B2FDD9C} URL = hxxp://www.landing.savetubevideo.com/results.php?q={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2704262
BHO: Torntv V9.0 - {11111111-1111-1111-1111-110511131190} - C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-bho64.dll No File
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Torntv V9.0 - {11111111-1111-1111-1111-110511131190} - C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-bho.dll No File
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Toolbar: HKCU - No Name - {32B29DF0-2237-4370-9A29-37CEBB730E9B} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{B2617033-4097-4E6F-99FE-2A8DC49AFC1D}: [NameServer]8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default
FF DefaultSearchEngine: Ecosia
FF SelectedSearchEngine: Ecosia
FF Homepage: hxxp://www.spiegel.de/
FF Keyword.URL: hxxp://www.landing.savetubevideo.com/results.php?q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\searchplugins\ecosia.xml
FF SearchPlugin: C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\searchplugins\GoogleFeed.xml
FF SearchPlugin: C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Torntv V9.0 - C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\Extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com [2014-03-23]
FF Extension: YouTube Unblocker - C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\Extensions\youtubeunblocker@unblocker.yt [2014-05-15]
FF Extension: {9d374d97-b968-496d-bc9a-136038834261} - C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\Extensions\{9d374d97-b968-496d-bc9a-136038834261}.xpi [2014-05-17]
FF Extension: Adblock Plus - C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-09]

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86224 2012-05-08] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-08] (Avira Operations GmbH & Co. KG)
R2 Windows7FirewallService; C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe [760320 2012-04-12] (Sphinx Software)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-05-08] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-05-08] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2011-09-16] (Avira GmbH)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-18 22:19 - 2014-05-18 22:20 - 00014357 _____ () C:\Users\coolelisa\Downloads\FRST.txt
2014-05-18 22:19 - 2014-05-18 22:19 - 02067456 _____ (Farbar) C:\Users\coolelisa\Downloads\FRST64.exe
2014-05-18 22:19 - 2014-05-18 22:19 - 00000000 ____D () C:\FRST
2014-05-18 22:14 - 2014-05-18 22:14 - 00050477 _____ () C:\Users\coolelisa\Downloads\Defogger.exe
2014-05-18 22:14 - 2014-05-18 22:14 - 00000000 _____ () C:\Users\coolelisa\defogger_reenable
2014-05-18 22:06 - 2014-05-18 22:06 - 00003340 _____ () C:\Windows\System32\Tasks\Advanced System Protector
2014-05-18 22:06 - 2014-05-18 22:06 - 00003108 _____ () C:\Windows\System32\Tasks\RegClean Pro
2014-05-18 22:06 - 2014-05-18 22:06 - 00003046 _____ () C:\Windows\System32\Tasks\RegClean Pro_UPDATES
2014-05-18 22:06 - 2014-05-18 22:06 - 00002890 _____ () C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
2014-05-18 22:06 - 2014-05-18 22:06 - 00000292 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-05-18 22:06 - 2014-05-18 22:06 - 00000284 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-05-18 22:06 - 2014-05-18 22:06 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\Advanced System Protector
2014-05-18 22:05 - 2014-05-18 22:05 - 00001996 _____ () C:\Windows\unins000.dat
2014-05-18 22:05 - 2014-05-18 22:05 - 00001058 _____ () C:\Users\Public\Desktop\RegClean Pro.lnk
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\Systweak
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\LavFilters
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\CDXReader
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DirectVobSub
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\ProgramData\DivX
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\Xvid
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\Lame For Audacity
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\Haali
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\ffdshow
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\DSP-worx
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\DirectVobSub
2014-05-18 22:05 - 2014-05-18 22:04 - 00715038 _____ () C:\Windows\unins000.exe
2014-05-18 22:05 - 2014-04-25 14:49 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2014-05-18 22:05 - 2012-02-26 16:47 - 00079360 _____ () C:\Windows\SysWOW64\ff_vfw.dll
2014-05-18 22:05 - 2012-01-09 20:45 - 00178688 _____ () C:\Windows\SysWOW64\unrar.dll
2014-05-18 22:05 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll
2014-05-18 22:05 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2014-05-18 22:05 - 2011-05-30 15:42 - 00255488 _____ () C:\Windows\system32\xvidvfw.dll
2014-05-18 22:05 - 2011-05-30 15:42 - 00240640 _____ () C:\Windows\SysWOW64\xvidvfw.dll
2014-05-18 22:05 - 2011-05-23 11:52 - 00153088 _____ () C:\Windows\SysWOW64\xvid.ax
2014-05-18 22:05 - 2011-05-23 09:49 - 00173568 _____ () C:\Windows\system32\xvid.ax
2014-05-18 22:05 - 2011-05-23 09:46 - 00645632 _____ () C:\Windows\SysWOW64\xvidcore.dll
2014-05-18 22:05 - 2011-05-23 09:45 - 00696832 _____ () C:\Windows\system32\xvidcore.dll
2014-05-18 22:04 - 2014-05-18 22:04 - 00000000 ____D () C:\Program Files (x86)\OpenSource Flash Video Splitter
2014-05-18 22:02 - 2014-05-18 22:17 - 00001135 _____ () C:\Users\coolelisa\Desktop\Continue Codec Pack Installation.lnk
2014-05-18 22:01 - 2014-05-18 22:01 - 00678112 _____ () C:\Users\coolelisa\Downloads\UltimateCodec.exe
2014-05-18 21:06 - 2014-05-18 21:06 - 05255978 _____ () C:\Users\coolelisa\Downloads\WP 2020 Stand 2014-05-13 Kopie.zip
2014-05-16 01:03 - 2014-05-16 01:03 - 00000000 ____D () C:\0e665f10d1af54ce4a8e86d9ab0aa5
2014-05-14 18:57 - 2014-05-14 18:57 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\DropboxMaster
2014-05-13 23:52 - 2014-05-13 23:52 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\Windows Live Writer
2014-05-13 23:52 - 2014-05-13 23:52 - 00000000 ____D () C:\Users\coolelisa\AppData\Local\Windows Live Writer
2014-05-13 11:10 - 2014-05-13 11:10 - 00000000 ____D () C:\Users\coolelisa\AppData\Local\CrashDumps
2014-05-11 12:57 - 2014-05-11 13:22 - 00000000 ____D () C:\NPE
2014-05-11 12:48 - 2014-05-11 13:26 - 00000000 ____D () C:\Users\coolelisa\AppData\Local\NPE
2014-05-11 12:48 - 2014-05-11 12:48 - 03081712 ____N (Symantec Corporation) C:\Users\coolelisa\Downloads\NPE.exe
2014-05-11 12:48 - 2014-05-11 12:48 - 00000000 ____D () C:\ProgramData\Norton
2014-05-11 12:41 - 2014-05-11 12:41 - 00629584 _____ (Chip Digital GmbH) C:\Users\coolelisa\Downloads\Norton Power Eraser - CHIP-Downloader.exe
2014-05-11 12:36 - 2014-05-11 12:36 - 00004054 _____ () C:\Users\coolelisa\Desktop\Bewerbung MOME.lnk
2014-05-08 10:54 - 2014-05-08 10:54 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-06 14:12 - 2014-04-14 04:24 - 00465408 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-06 14:12 - 2014-04-14 04:19 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-04 17:43 - 2014-04-29 16:14 - 19275264 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-04 17:43 - 2014-04-29 14:47 - 14357504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-04 17:43 - 2014-04-29 14:36 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-04 17:43 - 2014-04-29 14:25 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-24 22:10 - 2014-04-24 22:10 - 00013201 _____ () C:\Users\coolelisa\Downloads\Protokoll 24.4.14.odt
2014-04-22 20:31 - 2014-04-22 20:31 - 04081800 _____ () C:\Users\coolelisa\Downloads\waschhaus_Illu1.tif
2014-04-22 20:31 - 2014-04-22 20:31 - 02777264 _____ () C:\Users\coolelisa\Downloads\waschhaus_Ill2.tif

==================== One Month Modified Files and Folders =======

2014-05-18 22:20 - 2014-05-18 22:19 - 00014357 _____ () C:\Users\coolelisa\Downloads\FRST.txt
2014-05-18 22:19 - 2014-05-18 22:19 - 02067456 _____ (Farbar) C:\Users\coolelisa\Downloads\FRST64.exe
2014-05-18 22:19 - 2014-05-18 22:19 - 00000000 ____D () C:\FRST
2014-05-18 22:17 - 2014-05-18 22:02 - 00001135 _____ () C:\Users\coolelisa\Desktop\Continue Codec Pack Installation.lnk
2014-05-18 22:14 - 2014-05-18 22:14 - 00050477 _____ () C:\Users\coolelisa\Downloads\Defogger.exe
2014-05-18 22:14 - 2014-05-18 22:14 - 00000000 _____ () C:\Users\coolelisa\defogger_reenable
2014-05-18 22:14 - 2011-08-18 13:58 - 00000000 ____D () C:\Users\coolelisa
2014-05-18 22:12 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-18 22:12 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-18 22:06 - 2014-05-18 22:06 - 00003340 _____ () C:\Windows\System32\Tasks\Advanced System Protector
2014-05-18 22:06 - 2014-05-18 22:06 - 00003108 _____ () C:\Windows\System32\Tasks\RegClean Pro
2014-05-18 22:06 - 2014-05-18 22:06 - 00003046 _____ () C:\Windows\System32\Tasks\RegClean Pro_UPDATES
2014-05-18 22:06 - 2014-05-18 22:06 - 00002890 _____ () C:\Windows\System32\Tasks\RegClean Pro_DEFAULT
2014-05-18 22:06 - 2014-05-18 22:06 - 00000292 _____ () C:\Windows\Tasks\RegClean Pro_UPDATES.job
2014-05-18 22:06 - 2014-05-18 22:06 - 00000284 _____ () C:\Windows\Tasks\RegClean Pro_DEFAULT.job
2014-05-18 22:06 - 2014-05-18 22:06 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\Advanced System Protector
2014-05-18 22:05 - 2014-05-18 22:05 - 00001996 _____ () C:\Windows\unins000.dat
2014-05-18 22:05 - 2014-05-18 22:05 - 00001058 _____ () C:\Users\Public\Desktop\RegClean Pro.lnk
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\Systweak
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\LavFilters
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\CDXReader
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xvid
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DirectVobSub
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\ProgramData\DivX
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\Xvid
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\RegClean Pro
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\Lame For Audacity
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\Haali
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\ffdshow
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\DSP-worx
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\DirectVobSub
2014-05-18 22:04 - 2014-05-18 22:05 - 00715038 _____ () C:\Windows\unins000.exe
2014-05-18 22:04 - 2014-05-18 22:04 - 00000000 ____D () C:\Program Files (x86)\OpenSource Flash Video Splitter
2014-05-18 22:04 - 2014-03-23 19:09 - 00003258 _____ () C:\Windows\System32\Tasks\Digital Sites
2014-05-18 22:04 - 2014-03-23 19:09 - 00000306 _____ () C:\Windows\Tasks\Digital Sites.job
2014-05-18 22:01 - 2014-05-18 22:01 - 00678112 _____ () C:\Users\coolelisa\Downloads\UltimateCodec.exe
2014-05-18 22:00 - 2011-03-29 03:18 - 01177025 _____ () C:\Windows\WindowsUpdate.log
2014-05-18 21:14 - 2013-11-28 11:46 - 00545923 _____ () C:\Windows\IE11_main.log
2014-05-18 21:06 - 2014-05-18 21:06 - 05255978 _____ () C:\Users\coolelisa\Downloads\WP 2020 Stand 2014-05-13 Kopie.zip
2014-05-18 21:02 - 2014-03-23 19:12 - 00003100 _____ () C:\Windows\Tasks\Torntv V9.0-chromeinstaller.job
2014-05-18 21:02 - 2014-03-23 19:12 - 00002430 _____ () C:\Windows\Tasks\Torntv V9.0-firefoxinstaller.job
2014-05-18 21:02 - 2014-03-23 19:12 - 00001514 _____ () C:\Windows\Tasks\Torntv V9.0-updater.job
2014-05-18 21:02 - 2014-03-23 19:12 - 00001458 _____ () C:\Windows\Tasks\Torntv V9.0-codedownloader.job
2014-05-18 21:02 - 2014-03-23 19:12 - 00001348 _____ () C:\Windows\Tasks\Torntv V9.0-enabler.job
2014-05-18 21:02 - 2013-02-26 17:48 - 00000000 ___RD () C:\Users\coolelisa\Dropbox
2014-05-18 21:02 - 2012-10-31 18:17 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\Dropbox
2014-05-18 21:02 - 2011-03-29 03:48 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-05-18 21:01 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-18 21:01 - 2009-07-14 06:51 - 00122005 _____ () C:\Windows\setupact.log
2014-05-16 01:03 - 2014-05-16 01:03 - 00000000 ____D () C:\0e665f10d1af54ce4a8e86d9ab0aa5
2014-05-16 01:03 - 2013-08-20 00:22 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-16 01:03 - 2012-06-24 10:27 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-16 01:01 - 2011-08-19 12:38 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\SoftGrid Client
2014-05-15 21:26 - 2012-11-13 22:31 - 00000000 ____D () C:\Users\coolelisa\Documents\HfK
2014-05-15 11:36 - 2013-07-14 15:30 - 00000000 ____D () C:\Users\coolelisa\Documents\Telekom
2014-05-14 18:57 - 2014-05-14 18:57 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\DropboxMaster
2014-05-14 18:57 - 2012-11-24 15:37 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-14 18:57 - 2012-11-24 15:30 - 00002176 _____ () C:\Windows\wininit.ini
2014-05-14 18:57 - 2011-08-18 13:58 - 00000000 ___RD () C:\Users\coolelisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-14 18:52 - 2011-03-29 13:09 - 00714926 _____ () C:\Windows\system32\perfh007.dat
2014-05-14 18:52 - 2011-03-29 13:09 - 00154720 _____ () C:\Windows\system32\perfc007.dat
2014-05-14 18:52 - 2009-07-14 07:13 - 01651216 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-13 23:52 - 2014-05-13 23:52 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\Windows Live Writer
2014-05-13 23:52 - 2014-05-13 23:52 - 00000000 ____D () C:\Users\coolelisa\AppData\Local\Windows Live Writer
2014-05-13 11:10 - 2014-05-13 11:10 - 00000000 ____D () C:\Users\coolelisa\AppData\Local\CrashDumps
2014-05-11 13:26 - 2014-05-11 12:48 - 00000000 ____D () C:\Users\coolelisa\AppData\Local\NPE
2014-05-11 13:22 - 2014-05-11 12:57 - 00000000 ____D () C:\NPE
2014-05-11 12:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-11 12:48 - 2014-05-11 12:48 - 03081712 ____N (Symantec Corporation) C:\Users\coolelisa\Downloads\NPE.exe
2014-05-11 12:48 - 2014-05-11 12:48 - 00000000 ____D () C:\ProgramData\Norton
2014-05-11 12:41 - 2014-05-11 12:41 - 00629584 _____ (Chip Digital GmbH) C:\Users\coolelisa\Downloads\Norton Power Eraser - CHIP-Downloader.exe
2014-05-11 12:36 - 2014-05-11 12:36 - 00004054 _____ () C:\Users\coolelisa\Desktop\Bewerbung MOME.lnk
2014-05-10 20:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-10 13:59 - 2013-06-24 00:03 - 00000000 ____D () C:\Users\coolelisa\Documents\Schriften
2014-05-10 13:47 - 2012-07-09 22:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-08 10:54 - 2014-05-08 10:54 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-04-29 16:14 - 2014-05-04 17:43 - 19275264 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-29 14:47 - 2014-05-04 17:43 - 14357504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-29 14:36 - 2014-05-04 17:43 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-29 14:25 - 2014-05-04 17:43 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-25 14:49 - 2014-05-18 22:05 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2014-04-24 22:10 - 2014-04-24 22:10 - 00013201 _____ () C:\Users\coolelisa\Downloads\Protokoll 24.4.14.odt
2014-04-22 20:31 - 2014-04-22 20:31 - 04081800 _____ () C:\Users\coolelisa\Downloads\waschhaus_Illu1.tif
2014-04-22 20:31 - 2014-04-22 20:31 - 02777264 _____ () C:\Users\coolelisa\Downloads\waschhaus_Ill2.tif

