| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Schrift erscheint grün und doppelt unterstrichen, der Computer ist sehr langsam, viel WerbungWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
17.06.2014, 20:35
| #1 |
 |  Schrift erscheint grün und doppelt unterstrichen, der Computer ist sehr langsam, viel Werbung Grüß Gott! Ich habe seit geraumer Zeit das Problem auf meinem Laptop, daß er extrem langsam ist, willkürlich Textteile und einzelne Wörter auf den Seiten in grün und doppelt unterstrichen erscheinen und überall viel Werbung ist. Wo liegt das Problem? Ist das ein Virus? Bitte um Hilfe! Danke, Br. Pirminius |
|
17.06.2014, 20:55
| #2 |
 |  Schrift erscheint grün und doppelt unterstrichen, der Computer ist sehr langsam, viel Werbung Hallo und willkommen an Board, Br.Pirminius  Mein Name ist Machiavelli und werde bei Deinem Malware Problemen behilflich sein. Falls Du Dich im abgesicherten Modus befindest, würde ich Dir raten, alle Anweisungen von mir auszudrucken, um besseren Überblick auf die Gesamtsituation zu bekommen. Ich bin hier im Malwareteam und daher ist es mir möglich, Dir zu helfen. Damit eine Bereinigung ermöglicht werden kann, musst Du ein paar Regeln/Tipps beachten:
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
17.06.2014, 21:25
| #3 |
| | Schrift erscheint grün und doppelt unterstrichen, der Computer ist sehr langsam, viel Werbung Dankeschön!
__________________FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-06-2014
Ran by Br. Pirminius Seber (administrator) on BRUDERPIRMINIUS on 17-06-2014 22:20:09
Running from C:\Users\Br. Pirminius Seber\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(SecureAssist) C:\Program Files\suprasavings\SecureAssist.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe
(Bandoo Media Inc.) C:\Users\Br. Pirminius Seber\AppData\Local\iLivid\iLivid.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(Toshiba) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicatorCom.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe
(TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
() C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe
() C:\Program Files (x86)\ConstaSurf\updateConstaSurf.exe
() C:\Users\Br. Pirminius Seber\AppData\Roaming\VOPackage\VOsrv.exe
() C:\Users\BRD788~1.PIR\AppData\Local\Temp\nsbD9C2.tmp
( ) C:\Users\BRD788~1.PIR\AppData\Local\Temp\nsq433E.tmp
(Click Me In Limited) C:\Users\BRD788~1.PIR\AppData\Local\Temp\is45637729\13234775_stp\AnyProtectScannerSetup.exe
(Smart PC Solutions) C:\Program Files (x86)\PC Speed Maximizer\SPMSmartScan.exe
() C:\Program Files (x86)\ConstaSurf\bin\utilConstaSurf.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\ConstaSurf\bin\ConstaSurf.BrowserAdapter.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
() C:\Program Files (x86)\ConstaSurf\bin\ConstaSurf.PurBrowse64.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPNetworkCommunicator.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597928 2011-03-03] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-28] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2120808 2010-07-28] (Realtek Semiconductor)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566184 2010-09-28] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [Toshiba Registration] => C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [150992 2011-07-27] (Toshiba Europe GmbH)
HKLM-x32\...\Run: [NBAgent] => c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1409424 2011-06-29] (Nero AG)
HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
HKLM-x32\...\Run: [SVPWUTIL] => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [352256 2010-03-03] (TOSHIBA)
HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-15] (TOSHIBA CORPORATION)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294136 2009-10-06] (TOSHIBA Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-03-24] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-06-16] (AVAST Software)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296520 2014-05-09] (RealNetworks, Inc.)
HKLM-x32\...\Run: [BrowserSafeguard] => C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe [348672 2014-05-08] ()
HKLM-x32\...\Runonce: [Del13923916] - cmd.exe /Q /D /c del "C:\Users\BRD788~1.PIR\AppData\Local\Temp\0.del" [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA)
HKU\S-1-5-19\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA)
HKU\S-1-5-20\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA)
HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA)
HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\Run: [Facebook Update] => C:\Users\Br. Pirminius Seber\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-09-28] (Facebook Inc.)
HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\Run: [iLivid] => C:\Users\Br. Pirminius Seber\AppData\Local\iLivid\iLivid.exe [6827008 2013-09-09] (Bandoo Media Inc.)
HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\RunOnce: [Del13923916] - cmd.exe /Q /D /c del "C:\Users\BRD788~1.PIR\AppData\Local\Temp\0.del"
HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\MountPoints2: F - F:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\MountPoints2: {6990a982-fa63-11e1-9c64-b888e31620a2} - F:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\MountPoints2: {7788dee7-f745-11e1-9ecd-b888e31620a2} - F:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\MountPoints2: {7788def6-f745-11e1-9ecd-b888e31620a2} - F:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\MountPoints2: {7788df31-f745-11e1-9ecd-b888e31620a2} - F:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\MountPoints2: {c40c67f7-12a4-11e2-9840-74e543436fc5} - F:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\MountPoints2: {d6e0105c-6e9f-11e2-8ff2-b888e31620a2} - F:\autorun.exe
AppInit_DLLs: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC64Loader.dll [202560 2014-05-23] (Client Connect LTD)
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll => C:\Program Files (x86)\SearchProtect\SearchProtect\bin\SPVC32Loader.dll [171840 2014-05-23] (Client Connect LTD)
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => "C:\PROGRA~2\SupTab\SEARCH~1.DLL" File Not Found
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Toshiba Places Icon Utility.lnk
ShortcutTarget: Toshiba Places Icon Utility.lnk -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe (Toshiba)
Startup: C:\Users\Br. Pirminius Seber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 3050A J611 series (Kopie 1).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 3050A J611 series (Kopie 1).lnk -> C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Br. Pirminius Seber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 3050A J611 series (Netzwerk).lnk
ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 3050A J611 series (Netzwerk).lnk -> C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe)
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:59920;https=127.0.0.1:59920
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.trovi.com/?gd=&ctid=CT3323900&octid=EB_ORIGINAL_CTID&ISID=ME5532AC7-0436-444B-8316-DB8596915435&SearchSource=55&CUI=&UM=5&UP=SPAD7B6FE3-E0CF-415C-9FF3-D56682FA8B82&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1396034803&from=tugs&uid=TOSHIBAXMK5075GSX_52BJCFG5TXX52BJCFG5T
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396034803&from=tugs&uid=TOSHIBAXMK5075GSX_52BJCFG5TXX52BJCFG5T&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1396034803&from=tugs&uid=TOSHIBAXMK5075GSX_52BJCFG5TXX52BJCFG5T
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1396034803&from=tugs&uid=TOSHIBAXMK5075GSX_52BJCFG5TXX52BJCFG5T
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1396034803&from=tugs&uid=TOSHIBAXMK5075GSX_52BJCFG5TXX52BJCFG5T&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396034803&from=tugs&uid=TOSHIBAXMK5075GSX_52BJCFG5TXX52BJCFG5T&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1396034803&from=tugs&uid=TOSHIBAXMK5075GSX_52BJCFG5TXX52BJCFG5T
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1396034803&from=tugs&uid=TOSHIBAXMK5075GSX_52BJCFG5TXX52BJCFG5T
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1396034803&from=tugs&uid=TOSHIBAXMK5075GSX_52BJCFG5TXX52BJCFG5T&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1396034803&from=tugs&uid=TOSHIBAXMK5075GSX_52BJCFG5TXX52BJCFG5T
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396034803&from=tugs&uid=TOSHIBAXMK5075GSX_52BJCFG5TXX52BJCFG5T&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396034803&from=tugs&uid=TOSHIBAXMK5075GSX_52BJCFG5TXX52BJCFG5T&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396034803&from=tugs&uid=TOSHIBAXMK5075GSX_52BJCFG5TXX52BJCFG5T&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396034803&from=tugs&uid=TOSHIBAXMK5075GSX_52BJCFG5TXX52BJCFG5T&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396034803&from=tugs&uid=TOSHIBAXMK5075GSX_52BJCFG5TXX52BJCFG5T&q={searchTerms}
BHO: iWebar - {11111111-1111-1111-1111-110311551110} - C:\Program Files (x86)\iWebar\iWebar-bho64.dll No File
BHO: Sense - {11111111-1111-1111-1111-110411821192} - C:\Program Files (x86)\Sense\Sense-bho64.dll No File
BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120902183624.dll No File
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Shopper Pro - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} - C:\ProgramData\ShopperPro\ShopperPro64.dll No File
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: iWebar - {11111111-1111-1111-1111-110311551110} - C:\Program Files (x86)\iWebar\iWebar-bho.dll No File
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Caramava - {1e50bbda-c15a-47d5-9853-d829ff890664} - C:\Program Files (x86)\Caramava\Caramavabho.dll No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll No File
BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120902183624.dll No File
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Shopper Pro - {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} - C:\ProgramData\ShopperPro\ShopperPro.dll No File
BHO-x32: ConstaSurf - {d7356335-81bf-4769-bfbd-2e2889138641} - C:\Program Files (x86)\ConstaSurf\ConstaSurfbho.dll (ConstaSurf)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog9 01 C:\Windows\SysWOW64\SecureAssist.dll [295080] (SecureAssist)
Winsock: Catalog9 02 C:\Windows\SysWOW64\SecureAssist.dll [295080] (SecureAssist)
Winsock: Catalog9 03 C:\Windows\SysWOW64\SecureAssist.dll [295080] (SecureAssist)
Winsock: Catalog9 04 C:\Windows\SysWOW64\SecureAssist.dll [295080] (SecureAssist)
Winsock: Catalog9 15 C:\Windows\SysWOW64\SecureAssist.dll [295080] (SecureAssist)
Winsock: Catalog9-x64 01 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 02 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 03 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 04 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 15 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default
FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml
FF DefaultSearchEngine: Trovi search
FF SelectedSearchEngine: Trovi search
FF Homepage: hxxp://www.trovi.com/?gd=&ctid=CT3323900&octid=EB_ORIGINAL_CTID&ISID=ME5532AC7-0436-444B-8316-DB8596915435&SearchSource=55&CUI=&UM=5&UP=SPAD7B6FE3-E0CF-415C-9FF3-D56682FA8B82&SSPV=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=17.0.9.17 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=17.0.9 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.9 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=17.0.9 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.9.17 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=3 - C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.updaterss.com/SaveSenseLive Update;version=9 - C:\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Br. Pirminius Seber\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF user.js: detected! => C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\user.js
FF SearchPlugin: C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\webssearches.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Sense - C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\Extensions\143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-0097-480c-8d8e-fc48e28131a8.com [2014-06-17]
FF Extension: iWebar - C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\Extensions\2eb528f3-950d-48a3-be4b-5d7de6c8331e@a41e199b-6ca4-4d23-ab87-73f2d1973314.com [2014-06-17]
FF Extension: Quick Start - C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\Extensions\quick_start@gmail.com [2014-05-21]
FF Extension: SaveSense - C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\Extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23} [2014-03-28]
FF Extension: Shopper-Pro - C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} [2014-03-28]
FF Extension: GMX MailCheck - C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\Extensions\toolbar@gmx.net.xpi [2013-03-21]
FF Extension: ConstaSurf - C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\Extensions\{0782648b-1717-4fef-ac58-8cb3ce03adb3}.xpi [2014-06-17]
FF Extension: Foxtab Speed Dial - C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\Extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab}.xpi [2014-06-17]
FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-10-07]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-05-09]
FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\extensions\quick_start@gmail.com
FF Extension: Quick Start - C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\extensions\quick_start@gmail.com [2014-05-21]
FF HKLM-x32\...\Firefox\Extensions: [{53D8DD28-1C83-41F3-B171-C2ED5B3E5DE8}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ []
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
Chrome:
=======
CHR HomePage: http:\/\/www.trovi.com\/?gd=&ctid=CT3323900&octid=EB_ORIGINAL_CTID&ISID=ME5532AC7-0436-444B-8316-DB8596915435&SearchSource=55&CUI=&UM=5&UP=SPAD7B6FE3-E0CF-415C-9FF3-D56682FA8B82&SSPV=
CHR StartupUrls: "http:\/\/www.trovi.com\/?gd=&ctid=CT3323900&octid=EB_ORIGINAL_CTID&ISID=ME5532AC7-0436-444B-8316-DB8596915435&SearchSource=55&CUI=&UM=5&UP=SPAD7B6FE3-E0CF-415C-9FF3-D56682FA8B82&SSPV="
CHR DefaultSearchKeyword: trovi.search
CHR DefaultSearchURL: http:\/\/www.trovi.com\/Results.aspx?gd=&ctid=CT3323900&octid=EB_ORIGINAL_CTID&ISID=ME5532AC7-0436-444B-8316-DB8596915435&SearchSource=58&CUI=&UM=5&UP=SPAD7B6FE3-E0CF-415C-9FF3-D56682FA8B82&q={searchTerms}&SSPV=
CHR Extension: (iWebar) - C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam [2014-03-28]
CHR Extension: (Sense) - C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba [2014-03-28]
CHR Extension: (No Name) - C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2012-10-07]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-04-06]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-03-28]
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-16] (AVAST Software)
S4 CltMngSvc; C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe [2497856 2014-05-23] (Client Connect LTD)
R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1811456 2010-08-27] (Realsil Microelectronics Inc.) [File not signed]
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-04-06] ()
R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-05-09] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-04-07] () [File not signed]
R2 SecureAssist; C:\Program Files\SupraSavings\SecureAssist.exe [1558032 2014-03-12] (SecureAssist) [File not signed]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH)
R2 Update ConstaSurf; C:\Program Files (x86)\ConstaSurf\updateConstaSurf.exe [317728 2014-06-17] ()
R2 Util ConstaSurf; C:\Program Files (x86)\ConstaSurf\bin\utilConstaSurf.exe [317728 2014-06-17] ()
R2 VOsrv; C:\Users\Br. Pirminius Seber\AppData\Roaming\VOPackage\VOsrv.exe [353792 2014-02-25] () [File not signed]
S2 IePluginService; C:\ProgramData\IePluginService\PluginService.exe -service [X]
S2 savesenselive; C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe /svc [X]
S3 savesenselivem; C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe /medsvc [X]
S2 Update Caramava; "C:\Program Files (x86)\Caramava\updateCaramava.exe" [X]
S2 Util Caramava; "C:\Program Files (x86)\Caramava\bin\utilCaramava.exe" [X]
S2 Wpm; C:\ProgramData\WPM\wprotectmanager.exe -service [X]
==================== Drivers (Whitelisted) ====================
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-16] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-16] ()
S3 ew_hwusbdev; C:\Windows\System32\DRIVERS\ew_hwusbdev.sys [117248 2012-09-06] (Huawei Technologies Co., Ltd.) [File not signed]
S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [121600 2012-09-06] (Huawei Technologies Co., Ltd.) [File not signed]
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2014-03-30] (Malwarebytes Corporation)
R1 {0782648b-1717-4fef-ac58-8cb3ce03adb3}Gw64; C:\Windows\System32\drivers\{0782648b-1717-4fef-ac58-8cb3ce03adb3}Gw64.sys [61120 2014-06-16] (StdLib)
S3 massfilter; system32\drivers\massfilter.sys [X]
R4 wStLibG64; system32\drivers\wStLibG64.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-17 22:20 - 2014-06-17 22:21 - 00033793 _____ () C:\Users\Br. Pirminius Seber\Downloads\FRST.txt
2014-06-17 22:19 - 2014-06-17 22:20 - 00000000 ____D () C:\FRST
2014-06-17 22:08 - 2014-06-17 22:17 - 02081280 _____ (Farbar) C:\Users\Br. Pirminius Seber\Downloads\FRST64.exe
2014-06-17 21:57 - 2014-06-16 14:14 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{0782648b-1717-4fef-ac58-8cb3ce03adb3}Gw64.sys
2014-06-17 21:13 - 2014-06-17 21:13 - 00003318 _____ () C:\Windows\System32\Tasks\PC Speed Maximizer Schedule
2014-06-17 21:13 - 2014-06-17 21:13 - 00000000 ____D () C:\Users\Br. Pirminius Seber\AppData\Roaming\PC Speed Maximizer
2014-06-17 21:08 - 2014-06-17 21:08 - 00001088 _____ () C:\Users\Br. Pirminius Seber\Desktop\PC Speed Maximizer.lnk
2014-06-17 21:08 - 2014-06-17 21:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Maximizer
2014-06-17 21:08 - 2014-06-17 21:08 - 00000000 ____D () C:\Program Files (x86)\PC Speed Maximizer
2014-06-17 21:07 - 2014-06-17 22:07 - 00000330 _____ () C:\Windows\Tasks\FoxTab.job
2014-06-17 21:07 - 2014-06-17 21:07 - 00003312 _____ () C:\Windows\System32\Tasks\FoxTab
2014-06-17 21:07 - 2014-06-17 21:07 - 00000000 ____D () C:\Users\Br. Pirminius Seber\AppData\Roaming\FoxTab
2014-06-17 21:07 - 2014-06-17 21:07 - 00000000 ____D () C:\Program Files (x86)\Foxtab
2014-06-17 20:57 - 2014-06-17 21:57 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-06-17 20:57 - 2014-06-17 14:18 - 00608141 _____ (Click Me In Limited) C:\Users\Br. Pirminius Seber\AppData\Local\AnyProtectScannerSetup.exe
2014-06-17 20:56 - 2014-06-17 20:56 - 00001134 _____ () C:\Users\Br. Pirminius Seber\Desktop\Continue VuuPC Installation.lnk
2014-06-17 20:44 - 2014-06-17 21:48 - 00000000 ____D () C:\Program Files (x86)\ConstaSurf
2014-06-17 20:44 - 2014-06-17 20:44 - 00001942 _____ () C:\Users\Br. Pirminius Seber\Desktop\Configure VO Package.lnk
2014-06-17 20:44 - 2014-06-17 20:44 - 00000000 ____D () C:\Users\Br. Pirminius Seber\AppData\Roaming\VOPackage
2014-06-17 20:36 - 2014-06-17 20:36 - 00004430 _____ () C:\Windows\System32\Tasks\BrowserSafeguard Update Task
2014-06-17 20:36 - 2014-06-17 20:36 - 00000000 ____D () C:\Program Files (x86)\Browsersafeguard
2014-06-17 20:32 - 2014-06-17 20:33 - 00998424 _____ () C:\Users\Br. Pirminius Seber\Downloads\setup(3).exe
2014-06-17 17:56 - 2014-06-17 20:37 - 00001722 _____ () C:\Users\Br. Pirminius Seber\Desktop\Continue FLV Player.lnk
2014-06-17 17:55 - 2014-06-17 17:55 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-06-17 17:42 - 2014-06-17 17:43 - 00998400 _____ () C:\Users\Br. Pirminius Seber\Downloads\setup(2).exe
2014-06-16 20:04 - 2014-06-16 20:04 - 00014814 _____ () C:\Users\Br. Pirminius Seber\Documents\Organistendienste St. Marien Zehlendorf April bis Juli 2014.odt