Some content of TEMP:
====================
C:\Users\coolelisa\AppData\Local\Temp\AskSLib.dll
C:\Users\coolelisa\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpuekl35.dll
C:\Users\coolelisa\AppData\Local\Temp\ffunzip.exe
C:\Users\coolelisa\AppData\Local\Temp\ICReinstall_UltimateCodec.exe
C:\Users\coolelisa\AppData\Local\Temp\ICReinstall_ZipSetup.exe
C:\Users\coolelisa\AppData\Local\Temp\install_flashplayer11x32au_mssd_aih.exe
C:\Users\coolelisa\AppData\Local\Temp\install_flashplayer11x32_mssd_aaa_aih.exe
C:\Users\coolelisa\AppData\Local\Temp\install_flashplayer11x32_mssd_aaa_aih_1.exe
C:\Users\coolelisa\AppData\Local\Temp\install_flashplayer11x32_mssd_aaa_aih_2.exe
C:\Users\coolelisa\AppData\Local\Temp\install_flashplayer11x32_mssd_aaa_aih_3.exe
C:\Users\coolelisa\AppData\Local\Temp\install_flashplayer11x32_mssd_aaa_aih_4.exe
C:\Users\coolelisa\AppData\Local\Temp\install_flashplayer11x32_mssd_aih(1).exe
C:\Users\coolelisa\AppData\Local\Temp\install_flashplayer11x32_mssd_aih.exe
C:\Users\coolelisa\AppData\Local\Temp\install_reader11_de_mssd_aih(1).exe
C:\Users\coolelisa\AppData\Local\Temp\install_reader11_de_mssd_aih.exe
C:\Users\coolelisa\AppData\Local\Temp\MSN69EB.exe
C:\Users\coolelisa\AppData\Local\Temp\SkypeSetup.exe
C:\Users\coolelisa\AppData\Local\Temp\tbFre0.dll
C:\Users\coolelisa\AppData\Local\Temp\WZCPlugin_VISTA.exe
C:\Users\Gast\AppData\Local\Temp\AskSLib.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-10 19:49

==================== End Of Log ============================
         
--- --- ---

2. Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-05-2014
Ran by coolelisa at 2014-05-18 22:21:01
Running from C:\Users\coolelisa\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Out of date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Out of date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1324 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1324 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3004 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3002 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{288DB08D-0708-4A94-B055-55B99E39EB62}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.8.800.168 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.04) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{122ADF8C-DDA1-480C-9936-C88F2825B265}) (Version: 2.1.9 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}) (Version: 5.2.0.6 - Apple Inc.)
ArcSoft TotalMedia 3 (HKLM-x32\...\{FF68083C-E11E-4A91-B54B-CD72AB5A0CF5}) (Version: - ArcSoft)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version: - )
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 12.0.0.1199 - Avira)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.52.0.50 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version: - )
DirectVobSub 2.40.4209 (HKLM-x32\...\vsfilter_is1) (Version: 2.40.4209 - MPC-HC Team)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.33 - Dropbox, Inc.)
ffdshow v1.1.4399 [2012-03-22] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.4399.0 - )
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2287 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
iTunes (HKLM\...\{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}) (Version: 10.6.3.25 - Apple Inc.)
Java Auto Updater (x32 Version: 2.0.2.4 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version: - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Launch Manager (HKLM-x32\...\LManager) (Version: 6.0.1s1 - Acer Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8939 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.8939 - NTI Corporation) Hidden
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
OpenSource Flash Video Splitter 1.0.0.5 (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: 1.0.0.5 - )
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.74 - Realtek Semiconductor Corp.)
RegClean-Pro (HKLM-x32\...\RegClean-Pro_is1) (Version: 6.21 - Systweak Inc)
SecureW2 EAP Suite 1.1.3 for Windows (HKLM-x32\...\SecureW2 EAP Suite) (Version: - )
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.11.1 - Synaptics Incorporated)
Torntv V9.0 (HKLM-x32\...\Torntv V9.0) (Version: 1.34.3.6 - installdaddy) <==== ATTENTION
Update for Codec Pack (HKCU\...\Digital Sites) (Version: - Update for Codec Pack) <==== ATTENTION
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3102 - Acer Incorporated)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows7FirewallControl (x64) 5.0.0.15 (HKLM\...\Windows7FirewallControl_is1) (Version: 5.0.0.15 - Sphinx Software)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Restore Points =========================

13-05-2014 21:56:09 Windows Update
15-05-2014 23:01:29 Windows Update
17-05-2014 11:29:02 Windows Update
18-05-2014 19:05:55 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {2B9D00A0-CE79-4235-87A8-F7D486D9673E} - System32\Tasks\Torntv V9.0-chromeinstaller => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-chromeinstaller.exe <==== ATTENTION
Task: {64A54D01-A417-43EF-A16F-07D74E8CD897} - System32\Tasks\Torntv V9.0-firefoxinstaller => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-firefoxinstaller.exe <==== ATTENTION
Task: {69A04BEE-0A69-4D88-B4D1-84DA87C113BD} - System32\Tasks\Torntv V9.0-codedownloader => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-codedownloader.exe <==== ATTENTION
Task: {776D89CB-3195-4A9C-A873-9C3BFA6E1488} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2014-04-25] (Systweak Inc) <==== ATTENTION
Task: {7A5E08D7-43F8-4883-AB27-033F65C483FE} - System32\Tasks\Digital Sites => C:\Users\coolelisa\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {7B7FECD0-F312-4338-982F-5CD31061A2E3} - System32\Tasks\Torntv V9.0-enabler => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-enabler.exe <==== ATTENTION
Task: {9266A4C1-245C-4C9C-9D99-DAD4A4B8C03F} - System32\Tasks\Advanced System Protector => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe [2014-04-24] (Systweak Inc ) <==== ATTENTION
Task: {92D8849B-D184-4994-9D36-1F867E2C60CD} - System32\Tasks\Torntv V9.0-updater => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-updater.exe <==== ATTENTION
Task: {DF6E932D-CA17-4759-A13D-BA17093E1BAB} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2014-04-25] (Systweak Inc) <==== ATTENTION
Task: {E44B6D29-A4EE-44A6-988A-FA1547F77453} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe [2014-04-25] (Systweak Inc) <==== ATTENTION
Task: {E71D85BA-978C-4430-8952-6805FFDA8A7B} - System32\Tasks\{C737E961-0B01-4312-B03C-5EDBCCCBA65D} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.2.0.106&amp;LastError=12029
Task: {E8ED70C3-042A-4358-88C5-1A17C5F5EA64} - System32\Tasks\AdobeAAMUpdater-1.0-LisaLaptop-coolelisa => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Digital Sites.job => C:\Users\COOLEL~1\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe <==== ATTENTION
Task: C:\Windows\Tasks\Torntv V9.0-chromeinstaller.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-chromeinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Torntv V9.0-codedownloader.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\Torntv V9.0-enabler.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-enabler.exe <==== ATTENTION
Task: C:\Windows\Tasks\Torntv V9.0-firefoxinstaller.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-firefoxinstaller.exe <==== ATTENTION
Task: C:\Windows\Tasks\Torntv V9.0-updater.job => C:\Program Files (x86)\Torntv V9.0\Torntv V9.0-updater.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) =============

2011-03-16 06:19 - 2011-01-20 04:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-05-18 22:01 - 2014-05-18 22:01 - 00678112 _____ () C:\Users\coolelisa\Downloads\UltimateCodec.exe
2012-02-28 14:50 - 2012-05-08 11:35 - 00398288 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2011-09-27 08:23 - 2011-09-27 08:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 08:22 - 2011-09-27 08:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-01-30 19:16 - 2005-08-05 17:24 - 00028672 _____ () C:\Program Files (x86)\MSI\ArcSoft\TotalMedia\uPiApi.dll
2009-07-13 23:03 - 2009-07-14 03:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2014-05-18 21:02 - 2014-05-18 21:02 - 00041984 _____ () C:\Users\coolelisa\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpuekl35.dll
2013-10-19 01:55 - 2013-10-19 01:55 - 25100288 _____ () C:\Users\coolelisa\AppData\Roaming\Dropbox\bin\libcef.dll
2011-01-17 17:19 - 2012-01-03 16:55 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2012-07-09 22:13 - 2014-05-10 13:47 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-29 20:55 - 2013-09-29 20:55 - 16177544 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
2014-02-17 22:53 - 2014-02-17 22:53 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\aa739380ca2b2fc7366d464d2f2301ac\IsdiInterop.ni.dll
2011-03-16 05:57 - 2010-09-14 03:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2014-03-17 14:19 - 2014-03-17 14:19 - 00214528 ____N () C:\Users\coolelisa\AppData\Local\Temp\is357113909\3726765_stp\icc.dll
2014-03-13 16:39 - 2014-03-13 16:39 - 00645592 ____N () C:\Users\coolelisa\AppData\Local\Temp\is357113909\3726765_stp\sqlite3.dll
2014-02-25 10:55 - 2014-02-25 10:55 - 00151040 ____N () C:\Users\coolelisa\AppData\Local\Temp\is357113909\3726675_stp\RAM.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR410 => ""="Service"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/14/2014 11:35:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15585

Error: (05/14/2014 11:35:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15585

Error: (05/14/2014 11:35:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/13/2014 06:25:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2350046

Error: (05/13/2014 06:25:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2350046

Error: (05/13/2014 06:25:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/13/2014 05:46:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9984

Error: (05/13/2014 05:46:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9984

Error: (05/13/2014 05:46:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/13/2014 02:55:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3292230


System errors:
=============
Error: (05/18/2014 09:14:24 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 11 für Windows 7 für x64-basierte Systeme

Error: (05/18/2014 09:03:14 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: 0x800700b7

Error: (05/18/2014 09:03:14 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: 00x800700b7hxxp://+:10243/WMPNSSv4/3427777506/

Error: (05/18/2014 09:03:14 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: 0x800700b7

Error: (05/18/2014 09:03:14 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: 00x800700b7hxxp://+:10243/WMPNSSv4/3427777506/

Error: (05/17/2014 03:50:06 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: 0x800700b7

Error: (05/17/2014 03:50:06 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: 00x800700b7hxxp://+:10243/WMPNSSv4/3427777506/

Error: (05/17/2014 03:50:06 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: 0x800700b7

Error: (05/17/2014 03:50:06 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: 00x800700b7hxxp://+:10243/WMPNSSv4/3427777506/

Error: (05/17/2014 01:38:17 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070643 fehlgeschlagen: Internet Explorer 11 für Windows 7 für x64-basierte Systeme


Microsoft Office Sessions:
=========================
Error: (05/14/2014 11:35:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15585

Error: (05/14/2014 11:35:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15585

Error: (05/14/2014 11:35:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/13/2014 06:25:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2350046

Error: (05/13/2014 06:25:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2350046

Error: (05/13/2014 06:25:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/13/2014 05:46:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9984

Error: (05/13/2014 05:46:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9984

Error: (05/13/2014 05:46:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/13/2014 02:55:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3292230


==================== Memory info ===========================

Percentage of memory in use: 66%
Total physical RAM: 3947.86 MB
Available physical RAM: 1303.26 MB
Total Pagefile: 7893.9 MB
Available Pagefile: 4915.26 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:450.66 GB) (Free:232.15 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: B8764BBC)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS)

==================== End Of Log ============================

3. Gmer

GMER Logfile:
Code:
ATTFilter
GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-05-18 22:55:48
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 Hitachi_ rev.PB4O 465,76GB
Running: Gmer-19357.exe; Driver: C:\Users\COOLEL~1\AppData\Local\Temp\uwloakow.sys


---- User code sections - GMER 2.1 ----

.text    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[2528] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                        0000000076371465 2 bytes [37, 76]
.text    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE[2528] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                       00000000763714bb 2 bytes [37, 76]
.text    ...                                                                                                                                                                                                                         * 2
.text    C:\Users\coolelisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[1876] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 69                                                                                                    0000000076371465 2 bytes [37, 76]
.text    C:\Users\coolelisa\AppData\Roaming\Dropbox\bin\Dropbox.exe[1876] C:\Windows\syswow64\Psapi.dll!GetModuleInformation + 155                                                                                                   00000000763714bb 2 bytes [37, 76]
.text    ...                                                                                                                                                                                                                         * 2
.text    C:\Program Files (x86)\Launch Manager\LManager.exe[5424] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                                            0000000076371465 2 bytes [37, 76]
.text    C:\Program Files (x86)\Launch Manager\LManager.exe[5424] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                                           00000000763714bb 2 bytes [37, 76]
.text    ...                                                                                                                                                                                                                         * 2
.text    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[5568] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 69                                                                                                   0000000076371465 2 bytes [37, 76]
.text    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin[5568] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 155                                                                                                  00000000763714bb 2 bytes [37, 76]
.text    ...                                                                                                                                                                                                                         * 2

---- Threads - GMER 2.1 ----

Thread   C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [4488:4500]                                                                                                                                                      00000000776f3e85
Thread   C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [4488:4504]                                                                                                                                                      0000000075377587
Thread   C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [4488:4516]                                                                                                                                                      0000000072407712
Thread   C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [4488:4536]                                                                                                                                                      00000000776f2e65
Thread   C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [4488:4964]                                                                                                                                                      000000007618d864
Thread   C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [4488:4384]                                                                                                                                                      00000000776f3e85
Thread   C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [4488:2876]                                                                                                                                                      00000000776f7151
Thread   C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [4488:5684]                                                                                                                                                      00000000776f3e85
Thread   C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [4212:5184]                                                                                                                                                      00000000776f2e65
Thread   C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [4212:6092]                                                                                                                                                      00000000776f3e85
Thread   C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [4212:5188]                                                                                                                                                      00000000776f3e85
Thread   C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [4212:2576]                                                                                                                                                      000000007618d864
Thread   C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [4212:5852]                                                                                                                                                      000000006e876a0f
Thread   C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [4212:2556]                                                                                                                                                      000000006e8f05e5
---- Processes - GMER 2.1 ----

Library  C:\Users\coolelisa\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll (*** suspicious ***) @ C:\Users\coolelisa\AppData\Roaming\Dropbox\bin\Dropbox.exe [1876](2014-01-03 03:42:50)                                               00000000038c0000
Library  c:\users\coolel~1\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqzhblp.dll (*** suspicious ***) @ C:\Users\coolelisa\AppData\Roaming\Dropbox\bin\Dropbox.exe [1876](2014-05-18 20:34:28)  00000000037c0000
Library  C:\Users\coolelisa\AppData\Roaming\Dropbox\bin\libcef.dll (*** suspicious ***) @ C:\Users\coolelisa\AppData\Roaming\Dropbox\bin\Dropbox.exe [1876](2013-10-18 23:55:02)                                                     00000000674d0000
Library  C:\Users\coolelisa\AppData\Roaming\Dropbox\bin\icudt.dll (*** suspicious ***) @ C:\Users\coolelisa\AppData\Roaming\Dropbox\bin\Dropbox.exe [1876] (ICU Data DLL/The ICU Project)(2013-10-18 23:55:00)                       0000000065dc0000

---- EOF - GMER 2.1 ----
         
--- --- ---

4. Avira

Exportierte Ereignisse:

18.05.2014 21:14 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\40F5ACDB-9C59-4BBE-BD00-BBA89935F179\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern

18.05.2014 21:13 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\40F5ACDB-9C59-4BBE-BD00-BBA89935F179\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

18.05.2014 21:13 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\40F5ACDB-9C59-4BBE-BD00-BBA89935F179\x86_microsoft-windows-e..y
phenation.binaries_31bf3856ad364e35_6.3.9600.16428_none_eb9b0f6fb3a13f1e\elshyph
.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

17.05.2014 13:35 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\97CB6797-F090-486D-A0F8-2264A188DB97\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern

17.05.2014 13:34 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\97CB6797-F090-486D-A0F8-2264A188DB97\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

17.05.2014 13:34 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\97CB6797-F090-486D-A0F8-2264A188DB97\x86_microsoft-windows-e..y
phenation.binaries_31bf3856ad364e35_6.3.9600.16428_none_eb9b0f6fb3a13f1e\elshyph
.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

14.05.2014 00:00 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\E627C463-624F-482A-A000-1C008AE4F23E\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern

14.05.2014 00:00 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\E627C463-624F-482A-A000-1C008AE4F23E\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

14.05.2014 00:00 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\E627C463-624F-482A-A000-1C008AE4F23E\x86_microsoft-windows-e..y
phenation.binaries_31bf3856ad364e35_6.3.9600.16428_none_eb9b0f6fb3a13f1e\elshyph
.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

13.05.2014 10:52 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\299885F9-4161-4B9A-8A9A-052A34CD9118\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern

13.05.2014 10:52 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\299885F9-4161-4B9A-8A9A-052A34CD9118\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

13.05.2014 10:51 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\299885F9-4161-4B9A-8A9A-052A34CD9118\x86_microsoft-windows-e..y
phenation.binaries_31bf3856ad364e35_6.3.9600.16428_none_eb9b0f6fb3a13f1e\elshyph
.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

11.05.2014 15:20 [System Scanner] Malware gefunden
Die Datei
'C:\$Recycle.Bin\S-1-5-21-1325642598-3495664763-1817961077-1001\$RN4OPU6'
enthielt einen Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen2' [trojan].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4e0ff7b2.qua'
verschoben!

11.05.2014 15:20 [System Scanner] Malware gefunden
Die Datei
'C:\Users\coolelisa\AppData\Local\Mozilla\Firefox\Profiles\x3zoul2n.default\Cach
e\6\41\4FB3Cd01'
enthielt einen Virus oder unerwünschtes Programm 'HTML/ExpKit.Gen3' [virus].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5694d819.qua'
verschoben!