2014-06-16 12:18 - 2014-06-16 12:18 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-16 12:18 - 2014-06-16 12:18 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-12 16:46 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-12 16:46 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-12 16:46 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-12 16:46 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-12 16:46 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-12 16:46 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-12 16:46 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-12 16:46 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-12 16:46 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-12 16:46 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-12 16:46 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-12 16:46 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-12 16:46 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-12 16:46 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-12 16:46 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-12 16:46 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-12 16:46 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-12 16:46 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-12 16:46 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-12 16:46 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-12 16:46 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-12 16:46 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-12 16:46 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-12 16:46 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-12 16:46 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-12 16:46 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-12 16:46 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-12 16:46 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-12 16:46 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-12 16:46 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-12 16:46 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-12 16:46 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-12 16:46 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-12 16:46 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-12 16:46 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-12 16:46 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-12 16:46 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-12 16:46 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-12 16:46 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-12 16:46 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-12 16:46 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-12 16:46 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-12 16:46 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-12 16:46 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-12 16:46 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-12 16:46 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-12 16:46 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-12 16:46 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-12 16:46 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-12 16:46 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-12 16:46 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-12 16:46 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-12 16:46 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-12 16:46 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-12 16:46 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-12 16:46 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-12 16:46 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-12 16:46 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-12 16:46 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-12 16:46 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-12 16:46 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-12 16:46 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-12 16:46 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-12 16:45 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-12 16:44 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-12 16:44 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-05-19 16:21 - 2014-06-17 18:19 - 00003404 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3090635963-4145032168-3900013317-1001
==================== One Month Modified Files and Folders =======
2014-06-17 22:21 - 2014-06-17 22:20 - 00033793 _____ () C:\Users\Br. Pirminius Seber\Downloads\FRST.txt
2014-06-17 22:21 - 2012-09-02 12:07 - 00000000 ____D () C:\Users\Br. Pirminius Seber\AppData\Local\Temp
2014-06-17 22:20 - 2014-06-17 22:19 - 00000000 ____D () C:\FRST
2014-06-17 22:17 - 2014-06-17 22:08 - 02081280 _____ (Farbar) C:\Users\Br. Pirminius Seber\Downloads\FRST64.exe
2014-06-17 22:15 - 2012-09-02 15:51 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-17 22:14 - 2011-07-27 10:59 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-17 22:07 - 2014-06-17 21:07 - 00000330 _____ () C:\Windows\Tasks\FoxTab.job
2014-06-17 22:01 - 2012-12-20 14:01 - 00000284 _____ () C:\Windows\Tasks\HP Photo Creations Messager.job
2014-06-17 21:57 - 2014-06-17 20:57 - 00000000 ____D () C:\Program Files (x86)\AnyProtectEx
2014-06-17 21:54 - 2009-07-14 04:34 - 00000537 _____ () C:\Windows\win.ini
2014-06-17 21:48 - 2014-06-17 20:44 - 00000000 ____D () C:\Program Files (x86)\ConstaSurf
2014-06-17 21:31 - 2014-03-28 21:26 - 00000958 _____ () C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
2014-06-17 21:26 - 2014-03-28 21:26 - 00000334 _____ () C:\Windows\Tasks\SaveSense.job
2014-06-17 21:13 - 2014-06-17 21:13 - 00003318 _____ () C:\Windows\System32\Tasks\PC Speed Maximizer Schedule
2014-06-17 21:13 - 2014-06-17 21:13 - 00000000 ____D () C:\Users\Br. Pirminius Seber\AppData\Roaming\PC Speed Maximizer
2014-06-17 21:08 - 2014-06-17 21:08 - 00001088 _____ () C:\Users\Br. Pirminius Seber\Desktop\PC Speed Maximizer.lnk
2014-06-17 21:08 - 2014-06-17 21:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Maximizer
2014-06-17 21:08 - 2014-06-17 21:08 - 00000000 ____D () C:\Program Files (x86)\PC Speed Maximizer
2014-06-17 21:07 - 2014-06-17 21:07 - 00003312 _____ () C:\Windows\System32\Tasks\FoxTab
2014-06-17 21:07 - 2014-06-17 21:07 - 00000000 ____D () C:\Users\Br. Pirminius Seber\AppData\Roaming\FoxTab
2014-06-17 21:07 - 2014-06-17 21:07 - 00000000 ____D () C:\Program Files (x86)\Foxtab
2014-06-17 20:56 - 2014-06-17 20:56 - 00001134 _____ () C:\Users\Br. Pirminius Seber\Desktop\Continue VuuPC Installation.lnk
2014-06-17 20:44 - 2014-06-17 20:44 - 00001942 _____ () C:\Users\Br. Pirminius Seber\Desktop\Configure VO Package.lnk
2014-06-17 20:44 - 2014-06-17 20:44 - 00000000 ____D () C:\Users\Br. Pirminius Seber\AppData\Roaming\VOPackage
2014-06-17 20:37 - 2014-06-17 17:56 - 00001722 _____ () C:\Users\Br. Pirminius Seber\Desktop\Continue FLV Player.lnk
2014-06-17 20:36 - 2014-06-17 20:36 - 00004430 _____ () C:\Windows\System32\Tasks\BrowserSafeguard Update Task
2014-06-17 20:36 - 2014-06-17 20:36 - 00000000 ____D () C:\Program Files (x86)\Browsersafeguard
2014-06-17 20:33 - 2014-06-17 20:32 - 00998424 _____ () C:\Users\Br. Pirminius Seber\Downloads\setup(3).exe
2014-06-17 20:31 - 2014-03-28 21:26 - 00000954 _____ () C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
2014-06-17 20:26 - 2012-06-19 11:12 - 01461657 _____ () C:\Windows\WindowsUpdate.log
2014-06-17 19:27 - 2012-09-28 13:22 - 00000984 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3090635963-4145032168-3900013317-1001UA.job
2014-06-17 19:14 - 2014-03-28 20:14 - 00002576 _____ () C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-4.job
2014-06-17 19:14 - 2014-03-28 20:14 - 00001896 _____ () C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-5.job
2014-06-17 19:14 - 2014-03-28 20:14 - 00001892 _____ () C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-5.job
2014-06-17 19:14 - 2014-03-28 20:14 - 00001792 _____ () C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-1.job
2014-06-17 19:14 - 2014-03-28 20:14 - 00001786 _____ () C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-1.job
2014-06-17 19:14 - 2014-03-28 20:14 - 00001720 _____ () C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-2.job
2014-06-17 19:14 - 2014-03-28 20:14 - 00001716 _____ () C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-2.job
2014-06-17 19:13 - 2014-03-28 20:13 - 00003468 _____ () C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-3.job
2014-06-17 19:13 - 2014-03-28 20:13 - 00003466 _____ () C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-3.job
2014-06-17 19:13 - 2014-03-28 20:13 - 00002578 _____ () C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-4.job
2014-06-17 18:19 - 2014-05-19 16:21 - 00003404 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3090635963-4145032168-3900013317-1001
2014-06-17 18:19 - 2014-03-28 20:30 - 00003298 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3090635963-4145032168-3900013317-1001
2014-06-17 17:55 - 2014-06-17 17:55 - 00000000 ____D () C:\Program Files (x86)\SearchProtect
2014-06-17 17:55 - 2014-03-28 21:26 - 00000000 ____D () C:\Users\Br. Pirminius Seber\AppData\Local\SearchProtect
2014-06-17 17:43 - 2014-06-17 17:42 - 00998400 _____ () C:\Users\Br. Pirminius Seber\Downloads\setup(2).exe
2014-06-17 17:23 - 2009-07-14 06:45 - 00024912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-17 17:23 - 2009-07-14 06:45 - 00024912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-17 17:16 - 2012-10-07 00:33 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-17 17:16 - 2011-07-27 10:59 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-17 17:16 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2014-06-17 17:15 - 2013-02-25 21:54 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-06-17 17:15 - 2010-11-21 05:47 - 00163170 _____ () C:\Windows\PFRO.log
2014-06-17 17:15 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-17 17:15 - 2009-07-14 06:51 - 00083589 _____ () C:\Windows\setupact.log
2014-06-17 14:18 - 2014-06-17 20:57 - 00608141 _____ (Click Me In Limited) C:\Users\Br. Pirminius Seber\AppData\Local\AnyProtectScannerSetup.exe
2014-06-16 20:04 - 2014-06-16 20:04 - 00014814 _____ () C:\Users\Br. Pirminius Seber\Documents\Organistendienste St. Marien Zehlendorf April bis Juli 2014.odt
2014-06-16 18:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-06-16 14:14 - 2014-06-17 21:57 - 00061120 _____ (StdLib) C:\Windows\system32\Drivers\{0782648b-1717-4fef-ac58-8cb3ce03adb3}Gw64.sys
2014-06-16 13:27 - 2012-09-28 13:22 - 00000962 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3090635963-4145032168-3900013317-1001Core.job
2014-06-16 12:19 - 2012-10-07 00:38 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-16 12:19 - 2012-10-07 00:38 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-16 12:19 - 2012-10-07 00:34 - 00001973 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-06-16 12:18 - 2014-06-16 12:18 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-16 12:18 - 2014-06-16 12:18 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-16 12:18 - 2013-03-19 23:12 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-16 12:18 - 2013-03-19 23:12 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-16 12:18 - 2012-10-07 00:33 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-16 12:18 - 2012-10-07 00:33 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-14 15:35 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-06-13 22:35 - 2011-07-27 10:59 - 00002356 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-06-13 02:01 - 2014-05-07 01:35 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-10 16:23 - 2012-12-27 13:09 - 00003382 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3090635963-4145032168-3900013317-1001
2014-06-10 16:23 - 2012-12-27 13:09 - 00003276 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3090635963-4145032168-3900013317-1001
2014-06-08 11:13 - 2014-06-12 16:44 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 11:08 - 2014-06-12 16:44 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-05 21:26 - 2012-11-24 04:20 - 00018915 _____ () C:\Users\Br. Pirminius Seber\Documents\Hochkirchliche St.-Johannes-Bruderschaft - Namenstage.odt
2014-06-05 12:42 - 2014-01-27 23:02 - 00014877 _____ () C:\Users\Br. Pirminius Seber\Documents\Organistendienste St. Marien Zehlendorf April bis Juni 2014.odt
2014-06-05 12:24 - 2014-03-28 21:26 - 00000000 ____D () C:\Program Files\003
2014-05-30 12:21 - 2014-06-12 16:45 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 12:02 - 2014-06-12 16:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 12:02 - 2014-06-12 16:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 11:45 - 2014-06-12 16:46 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 11:39 - 2014-06-12 16:46 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 11:39 - 2014-06-12 16:46 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 11:38 - 2014-06-12 16:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 11:28 - 2014-06-12 16:46 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 11:27 - 2014-06-12 16:46 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 11:24 - 2014-06-12 16:46 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 11:21 - 2014-06-12 16:46 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 11:21 - 2014-06-12 16:46 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 11:20 - 2014-06-12 16:46 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 11:18 - 2014-06-12 16:46 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 11:11 - 2014-06-12 16:46 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 11:08 - 2014-06-12 16:46 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 11:06 - 2014-06-12 16:46 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 11:02 - 2014-06-12 16:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 10:55 - 2014-06-12 16:46 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 10:49 - 2014-06-12 16:46 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 10:46 - 2014-06-12 16:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 10:44 - 2014-06-12 16:46 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 10:44 - 2014-06-12 16:46 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 10:43 - 2014-06-12 16:46 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 10:42 - 2014-06-12 16:46 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 10:38 - 2014-06-12 16:46 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 10:35 - 2014-06-12 16:46 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 10:34 - 2014-06-12 16:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 10:33 - 2014-06-12 16:46 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 10:30 - 2014-06-12 16:46 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 10:29 - 2014-06-12 16:46 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 10:28 - 2014-06-12 16:46 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 10:27 - 2014-06-12 16:46 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 10:24 - 2014-06-12 16:46 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 10:23 - 2014-06-12 16:46 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 10:16 - 2014-06-12 16:46 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 10:10 - 2014-06-12 16:46 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 10:06 - 2014-06-12 16:46 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 10:04 - 2014-06-12 16:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 10:02 - 2014-06-12 16:46 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 09:56 - 2014-06-12 16:46 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 09:56 - 2014-06-12 16:46 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 09:54 - 2014-06-12 16:46 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 09:50 - 2014-06-12 16:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 09:49 - 2014-06-12 16:46 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 09:43 - 2014-06-12 16:46 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 09:40 - 2014-06-12 16:46 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 09:30 - 2014-06-12 16:46 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 09:21 - 2014-06-12 16:46 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 09:15 - 2014-06-12 16:46 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 09:13 - 2014-06-12 16:46 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-30 09:13 - 2014-06-12 16:46 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-19 16:25 - 2010-11-21 08:50 - 00699682 _____ () C:\Windows\system32\perfh007.dat
2014-05-19 16:25 - 2010-11-21 08:50 - 00149790 _____ () C:\Windows\system32\perfc007.dat
2014-05-19 16:25 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-05-18 21:16 - 2014-03-12 16:16 - 17938608 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-05-18 21:16 - 2012-09-02 15:51 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-05-18 21:16 - 2012-09-02 15:51 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-05-18 21:16 - 2012-09-02 15:51 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-05-18 20:22 - 2012-09-02 12:14 - 00000000 ___RD () C:\Users\Br. Pirminius Seber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-05-18 20:22 - 2012-09-02 12:07 - 00000000 ___RD () C:\Users\Br. Pirminius Seber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Some content of TEMP:
====================
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\1_Offer_5.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\25829-656347-openoffice.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\6_Offer_11.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\BackupSetup.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\cabex.dll
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\Caramava_bs.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\f.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\FixMyRegistry.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\instloffer.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\mfc80.dll
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\mfc80u.dll
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\mfcm80.dll
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\mfcm80u.dll
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\msvcm80.dll
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\msvcp80.dll
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\msvcr80.dll
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\nsf662.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\nsfAFD4.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\nsp20D.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\nspB36D.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\nsuAB6.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\nszAC0B.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\OSU.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\PCSpeedMaximizer.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\SearchProtectINT.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\Somoto_23_03_2014(delay).exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\SpeedUpMyComputer.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\speedupmypc.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\SpOrder.dll
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\stubhelper.dll
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\System.Data.SQLite32714.dll
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\unelevate.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\Uninstaller.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\VersionUpdater.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\WtgDriverInstallX.dll
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\WTGXMLUtil.dll
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\WtgZip.dll
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\ytai_ytareg_setup.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-10 23:47
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-06-2014
Ran by Br. Pirminius Seber at 2014-06-17 22:21:27
Running from C:\Users\Br. Pirminius Seber\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.02) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.02 - Adobe Systems Incorporated)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software)