11.05.2014 13:10 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\6290D77D-5C44-4CAF-BDCF-1036F041EE9B\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern

11.05.2014 13:10 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\6290D77D-5C44-4CAF-BDCF-1036F041EE9B\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

11.05.2014 13:10 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\6290D77D-5C44-4CAF-BDCF-1036F041EE9B\x86_microsoft-windows-e..y
phenation.binaries_31bf3856ad364e35_6.3.9600.16428_none_eb9b0f6fb3a13f1e\elshyph
.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

11.05.2014 12:04 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\E9BE1AE5-A4EA-4903-B458-4E224790CFD6\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern

11.05.2014 12:04 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\E9BE1AE5-A4EA-4903-B458-4E224790CFD6\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern

11.05.2014 12:04 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\E9BE1AE5-A4EA-4903-B458-4E224790CFD6\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

11.05.2014 12:04 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\E9BE1AE5-A4EA-4903-B458-4E224790CFD6\x86_microsoft-windows-e..y
phenation.binaries_31bf3856ad364e35_6.3.9600.16428_none_eb9b0f6fb3a13f1e\elshyph
.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

10.05.2014 13:57 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\FC69D003-421A-4720-BCDC-A446E13758FF\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern

10.05.2014 13:56 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\FC69D003-421A-4720-BCDC-A446E13758FF\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

10.05.2014 13:56 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\FC69D003-421A-4720-BCDC-A446E13758FF\x86_microsoft-windows-e..y
phenation.binaries_31bf3856ad364e35_6.3.9600.16428_none_eb9b0f6fb3a13f1e\elshyph
.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

09.05.2014 19:44 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\63E27509-03A3-4173-BA25-037159AD5692\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern

09.05.2014 19:43 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\63E27509-03A3-4173-BA25-037159AD5692\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

09.05.2014 19:43 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\63E27509-03A3-4173-BA25-037159AD5692\x86_microsoft-windows-e..y
phenation.binaries_31bf3856ad364e35_6.3.9600.16428_none_eb9b0f6fb3a13f1e\elshyph
.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

08.05.2014 12:52 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\3B8E8665-6193-4855-820E-5E9CD12CE557\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern

08.05.2014 12:52 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\3B8E8665-6193-4855-820E-5E9CD12CE557\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

08.05.2014 12:52 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\3B8E8665-6193-4855-820E-5E9CD12CE557\x86_microsoft-windows-e..y
phenation.binaries_31bf3856ad364e35_6.3.9600.16428_none_eb9b0f6fb3a13f1e\elshyph
.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

08.05.2014 10:58 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\E5CBACDA-7214-4B43-8E5B-1A8B2BF09FE3\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern

08.05.2014 10:57 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\E5CBACDA-7214-4B43-8E5B-1A8B2BF09FE3\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

08.05.2014 10:57 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\E5CBACDA-7214-4B43-8E5B-1A8B2BF09FE3\x86_microsoft-windows-e..y
phenation.binaries_31bf3856ad364e35_6.3.9600.16428_none_eb9b0f6fb3a13f1e\elshyph
.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

06.05.2014 14:11 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\224D688E-CDC0-4A08-BD5A-C22DAD24B285\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern

06.05.2014 14:10 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\224D688E-CDC0-4A08-BD5A-C22DAD24B285\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

06.05.2014 14:10 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\224D688E-CDC0-4A08-BD5A-C22DAD24B285\x86_microsoft-windows-e..y
phenation.binaries_31bf3856ad364e35_6.3.9600.16428_none_eb9b0f6fb3a13f1e\elshyph
.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

05.05.2014 10:54 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\9103A8A3-51D0-4A43-A41D-790070F02A6C\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern

05.05.2014 10:54 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\9103A8A3-51D0-4A43-A41D-790070F02A6C\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

05.05.2014 10:54 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\9103A8A3-51D0-4A43-A41D-790070F02A6C\x86_microsoft-windows-e..y
phenation.binaries_31bf3856ad364e35_6.3.9600.16428_none_eb9b0f6fb3a13f1e\elshyph
.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

02.05.2014 23:10 [System Scanner] Malware gefunden
Die Datei 'C:\Users\coolelisa\AppData\Local\Microsoft\Windows\Temporary
Internet Files\Content.IE5\WGW7Q6I6\sh145[1].htm'
enthielt einen Virus oder unerwünschtes Programm 'HTML/ExpKit.Gen3' [virus].
Durchgeführte Aktion(en):
Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4ee98bc0.qua'
verschoben!

02.05.2014 23:10 [System Scanner] Malware gefunden
Die Datei
'C:\Users\coolelisa\AppData\Local\Mozilla\Firefox\Profiles\x3zoul2n.default\Cach
e\6\41\4FB3Cd01'
enthielt einen Virus oder unerwünschtes Programm 'HTML/ExpKit.Gen3' [virus].
Durchgeführte Aktion(en):
Beim Versuch eine Sicherungskopie der Datei anzulegen ist ein Fehler
aufgetreten und die Datei wurde nicht gelöscht. Fehlernummer: 26004.
Die Quelldatei konnte nicht gefunden werden.
Es wird versucht die Aktion mit Hilfe der ARK Library durchzuführen.
Die Datei konnte nicht ins Quarantäneverzeichnis verschoben werden!
Die Datei existiert nicht!

02.05.2014 01:32 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\30F8E1EB-6BED-4332-AE3F-CC9F8268CE05\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern

02.05.2014 01:32 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\30F8E1EB-6BED-4332-AE3F-CC9F8268CE05\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

02.05.2014 01:32 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\30F8E1EB-6BED-4332-AE3F-CC9F8268CE05\x86_microsoft-windows-e..y
phenation.binaries_31bf3856ad364e35_6.3.9600.16428_none_eb9b0f6fb3a13f1e\elshyph
.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

01.05.2014 23:01 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\8FEF2A7E-1CBA-4CE6-94DA-5BFF2DCBFB07\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern

01.05.2014 23:01 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\8FEF2A7E-1CBA-4CE6-94DA-5BFF2DCBFB07\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

01.05.2014 23:00 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\8FEF2A7E-1CBA-4CE6-94DA-5BFF2DCBFB07\x86_microsoft-windows-e..y
phenation.binaries_31bf3856ad364e35_6.3.9600.16428_none_eb9b0f6fb3a13f1e\elshyph
.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

27.04.2014 16:49 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\winsxs\Temp\414198d62762cf01e9010000a4159808\508e1dd72762cf018702000
0a4159808_mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

27.04.2014 16:49 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\winsxs\Temp\414198d62762cf01e9010000a4159808\508e1dd72762cf018702000
0a4159808_mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern

27.04.2014 16:49 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\60D89C7B-D91C-40BD-9839-B177B4D71304\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

27.04.2014 16:49 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\60D89C7B-D91C-40BD-9839-B177B4D71304\x86_microsoft-windows-e..y
phenation.binaries_31bf3856ad364e35_6.3.9600.16428_none_eb9b0f6fb3a13f1e\elshyph
.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

27.04.2014 16:05 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\9DA639F7-A9F2-407C-B890-1BE93A605C6F\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern

27.04.2014 16:05 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\9DA639F7-A9F2-407C-B890-1BE93A605C6F\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

27.04.2014 16:05 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\9DA639F7-A9F2-407C-B890-1BE93A605C6F\x86_microsoft-windows-e..y
phenation.binaries_31bf3856ad364e35_6.3.9600.16428_none_eb9b0f6fb3a13f1e\elshyph
.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

26.04.2014 17:45 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\F039E61B-BE5F-417E-A7C4-6BEFAA31F899\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern

26.04.2014 17:45 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\F039E61B-BE5F-417E-A7C4-6BEFAA31F899\x86_microsoft-windows-ie-m
shtmldac_31bf3856ad364e35_11.2.9600.16428_none_5e761a2653ce8cd8\mshtmldac.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen3' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

26.04.2014 17:44 [Echtzeit Scanner] Malware gefunden
In der Datei
'C:\Windows\Temp\F039E61B-BE5F-417E-A7C4-6BEFAA31F899\x86_microsoft-windows-e..y
phenation.binaries_31bf3856ad364e35_6.3.9600.16428_none_eb9b0f6fb3a13f1e\elshyph
.dll'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen2' [trojan]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner


Danke schon mal im Voraus!

Alt 19.05.2014, 00:53   #2
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3 - Standard

TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3



Hi,

Avira deinstallieren, das Teil empfehlen wir schon lange nicht mehr, erzeugt zuviele Fehlalarme, im Prinzip kann jeder Scanner das Problem haben aber seit einiger Zeit fällt Avira besonders negativ auf.

Wenn wir durch sind kannst du auf nen anderen Scanner umsteigen, mehr dazu später.

Hast du noch andere Funde zB mit Malwarebytes oder ganz anderen Scannern?
__________________

__________________

Alt 24.05.2014, 19:30   #3
ajourmuster
 
TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3 - Standard

TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3



Hallo, danke schon mal! Ich habe avira jetzt deinstalliert, bin mir aber wie gesagt sicher, dass es kein Fehlalarm war. Dann habe ich mit Malwarebytes noch einen scan gemacht und die gefundenen Dateien in Quarantäne verschoben. Der scan ist ziemlich lang. Wie kann man das so einfügen, dass ein extra Feld mit Scroll-Leiste angelegt wird? Und: Wie soll ich weiter machen?

Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software

Suchlauf Datum: 24.05.2014
Suchlauf-Zeit: 19:07:21
Logdatei: malwarebytes.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.05.24.05
Rootkit Datenbank: v2014.05.21.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: coolelisa

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 320489
Verstrichene Zeit: 20 Min, 44 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 35
PUP.Optional.Updater, HKU\S-1-5-21-1325642598-3495664763-1817961077-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Digital Sites, , [5adb064fbebd3600ab3610954eb46f91],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0051390.BHO, , [ac89064fea910630810ebdffa75c916f],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0051390.BHO.1, , [6acbf560b2c940f6226da517887bed13],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0051390.Sandbox, , [e451f56037448da988074c70cb3852ae],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0051390.Sandbox.1, , [0332391c28534bebdcb376465aa9b44c],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\3874, , [de5762f36f0c6acc41c7afea42c0d32d],
PUP.Optional.TornTV.A, HKLM\SOFTWARE\WOW6432NODE\Torntv V9.0, , [3005c88d77043ef881fdc3e442c021df],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0051390.BHO, , [b87dd87da2d9c76fe6a9f5c7e122df21],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0051390.BHO.1, , [161f44115e1d0036721d0daf31d2e41c],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0051390.Sandbox, , [fb3ae66f760550e62b64caf249ba8e72],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0051390.Sandbox.1, , [e4514f065526d26487083983e71cf20e],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\3874, , [1025fe5783f8e6500cfc9603b54d6d93],
PUP.Optional.1ClickDownload.A, HKU\S-1-5-21-1325642598-3495664763-1817961077-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\1ClickDownload, , [58dd3223364583b3c33bd4e8aa599a66],
PUP.Optional.Iminent.A, HKU\S-1-5-21-1325642598-3495664763-1817961077-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Iminent, , [ac8986cf2b5025114848d4d2ec16d52b],
Adware.SkyMedia, HKU\S-1-5-21-1325642598-3495664763-1817961077-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SkyMedia, , [88ad3e17b5c647ef83574fcf1be8c040],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1325642598-3495664763-1817961077-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [02339db8453654e2ba689d33966d44bc],
PUP.Optional.PriceGong.A, HKU\S-1-5-21-1325642598-3495664763-1817961077-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, , [c174e86de09b0a2c14ebdbc435cda35d],
PUP.Optional.TornTV.A, HKU\S-1-5-21-1325642598-3495664763-1817961077-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Torntv V9.0, , [0c29084d4536092d5fba633dcb3733cd],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1325642598-3495664763-1817961077-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [9e9773e2ff7c95a11d7baef7bc46a759],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1325642598-3495664763-1817961077-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [ac890055d5a66acc84213b800ef502fe],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1325642598-3495664763-1817961077-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\3874, , [a88d4d08314ad75f26e30e8b42c060a0],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1325642598-3495664763-1817961077-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\installdaddy, , [fb3a62f3cbb0fb3bb3dd2c903cc717e9],
PUP.Optional.Softonic.A, HKU\S-1-5-21-1325642598-3495664763-1817961077-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, , [38fdb0a51b6069cd9a98a0f430d29d63],
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110511131190}, , [8fa6272e4e2dde58ccbfe4759272de22],
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110511131190}, , [8fa6272e4e2dde58ccbfe4759272de22],
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440544134490}, , [8fa6272e4e2dde58ccbfe4759272de22],
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550555135590}, , [8fa6272e4e2dde58ccbfe4759272de22],
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660566136690}, , [8fa6272e4e2dde58ccbfe4759272de22],
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550555135590}, , [8fa6272e4e2dde58ccbfe4759272de22],
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660566136690}, , [8fa6272e4e2dde58ccbfe4759272de22],
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440544134490}, , [8fa6272e4e2dde58ccbfe4759272de22],
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110511131190}, , [8fa6272e4e2dde58ccbfe4759272de22],
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{11111111-1111-1111-1111-110511131190}, , [8fa6272e4e2dde58ccbfe4759272de22],
PUP.Optional.CrossRider.M, HKU\S-1-5-21-1325642598-3495664763-1817961077-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{11111111-1111-1111-1111-110511131190}, , [8fa6272e4e2dde58ccbfe4759272de22],
PUP.Optional.CrossRider.M, HKU\S-1-5-21-1325642598-3495664763-1817961077-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{11111111-1111-1111-1111-110511131190}, , [8fa6272e4e2dde58ccbfe4759272de22],

Registrierungswerte: 1
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1325642598-3495664763-1817961077-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0X2O1C0R2R1R, , [ac890055d5a66acc84213b800ef502fe]