BrowserSafeguard with Rockettab (HKLM-x32\...\BrowserSafeguard) (Version: - BrowserSafeguard with Rockettab) <==== ATTENTION
ConstaSurf (HKLM\...\ConstaSurf) (Version: 2014.06.17.181031 - ConstaSurf)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Facebook Video Calling 1.2.0.287 (HKLM-x32\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Foxtab (HKLM-x32\...\foxtab) (Version: - FoxTab) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
High-Definition Video Playback (x32 Version: 7.3.10900.8.0 - Nero AG) Hidden
HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.5192 - HP Photo Creations)
HP Update (HKLM-x32\...\{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}) (Version: 5.003.000.004 - Hewlett-Packard)
iLivid (HKCU\...\iLivid) (Version: 5.0.0.4286 - Bandoo Media Inc) <==== ATTENTION
iLivid (HKLM-x32\...\iLivid) (Version: 5.0.0.4002 - Bandoo Media Inc) <==== ATTENTION
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2189 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.7.1002 - Intel Corporation)
Java Auto Updater (x32 Version: 2.0.2.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.8 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 10 Movie ThemePack Basic (x32 Version: 10.6.10000.1.0 - Nero AG) Hidden
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.8.10900.8.100 - Nero AG)
Nero BackItUp 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.4.10400.2.100 - Nero AG)
Nero BurnRights 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.6.12700.0.7 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.6.10800 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.20000.9.12 - Nero AG) Hidden
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10700.5.100 - Nero AG)
Nero Express 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.4.10300.1.100 - Nero AG)
Nero InfoTool 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Kwik Media (HKLM-x32\...\{1F7D9F37-C39C-486C-BDF8-8F440FFB3352}) (Version: 1.6.15100.59.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{2063D199-D79F-471A-9019-9E647296394D}) (Version: 10.6.10300 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.6.10500.3.100 - Nero AG)
Nero RescueAgent 10 Help (CHM) (x32 Version: 10.6.10800 - Nero AG) Hidden
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.6.10500.3.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.10900.31.0 - Nero AG)
NeroKwikMedia Help (CHM) (x32 Version: 10.6.10900 - Nero AG) Hidden
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
PC Speed Maximizer v3.2 (HKLM-x32\...\PC Speed Maximizer_is1) (Version: 3.2 - SoftCity)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
RealDownloader (x32 Version: 17.0.9 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.9 - RealNetworks)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6167 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0013 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.13.3.38 - Client Connect LTD) <==== ATTENTION
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SupraSavings (Version: 1.0.0.0 - SupraSavings) Hidden <==== ATTENTION
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.01.00 - TOSHIBA CORPORATION)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{43DBC64B-3DD1-47E2-8788-D3C3B110C574}) (Version: 2.1.10.64 - TOSHIBA Corporation)
TOSHIBA Bulletin Board (Version: 2.1.10.64 - TOSHIBA Corporation) Hidden
TOSHIBA ConfigFree (HKLM-x32\...\{38C52F7D-A6CB-4CE7-A189-8AABE8774D8A}) (Version: 8.0.38 - TOSHIBA CORPORATION)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (Version: 3.1.3.64 - TOSHIBA Corporation) Hidden
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.11C - TOSHIBA CORPORATION)
TOSHIBA Flash Cards Support Utility (x32 Version: 1.63.0.11C - TOSHIBA CORPORATION) Hidden
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.30C - TOSHIBA CORPORATION)
TOSHIBA Hardware Setup (x32 Version: 1.63.0.30C - TOSHIBA CORPORATION) Hidden
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
TOSHIBA HDD/SSD Alert (x32 Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
Toshiba Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.02 - TOSHIBA)
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.8.64 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.5.11 - TOSHIBA CORPORATION)
TOSHIBA Online Product Information (HKLM-x32\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 4.01.0000 - TOSHIBA)
TOSHIBA Places Icon Utility (HKLM-x32\...\{461F6F0D-7173-4902-9604-AB1A29108AF2}) (Version: 1.1.1.4 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.5 x64 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA)
TOSHIBA Recovery Media Creator Reminder (x32 Version: 1.00.0019 - TOSHIBA) Hidden
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.17.64 - TOSHIBA Corporation)
TOSHIBA ReelTime (Version: 1.7.17.64 - TOSHIBA Corporation) Hidden
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.40 - TOSHIBA)
TOSHIBA Supervisor Password (x32 Version: 1.63.0.10C - TOSHIBA CORPORATION) Hidden
TOSHIBA Supervisorkennwort (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.10C - TOSHIBA CORPORATION)
TOSHIBA TEMPRO (HKLM-x32\...\{F082CB11-4794-4259-99A1-D91BA762AD15}) (Version: 3.35 - Toshiba Europe GmbH)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.19.64 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.3.19.64 - TOSHIBA Corporation) Hidden
TOSHIBA Value Added Package (x32 Version: 1.3.19.64 - TOSHIBA Corporation) Hidden
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.1.5 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (x32 Version: 2.0.1.5 - TOSHIBA Corporation) Hidden
TOSHIBA Wireless LAN Indicator (HKLM-x32\...\{5BA99779-6E12-49EF-BE49-F35B1EDB4DF9}) (Version: 1.0.4 - TOSHIBA CORPORATION)
TRORMCLauncher (HKLM-x32\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version: - )
TRORMCLauncher (Version: 1.0.0.10 - TOSHIBA) Hidden
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Utility Common Driver (x32 Version: 1.0.52.2C - TOSHIBA) Hidden
Video Player (HKCU\...\Video Player) (Version: - ) <==== ATTENTION
VO Package (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - ) <==== ATTENTION
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Restore Points =========================
13-05-2014 16:22:47 Windows Update
15-05-2014 08:29:34 Windows Update
18-05-2014 18:26:39 Windows Update
21-05-2014 18:28:15 Windows Update
05-06-2014 10:08:21 Windows Update
10-06-2014 14:25:48 Windows Update
13-06-2014 00:01:18 Windows Update
16-06-2014 10:13:39 avast! antivirus system restore point
17-06-2014 15:31:01 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {02723420-C324-4033-9D54-D1C58B5C2B9C} - System32\Tasks\ShopperPro => C:\Program Files (x86)\ShopperPro\ShopperPro.exe <==== ATTENTION
Task: {06AAD3C0-96D5-45EB-96E0-F4D999110471} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3090635963-4145032168-3900013317-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {143ED428-BE93-4CB3-9DE3-DB25EE3950AF} - System32\Tasks\FoxTab => C:\Users\Br. Pirminius Seber\AppData\Roaming\FoxTab\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {23FC35ED-246C-45AD-A21D-F740C335209E} - System32\Tasks\PC Speed Maximizer Schedule => C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe [2014-04-28] (Smart PC Solutions)
Task: {2E72B586-D272-4CF0-81BA-04BEF39AFCC9} - System32\Tasks\SPDriver => C:\Program Files (x86)\ShopperPro\JSDriver\1.35.1.155\jsdrv.exe <==== ATTENTION
Task: {39453143-C890-4E73-B425-DD43C80766D3} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3090635963-4145032168-3900013317-1001UA => C:\Users\Br. Pirminius Seber\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-28] (Facebook Inc.)
Task: {3CF585E3-A203-43CB-BBF1-C608B9FF06B5} - System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-2 => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-2.exe <==== ATTENTION
Task: {40ABC68F-87ED-4C69-A56E-4E4D95F35835} - System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-1 => C:\Program Files (x86)\iWebar\iWebar-codedownloader.exe <==== ATTENTION
Task: {530568D5-18EC-4F5A-A24B-4E78A555B372} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3090635963-4145032168-3900013317-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {61B43A7C-695A-4B3C-A421-1E3D0EFED781} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3090635963-4145032168-3900013317-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {657DB3B8-96D5-4D4A-BE1F-990E297D3B89} - System32\Tasks\SaveSenseLiveUpdateTaskMachineUA => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
Task: {693C3B29-79E3-4B71-94B2-CB96F0D6E029} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3090635963-4145032168-3900013317-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {7216ABB7-626D-42B9-A692-CAEFFCB1CCFA} - System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-3 => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-3.exe <==== ATTENTION
Task: {7BD09033-2839-46D8-8D10-5BA7EE0958DF} - System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-2 => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-2.exe <==== ATTENTION
Task: {7D9C35AF-D8F1-4275-8B58-1A5B0A1DE3BD} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3090635963-4145032168-3900013317-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-04-06] (RealNetworks, Inc.)
Task: {89AE3122-54EC-4511-9EDF-EE89B28AD869} - System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-4 => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-4.exe <==== ATTENTION
Task: {8D04FCCB-254B-4A93-BA8B-EF46881055C6} - System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-1 => C:\Program Files (x86)\Sense\Sense-codedownloader.exe <==== ATTENTION
Task: {9027BC15-68ED-4BF8-9258-0432480EDC5B} - System32\Tasks\HP Photo Creations Messager => C:\ProgramData\HP Photo Creations\MessageCheck.exe [2011-02-15] ()
Task: {94CD2741-56EF-4B90-A3AD-04F59638ABBF} - System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-5 => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-5.exe <==== ATTENTION
Task: {96BD8039-57AF-4010-A67B-B98537FAFB52} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-27] (Google Inc.)
Task: {B2FF1A69-6E16-4126-AC47-61057E9D47E3} - System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-4 => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-4.exe <==== ATTENTION
Task: {B8B9E4A1-5F54-4687-8149-92E7BA6FB3DD} - System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-3 => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-3.exe <==== ATTENTION
Task: {BB28F385-CB84-451E-9245-DA859554C905} - System32\Tasks\{93CF5D12-ADD9-4933-AE8A-EBCB6D15719F} => C:\Program Files (x86)\1&1 Surf-Stick\UIMain.exe
Task: {BBBB4417-70D0-46D0-83D2-28D2D628C9DE} - System32\Tasks\SaveSense => C:\Users\BRD788~1.PIR\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {C031F401-D170-471B-A47C-39591E3B8CDA} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3090635963-4145032168-3900013317-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {C3A27D09-AB93-41A7-9757-CABED71F080B} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-16] (AVAST Software)
Task: {CC367B77-7317-4410-B012-18B74F092244} - System32\Tasks\SaveSenseLiveUpdateTaskMachineCore => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
Task: {CC767EAC-B4BE-4F97-9067-BDDC780B074B} - System32\Tasks\ShopperProJSUpd => C:\Program Files (x86)\ShopperPro\updater.exe <==== ATTENTION
Task: {D77EB404-188A-4315-A436-D63E23453434} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3090635963-4145032168-3900013317-1001Core => C:\Users\Br. Pirminius Seber\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-28] (Facebook Inc.)
Task: {DD88F62D-C58A-458E-AE8A-54539D6A368E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-18] (Adobe Systems Incorporated)
Task: {DFB346F5-53D0-4A88-9400-2E2DD8D39275} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe [2014-06-17] () <==== ATTENTION
Task: {E6CAD42F-4F30-4FA7-A83B-CF6BCFEBBDE6} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3090635963-4145032168-3900013317-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {EFCCC7CD-08FE-44A2-8C79-0CA153CCE1C7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-27] (Google Inc.)
Task: {F9FCFF82-C0AA-4A06-BE08-4A2FE39223C8} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2010-12-03] (TOSHIBA CORPORATION)
Task: {FFFBD286-540E-4859-830C-C5FFE98DDE93} - System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-5 => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-1.job => C:\Program Files (x86)\Sense\Sense-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-2.job => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-3.job => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-4.job => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-5.job => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-1.job => C:\Program Files (x86)\iWebar\iWebar-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-2.job => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-3.job => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-4.job => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-5.job => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3090635963-4145032168-3900013317-1001Core.job => C:\Users\Br. Pirminius Seber\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3090635963-4145032168-3900013317-1001UA.job => C:\Users\Br. Pirminius Seber\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FoxTab.job => C:\Users\BRD788~1.PIR\AppData\Roaming\FoxTab\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe
Task: C:\Windows\Tasks\SaveSense.job => C:\Users\BRD788~1.PIR\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
Task: C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2014-04-06 23:00 - 2014-04-06 23:00 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-04-07 03:06 - 2014-04-07 03:06 - 00023552 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2014-03-21 13:55 - 2014-03-21 13:55 - 00162816 ____N () c:\program files\suprasavings\pcproxydll64.dll
2011-03-03 23:21 - 2011-03-03 23:21 - 03420584 _____ () C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll
2010-04-07 16:07 - 2010-04-07 16:07 - 09468728 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2009-11-03 13:26 - 2009-11-03 13:26 - 00053560 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
2010-03-03 14:15 - 2010-03-03 14:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll
2010-03-03 14:15 - 2010-03-03 14:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll
2011-07-27 10:29 - 2010-08-31 15:21 - 00017272 _____ () C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
2009-03-12 19:08 - 2009-03-12 19:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll
2009-07-25 16:38 - 2009-07-25 16:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2011-07-27 10:40 - 2011-02-22 11:16 - 00559104 _____ () C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\de\Humphrey.resources.dll
2011-07-27 10:58 - 2011-12-15 15:56 - 00022400 _____ () C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\de\TosDILangPack.resources.dll
2011-07-27 10:58 - 2011-12-15 15:55 - 00063360 _____ () C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIInternal.XmlSerializers.dll
2010-02-05 17:44 - 2010-02-05 17:44 - 00079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2014-05-07 20:30 - 2014-05-08 01:28 - 00348672 _____ () C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe
2014-06-17 20:10 - 2014-06-17 20:10 - 00317728 _____ () C:\Program Files (x86)\ConstaSurf\updateConstaSurf.exe
2014-02-25 08:29 - 2014-02-25 08:29 - 00353792 _____ () C:\Users\Br. Pirminius Seber\AppData\Roaming\VOPackage\VOsrv.exe
2014-06-17 20:54 - 2014-06-17 20:55 - 00173118 _____ () C:\Users\BRD788~1.PIR\AppData\Local\Temp\nsbD9C2.tmp
2014-06-17 21:48 - 2014-06-17 21:48 - 00317728 _____ () C:\Program Files (x86)\ConstaSurf\bin\utilConstaSurf.exe
2014-06-17 21:54 - 2014-06-16 23:09 - 00096544 _____ () C:\Program Files (x86)\ConstaSurf\bin\ConstaSurf.BrowserAdapter.exe
2014-06-17 21:57 - 2014-06-16 14:14 - 00287008 _____ () C:\Program Files (x86)\ConstaSurf\bin\ConstaSurf.PurBrowse64.exe
2014-06-17 00:11 - 2014-06-17 00:11 - 02776064 _____ () C:\Program Files\AVAST Software\Avast\defs\14061601\algo.dll
2014-06-17 17:17 - 2014-06-17 17:17 - 02776064 _____ () C:\Program Files\AVAST Software\Avast\defs\14061700\algo.dll
2014-05-09 18:24 - 2014-05-09 18:24 - 00859224 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2014-02-16 00:36 - 2014-02-16 00:36 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-06-17 20:55 - 2014-06-17 20:55 - 00011264 _____ () C:\Users\BRD788~1.PIR\AppData\Local\Temp\nsqC16.tmp\System.dll
2014-06-17 20:55 - 2014-06-17 20:55 - 00117248 _____ () C:\Users\BRD788~1.PIR\AppData\Local\Temp\nsqC16.tmp\IpConfig.dll
2014-02-25 10:55 - 2014-02-25 10:55 - 00151040 ____N () C:\Users\Br. Pirminius Seber\AppData\Local\Temp\is45637729\13234857_stp\RAM.dll
2014-05-07 15:46 - 2014-05-07 15:46 - 00204288 ____N () C:\Users\Br. Pirminius Seber\AppData\Local\Temp\is45637729\13234934_stp\icc.dll
2014-04-08 15:37 - 2014-04-08 15:37 - 00643948 ____N () C:\Users\Br. Pirminius Seber\AppData\Local\Temp\is45637729\13234934_stp\sqlite3.dll
2014-06-17 20:57 - 2014-06-17 20:57 - 00011264 _____ () C:\Users\BRD788~1.PIR\AppData\Local\Temp\nshD3A9.tmp\System.dll
2014-06-17 20:57 - 2014-06-17 20:57 - 00042496 _____ () C:\Users\BRD788~1.PIR\AppData\Local\Temp\nshD3A9.tmp\ProcessKiller.dll
2014-06-17 20:57 - 2014-06-17 20:57 - 00006656 _____ () C:\Users\BRD788~1.PIR\AppData\Local\Temp\nshD3A9.tmp\RealProgress.dll
2014-06-17 20:57 - 2014-06-17 20:57 - 00020992 _____ () C:\Users\BRD788~1.PIR\AppData\Local\Temp\nshD3A9.tmp\inetc.dll
2014-05-10 13:39 - 2014-05-10 13:39 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-05-18 21:16 - 2014-05-18 21:16 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:AD022376
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => ""="service"
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/17/2014 05:17:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/16/2014 00:09:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/15/2014 08:24:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/14/2014 02:18:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/13/2014 10:14:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/12/2014 04:36:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/11/2014 07:19:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/10/2014 11:49:35 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (06/10/2014 04:22:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/08/2014 10:55:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (06/17/2014 05:18:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SaveSenseLive Service (savesenselive)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/17/2014 05:15:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Util Caramava" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/17/2014 05:15:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update Caramava" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/17/2014 05:15:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Wpm Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/17/2014 05:15:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IePlugin Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/16/2014 00:10:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SaveSenseLive Service (savesenselive)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/16/2014 00:08:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Util Caramava" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/16/2014 00:08:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Update Caramava" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/16/2014 00:08:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Wpm Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (06/16/2014 00:08:01 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "IePlugin Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
Error: (06/17/2014 05:17:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/16/2014 00:09:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/15/2014 08:24:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/14/2014 02:18:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/13/2014 10:14:30 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/12/2014 04:36:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/11/2014 07:19:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/10/2014 11:49:35 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: rpshellextension.1.0,language="*",type="win32",version="1.0.0.0"C:\Windows\Installer\{2259DBC1-EFFB-42B5-BA35-DFC0AAB2B3FB}\recordingmanager.exe
Error: (06/10/2014 04:22:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (06/08/2014 10:55:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
==================== Memory info ===========================
Percentage of memory in use: 66%
Total physical RAM: 3890.67 MB
Available physical RAM: 1308.15 MB
Total Pagefile: 7779.52 MB
Available Pagefile: 4918.58 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
==================== Drives ================================
Drive c: (WINDOWS) (Fixed) (Total:232.88 GB) (Free:186.18 GB) NTFS
Drive d: (Data) (Fixed) (Total:232.49 GB) (Free:224.04 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 9E527146)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=233 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=232 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
18.06.2014, 08:42
| #4 |
| | Schrift erscheint grün und doppelt unterstrichen, der Computer ist sehr langsam, viel Werbung Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4 Bitte starte  FRST erneut, setze den Haken auch bei Addition.txt und drücke auf Scan.Bitte poste mir die Inhalte der Logs von Adwarecleaner, MBAM, JRT und FRST hier in den Thread.