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 108
PUP.Optional.Updater, C:\Users\coolelisa\AppData\Roaming\DigitalSites\UpdateProc, , [5adb064fbebd3600ab3610954eb46f91],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\aboutBox, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\aboutBox\images, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\aboutBox\js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ac, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ac\css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ac\img, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ac\res, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\api, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\features, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\features\js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\features\js\resources, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\myStuffDialogs, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\options, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\options\css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\options\images, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\options\js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\options\js\resources, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\searchProtector, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\searchProtector\js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\searchProtector\SearchProtectorBubbleDialog, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\searchProtector\searchProtectorSettingsDialog, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\searchProtector\searchProtectorSettingsDialog\images, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\dlg, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\dlg\ftd, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\dlg\ftd\images, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\gf, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\gf\css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\gf\img, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\menu, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\menu\css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\menu\img, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\menu\js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\404, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\APPLICATION_BUTTON, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\APPLICATION_BUTTON\Js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\APPLICATION_BUTTON\resources, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\EMAIL_NOTIFIER, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\EMAIL_NOTIFIER\css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\EMAIL_NOTIFIER\js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\EMAIL_NOTIFIER\js\plugins, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\HIGHLIGHTER, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\HIGHLIGHTER\css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\HIGHLIGHTER\js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\MULTI_RSS, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\MULTI_RSS\css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\MULTI_RSS\img, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\MULTI_RSS\js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\MULTI_RSS\js\resources, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\images, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\RADIO_PLAYER, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\RADIO_PLAYER\css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\RADIO_PLAYER\css\custom-theme, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\RADIO_PLAYER\js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\RADIO_PLAYER\js\resources, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH\buildSettings, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH\Css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH\js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH\js\resources, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH\resources, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH_IN_NEW_TAB, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TESTER_EMBEDDED, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TESTER_EMBEDDED\js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TESTER_POPUP, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TESTER_POPUP\js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TWITTER, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TWITTER\img, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TWITTER\js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TWITTER\resources, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\WEATHER, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\WEATHER\css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\WEATHER\js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\core, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\lib, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\sl, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\skin, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\defaults, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\defaults\preferences, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\lib, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\META-INF, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\modules, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\Plugins, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\defaults, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\defaults\preferences, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\userCode, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\locale, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\locale\en-US, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\skin, , [ca6be66f4635c076169e0f6c867c26da],
Dateien: 468
PUP.Optional.Bandoo, C:\$Recycle.Bin\S-1-5-21-1325642598-3495664763-1817961077-1001\$R3QFDR8.exe, , [af86d3823348a29438f844c6ab56956b],
PUP.Adware.Agent, C:\$Recycle.Bin\S-1-5-21-1325642598-3495664763-1817961077-1001\$R3U8Z1Z.exe, , [87ae65f0f18a7abc02c4ceab07f901ff],
PUP.Optional.Softonic.A, C:\$Recycle.Bin\S-1-5-21-1325642598-3495664763-1817961077-1001\$RBSZW5E.exe, , [68cd084d661556e0bad534ec8a77b749],
PUP.Optional.Bandoo, C:\$Recycle.Bin\S-1-5-21-1325642598-3495664763-1817961077-1001\$RLWHHGP.exe, , [2e07381db9c21323d060b45670918878],
PUP.Optional.OneClickDownloader.A, C:\$Recycle.Bin\S-1-5-21-1325642598-3495664763-1817961077-1001\$RMJ7LP7.exe, , [2a0b87ce2556d165a6e9320a4ab750b0],
PUP.Optional.OneClickDownloader.A, C:\$Recycle.Bin\S-1-5-21-1325642598-3495664763-1817961077-1001\$RCM5QY6.exe, , [6fc688cdd6a53afc4c43c379679ad62a],
PUP.Optional.Softonic.A, C:\$Recycle.Bin\S-1-5-21-1325642598-3495664763-1817961077-1001\$RSBA4FP.exe, , [b1847fd6b1ca8caa850a64bce31ea35d],
PUP.Optional.Conduit.A, C:\$Recycle.Bin\S-1-5-21-1325642598-3495664763-1817961077-1001\$RGIH6S4.exe, , [bc7980d52e4dc47251a2a4a65da4e719],
PUP.Optional.OneClickDownloader.A, C:\$Recycle.Bin\S-1-5-21-1325642598-3495664763-1817961077-1001\$RVHCXO9.exe, , [4ee7e2734b3039fd632cc57734cd847c],
PUP.Optional.OneClickDownloader.A, C:\$Recycle.Bin\S-1-5-21-1325642598-3495664763-1817961077-1001\$RRFPNS5.exe, , [8ea784d18af101357817d567f809a25e],
PUP.OfferBundler.ST, C:\$Recycle.Bin\S-1-5-21-1325642598-3495664763-1817961077-1001\$RBIHTXA.exe, , [280de66f1c5fef47002ae5a6ee12ef11],
PUP.Optional.TornTV.A, C:\$Recycle.Bin\S-1-5-21-1325642598-3495664763-1817961077-1001\$R21TH2Y.0\Torntv V9.0-codedownloader.exe, , [cd68eb6a4b300f274d6574c8f30e659b],
PUP.Optional.TornTV.A, C:\$Recycle.Bin\S-1-5-21-1325642598-3495664763-1817961077-1001\$R21TH2Y.0\Torntv V9.0-bg.exe, , [db5a62f3d2a93600ae04b4886d947789],
PUP.Optional.TornTV.A, C:\$Recycle.Bin\S-1-5-21-1325642598-3495664763-1817961077-1001\$R21TH2Y.0\Torntv V9.0-bho.dll, , [b18480d5cfac7cba278bf8442dd40000],
PUP.Optional.TornTV.A, C:\$Recycle.Bin\S-1-5-21-1325642598-3495664763-1817961077-1001\$R21TH2Y.0\Torntv V9.0-bho64.dll, , [81b43a1b6b10b482cfe354e868999e62],
PUP.Optional.TornTV.A, C:\$Recycle.Bin\S-1-5-21-1325642598-3495664763-1817961077-1001\$R21TH2Y.0\Torntv V9.0-buttonutil.exe, , [0233a4b138433cfaf0c263d998697888],
PUP.Optional.TornTV.A, C:\$Recycle.Bin\S-1-5-21-1325642598-3495664763-1817961077-1001\$R21TH2Y.0\Torntv V9.0-buttonutil64.exe, , [9d98cd881764ca6c4d65e458be4345bb],
PUP.Optional.TornTV.A, C:\$Recycle.Bin\S-1-5-21-1325642598-3495664763-1817961077-1001\$R21TH2Y.0\Torntv V9.0-chromeinstaller.exe, , [ec49490ce9920d297a3886b633cefb05],
PUP.Optional.TornTV.A, C:\$Recycle.Bin\S-1-5-21-1325642598-3495664763-1817961077-1001\$R21TH2Y.0\Torntv V9.0-enabler.exe, , [3ef7aea7d7a4bf77e6ccf745ab5618e8],
PUP.Optional.TornTV.A, C:\$Recycle.Bin\S-1-5-21-1325642598-3495664763-1817961077-1001\$R21TH2Y.0\Torntv V9.0-firefoxinstaller.exe, , [bf76b2a3502b48ee5959fb411ae7f010],
PUP.Optional.TornTV.A, C:\$Recycle.Bin\S-1-5-21-1325642598-3495664763-1817961077-1001\$R21TH2Y.0\Torntv V9.0-updater.exe, , [191cb79e9ae167cf357d6bd1837e4bb5],
PUP.Optional.TornTV.A, C:\$Recycle.Bin\S-1-5-21-1325642598-3495664763-1817961077-1001\$R21TH2Y.0\utils.exe, , [38fd460f91eacb6b9787b9af61a0926e],
PUP.Optional.Bundlore, C:\Users\coolelisa\AppData\Local\Temp\+4IMDpVw.exe.part, , [61d4a0b5e09bfd397ad180a1ec14cf31],
PUP.Optional.Firseria, C:\Users\coolelisa\AppData\Local\Temp\nAxeIkPR.exe.part, , [56dfb2a37dfeb482bb2b700b0afa28d8],
PUP.Optional.InstallCore, C:\Users\coolelisa\AppData\Local\Temp\ICReinstall_UltimateCodec.exe, , [bc7923321c5fa98d4b23da6d63a14db3],
PUP.Optional.Bundlore, C:\Users\coolelisa\AppData\Local\Temp\ig1fQjFM.exe.part, , [3302c590bfbc67cf6be024fdf709d828],
PUP.Optional.Firseria, C:\Users\coolelisa\AppData\Local\Temp\lrh3LrMp.exe.part, , [44f18dc8314a241240a60675a85c0af6],
PUP.Optional.DomaIQ, C:\Users\coolelisa\AppData\Local\Temp\fFF3Ilt9.exe.part, , [1e17ca8b87f4d95df0c3120e41c037c9],
PUP.Optional.InstallMonetizer, C:\Users\coolelisa\AppData\Local\Temp\ppviEROI.exe.part, , [65d0ff56e695bb7b40110029728fd52b],
PUP.Optional.Bandoo, C:\Users\coolelisa\AppData\Local\Temp\QwI6G8Rg.exe.part, , [181dabaabcbfc96d5fd143c7cb36718f],
PUP.Optional.Bundlore, C:\Users\coolelisa\AppData\Local\Temp\JCzgTQCk.exe.part, , [47eee174b2c96bcbd7ecae5728d9ee12],
PUP.Optional.Iminent.A, C:\Users\coolelisa\AppData\Local\Temp\nsb454D.tmp\IminentSetup.exe, , [af86193cb1ca270f3b4b1c28ed14639d],
PUP.Optional.ScramblePacker.A, C:\Users\coolelisa\AppData\Local\Temp\nsb454D.tmp\trtextsetup.exe, , [c4718acb94e788ae9887156727daf50b],
PUP.Optional.InstallCore, C:\Users\coolelisa\Downloads\UltimateCodec.exe, , [81b457fe5d1e53e377f794b3ba4a9070],
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, , [41f48acbabd03105fc86b7e8f80a5ca4],
PUP.Optional.Updater, C:\Users\coolelisa\AppData\Roaming\DigitalSites\UpdateProc\UpdateTask.exe, , [5adb064fbebd3600ab3610954eb46f91],
PUP.Optional.Updater, C:\Users\coolelisa\AppData\Roaming\DigitalSites\UpdateProc\config.dat, , [5adb064fbebd3600ab3610954eb46f91],
PUP.Optional.Updater, C:\Users\coolelisa\AppData\Roaming\DigitalSites\UpdateProc\info.dat, , [5adb064fbebd3600ab3610954eb46f91],
PUP.Optional.Updater, C:\Users\coolelisa\AppData\Roaming\DigitalSites\UpdateProc\prod.dat, , [5adb064fbebd3600ab3610954eb46f91],
PUP.Optional.TornTV.A, C:\Windows\Tasks\Torntv V9.0-chromeinstaller.job, , [b87df5609dde42f4d0b0c8dfd32fb64a],
PUP.Optional.TornTV.A, C:\Windows\Tasks\Torntv V9.0-codedownloader.job, , [2e078bca3b40092d94ec9b0c6999c43c],
PUP.Optional.TornTV.A, C:\Windows\Tasks\Torntv V9.0-enabler.job, , [37fe2431e497b97d4c341e894fb305fb],
PUP.Optional.TornTV.A, C:\Windows\Tasks\Torntv V9.0-firefoxinstaller.job, , [ba7b371ed4a7a2943b453c6bda2853ad],
PUP.Optional.TornTV.A, C:\Windows\Tasks\Torntv V9.0-updater.job, , [aa8b4c09097261d5bec2f7b013eff60a],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\bootstrap.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome.manifest, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\install.rdf, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\version.txt, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\BrowserContextMenuManager.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\ConduitAbstractionLayer.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\popup.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\popup.xul, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\popupTransparent.xul, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\popupWithChrome.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\popupWithChrome.xul, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\preferences.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\preferences.xul, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\toolbarOverlay.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\toolbarOverlay.xul, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tooltips.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\uninstallObserver.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\version.xul, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\backstage.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\al.backstage.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\al.view.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\aboutBox\aboutBox.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\aboutBox\images\truste.gif, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\aboutBox\images\x.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\aboutBox\js\aboutBox.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ac\appManager.controller.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ac\appManager.model.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ac\appManager.view.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ac\css\toolbar.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ac\img\ajax-loader.gif, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ac\img\buttonSprites.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ac\img\chevron_sprites.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ac\img\fallback24.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ac\img\loader-icon.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ac\img\menu_arrow.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ac\img\minibrowser.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ac\img\mp_sprites.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ac\img\separator.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ac\img\separator_hover.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ac\res\yoxscroll.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\api\toolbarapi.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\api\webAppApi.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\features\features.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\features\js\resources\webAppUtils.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\myStuffDialogs\excanvas.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\myStuffDialogs\trusted.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\myStuffDialogs\trusted.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\myStuffDialogs\untrusted.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\myStuffDialogs\untrusted.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\myStuffDialogs\untrusted.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\options\options.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\options\css\options.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\options\css\reset.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\options\images\ic_Closer_hover.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\options\images\minibrowser.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\options\images\x.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\options\js\options.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\options\js\resources\html5shiv.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\options\js\resources\modernizr-1.7.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\searchProtector\js\searchProtectorManager.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\searchProtector\SearchProtectorBubbleDialog\bubble.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\searchProtector\SearchProtectorBubbleDialog\bubble.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\searchProtector\SearchProtectorBubbleDialog\main.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images\information.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images\x-default-LTR.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images\x-default-RTL.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images\x-mouseover-LTR.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\searchProtector\SearchProtectorBubbleDialog\images\x-mouseover-RTL.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\searchProtector\searchProtectorSettingsDialog\main.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\searchProtector\searchProtectorSettingsDialog\SearchProtector.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\searchProtector\searchProtectorSettingsDialog\settings.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\searchProtector\searchProtectorSettingsDialog\images\ok-button.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\searchProtector\searchProtectorSettingsDialog\images\separation-line.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\searchProtector\searchProtectorSettingsDialog\images\warning.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\menus.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\popups.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\dlg\ajax-loader.gif, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\dlg\DialogsAPI.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\dlg\excanvas.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\dlg\generalDialogStyle.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\dlg\PIE.htc, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\dlg\settings.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\dlg\version.txt, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\dlg\ftd\main.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\dlg\ftd\ToolbarFirstTimeDialog.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\dlg\ftd\ToolbarFirstTimeDialog.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\dlg\ftd\images\app-store-icon.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\dlg\ftd\images\arrow.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\dlg\ftd\images\dialog_tip_left.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\dlg\ftd\images\dialog_tip_right.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\dlg\ftd\images\divider.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\dlg\ftd\images\emailNotifier.gif, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\dlg\ftd\images\facebook.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\dlg\ftd\images\radio.GIF, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\dlg\ftd\images\Thumbs.db, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\dlg\ftd\images\truste_welcome.GIF, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\dlg\ftd\images\weather.GIF, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\gf\gf.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\gf\gf.view.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\gf\css\gf.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\gf\css\gf_ie.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\gf\img\ie_back.gif, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\gf\img\loader.gif, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\gf\img\sprites.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\menu\bgpage.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\menu\popup.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\menu\css\menu.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\menu\img\arrow-down-strong.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\menu\img\arrow-down.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\menu\img\arrow-left-strong.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\menu\img\arrow-left.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\menu\img\arrow-right-strong.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\menu\img\arrow-right.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\menu\img\arrows.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\menu\js\jquery.ellipsis.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\menu\js\jquery.mousewheel.min.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\menu\js\jquery.scrollTo-1.4.2-min.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\menu\js\menu.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\ui\menu\js\scrollers.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\browserAppApi.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\404\404.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\404\bgpage.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\APPLICATION_BUTTON\bgpage.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\APPLICATION_BUTTON\Js\bgpage.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\APPLICATION_BUTTON\resources\defaultEngineImage.gif, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\EMAIL_NOTIFIER\bgPage.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\EMAIL_NOTIFIER\popup.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\EMAIL_NOTIFIER\css\en.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\EMAIL_NOTIFIER\css\en_rtl.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\EMAIL_NOTIFIER\css\jquery.jscrollpane.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\EMAIL_NOTIFIER\js\backend.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\EMAIL_NOTIFIER\js\frontend.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\EMAIL_NOTIFIER\js\plugins\jquery.jscrollpane.min.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\EMAIL_NOTIFIER\js\plugins\jquery.mousewheel.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\EMAIL_NOTIFIER\js\plugins\jquery.text-overflow.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\EMAIL_NOTIFIER\js\plugins\jquery.watermark.min.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\EMAIL_NOTIFIER\js\plugins\modal.popups.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\HIGHLIGHTER\bgpage.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\HIGHLIGHTER\embedded.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\HIGHLIGHTER\popup.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\HIGHLIGHTER\css\embedded.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\HIGHLIGHTER\css\popup.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\HIGHLIGHTER\css\reset.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\HIGHLIGHTER\js\bgpage.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\HIGHLIGHTER\js\embedded.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\HIGHLIGHTER\js\higlighter_script.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\HIGHLIGHTER\js\popup.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\MULTI_RSS\bgpage.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\MULTI_RSS\popup.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\MULTI_RSS\css\popup.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\MULTI_RSS\img\arrows.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\MULTI_RSS\img\badges.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\MULTI_RSS\img\icons.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\MULTI_RSS\js\bgpage.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\MULTI_RSS\js\popup.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\MULTI_RSS\js\resources\jquery.text-overflow.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\MULTI_RSS\js\resources\jquery.tmpl.min.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\MULTI_RSS\js\resources\webAppUtils.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\MULTI_RSS\js\resources\xml2json.custom.min.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\bgpage.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\embedded.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\NotificationPopup.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\Settings.htm, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\css\gadget.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\css\general.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\css\Main.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\css\newMain.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\css\settings.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\css\ui.stepper.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\images\bgButton.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\images\bgButtonSet.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\images\closeIcon.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\images\downArrow.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\images\envelopeIcon.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\images\iconLogo.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\images\iIcon.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\images\inIcon.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\images\lockIcon.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\images\logoIcon8.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\images\nextIcon.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\images\poweredByConduit.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\images\previousIcon.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\images\questionMarkIcon.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\images\settingsIcon.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\images\upArrow.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\js\AppName.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\js\commons.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\js\jquery.ezmark.min.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\js\notification.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\js\NotificationSettings.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\js\notificationUIManger.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\js\Settings.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\js\stepper.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\NOTIFICATION\js\ToolbarAndAppsSettings.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\RADIO_PLAYER\bgpage.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\RADIO_PLAYER\embedded.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\RADIO_PLAYER\popup2.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\RADIO_PLAYER\css\gadget.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\RADIO_PLAYER\css\jquery.jscrollpane.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\RADIO_PLAYER\css\reset.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\RADIO_PLAYER\css\stations.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\RADIO_PLAYER\css\custom-theme\jquery-ui-1.8.10.custom.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\RADIO_PLAYER\js\bgpage.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\RADIO_PLAYER\js\embedded.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\RADIO_PLAYER\js\localization.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\RADIO_PLAYER\js\player.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\RADIO_PLAYER\js\popup.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\RADIO_PLAYER\js\resources\BrowserDetect.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\RADIO_PLAYER\js\resources\jquery-ui-1.8.10.custom.min.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\RADIO_PLAYER\js\resources\jquery.jscrollpane.min.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\RADIO_PLAYER\js\resources\jquery.mousewheel.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\RADIO_PLAYER\js\resources\jquery.scrollTo-1.4.2-min.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\RADIO_PLAYER\js\resources\radioCommon.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\RADIO_PLAYER\js\resources\system.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\RADIO_PLAYER\js\resources\utils.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH\bgpage.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH\embedded.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH\engines.popup.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH\information.popup.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH\buildSettings\SearchApp_Ant.xml, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH\Css\embedded.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH\Css\engines.popup.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH\Css\information.popup.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH\Css\jquery.jscrollpane.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH\Css\reset.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH\js\bgpage.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH\js\embedded.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH\js\engines.popup.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH\js\information.popup.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH\js\resources\jquery.jscrollpane.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH\resources\buttonSprites.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH\resources\dd-arrow.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH\resources\defaultEngineImage.gif, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH\resources\dropdownButton.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH\resources\history--x-default.jpg, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH\resources\history--x-default.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH\resources\history--x-mouseover.jpg, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH\resources\history--x-mouseover.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH\resources\removeButton.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH\resources\removeButtonHover.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\SEARCH_IN_NEW_TAB\searchInNewTab.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TESTER_EMBEDDED\bgpage.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TESTER_EMBEDDED\embedded.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TESTER_EMBEDDED\popup.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TESTER_EMBEDDED\js\embedded.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TESTER_EMBEDDED\js\popup.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TESTER_EMBEDDED\js\webAppTester.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TESTER_POPUP\bgpage.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TESTER_POPUP\embedded.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TESTER_POPUP\popup.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TESTER_POPUP\js\embedded.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TESTER_POPUP\js\popup.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TESTER_POPUP\js\webAppTester.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TWITTER\bgpage.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TWITTER\popup.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TWITTER\popup.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TWITTER\img\icons.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TWITTER\img\inbox.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TWITTER\img\scroll_down.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TWITTER\img\scroll_up.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TWITTER\js\bgpage.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TWITTER\js\Config.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TWITTER\js\popup.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TWITTER\js\Utils.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TWITTER\resources\ajax-loader.gif, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TWITTER\resources\icons.png, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TWITTER\resources\jquery-1.6.1.min.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TWITTER\resources\jquery.tmpl.min.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TWITTER\resources\yManager.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\TWITTER\resources\yStore.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\WEATHER\bgpage.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\WEATHER\popup.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\WEATHER\css\gadget.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\WEATHER\css\ie7styles.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\WEATHER\css\iestyle.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\WEATHER\js\bgpage.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\WEATHER\js\common.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\WEATHER\js\date-functions.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\WEATHER\js\gadget.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\WEATHER\js\jquery.autocomplete.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\WEATHER\js\jquery.textshadow.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\WEATHER\js\logic.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\WEATHER\js\main.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\al\wa\WEATHER\js\xPath.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\core\corelibs.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\core\framework.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\core\utils.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\lib\ie_fix.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\lib\jquery-1.5.min.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\lib\jquery-1.6.2.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\lib\jquery.min.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\lib\jquery.tmpl.min.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\lib\jquery.xml2json.custom.min.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\lib\jquery.xml2json.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\lib\json2.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\lib\json2.min.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\lib\LAB.min.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\lib\log4javascript.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\lib\log4javascriptStub4Release.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\sl\serviceLayer.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\content\tb\sl\services.html, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\chrome\CT2704262\skin\conduitToolBarStyle.css, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\defaults\preferences\defaults.js, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\lib\log4conduit.jsm, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\lib\log4moz.jsm, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\META-INF\manifest.mf, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\META-INF\zigbert.rsa, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\META-INF\zigbert.sf, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\modules\BackStage.jsm, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\modules\Broker.jsm, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\modules\FrontStage.jsm, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.Conduit.A, C:\Users\coolelisa\AppData\Local\Temp\ct2704262\Plugins\np-mswmp.dll, , [4de8a4b1f487da5cb8da2d4942c008f8],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome.manifest, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\install.rdf, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\background.html, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\baseObject.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\browser.xul, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\dialog.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\ffCoreFilesIndex.txt, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\main.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\options.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\options.xul, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\platformVersion.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\search_dialog.xul, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\asyncDB.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\background.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\browserAction.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\contextMenu.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\dbManager.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\dom_bg.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\fileManager.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\firefox.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\firefoxNotifications.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\firefoxOmnibox.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\message.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\pageAction.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\request.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\tabs.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\webRequest.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\api\windowsMessagingHandler.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\addressBarChangeObserver.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\console.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\consts.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\delegate.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\extensionDataStore.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\folderIOWrapper.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\httpObserver.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\IDBWrapper.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\installer.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\logFile.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\prefs.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\progressListenerObserver.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\registry.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\reloadObserver.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\reports.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\requestObject.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\searchSettings.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\uninstallObserver.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\updateManager.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\utils.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\chrome\content\core\xhr.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\defaults\preferences\prefs.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\manifest.xml, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins.json, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\21_debug.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\4_jquery_1_7_1.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\1000020_analytics.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\1000025_analyticsFront.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\1000030_mz.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\102_dealply_m.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\103_intext_5_m.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\104_jollywallet_m.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\123_intext_adv_m.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\13_CrossriderAppUtils.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\14_CrossriderUtils.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\155_ibario_pops_m.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\16_FFAppAPIWrapper.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\220_icm_base_m.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\223_imonomy_m.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\226_set_campaign_id_m.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\22_resources.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\244_engageya_inner_m.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\246_setup.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\260_pricedetect_sidebar_m.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\28_initializer.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\47_resources_background.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\175_coolmirage_m.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\177_crossriderDashboard.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\17_jQuery.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\180_bpo_serp_m.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\182_openUrl.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\183_tabsWrapper.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\190_pops_5_m.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\193_revizer_p_dynamic_b2b_m.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\195_icm_convertmedia_m.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\1_base.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\207_dbWrapper.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\64_appApiMessage.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\72_appApiValidation.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\78_CrossriderInfo.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\7_hooks.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\91_monetizationLoader.js.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\93_superfish_no_coupons_m.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\98_omniCommands.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\plugins\9_search_engine_hook.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\userCode\background.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\extensionData\userCode\extension.js, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\locale\en-US\translations.dtd, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\skin\button1.png, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\skin\button2.png, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\skin\button3.png, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\skin\button4.png, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\skin\button5.png, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\skin\crossrider_statusbar.png, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\skin\icon128.png, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\skin\icon16.png, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\skin\icon24.png, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\skin\icon48.png, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\skin\panelarrow-up.png, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\skin\popup.html, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\skin\skin.css, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\extensions\5a6bf058-b978-4b84-a2ec-6f5462cfccb2@10120365-d3c0-4ec9-8624-5fac2592d0df.com\skin\update.css, , [ca6be66f4635c076169e0f6c867c26da],
PUP.Optional.CrossRider.A, C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.crossrider.bic", "144efef8896a7101eae2463cc5af2a8f"), ,[d65f2b2ad5a6b87e123f87fc5da7bc44]

Physische Sektoren: 0
(No malicious items detected)


(end)
__________________

Geändert von ajourmuster (24.05.2014 um 19:39 Uhr)

Alt 25.05.2014, 22:36   #4
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3 - Standard

TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3



Adware/Junkware/Toolbars entfernen


1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




3. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 28.05.2014, 21:19   #5
ajourmuster
 
TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3 - Standard

TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by coolelisa on 28.05.2014 at 21:57:55,55
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\dsiteproducts
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\systweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\systweak
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstaller_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\conduitinstaller_rasmancs
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220522132290}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220522132290}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT2704262
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_free-sound-recorder_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_free-sound-recorder_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_gimp_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_fuer_gimp_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_free-sound-recorder_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_free-sound-recorder_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_gimp_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_fuer_gimp_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Folder] "C:\Users\coolelisa\AppData\Roaming\advanced system protector"
Successfully deleted: [Folder] "C:\Users\coolelisa\AppData\Roaming\systweak"
Successfully deleted: [Folder] "C:\Users\coolelisa\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\coolelisa\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"



~~~ FireFox

Successfully deleted the following from C:\Users\coolelisa\AppData\Roaming\mozilla\firefox\profiles\x3zoul2n.default\prefs.js

user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.cookie.testingGaq.value", "%22hxxp%3A//extclickmedia-maynemyltf.netdna-ss
user_pref("extensions.a5a6bf058b9784b84a2ec6f5462cfccb210120365d3c04ec986245fac2592d0dfcom51390.51390.name", "Torntv V9.0");
user_pref("extensions.crossrider.bic", "144efef8896a7101eae2463cc5af2a8f");
Emptied folder: C:\Users\coolelisa\AppData\Roaming\mozilla\firefox\profiles\x3zoul2n.default\minidumps [319 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28.05.2014 at 22:08:53,18
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[/CODE]
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.211 - Bericht erstellt am 28/05/2014 um 22:12:58
# Aktualisiert 26/05/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : coolelisa - LISALAPTOP
# Gestartet von : C:\Users\coolelisa\Downloads\adwcleaner_3.211.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\COOLEL~1\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\coolelisa\AppData\Local\Conduit
Ordner Gelöscht : C:\Users\coolelisa\AppData\Roaming\DigitalSites
Datei Gelöscht : C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\searchplugins\11-suche.xml
Datei Gelöscht : C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\searchplugins\GoogleFeed.xml
Datei Gelöscht : C:\Windows\System32\Tasks\Advanced System Protector
Datei Gelöscht : C:\Windows\Tasks\Digital Sites.job
Datei Gelöscht : C:\Windows\System32\Tasks\Digital Sites

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5812E8F-0E16-4C65-88F7-492D36174CB2}
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{32B29DF0-2237-4370-9A29-37CEBB730E9B}]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{32B29DF0-2237-4370-9A29-37CEBB730E9B}]
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\installedbrowserextensions

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.16428


-\\ Mozilla Firefox v29.0.1 (de)

[ Datei : C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\prefs.js ]


[ Datei : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\qh4tbvnb.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [2193 octets] - [28/05/2014 22:11:51]
AdwCleaner[S0].txt - [2064 octets] - [28/05/2014 22:12:58]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [2124 octets] ##########
         
--- --- ---
FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by coolelisa (administrator) on LISALAPTOP on 28-05-2014 22:18:19
Running from C:\Users\coolelisa\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe
(ArcSoft, Inc.) C:\Program Files (x86)\MSI\ArcSoft\TotalMedia\TMMonitor.exe
(Dropbox, Inc.) C:\Users\coolelisa\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [862088 2011-01-28] (Acer Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Windows7FirewallControl] => C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe [1126400 2012-04-12] (Sphinx Software)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-14] (Intel Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1077328 2011-02-14] (Dritek System Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-05-30] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-06-07] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1325642598-3495664763-1817961077-1001\...\Run: [YouTube Mini] => C:\Program Files (x86)\YoutubeDownloader.org\YouTubeDownloader\YouTube Mini.exe
HKU\S-1-5-21-1325642598-3495664763-1817961077-1001\...\Run: [AdobeBridge] => [X]
Lsa: [Notification Packages] scecli EgisPwdFilter EgisDSPwdFilter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\MSI\ArcSoft\TotalMedia\TMMonitor.exe (ArcSoft, Inc.)
Startup: C:\Users\coolelisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\coolelisa\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\coolelisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.landing.savetubevideo.com/index.php?from=3
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {2877A654-1C9F-4cb5-8438-16022B2FDD9C} URL = hxxp://www.landing.savetubevideo.com/results.php?q={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{B2617033-4097-4E6F-99FE-2A8DC49AFC1D}: [NameServer]8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default
FF DefaultSearchEngine: Ecosia
FF SelectedSearchEngine: Ecosia
FF Homepage: hxxp://www.spiegel.de/
FF Keyword.URL: hxxp://www.landing.savetubevideo.com/results.php?q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\searchplugins\ecosia.xml
FF SearchPlugin: C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YouTube Unblocker - C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\Extensions\youtubeunblocker@unblocker.yt [2014-05-15]
FF Extension: Unity Converter Free - C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\Extensions\{6d514d26-0752-4828-a9e2-0ea000b75dd6}.xpi [2014-05-21]
FF Extension: {9d374d97-b968-496d-bc9a-136038834261} - C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\Extensions\{9d374d97-b968-496d-bc9a-136038834261}.xpi [2014-05-17]
FF Extension: Adblock Plus - C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-09]

==================== Services (Whitelisted) =================

R2 Windows7FirewallService; C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe [760320 2012-04-12] (Sphinx Software)

==================== Drivers (Whitelisted) ====================


==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-28 22:18 - 2014-05-28 22:18 - 00011759 _____ () C:\Users\coolelisa\Downloads\FRST.txt
2014-05-28 22:18 - 2014-05-28 22:18 - 00000000 ____D () C:\Users\coolelisa\Downloads\FRST-OlderVersion
2014-05-28 22:14 - 2014-05-28 22:14 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-05-28 22:11 - 2014-05-28 22:13 - 00000000 ____D () C:\AdwCleaner
2014-05-28 21:57 - 2014-05-28 21:57 - 00000000 ____D () C:\Windows\ERUNT
2014-05-28 21:56 - 2014-05-28 21:56 - 01327971 _____ () C:\Users\coolelisa\Downloads\adwcleaner_3.211.exe
2014-05-28 21:55 - 2014-05-28 21:55 - 01016261 _____ (Thisisu) C:\Users\coolelisa\Downloads\JRT.exe
2014-05-25 19:19 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-05-25 19:13 - 2014-05-25 19:13 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-25 19:13 - 2014-05-25 19:13 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-25 19:12 - 2014-05-25 19:12 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-25 19:12 - 2014-05-25 19:12 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-25 19:12 - 2014-05-25 19:12 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-25 19:12 - 2014-05-25 19:12 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-05-25 19:12 - 2014-05-25 19:12 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-05-25 19:12 - 2014-05-25 19:12 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-05-25 19:12 - 2014-05-25 19:12 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-05-25 19:12 - 2014-05-25 19:12 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-05-25 19:12 - 2014-05-25 19:12 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-05-25 19:12 - 2014-05-25 19:12 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-24 19:01 - 2014-05-24 19:05 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-24 19:01 - 2014-05-24 19:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-24 19:01 - 2014-05-24 19:01 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-24 19:01 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-24 19:01 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-24 19:01 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-24 18:59 - 2014-05-24 18:59 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\coolelisa\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-18 22:28 - 2014-05-18 22:28 - 00380416 _____ () C:\Users\coolelisa\Downloads\Gmer-19357.exe
2014-05-18 22:19 - 2014-05-28 22:18 - 02066944 _____ (Farbar) C:\Users\coolelisa\Downloads\FRST64.exe
2014-05-18 22:19 - 2014-05-28 22:18 - 00000000 ____D () C:\FRST
2014-05-18 22:14 - 2014-05-18 22:14 - 00050477 _____ () C:\Users\coolelisa\Downloads\Defogger.exe
2014-05-18 22:14 - 2014-05-18 22:14 - 00000000 _____ () C:\Users\coolelisa\defogger_reenable
2014-05-18 22:05 - 2014-05-18 22:05 - 00001996 _____ () C:\Windows\unins000.dat
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\LavFilters
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\CDXReader
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DirectVobSub
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\ProgramData\DivX
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\Lame For Audacity
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\Haali
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\ffdshow
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\DSP-worx
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\DirectVobSub
2014-05-18 22:05 - 2014-05-18 22:04 - 00715038 _____ () C:\Windows\unins000.exe
2014-05-18 22:05 - 2012-02-26 16:47 - 00079360 _____ () C:\Windows\SysWOW64\ff_vfw.dll
2014-05-18 22:05 - 2012-01-09 20:45 - 00178688 _____ () C:\Windows\SysWOW64\unrar.dll
2014-05-18 22:05 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll
2014-05-18 22:05 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2014-05-18 22:04 - 2014-05-18 22:04 - 00000000 ____D () C:\Program Files (x86)\OpenSource Flash Video Splitter
2014-05-18 21:06 - 2014-05-18 21:06 - 05255978 _____ () C:\Users\coolelisa\Downloads\WP 2020 Stand 2014-05-13 Kopie.zip
2014-05-16 01:03 - 2014-05-16 01:03 - 00000000 ____D () C:\0e665f10d1af54ce4a8e86d9ab0aa5
2014-05-15 15:37 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-15 15:37 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-15 15:37 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 15:37 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 15:37 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 15:37 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 15:37 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 15:37 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 15:37 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 15:37 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 15:37 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 15:37 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 15:37 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 15:37 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 15:37 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 15:37 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 15:37 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 15:37 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 15:37 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 15:37 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 15:37 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 15:37 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 15:37 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 15:37 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 15:37 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 15:37 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 15:37 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 15:37 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 15:37 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 15:37 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 15:37 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 15:37 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 15:37 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 15:37 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 15:37 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 15:37 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 15:37 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 15:37 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 15:37 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-15 15:37 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 15:37 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 15:37 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 15:37 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 15:37 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 15:37 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-14 18:57 - 2014-05-28 22:15 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\DropboxMaster
2014-05-13 23:52 - 2014-05-13 23:52 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\Windows Live Writer
2014-05-13 23:52 - 2014-05-13 23:52 - 00000000 ____D () C:\Users\coolelisa\AppData\Local\Windows Live Writer
2014-05-13 11:10 - 2014-05-13 11:10 - 00000000 ____D () C:\Users\coolelisa\AppData\Local\CrashDumps
2014-05-11 12:57 - 2014-05-11 13:22 - 00000000 ____D () C:\NPE
2014-05-11 12:48 - 2014-05-11 13:26 - 00000000 ____D () C:\Users\coolelisa\AppData\Local\NPE
2014-05-11 12:48 - 2014-05-11 12:48 - 03081712 ____N (Symantec Corporation) C:\Users\coolelisa\Downloads\NPE.exe
2014-05-11 12:48 - 2014-05-11 12:48 - 00000000 ____D () C:\ProgramData\Norton
2014-05-11 12:41 - 2014-05-11 12:41 - 00629584 _____ (Chip Digital GmbH) C:\Users\coolelisa\Downloads\Norton Power Eraser - CHIP-Downloader.exe
2014-05-08 10:54 - 2014-05-18 22:29 - 00000000 ___SD () C:\Windows\system32\CompatTel

==================== One Month Modified Files and Folders =======

2014-05-28 22:20 - 2014-05-28 22:18 - 00011759 _____ () C:\Users\coolelisa\Downloads\FRST.txt
2014-05-28 22:18 - 2014-05-28 22:18 - 00000000 ____D () C:\Users\coolelisa\Downloads\FRST-OlderVersion
2014-05-28 22:18 - 2014-05-18 22:19 - 02066944 _____ (Farbar) C:\Users\coolelisa\Downloads\FRST64.exe
2014-05-28 22:18 - 2014-05-18 22:19 - 00000000 ____D () C:\FRST
2014-05-28 22:15 - 2014-05-14 18:57 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\DropboxMaster
2014-05-28 22:15 - 2013-02-26 17:48 - 00000000 ___RD () C:\Users\coolelisa\Dropbox
2014-05-28 22:15 - 2012-10-31 18:17 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\Dropbox
2014-05-28 22:14 - 2014-05-28 22:14 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-05-28 22:13 - 2014-05-28 22:11 - 00000000 ____D () C:\AdwCleaner
2014-05-28 22:13 - 2011-03-29 03:18 - 01435848 _____ () C:\Windows\WindowsUpdate.log
2014-05-28 22:13 - 2011-03-29 03:14 - 00372360 _____ () C:\Windows\PFRO.log
2014-05-28 22:13 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-28 22:13 - 2009-07-14 06:51 - 00122677 _____ () C:\Windows\setupact.log
2014-05-28 22:12 - 2011-08-19 12:38 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\SoftGrid Client
2014-05-28 21:57 - 2014-05-28 21:57 - 00000000 ____D () C:\Windows\ERUNT
2014-05-28 21:56 - 2014-05-28 21:56 - 01327971 _____ () C:\Users\coolelisa\Downloads\adwcleaner_3.211.exe
2014-05-28 21:55 - 2014-05-28 21:55 - 01016261 _____ (Thisisu) C:\Users\coolelisa\Downloads\JRT.exe
2014-05-28 21:37 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-28 21:37 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-25 23:34 - 2011-03-29 13:09 - 00714926 _____ () C:\Windows\system32\perfh007.dat
2014-05-25 23:34 - 2011-03-29 13:09 - 00154720 _____ () C:\Windows\system32\perfc007.dat
2014-05-25 23:34 - 2009-07-14 07:13 - 01651216 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-25 22:00 - 2011-08-18 13:58 - 00001429 _____ () C:\Users\coolelisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-25 19:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-25 19:19 - 2013-11-28 11:46 - 00571220 _____ () C:\Windows\IE11_main.log