__________________ Proud member of Unite |
|
18.06.2014, 12:16
| #5 |
| | Schrift erscheint grün und doppelt unterstrichen, der Computer ist sehr langsam, viel Werbung Nach Schritt 1 hat der PC wieder hochgefahren und zeigt auch das Textfeld an, jedoch verweigern mir Firefox und Internet Explorer den Zugriff auf das Internet ("Firefox wurde konfiguriert, einen Proxy-Server zu nutzen, der die Verbindung zurückweist.") Was ist da schiefgegangen? |
|
18.06.2014, 14:01
| #6 |
| | Schrift erscheint grün und doppelt unterstrichen, der Computer ist sehr langsam, viel Werbung Wahrscheinlich hat das Tool fälschlicherweise einen Proxy gelöscht. Resette FireFox mal.
__________________ --> Schrift erscheint grün und doppelt unterstrichen, der Computer ist sehr langsam, viel Werbung |
|
18.06.2014, 14:06
| #7 |
| | Schrift erscheint grün und doppelt unterstrichen, der Computer ist sehr langsam, viel Werbung Malwarebytes Anti-Malware Malwarebytes | Free Anti-Malware & Internet Security Software Suchlauf Datum: 18.06.2014 Suchlauf-Zeit: 14:26:35 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.03.04.09 Rootkit Datenbank: v2014.06.02.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Br. Pirminius Seber Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 240915 Verstrichene Zeit: 8 Min, 20 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 127 PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\APPID\{A2D3FB7A-6873-45E8-AF96-57092D721828}, In Quarantäne, [e8618679c0bac86e904c300f5da501ff], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc, In Quarantäne, [e8618679c0bac86e904c300f5da501ff], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc.1.0, In Quarantäne, [e8618679c0bac86e904c300f5da501ff], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc, In Quarantäne, [e8618679c0bac86e904c300f5da501ff], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc.1.0, In Quarantäne, [e8618679c0bac86e904c300f5da501ff], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{A2D3FB7A-6873-45E8-AF96-57092D721828}, In Quarantäne, [e8618679c0bac86e904c300f5da501ff], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A2D3FB7A-6873-45E8-AF96-57092D721828}, In Quarantäne, [e8618679c0bac86e904c300f5da501ff], PUP.Optional.WebSteroids.A, HKLM\SOFTWARE\CLASSES\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}, In Quarantäne, [61e8c03fcbaf79bde1fc6dd23ac8b947], PUP.Optional.WebSteroids.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}, In Quarantäne, [61e8c03fcbaf79bde1fc6dd23ac8b947], PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\CLASSES\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b89129d67307dc5ab9f680f606fc36ca], PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{8FB1A663-2820-468B-95C4-5060A4C5F413}, In Quarantäne, [b89129d67307dc5ab9f680f606fc36ca], PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}, In Quarantäne, [b89129d67307dc5ab9f680f606fc36ca], PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}, In Quarantäne, [b89129d67307dc5ab9f680f606fc36ca], PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{8FB1A663-2820-468B-95C4-5060A4C5F413}, In Quarantäne, [b89129d67307dc5ab9f680f606fc36ca], PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\CLASSES\ShopperPro.ShopperProBHO.1, In Quarantäne, [b89129d67307dc5ab9f680f606fc36ca], PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\CLASSES\ShopperPro.ShopperProBHO, In Quarantäne, [b89129d67307dc5ab9f680f606fc36ca], PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ShopperPro.ShopperProBHO, In Quarantäne, [b89129d67307dc5ab9f680f606fc36ca], PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b89129d67307dc5ab9f680f606fc36ca], PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b89129d67307dc5ab9f680f606fc36ca], PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ShopperPro.ShopperProBHO.1, In Quarantäne, [b89129d67307dc5ab9f680f606fc36ca], PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b89129d67307dc5ab9f680f606fc36ca], PUP.Optional.ShopperPro.A, HKU\S-1-5-21-3090635963-4145032168-3900013317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b89129d67307dc5ab9f680f606fc36ca], PUP.Optional.ShopperPro.A, HKU\S-1-5-21-3090635963-4145032168-3900013317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b89129d67307dc5ab9f680f606fc36ca], PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b89129d67307dc5ab9f680f606fc36ca], PUP.Optional.DynConIE.A, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, In Quarantäne, [14358d72601a2c0a119a97a841c1be42], PUP.Optional.DynConIE.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, In Quarantäne, [14358d72601a2c0a119a97a841c1be42], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [1d2ca9563e3c181e6fa7142b4db5db25], PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [1d2ca9563e3c181e6fa7142b4db5db25], PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [1d2ca9563e3c181e6fa7142b4db5db25], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [1d2ca9563e3c181e6fa7142b4db5db25], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [1d2ca9563e3c181e6fa7142b4db5db25], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [1d2ca9563e3c181e6fa7142b4db5db25], PUP.Optional.SupTab.A, HKU\S-1-5-21-3090635963-4145032168-3900013317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [1d2ca9563e3c181e6fa7142b4db5db25], PUP.Optional.SupTab.A, HKU\S-1-5-21-3090635963-4145032168-3900013317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [1d2ca9563e3c181e6fa7142b4db5db25], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0035510.BHO, In Quarantäne, [29204fb0760459dd13a7d5d6ba494fb1], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0035510.BHO.1, In Quarantäne, [dd6ce21d1169b2841f9b406b996a659b], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0035510.Sandbox, In Quarantäne, [183103fc1862db5be4d6406bb64d49b7], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0035510.Sandbox.1, In Quarantäne, [cc7d03fc58225fd78436258606fdbe42], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLive.OneClickCtrl.9, In Quarantäne, [ac9d02fd2c4e6fc7a82bebcef40f758b], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLive.OneClickProcessLauncherMachine, In Quarantäne, [ba8fbd42552592a4ad26e7d2fa094fb1], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLive.OneClickProcessLauncherMachine.1.0, In Quarantäne, [1039fa05d4a640f6a52ebefb70937090], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLive.Update3WebControl.3, In Quarantäne, [91b8fd026614ac8a755e1f9a26ddc040], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoCreateAsync, In Quarantäne, [e56434cb295168ce15befebb4cb708f8], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoCreateAsync.1.0, In Quarantäne, [10399669d0aa64d26f64714839caec14], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreClass, In Quarantäne, [55f4ef107802c86ef3e0a019cd36ee12], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreClass.1, In Quarantäne, [56f3af505228ab8b93409c1dbc47837d], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreMachineClass, In Quarantäne, [26237c8399e180b6d4ffac0d8a79fa06], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreMachineClass.1, In Quarantäne, [1b2eba455a2045f1785bb405748f08f8], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CredentialDialogMachine, In Quarantäne, [32177e815327d561c40febce2ad9e31d], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CredentialDialogMachine.1.0, In Quarantäne, [67e28b74bdbd1d19af24c0f9b15207f9], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachine, In Quarantäne, [b7923ec1453551e532a17f3a25de51af], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachine.1.0, In Quarantäne, [3712fb0458222511666d4178ff0416ea], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback, In Quarantäne, [68e106f9e09a59ddcd06615882816799], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback.1.0, In Quarantäne, [b990e31c5129d561e9eabefb06fd06fa], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.ProcessLauncher, In Quarantäne, [a9a0b946adcdc27430a384351de6e11f], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.ProcessLauncher.1.0, In Quarantäne, [ff4a27d87604f93d4a89f2c77192ce32], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService, In Quarantäne, [ab9ed52a5a203600478cf7c26b989868], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService.1.0, In Quarantäne, [5decaa5587f391a5eee557623dc654ac], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachine, In Quarantäne, [f554de21a0da3ef8953ed1e843c0867a], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachine.1.0, In Quarantäne, [3019f00f2e4c73c3f6dd2594748f9a66], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachineFallback, In Quarantäne, [3a0fa659502a7bbb70633a7f3ac9a65a], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachineFallback.1.0, In Quarantäne, [b891fb04eb8f94a2a033695042c19d63], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc, In Quarantäne, [26239966d0aae94df4dfbcfd4ab93ac6], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc.1.0, In Quarantäne, [7dcc04fb710965d120b33c7d34cffd03], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\APPID\SaveSenseLive.exe, In Quarantäne, [f950c936a5d568ce369c843530d340c0], PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [71d8758ae19959dd515572447f8403fd], PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\DealPlyLive, In Quarantäne, [63e6c33c6515c274d85cd6d60102867a], PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\iWebar, In Quarantäne, [f851ff00770373c3bdfe8b279c67fc04], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\SaveSenseLive, In