2014-05-25 19:13 - 2014-05-25 19:13 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-25 19:13 - 2014-05-25 19:13 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 23212032 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 17142784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 12995584 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 11220992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 05765120 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 04240384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 02764288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-25 19:12 - 2014-05-25 19:12 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-25 19:12 - 2014-05-25 19:12 - 02332160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 02166272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 01993728 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-25 19:12 - 2014-05-25 19:12 - 01926656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-25 19:12 - 2014-05-25 19:12 - 01818112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 01394176 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 01156608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-05-25 19:12 - 2014-05-25 19:12 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-05-25 19:12 - 2014-05-25 19:12 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00523776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-05-25 19:12 - 2014-05-25 19:12 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-05-25 19:12 - 2014-05-25 19:12 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-05-25 19:12 - 2014-05-25 19:12 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-05-25 19:12 - 2014-05-25 19:12 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-24 19:05 - 2014-05-24 19:01 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-24 19:01 - 2014-05-24 19:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-24 19:01 - 2014-05-24 19:01 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-24 18:59 - 2014-05-24 18:59 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\coolelisa\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-24 18:34 - 2012-11-24 15:37 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-24 18:34 - 2012-11-24 15:30 - 00002360 _____ () C:\Windows\wininit.ini
2014-05-24 18:34 - 2011-08-18 13:58 - 00000000 ___RD () C:\Users\coolelisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-24 18:31 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-18 22:33 - 2011-08-18 13:58 - 00000000 ___RD () C:\Users\coolelisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-18 22:29 - 2014-05-08 10:54 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-18 22:28 - 2014-05-18 22:28 - 00380416 _____ () C:\Users\coolelisa\Downloads\Gmer-19357.exe
2014-05-18 22:14 - 2014-05-18 22:14 - 00050477 _____ () C:\Users\coolelisa\Downloads\Defogger.exe
2014-05-18 22:14 - 2014-05-18 22:14 - 00000000 _____ () C:\Users\coolelisa\defogger_reenable
2014-05-18 22:14 - 2011-08-18 13:58 - 00000000 ____D () C:\Users\coolelisa
2014-05-18 22:05 - 2014-05-18 22:05 - 00001996 _____ () C:\Windows\unins000.dat
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\LavFilters
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\CDXReader
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DirectVobSub
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\ProgramData\DivX
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\Lame For Audacity
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\Haali
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\ffdshow
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\DSP-worx
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\DirectVobSub
2014-05-18 22:04 - 2014-05-18 22:05 - 00715038 _____ () C:\Windows\unins000.exe
2014-05-18 22:04 - 2014-05-18 22:04 - 00000000 ____D () C:\Program Files (x86)\OpenSource Flash Video Splitter
2014-05-18 21:06 - 2014-05-18 21:06 - 05255978 _____ () C:\Users\coolelisa\Downloads\WP 2020 Stand 2014-05-13 Kopie.zip
2014-05-16 01:03 - 2014-05-16 01:03 - 00000000 ____D () C:\0e665f10d1af54ce4a8e86d9ab0aa5
2014-05-16 01:03 - 2013-08-20 00:22 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-16 01:03 - 2012-06-24 10:27 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-15 21:26 - 2012-11-13 22:31 - 00000000 ____D () C:\Users\coolelisa\Documents\HfK
2014-05-15 11:36 - 2013-07-14 15:30 - 00000000 ____D () C:\Users\coolelisa\Documents\Telekom
2014-05-13 23:52 - 2014-05-13 23:52 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\Windows Live Writer
2014-05-13 23:52 - 2014-05-13 23:52 - 00000000 ____D () C:\Users\coolelisa\AppData\Local\Windows Live Writer
2014-05-13 11:10 - 2014-05-13 11:10 - 00000000 ____D () C:\Users\coolelisa\AppData\Local\CrashDumps
2014-05-12 07:26 - 2014-05-24 19:01 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-24 19:01 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-24 19:01 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-11 13:26 - 2014-05-11 12:48 - 00000000 ____D () C:\Users\coolelisa\AppData\Local\NPE
2014-05-11 13:22 - 2014-05-11 12:57 - 00000000 ____D () C:\NPE
2014-05-11 12:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-11 12:48 - 2014-05-11 12:48 - 03081712 ____N (Symantec Corporation) C:\Users\coolelisa\Downloads\NPE.exe
2014-05-11 12:48 - 2014-05-11 12:48 - 00000000 ____D () C:\ProgramData\Norton
2014-05-11 12:41 - 2014-05-11 12:41 - 00629584 _____ (Chip Digital GmbH) C:\Users\coolelisa\Downloads\Norton Power Eraser - CHIP-Downloader.exe
2014-05-10 20:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-10 13:59 - 2013-06-24 00:03 - 00000000 ____D () C:\Users\coolelisa\Documents\Schriften
2014-05-10 13:47 - 2012-07-09 22:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 08:14 - 2014-05-15 15:37 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-15 15:37 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

Some content of TEMP:
====================
C:\Users\coolelisa\AppData\Local\Temp\AskSLib.dll
C:\Users\coolelisa\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfl1ama.dll
C:\Users\coolelisa\AppData\Local\Temp\ffunzip.exe
C:\Users\coolelisa\AppData\Local\Temp\ICReinstall_ZipSetup.exe
C:\Users\coolelisa\AppData\Local\Temp\install_flashplayer11x32au_mssd_aih.exe
C:\Users\coolelisa\AppData\Local\Temp\install_flashplayer11x32_mssd_aaa_aih.exe
C:\Users\coolelisa\AppData\Local\Temp\install_flashplayer11x32_mssd_aaa_aih_1.exe
C:\Users\coolelisa\AppData\Local\Temp\install_flashplayer11x32_mssd_aaa_aih_2.exe
C:\Users\coolelisa\AppData\Local\Temp\install_flashplayer11x32_mssd_aaa_aih_3.exe
C:\Users\coolelisa\AppData\Local\Temp\install_flashplayer11x32_mssd_aaa_aih_4.exe
C:\Users\coolelisa\AppData\Local\Temp\install_flashplayer11x32_mssd_aih(1).exe
C:\Users\coolelisa\AppData\Local\Temp\install_flashplayer11x32_mssd_aih.exe
C:\Users\coolelisa\AppData\Local\Temp\install_reader11_de_mssd_aih(1).exe
C:\Users\coolelisa\AppData\Local\Temp\install_reader11_de_mssd_aih.exe
C:\Users\coolelisa\AppData\Local\Temp\MSN69EB.exe
C:\Users\coolelisa\AppData\Local\Temp\Quarantine.exe
C:\Users\coolelisa\AppData\Local\Temp\SkypeSetup.exe
C:\Users\coolelisa\AppData\Local\Temp\tbFre0.dll
C:\Users\coolelisa\AppData\Local\Temp\WZCPlugin_VISTA.exe
C:\Users\Gast\AppData\Local\Temp\AskSLib.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-10 19:49

==================== End Of Log ============================
         
--- --- ---

--- --- ---


Geändert von ajourmuster (28.05.2014 um 21:25 Uhr)

Alt 28.05.2014, 22:55   #6
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3 - Standard

TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3



Bitte auch ne neue Additions.txt machen. Haken setzen bei Addition.txt dann auf Scan klicken

__________________
--> TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3

Alt 29.05.2014, 16:29   #7
ajourmuster
 
TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3 - Standard

TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-05-2014 02
Ran by coolelisa (administrator) on LISALAPTOP on 29-05-2014 16:44:04
Running from C:\Users\coolelisa\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Sphinx Software) C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe
(ArcSoft, Inc.) C:\Program Files (x86)\MSI\ArcSoft\TotalMedia\TMMonitor.exe
(Dropbox, Inc.) C:\Users\coolelisa\AppData\Roaming\Dropbox\bin\Dropbox.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(Sun Microsystems, Inc.) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMutilps.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2679592 2011-02-03] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [862088 2011-01-28] (Acer Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [Windows7FirewallControl] => C:\Program Files\Windows7FirewallControl\Windows7FirewallControl.exe [1126400 2012-04-12] (Sphinx Software)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-14] (Intel Corporation)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1077328 2011-02-14] (Dritek System Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-05-30] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [248552 2010-05-14] (Sun Microsystems, Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-06-07] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-05-11] (Adobe Systems Incorporated)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1325642598-3495664763-1817961077-1001\...\Run: [YouTube Mini] => C:\Program Files (x86)\YoutubeDownloader.org\YouTubeDownloader\YouTube Mini.exe
HKU\S-1-5-21-1325642598-3495664763-1817961077-1001\...\Run: [AdobeBridge] => [X]
Lsa: [Notification Packages] scecli EgisPwdFilter EgisDSPwdFilter
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TMMonitor.lnk
ShortcutTarget: TMMonitor.lnk -> C:\Program Files (x86)\MSI\ArcSoft\TotalMedia\TMMonitor.exe (ArcSoft, Inc.)
Startup: C:\Users\coolelisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\coolelisa\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\coolelisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.landing.savetubevideo.com/index.php?from=3
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer.msn.com
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {2877A654-1C9F-4cb5-8438-16022B2FDD9C} URL = hxxp://www.landing.savetubevideo.com/results.php?q={searchTerms}
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{B2617033-4097-4E6F-99FE-2A8DC49AFC1D}: [NameServer]8.8.8.8

FireFox:
========
FF ProfilePath: C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default
FF DefaultSearchEngine: Ecosia
FF SelectedSearchEngine: Ecosia
FF Homepage: hxxp://www.spiegel.de/
FF Keyword.URL: hxxp://www.landing.savetubevideo.com/results.php?q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\searchplugins\ecosia.xml
FF SearchPlugin: C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: YouTube Unblocker - C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\Extensions\youtubeunblocker@unblocker.yt [2014-05-15]
FF Extension: Unity Converter Free - C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\Extensions\{6d514d26-0752-4828-a9e2-0ea000b75dd6}.xpi [2014-05-21]
FF Extension: {9d374d97-b968-496d-bc9a-136038834261} - C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\Extensions\{9d374d97-b968-496d-bc9a-136038834261}.xpi [2014-05-17]
FF Extension: Adblock Plus - C:\Users\coolelisa\AppData\Roaming\Mozilla\Firefox\Profiles\x3zoul2n.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-07-09]

==================== Services (Whitelisted) =================

R2 Windows7FirewallService; C:\Program Files\Windows7FirewallControl\Windows7FirewallService.exe [760320 2012-04-12] (Sphinx Software)

==================== Drivers (Whitelisted) ====================


==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-05-29 16:44 - 2014-05-29 16:44 - 00011666 _____ () C:\Users\coolelisa\Downloads\FRST.txt
2014-05-28 23:11 - 2014-05-08 09:14 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-28 23:11 - 2014-05-08 08:37 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-28 23:11 - 2014-05-08 07:52 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-28 23:11 - 2014-05-08 07:27 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-28 23:11 - 2014-05-08 06:57 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-28 23:11 - 2014-05-08 06:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-28 23:10 - 2013-12-21 11:53 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-28 23:10 - 2013-12-21 10:56 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-28 22:18 - 2014-05-28 22:18 - 00000000 ____D () C:\Users\coolelisa\Downloads\FRST-OlderVersion
2014-05-28 22:14 - 2014-05-29 15:30 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-05-28 22:11 - 2014-05-28 22:13 - 00000000 ____D () C:\AdwCleaner
2014-05-28 21:57 - 2014-05-28 21:57 - 00000000 ____D () C:\Windows\ERUNT
2014-05-28 21:56 - 2014-05-28 21:56 - 01327971 _____ () C:\Users\coolelisa\Downloads\adwcleaner_3.211.exe
2014-05-28 21:55 - 2014-05-28 21:55 - 01016261 _____ (Thisisu) C:\Users\coolelisa\Downloads\JRT.exe
2014-05-28 21:42 - 2014-03-01 07:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-28 21:42 - 2014-03-01 06:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-28 21:42 - 2014-03-01 06:51 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-28 21:42 - 2014-03-01 06:40 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-28 21:42 - 2014-03-01 05:52 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-28 21:42 - 2014-03-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-28 21:42 - 2014-03-01 05:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-28 21:42 - 2014-03-01 05:43 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-28 21:42 - 2014-03-01 05:43 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-28 21:42 - 2014-03-01 05:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-28 21:42 - 2014-03-01 05:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-28 21:42 - 2014-03-01 05:37 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-28 21:42 - 2014-03-01 05:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-28 21:42 - 2014-03-01 05:00 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-28 21:42 - 2014-03-01 04:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-28 21:42 - 2014-03-01 04:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-28 21:42 - 2014-03-01 04:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-28 21:41 - 2014-03-01 06:52 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-28 21:41 - 2014-03-01 06:42 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-28 21:41 - 2014-03-01 06:37 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-28 21:41 - 2014-03-01 06:33 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-28 21:41 - 2014-03-01 06:33 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-28 21:41 - 2014-03-01 06:32 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-28 21:41 - 2014-03-01 06:23 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-28 21:41 - 2014-03-01 06:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-28 21:41 - 2014-03-01 06:02 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-28 21:41 - 2014-03-01 05:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-28 21:41 - 2014-03-01 05:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-28 21:41 - 2014-03-01 05:35 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-28 21:41 - 2014-03-01 05:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-28 21:41 - 2014-03-01 05:16 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-28 21:41 - 2014-03-01 05:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-28 21:41 - 2014-03-01 05:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-28 21:41 - 2014-03-01 04:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-28 21:41 - 2014-03-01 04:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-28 21:41 - 2014-03-01 04:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-25 19:19 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-05-25 19:13 - 2014-05-25 19:13 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-05-25 19:12 - 2014-05-25 19:12 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-05-25 19:12 - 2014-05-25 19:12 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-05-25 19:12 - 2014-05-25 19:12 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-05-25 19:12 - 2014-05-25 19:12 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-05-25 19:12 - 2014-05-25 19:12 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-05-25 19:12 - 2014-05-25 19:12 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-05-24 19:01 - 2014-05-24 19:05 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-24 19:01 - 2014-05-24 19:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-24 19:01 - 2014-05-24 19:01 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-24 19:01 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-24 19:01 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-24 19:01 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-24 18:59 - 2014-05-24 18:59 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\coolelisa\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-18 22:28 - 2014-05-18 22:28 - 00380416 _____ () C:\Users\coolelisa\Downloads\Gmer-19357.exe
2014-05-18 22:19 - 2014-05-29 16:44 - 00000000 ____D () C:\FRST
2014-05-18 22:19 - 2014-05-28 22:18 - 02066944 _____ (Farbar) C:\Users\coolelisa\Downloads\FRST64.exe
2014-05-18 22:14 - 2014-05-18 22:14 - 00050477 _____ () C:\Users\coolelisa\Downloads\Defogger.exe
2014-05-18 22:14 - 2014-05-18 22:14 - 00000000 _____ () C:\Users\coolelisa\defogger_reenable
2014-05-18 22:05 - 2014-05-18 22:05 - 00001996 _____ () C:\Windows\unins000.dat
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\LavFilters
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\CDXReader
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DirectVobSub
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\ProgramData\DivX
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\Lame For Audacity
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\Haali
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\ffdshow
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\DSP-worx
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\DirectVobSub
2014-05-18 22:05 - 2014-05-18 22:04 - 00715038 _____ () C:\Windows\unins000.exe
2014-05-18 22:05 - 2012-02-26 16:47 - 00079360 _____ () C:\Windows\SysWOW64\ff_vfw.dll
2014-05-18 22:05 - 2012-01-09 20:45 - 00178688 _____ () C:\Windows\SysWOW64\unrar.dll
2014-05-18 22:05 - 2011-12-07 19:37 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll
2014-05-18 22:05 - 2011-12-07 19:32 - 00216064 _____ ( ) C:\Windows\SysWOW64\lagarith.dll
2014-05-18 22:04 - 2014-05-18 22:04 - 00000000 ____D () C:\Program Files (x86)\OpenSource Flash Video Splitter
2014-05-18 21:06 - 2014-05-18 21:06 - 05255978 _____ () C:\Users\coolelisa\Downloads\WP 2020 Stand 2014-05-13 Kopie.zip
2014-05-16 01:03 - 2014-05-16 01:03 - 00000000 ____D () C:\0e665f10d1af54ce4a8e86d9ab0aa5
2014-05-15 15:37 - 2014-05-09 08:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-15 15:37 - 2014-05-09 08:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-15 15:37 - 2014-04-12 04:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-05-15 15:37 - 2014-04-12 04:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-05-15 15:37 - 2014-04-12 04:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-05-15 15:37 - 2014-04-12 04:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-05-15 15:37 - 2014-04-12 04:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-05-15 15:37 - 2014-04-12 04:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-05-15 15:37 - 2014-04-12 04:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-05-15 15:37 - 2014-04-12 04:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-05-15 15:37 - 2014-04-12 04:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-05-15 15:37 - 2014-03-25 04:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-05-15 15:37 - 2014-03-25 04:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-05-15 15:37 - 2014-03-04 11:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-05-15 15:37 - 2014-03-04 11:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-05-15 15:37 - 2014-03-04 11:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-05-15 15:37 - 2014-03-04 11:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-05-15 15:37 - 2014-03-04 11:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-05-15 15:37 - 2014-03-04 11:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-05-15 15:37 - 2014-03-04 11:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-05-15 15:37 - 2014-03-04 11:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-05-15 15:37 - 2014-03-04 11:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-05-15 15:37 - 2014-03-04 11:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-05-15 15:37 - 2014-03-04 11:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-05-15 15:37 - 2014-03-04 11:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-05-15 15:37 - 2014-03-04 11:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-05-15 15:37 - 2014-03-04 11:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-05-15 15:37 - 2014-03-04 11:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-05-15 15:37 - 2014-03-04 11:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-05-15 15:37 - 2014-03-04 11:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 15:37 - 2014-03-04 11:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 15:37 - 2014-03-04 11:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-05-15 15:37 - 2014-03-04 11:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-05-15 15:37 - 2014-03-04 11:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 15:37 - 2014-03-04 11:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-05-15 15:37 - 2014-03-04 11:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-05-15 15:37 - 2014-03-04 11:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 15:37 - 2014-03-04 11:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 15:37 - 2014-03-04 11:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-05-15 15:37 - 2014-03-04 11:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 15:37 - 2014-03-04 11:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 15:37 - 2014-03-04 11:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 15:37 - 2014-03-04 11:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 15:37 - 2014-03-04 11:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-05-15 15:37 - 2014-03-04 11:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-14 18:57 - 2014-05-29 15:30 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\DropboxMaster
2014-05-13 23:52 - 2014-05-13 23:52 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\Windows Live Writer
2014-05-13 23:52 - 2014-05-13 23:52 - 00000000 ____D () C:\Users\coolelisa\AppData\Local\Windows Live Writer
2014-05-13 11:10 - 2014-05-13 11:10 - 00000000 ____D () C:\Users\coolelisa\AppData\Local\CrashDumps
2014-05-11 12:57 - 2014-05-11 13:22 - 00000000 ____D () C:\NPE
2014-05-11 12:48 - 2014-05-11 13:26 - 00000000 ____D () C:\Users\coolelisa\AppData\Local\NPE
2014-05-11 12:48 - 2014-05-11 12:48 - 03081712 ____N (Symantec Corporation) C:\Users\coolelisa\Downloads\NPE.exe
2014-05-11 12:48 - 2014-05-11 12:48 - 00000000 ____D () C:\ProgramData\Norton
2014-05-11 12:41 - 2014-05-11 12:41 - 00629584 _____ (Chip Digital GmbH) C:\Users\coolelisa\Downloads\Norton Power Eraser - CHIP-Downloader.exe
2014-05-08 10:54 - 2014-05-18 22:29 - 00000000 ___SD () C:\Windows\system32\CompatTel

==================== One Month Modified Files and Folders =======

2014-05-29 16:44 - 2014-05-29 16:44 - 00011666 _____ () C:\Users\coolelisa\Downloads\FRST.txt
2014-05-29 16:44 - 2014-05-18 22:19 - 00000000 ____D () C:\FRST
2014-05-29 16:15 - 2011-03-29 03:18 - 01496933 _____ () C:\Windows\WindowsUpdate.log
2014-05-29 15:34 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-05-29 15:34 - 2009-07-14 06:45 - 00009696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-05-29 15:30 - 2014-05-28 22:14 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-05-29 15:30 - 2014-05-14 18:57 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\DropboxMaster
2014-05-29 15:30 - 2013-02-26 17:48 - 00000000 ___RD () C:\Users\coolelisa\Dropbox
2014-05-29 15:30 - 2012-10-31 18:17 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\Dropbox
2014-05-29 15:29 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-05-29 15:29 - 2009-07-14 06:51 - 00122789 _____ () C:\Windows\setupact.log
2014-05-28 23:09 - 2012-11-13 22:31 - 00000000 ____D () C:\Users\coolelisa\Documents\HfK
2014-05-28 22:18 - 2014-05-28 22:18 - 00000000 ____D () C:\Users\coolelisa\Downloads\FRST-OlderVersion
2014-05-28 22:18 - 2014-05-18 22:19 - 02066944 _____ (Farbar) C:\Users\coolelisa\Downloads\FRST64.exe
2014-05-28 22:13 - 2014-05-28 22:11 - 00000000 ____D () C:\AdwCleaner
2014-05-28 22:13 - 2011-03-29 03:14 - 00372360 _____ () C:\Windows\PFRO.log
2014-05-28 22:12 - 2011-08-19 12:38 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\SoftGrid Client
2014-05-28 21:57 - 2014-05-28 21:57 - 00000000 ____D () C:\Windows\ERUNT
2014-05-28 21:56 - 2014-05-28 21:56 - 01327971 _____ () C:\Users\coolelisa\Downloads\adwcleaner_3.211.exe
2014-05-28 21:55 - 2014-05-28 21:55 - 01016261 _____ (Thisisu) C:\Users\coolelisa\Downloads\JRT.exe
2014-05-25 23:34 - 2011-03-29 13:09 - 00714926 _____ () C:\Windows\system32\perfh007.dat
2014-05-25 23:34 - 2011-03-29 13:09 - 00154720 _____ () C:\Windows\system32\perfc007.dat
2014-05-25 23:34 - 2009-07-14 07:13 - 01651216 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-25 22:00 - 2011-08-18 13:58 - 00001429 _____ () C:\Users\coolelisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-05-25 19:47 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-05-25 19:19 - 2013-11-28 11:46 - 00571220 _____ () C:\Windows\IE11_main.log
2014-05-25 19:13 - 2014-05-25 19:13 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 01228800 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 01051136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-05-25 19:12 - 2014-05-25 19:12 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-05-25 19:12 - 2014-05-25 19:12 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-05-25 19:12 - 2014-05-25 19:12 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-05-25 19:12 - 2014-05-25 19:12 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00263376 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00244736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00238288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-05-25 19:12 - 2014-05-25 19:12 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-05-25 19:12 - 2014-05-25 19:12 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-05-25 19:12 - 2014-05-25 19:12 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-05-25 19:12 - 2014-05-25 19:12 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-05-24 19:05 - 2014-05-24 19:01 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-05-24 19:01 - 2014-05-24 19:01 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-24 19:01 - 2014-05-24 19:01 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-05-24 18:59 - 2014-05-24 18:59 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\coolelisa\Downloads\mbam-setup-2.0.2.1012.exe
2014-05-24 18:34 - 2012-11-24 15:37 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-05-24 18:34 - 2012-11-24 15:30 - 00002360 _____ () C:\Windows\wininit.ini
2014-05-24 18:34 - 2011-08-18 13:58 - 00000000 ___RD () C:\Users\coolelisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-05-24 18:31 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-05-18 22:33 - 2011-08-18 13:58 - 00000000 ___RD () C:\Users\coolelisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-18 22:29 - 2014-05-08 10:54 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-05-18 22:28 - 2014-05-18 22:28 - 00380416 _____ () C:\Users\coolelisa\Downloads\Gmer-19357.exe
2014-05-18 22:14 - 2014-05-18 22:14 - 00050477 _____ () C:\Users\coolelisa\Downloads\Defogger.exe
2014-05-18 22:14 - 2014-05-18 22:14 - 00000000 _____ () C:\Users\coolelisa\defogger_reenable
2014-05-18 22:14 - 2011-08-18 13:58 - 00000000 ____D () C:\Users\coolelisa
2014-05-18 22:05 - 2014-05-18 22:05 - 00001996 _____ () C:\Windows\unins000.dat
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\LavFilters
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\CDXReader
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DirectVobSub
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\ProgramData\DivX
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\Lame For Audacity
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\Haali
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\ffdshow
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\DSP-worx
2014-05-18 22:05 - 2014-05-18 22:05 - 00000000 ____D () C:\Program Files (x86)\DirectVobSub
2014-05-18 22:04 - 2014-05-18 22:05 - 00715038 _____ () C:\Windows\unins000.exe
2014-05-18 22:04 - 2014-05-18 22:04 - 00000000 ____D () C:\Program Files (x86)\OpenSource Flash Video Splitter
2014-05-18 21:06 - 2014-05-18 21:06 - 05255978 _____ () C:\Users\coolelisa\Downloads\WP 2020 Stand 2014-05-13 Kopie.zip
2014-05-16 01:03 - 2014-05-16 01:03 - 00000000 ____D () C:\0e665f10d1af54ce4a8e86d9ab0aa5
2014-05-16 01:03 - 2013-08-20 00:22 - 00000000 ____D () C:\Windows\system32\MRT
2014-05-16 01:03 - 2012-06-24 10:27 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-05-15 11:36 - 2013-07-14 15:30 - 00000000 ____D () C:\Users\coolelisa\Documents\Telekom
2014-05-13 23:52 - 2014-05-13 23:52 - 00000000 ____D () C:\Users\coolelisa\AppData\Roaming\Windows Live Writer
2014-05-13 23:52 - 2014-05-13 23:52 - 00000000 ____D () C:\Users\coolelisa\AppData\Local\Windows Live Writer
2014-05-13 11:10 - 2014-05-13 11:10 - 00000000 ____D () C:\Users\coolelisa\AppData\Local\CrashDumps
2014-05-12 07:26 - 2014-05-24 19:01 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-05-12 07:26 - 2014-05-24 19:01 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-05-12 07:25 - 2014-05-24 19:01 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-05-11 13:26 - 2014-05-11 12:48 - 00000000 ____D () C:\Users\coolelisa\AppData\Local\NPE
2014-05-11 13:22 - 2014-05-11 12:57 - 00000000 ____D () C:\NPE
2014-05-11 12:51 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-11 12:48 - 2014-05-11 12:48 - 03081712 ____N (Symantec Corporation) C:\Users\coolelisa\Downloads\NPE.exe
2014-05-11 12:48 - 2014-05-11 12:48 - 00000000 ____D () C:\ProgramData\Norton
2014-05-11 12:41 - 2014-05-11 12:41 - 00629584 _____ (Chip Digital GmbH) C:\Users\coolelisa\Downloads\Norton Power Eraser - CHIP-Downloader.exe
2014-05-10 20:01 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-05-10 13:59 - 2013-06-24 00:03 - 00000000 ____D () C:\Users\coolelisa\Documents\Schriften
2014-05-10 13:47 - 2012-07-09 22:13 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-05-09 08:14 - 2014-05-15 15:37 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-05-09 08:11 - 2014-05-15 15:37 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-08 09:14 - 2014-05-28 23:11 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-08 08:37 - 2014-05-28 23:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-08 07:52 - 2014-05-28 23:11 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-08 07:27 - 2014-05-28 23:11 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-08 06:57 - 2014-05-28 23:11 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-08 06:04 - 2014-05-28 23:11 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

Some content of TEMP:
====================
C:\Users\coolelisa\AppData\Local\Temp\AskSLib.dll
C:\Users\coolelisa\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpt4el4q.dll
C:\Users\coolelisa\AppData\Local\Temp\ffunzip.exe
C:\Users\coolelisa\AppData\Local\Temp\ICReinstall_ZipSetup.exe
C:\Users\coolelisa\AppData\Local\Temp\install_flashplayer11x32au_mssd_aih.exe
C:\Users\coolelisa\AppData\Local\Temp\install_flashplayer11x32_mssd_aaa_aih.exe
C:\Users\coolelisa\AppData\Local\Temp\install_flashplayer11x32_mssd_aaa_aih_1.exe
C:\Users\coolelisa\AppData\Local\Temp\install_flashplayer11x32_mssd_aaa_aih_2.exe
C:\Users\coolelisa\AppData\Local\Temp\install_flashplayer11x32_mssd_aaa_aih_3.exe
C:\Users\coolelisa\AppData\Local\Temp\install_flashplayer11x32_mssd_aaa_aih_4.exe
C:\Users\coolelisa\AppData\Local\Temp\install_flashplayer11x32_mssd_aih(1).exe
C:\Users\coolelisa\AppData\Local\Temp\install_flashplayer11x32_mssd_aih.exe
C:\Users\coolelisa\AppData\Local\Temp\install_reader11_de_mssd_aih(1).exe
C:\Users\coolelisa\AppData\Local\Temp\install_reader11_de_mssd_aih.exe
C:\Users\coolelisa\AppData\Local\Temp\MSN69EB.exe
C:\Users\coolelisa\AppData\Local\Temp\Quarantine.exe
C:\Users\coolelisa\AppData\Local\Temp\SkypeSetup.exe
C:\Users\coolelisa\AppData\Local\Temp\tbFre0.dll
C:\Users\coolelisa\AppData\Local\Temp\WZCPlugin_VISTA.exe
C:\Users\Gast\AppData\Local\Temp\AskSLib.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-05-10 19:49

==================== End Of Log ============================
         
--- --- ---

Alt 29.05.2014, 19:20   #8
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3 - Standard

TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3



Additions.txt Logfile fehlt leider immer noch
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 29.05.2014, 22:53   #9
ajourmuster
 
TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3 - Standard

TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3



Ach shit, falsches gepostet, sorry.FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-05-2014 02
Ran by coolelisa at 2014-05-29 16:46:06
Running from C:\Users\coolelisa\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.1324 - CyberLink Corp.)
Acer Crystal Eye Webcam (x32 Version: 1.0.1324 - CyberLink Corp.) Hidden
Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 6.00.3004 - Acer Incorporated)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3002 - Acer Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Community Help (x32 Version: 3.0.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{288DB08D-0708-4A94-B055-55B99E39EB62}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.8.800.168 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.04) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.04 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{122ADF8C-DDA1-480C-9936-C88F2825B265}) (Version: 2.1.9 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6A76BEAF-6D1F-4273-A79B-DA8410A2E56B}) (Version: 5.2.0.6 - Apple Inc.)
ArcSoft TotalMedia 3 (HKLM-x32\...\{FF68083C-E11E-4A91-B54B-CD72AB5A0CF5}) (Version:  - ArcSoft)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
Audacity 1.2.6 (HKLM-x32\...\Audacity_is1) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.52.0.50 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DC-Bass Source 1.3.0 (HKLM-x32\...\DC-Bass Source) (Version:  - )
DirectVobSub 2.40.4209 (HKLM-x32\...\vsfilter_is1) (Version: 2.40.4209 - MPC-HC Team)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
ffdshow v1.1.4399 [2012-03-22] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.4399.0 - )
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2287 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.0.0.1046 - Intel Corporation)
iTunes (HKLM\...\{840A3BAA-4C68-4581-9C7A-6F8D6CF531B9}) (Version: 10.6.3.25 - Apple Inc.)
Java Auto Updater (x32 Version: 2.0.2.4 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022FF}) (Version: 6.0.220 - Oracle)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Lagarith Lossless Codec (1.3.27) (HKLM-x32\...\{F59AC46C-10C3-4023-882C-4212A92283B3}_is1) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Launch Manager (HKLM-x32\...\LManager) (Version: 6.0.1s1 - Acer Inc.)
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Klick-und-Los 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.8939 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.8939 - NTI Corporation) Hidden
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
OpenSource Flash Video Splitter 1.0.0.5 (HKLM-x32\...\OpenSource Flash Video Splitter) (Version: 1.0.0.5 - )
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7600.74 - Realtek Semiconductor Corp.)
SecureW2 EAP Suite 1.1.3 for Windows (HKLM-x32\...\SecureW2 EAP Suite) (Version:  - )
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.11.1 - Synaptics Incorporated)
Torntv V9.0 (HKLM-x32\...\Torntv V9.0) (Version: 1.34.3.6 - installdaddy) <==== ATTENTION
Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3102 - Acer Incorporated)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows7FirewallControl (x64) 5.0.0.15 (HKLM\...\Windows7FirewallControl_is1) (Version: 5.0.0.15 - Sphinx Software)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

==================== Restore Points  =========================

15-05-2014 23:01:29 Windows Update
17-05-2014 11:29:02 Windows Update
18-05-2014 19:05:55 Windows Update
21-05-2014 08:25:10 Windows Update
24-05-2014 16:37:18 Windows Update
25-05-2014 17:08:41 Windows Update
28-05-2014 21:10:12 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {7A5E08D7-43F8-4883-AB27-033F65C483FE} - \Digital Sites No Task File <==== ATTENTION
Task: {9266A4C1-245C-4C9C-9D99-DAD4A4B8C03F} - \Advanced System Protector No Task File <==== ATTENTION
Task: {E71D85BA-978C-4430-8952-6805FFDA8A7B} - System32\Tasks\{C737E961-0B01-4312-B03C-5EDBCCCBA65D} => Firefox.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.2.0.106&amp;LastError=12029
Task: {E8ED70C3-042A-4358-88C5-1A17C5F5EA64} - System32\Tasks\AdobeAAMUpdater-1.0-LisaLaptop-coolelisa => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)

==================== Loaded Modules (whitelisted) =============

2011-03-16 06:19 - 2011-01-20 04:11 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-09-27 08:23 - 2011-09-27 08:23 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-09-27 08:22 - 2011-09-27 08:22 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-01-30 19:16 - 2005-08-05 17:24 - 00028672 _____ () C:\Program Files (x86)\MSI\ArcSoft\TotalMedia\uPiApi.dll
2009-07-13 23:03 - 2009-07-14 03:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2014-05-29 15:30 - 2014-05-29 15:30 - 00043008 _____ () C:\Users\coolelisa\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpt4el4q.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\coolelisa\AppData\Roaming\Dropbox\bin\libcef.dll
2011-01-17 17:19 - 2012-01-03 16:55 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2012-07-09 22:13 - 2014-05-10 13:47 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-09-29 20:55 - 2013-09-29 20:55 - 16177544 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
2014-02-17 22:53 - 2014-02-17 22:53 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\aa739380ca2b2fc7366d464d2f2301ac\IsdiInterop.ni.dll
2011-03-16 05:57 - 2010-09-14 03:28 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR410 => ""="Service"

==================== EXE Association (whitelisted) =============


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (05/29/2014 03:31:16 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: 0x800700b7

Error: (05/29/2014 03:31:16 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: 00x800700b7hxxp://+:10243/WMPNSSv4/3427777506/

Error: (05/29/2014 03:31:16 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: 0x800700b7

Error: (05/29/2014 03:31:16 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: 00x800700b7hxxp://+:10243/WMPNSSv4/3427777506/

Error: (05/28/2014 10:15:26 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: 0x800700b7

Error: (05/28/2014 10:15:26 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: 00x800700b7hxxp://+:10243/WMPNSSv4/3427777506/

Error: (05/28/2014 10:15:26 PM) (Source: WMPNetworkSvc) (EventID: 14349) (User: )
Description: 0x800700b7

Error: (05/28/2014 10:15:26 PM) (Source: WMPNetworkSvc) (EventID: 14353) (User: )
Description: 00x800700b7hxxp://+:10243/WMPNSSv4/3427777506/


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 47%
Total physical RAM: 3947.86 MB
Available physical RAM: 2083.18 MB
Total Pagefile: 7893.9 MB
Available Pagefile: 5960.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:450.66 GB) (Free:231.04 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: B8764BBC)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---

Alt 30.05.2014, 13:19   #10
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3 - Standard

TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3



Okay, dann bitte Kontrollscans mit MBAM und ESET bitte:

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 12.06.2014, 22:58   #11
ajourmuster
 
TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3 - Standard

TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3



mbam-Scan

Code:
ATTFilter
Suchlauf Datum: 05.06.2014
Suchlauf-Zeit: 13:27:08
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.06.05.05
Rootkit Datenbank: v2014.06.02.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: coolelisa

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 326348
Verstrichene Zeit: 20 Min, 38 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 0
(No malicious items detected)

Registrierungswerte: 0
(No malicious items detected)

Registrierungsdaten: 0
(No malicious items detected)

Ordner: 0
(No malicious items detected)

Dateien: 0
(No malicious items detected)

Physische Sektoren: 0
(No malicious items detected)


(end)
         
ESET-Scan
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internetesets_scanner_update returned -1 esets_gle=12
esets_scanner_update returned -1 esets_gle=12
esets_scanner_update returned -1 esets_gle=12
esets_scanner_update returned -1 esets_gle=12
ESETSmartInstaller@High as downloader log:
all ok
esets_scanner_update returned -1 esets_gle=12
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=7e5c90efbe07c4498ad08d885eecefcc
# engine=18573
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-06-05 02:20:26
# local_time=2014-06-05 04:20:26 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 60686 153607876 0 0
# scanned=158958
# found=15
# cleaned=0
# scan_time=7520
sh=BDFC5765CE635A44A44A203BC66917FA6F6A90CF ft=1 fh=c71c0011fa52db3c vn="Variante von Win32/InstallCore.BY evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1325642598-3495664763-1817961077-1001\$RWL8KC1.exe"
sh=E08EC9E551CD6873CFD6F439AA63B5923DE41DC2 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1325642598-3495664763-1817961077-1001\$R21TH2Y.0\51390.crx"
sh=FA99701AB941BCE737B89CCB9187D9A87FBE12D6 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1325642598-3495664763-1817961077-1001\$R21TH2Y.0\51390.xpi"
sh=A19A27B7679BC62F3DECF581F49F4A0607D871CC ft=1 fh=c71c0011c30048ca vn="Variante von Win32/Toolbar.CrossRider.AA evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1325642598-3495664763-1817961077-1001\$R21TH2Y.0\Torntv V9.0-buttonutil.dll"
sh=DCD92EE98078F61EF0F48E6E54FF53170E47C800 ft=1 fh=c71c00112eab44a0 vn="möglicherweise Variante von Win64/Toolbar.Crossrider.D evtl. unerwünschte Anwendung" ac=I fn="C:\$Recycle.Bin\S-1-5-21-1325642598-3495664763-1817961077-1001\$R21TH2Y.0\Torntv V9.0-buttonutil64.dll"
sh=DAE3B80A567AA739FA54D4C896A2CFE0F9718180 ft=1 fh=09c2f22f47670a60 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\COOLEL~1\AppData\Local\Temp\OCS\ocs_v71b.exe.vir"
sh=B4267CC9FBAA1133921BBF40835E07DAA481E025 ft=1 fh=39d86043333a1074 vn="Variante von Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Users\coolelisa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WHMWR4E7\tbedrs[1].dll"
sh=BDFC5765CE635A44A44A203BC66917FA6F6A90CF ft=1 fh=c71c0011fa52db3c vn="Variante von Win32/InstallCore.BY evtl. unerwünschte Anwendung" ac=I fn="C:\Users\coolelisa\AppData\Local\Temp\ICReinstall_ZipSetup.exe"
sh=3E30150D840AC9A0C0A7969D2FFD45118BE827D6 ft=1 fh=afbdb7c39edb934a vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\coolelisa\AppData\Local\Temp\tbFre0.dll"
sh=1198E362C0504B2A3B13C48A3FB1FD392CD961F2 ft=1 fh=f811da979eb359e7 vn="Variante von Win32/ELEX.AJ evtl. unerwünschte Anwendung" ac=I fn="C:\Users\coolelisa\AppData\Local\Temp\is357113909\3726832_stp\May7www.sweet-page.com.exe"
sh=20908C1205359A8545F570772106F6D72F666AC3 ft=1 fh=e61b6c9d961e4263 vn="Win32/Systweak.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\coolelisa\AppData\Local\Temp\is357113909\3726885_stp\rcpsetup_adppi15_adppi15.exe"
sh=2DAAB83B0439BC76845E58F3F7DDB84EE8E210C4 ft=1 fh=855a37aa5dbeb36f vn="Win32/InstallCore.PC evtl. unerwünschte Anwendung" ac=I fn="C:\Users\coolelisa\AppData\Local\Temp\is357113909\3726887_stp\uninstaller.exe"
sh=21DCC3FFFA5AC0EBDFB59D67496AB307709BBE7D ft=1 fh=9d5122560d19b03e vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\coolelisa\Downloads\Norton Power Eraser - CHIP-Downloader.exe"
sh=1E00782FEC3CA539AE30F866502633FF550356C6 ft=1 fh=46da0b21d76c5220 vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Gast\AppData\LocalLow\FreeSoundRecorder\ldrtbFree.dll"
sh=4C5834A9F0D646B35A7719A4E352093C0240BA5F ft=1 fh=f68058267a38e609 vn="Variante von Win32/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Gast\AppData\LocalLow\FreeSoundRecorder\tbFree.dll"
         

Alt 13.06.2014, 11:24   #12
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3 - Standard

TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3



Ein paar Reste

TFC - Temp File Cleaner

Lade dir TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
  • Öffne die TFC.exe.
    Vista und Win 7 User mit Rechtsklick "als Administrator starten".
  • Schließe alle anderen Programme.
  • Drücke auf den Button Start.
  • Falls du zu einem Neustart aufgefordert wirst, bestätige diesen.




Sieht soweit ok aus

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ist aber nur optional. Um Usertracking zu verhindern kann man gut die Firefox-Erweiterung Ghostery verwenden.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Alt 14.06.2014, 12:20   #13
ajourmuster
 
TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3 - Standard

TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3



1 0 0 0 D A N K !

Ich glaube, es funktioniert alles wieder normal.

Brauche ich dann jetzt noch ein Anti-Viren-Programm? Und waren das jetzt alles nur "Malware"-Sachen oder auch Viren/Trojaner? Reicht es für die Cookie-Sache, wenn ich "Cookies behalten, bis Firefox geschlossen wird" auswähle, oder soll ich dann auch "die komplette Chronik löschen" anwählen?

Alt 14.06.2014, 16:49   #14
cosinus
/// Winkelfunktion
/// TB-Süch-Tiger™
 
TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3 - Standard

TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3



Anti-Virusprogramme
  • Nutze einen Virenscanner mit Hintergrundwächter mit stets aktueller Datenbank. Welches Produkt gewählt wird, spielt keine so entscheidende Rolle. Wenn du ein kommerzielles Programm kaufen möchtest, kann ich dir Emsisoft Anti-Malware empfehlen (die Freeware-Version davon reicht aber nicht, denn die hat keinen Hintergrundwächter). Bevorzugst du ein kostenloses Produkt, dann ist Avast! Free Antivirus eine gute Alternative.
    Betreibe aber keinesfalls zwei Wächter parallel, die würden sich gegenseitig behindern.
  • Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.
  • Zusätzlich zum Virenscanner kannst du dein System regelmässig mit einem On-Demand Antimalwareprogramm scannen. Empfehlenswert ist die Free-Version von Malwarebytes Anti-Malware. Vor jedem Scan die Datenbank updaten.



Dann wären wir durch!


Falls du noch Lob oder Kritik loswerden möchtest => Lob, Kritik und Wünsche - Trojaner-Board

Die Programme, die hier zum Einsatz kamen, können alle deinstalliert werden. Es empfiehlt sich Malwarebytes Anti-Malware zu behalten und damit wöchentlich nach Malware zu scannen.

Helfen kann dir dabei delfix:


Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.






Bitte abschließend noch die Updates prüfen, unten mein Leitfaden dazu. Um in Zukunft die Aktualität der installierten Programme besser im Überblick zu halten, kannst du zB Secunia PSI verwenden.
Für noch mehr Sicherheit solltest Du nach der beseitigten Infektion auch möglichst alle Passwörter ändern.


Microsoftupdate
Windows XP:Besuch mit dem IE die MS-Updateseite und lass Dir alle wichtigen Updates installieren.
Windows Vista/7: Start, Systemsteuerung, Windows-Update


PDF-Reader aktualisieren
Ein veralteter AdobeReader stellt ein großes Sicherheitsrisiko dar. Du solltest daher besser alte Versionen vom AdobeReader über Systemsteuerung => Software bzw. Programme und Funktionen deinstallieren, indem Du dort auf "Adobe Reader x.0" klickst und das Programm entfernst. (falls du AdobeReader installiert hast)

Ich empfehle einen alternativen PDF-Reader wie PDF Xchange Viewer, SumatraPDF oder Foxit PDF Reader, die sind sehr viel schlanker und flotter als der AdobeReader.

Bitte überprüf bei der Gelegenheit auch die Aktualität des Flashplayers:
Prüfen => Adobe - Flash Player
Downloadlinks findest du hier => Browsers and Plugins - FilePony.de

Alle Plugins im Firefox-Browser kannst du auch ganz einfach hier auf Aktualität prüfen => https://www.mozilla.org/de/plugincheck

Natürlich auch darauf achten, dass andere installierte Browser wie zB Firefox, Opera oder Chrome aktuell sind.


Java-Update
Veraltete Java-Installationen sind ein großes Sicherheitsrisiko, daher solltest Du die alten Versionen deinstallieren. Beende dazu alle Programme (v.a. die Browser), klick danach auf Start, Systemsteuerung, Software (bzw. Programme und Funktionen) und deinstalliere darüber alle aufgelisteten Java-Versionen. Lad Dir danach von hier das aktuelle Java SE Runtime Environment (JRE) herunter und installiere es.
__________________
"Die Wahrheit ist normalerweise nur eine Entschuldigung für einen Mangel an Fantasie." (Elim Garak)

Das Trojaner-Board unterstützen
Warum Linux besser als Windows ist!

Antwort

Themen zu TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3
adware.skymedia, association, continue, device driver, html/expkit.gen3, icreinstall, launch, norton power eraser, pup.adware.agent, pup.offerbundler.st, pup.optional.1clickdownload.a, pup.optional.bandoo, pup.optional.bundlore, pup.optional.conduit.a, pup.optional.crossrider.a, pup.optional.crossrider.m, pup.optional.domaiq, pup.optional.firseria, pup.optional.iminent.a, pup.optional.installcore, pup.optional.installcore.a, pup.optional.installmonetizer, pup.optional.oneclickdownloader.a, pup.optional.pricegong.a, pup.optional.scramblepacker.a, pup.optional.softonic.a, pup.optional.torntv.a, pup.optional.updater, super, tr/crypt.xpack.ge, tr/crypt.xpack.gen, tr/crypt.xpack.gen3



Ähnliche Themen: TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3


  1. Trojaner tr/crypt.xpack.gen3, Windows Vista
    Alles rund um Windows - 16.06.2015 (1)
  2. HTML/ExpKit.Gen3 aber Avira zeigt mir das immer nur Abends an
    Plagegeister aller Art und deren Bekämpfung - 23.11.2014 (11)
  3. Trojaner TR/Crypt.XPACK.Gen3 auf meinem Computer
    Log-Analyse und Auswertung - 08.09.2014 (8)
  4. Win 7: Problem mit HTML/ExpKit.Gen3
    Log-Analyse und Auswertung - 19.02.2014 (9)
  5. HTML/ExpKit.Gen3 wird beim Aufrufen einiger Webseiten von Avira gefunden
    Log-Analyse und Auswertung - 27.01.2014 (15)
  6. Antivir findet immer wieder TR/atraps.gen, TR/atraps.gen2 , HTML/expKit.Gen3
    Log-Analyse und Auswertung - 17.11.2013 (12)
  7. Win 7, Avira Fund: HTML/ExpKit.Gen3 [Virus], in: Temporary Internet Files
    Plagegeister aller Art und deren Bekämpfung - 16.09.2013 (9)
  8. Trojaner TR/Crypt.XPACK.Gen3 auf Laptop, wie entfernen?
    Log-Analyse und Auswertung - 18.06.2013 (78)
  9. TR/Crypt.XPACK.Gen3 - Trojaner - DSL viel zu langsam
    Log-Analyse und Auswertung - 17.06.2013 (19)
  10. HTML/ExpKit.Gen3 Virus ?
    Plagegeister aller Art und deren Bekämpfung - 30.04.2013 (2)
  11. Trojaner Yontoo html/expkit.gen3
    Log-Analyse und Auswertung - 22.03.2013 (7)
  12. TR/Crypt.XPACK.Gen3 Trojaner
    Log-Analyse und Auswertung - 13.12.2011 (10)
  13. TR/Crypt.XPACK.Gen3 Trojaner gefunden!
    Log-Analyse und Auswertung - 26.06.2011 (1)
  14. Trojaner TR/Crypt.XPACK.Gen3
    Plagegeister aller Art und deren Bekämpfung - 24.06.2011 (3)
  15. Trojaner TR/Crypt.XPACK.Gen3
    Log-Analyse und Auswertung - 09.06.2011 (17)
  16. Problem mit ein Trojaner TR/Crypt.XPACK.Gen3
    Plagegeister aller Art und deren Bekämpfung - 03.03.2011 (56)
  17. Virus + Trojaner ( TR/Crypt.XPACK.Gen3 ?)
    Plagegeister aller Art und deren Bekämpfung - 19.10.2010 (0)

Zum Thema TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3 - Hallo, ich habe von Avira gemeldet bekommen, dass die im Titel genannten Dateien/Trojaner gefunden wurden. Mein Computer ist seit drei Wochen super langsam, im Internet überall fragwürdige Werbeanzeigen und so - TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3...
Archiv
Du betrachtest: TR/Crypt.XPACK.Gen3 Trojaner und HTML/ExpKit.Gen3 auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.