Quarantäne, [55f4e6199cdeb086b424d8e181826d93], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0035510.BHO, In Quarantäne, [4108f40b84f604326951dfccd42fe41c], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0035510.BHO.1, In Quarantäne, [b594629d22581026f6c41794ff047888], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0035510.Sandbox, In Quarantäne, [80c92ad51f5b3303cded961530d327d9], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0035510.Sandbox.1, In Quarantäne, [381125daf783b68009b17f2c6a996b95], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLive.OneClickCtrl.9, In Quarantäne, [53f650af66148ea8ddf614a513f053ad], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLive.OneClickProcessLauncherMachine, In Quarantäne, [5decbf40d0aa0630f2e1962354afeb15], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLive.OneClickProcessLauncherMachine.1.0, In Quarantäne, [3c0dd7286f0bf640597afcbd1ae93bc5], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLive.Update3WebControl.3, In Quarantäne, [e3666699205a0531eee56d4ce91ac040], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoCreateAsync, In Quarantäne, [89c055aa4733d85ee4ef3b7ede25837d], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoCreateAsync.1.0, In Quarantäne, [9baedb2402789f9717bc3188649ffb05], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoreClass, In Quarantäne, [173215ea6812c472fdd621989d6601ff], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoreClass.1, In Quarantäne, [272240bf89f195a1953ef9c004ffc63a], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoreMachineClass, In Quarantäne, [1534807fe4963501567d6158996a7090], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoreMachineClass.1, In Quarantäne, [8abf05fabfbb2b0b7f5473469d66c33d], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CredentialDialogMachine, In Quarantäne, [014869962d4d989e8d46f5c4f3100bf5], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CredentialDialogMachine.1.0, In Quarantäne, [16335ea1265486b0557e95242fd47987], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachine, In Quarantäne, [9dace21de199d46260732f8af013ac54], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachine.1.0, In Quarantäne, [14356699bfbbea4ca2314178d033d030], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback, In Quarantäne, [81c86b947a00f4422ba804b5f112b749], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback.1.0, In Quarantäne, [c386629d720844f291427c3da65d02fe], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.ProcessLauncher, In Quarantäne, [0d3c649bc3b795a17f547049a95a748c], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.ProcessLauncher.1.0, In Quarantäne, [e861f20d24565bdbd6fdae0b7b88b050], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService, In Quarantäne, [85c4a956c8b21620567db2071ae9ab55], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService.1.0, In Quarantäne, [4cfd748b7703a39323b0dbde659e8e72], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebMachine, In Quarantäne, [ab9e48b7a1d967cf953ef4c5be45aa56], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebMachine.1.0, In Quarantäne, [1f2a36c905751e1872614e6b7b8833cd], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebMachineFallback, In Quarantäne, [054429d6afcb2e0803d0caef1fe4d42c], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebMachineFallback.1.0, In Quarantäne, [38118f70cab02214468da217a75c8080], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc, In Quarantäne, [f25752ad6515be78c112f3c6a85b8d73], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc.1.0, In Quarantäne, [9bae06f95624191d05ce5564aa59e719], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\SaveSenseLive.exe, In Quarantäne, [97b210ef58221620a82a269362a1fc04], PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [74d5e7188ded58de6c3a07aff0133ec2], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@tools.updaterss.com/SaveSenseLive Update;version=3, In Quarantäne, [61e84cb37505eb4b379f45748d76c63a], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@tools.updaterss.com/SaveSenseLive Update;version=9, In Quarantäne, [0e3bbb44d9a161d5b125c9f0ac57a45c], PUP.Optional.BundleInstaller.A, HKLM\SOFTWARE\WOW6432NODE\VITTALIA\AxtanInstaller, In Quarantäne, [d17834cbb3c70531bb3e3160bc46c739], PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginService, In Quarantäne, [62e742bddc9eb97d4ccf652cdd254eb2], PUP.Optional.SaveSense, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\savesenselive, In Quarantäne, [ce7b837c88f2e2543e5295246e9539c7], PUP.Optional.SaveSense, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\savesenselivem, In Quarantäne, [b89142bdd2a8d16520703287c1423fc1], PUP.Optional.WpManager.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WPM, In Quarantäne, [a7a26c931169270ff5922c8f26dd817f], PUP.Optional.iWebar.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, In Quarantäne, [6fdac03f08728caa8324ff9016ecce32], PUP.Optional.SaveSense.A, HKU\S-1-5-21-3090635963-4145032168-3900013317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SaveSenseLive, In Quarantäne, [dc6d9c6385f5cd693e978e2b788b32ce], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3090635963-4145032168-3900013317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, In Quarantäne, [1d2cdb249ae0e353e88e9629857efd03], PUP.Optional.iWebar.A, HKU\S-1-5-21-3090635963-4145032168-3900013317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, In Quarantäne, [341544bb5921e84e12950e81c33feb15], PUP.Optional.Qone8, HKU\S-1-5-21-3090635963-4145032168-3900013317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [80c94cb3f882a78ffaabf7bfe61dc23e], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110311551110}, In Quarantäne, [86c3f50ac0ba1323768b67cbb64ef30d], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110311551110}, In Quarantäne, [86c3f50ac0ba1323768b67cbb64ef30d], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440344554410}, In Quarantäne, [86c3f50ac0ba1323768b67cbb64ef30d], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550355555510}, In Quarantäne, [86c3f50ac0ba1323768b67cbb64ef30d], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660366556610}, In Quarantäne, [86c3f50ac0ba1323768b67cbb64ef30d], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550355555510}, In Quarantäne, [86c3f50ac0ba1323768b67cbb64ef30d], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660366556610}, In Quarantäne, [86c3f50ac0ba1323768b67cbb64ef30d], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440344554410}, In Quarantäne, [86c3f50ac0ba1323768b67cbb64ef30d], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110311551110}, In Quarantäne, [86c3f50ac0ba1323768b67cbb64ef30d], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{11111111-1111-1111-1111-110311551110}, In Quarantäne, [86c3f50ac0ba1323768b67cbb64ef30d], PUP.Optional.CrossRider.M, HKU\S-1-5-21-3090635963-4145032168-3900013317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{11111111-1111-1111-1111-110311551110}, In Quarantäne, [86c3f50ac0ba1323768b67cbb64ef30d], PUP.Optional.CrossRider.M, HKU\S-1-5-21-3090635963-4145032168-3900013317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{11111111-1111-1111-1111-110311551110}, In Quarantäne, [86c3f50ac0ba1323768b67cbb64ef30d], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110411821192}, In Quarantäne, [94b5c6393f3bcc6a629f56dcf410f709], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110411821192}, In Quarantäne, [94b5c6393f3bcc6a629f56dcf410f709], Registrierungswerte: 1 PUP.Optional.WpManager.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WPM|ImagePath, C:\ProgramData\WPM\wprotectmanager.exe -service, In Quarantäne, [a7a26c931169270ff5922c8f26dd817f] Registrierungsdaten: 2 PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[83c6aa554733c472a3a03ff00ff53ac6] PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[ec5d3cc30b6f2b0b251ecf60b35160a0] Ordner: 21 PUP.Optional.Conduit.A, C:\Users\Br. Pirminius Seber\AppData\Local\Temp\CT3326313, In Quarantäne, [6edbf50aee8c79bd7d8774132ad89868], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\userCode, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\icons, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\icons\actions, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\api, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\popupResource, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\userCode, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\api, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\popupResource, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], Dateien: 134 PUP.Optional.SpeedUpMyPC, C:\Users\Br. Pirminius Seber\AppData\Local\Temp\0967d265-08c9-4fb3-929e-9662bc5292a5\software\speedupmypc.exe, In Quarantäne, [a2a7b54a24563df9d80fbce4d22f4db3], PUP.Optional.SpeedUpMyPC, C:\Users\Br. Pirminius Seber\AppData\Local\Temp\is-OE159.tmp\SpeedUpMyPC-standalone-setup.exe, In Quarantäne, [79d0cb34b0caef478f58336d6899768a], PUP.Optional.SkyTech.A, C:\Users\Br. Pirminius Seber\AppData\Local\Temp\fullpackage_temp1396034792\package1.zip, In Quarantäne, [55f4b9465a200531b44a91eeb64a6f91], PUP.Optional.SaveSense, C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job, In Quarantäne, [96b318e73446b086137eedccda29f709], PUP.Optional.SaveSense, C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job, In Quarantäne, [4bfe9c634d2d96a0f59ccaef07fce818], PUP.Optional.Conduit.A, C:\Users\Br. Pirminius Seber\AppData\Local\Temp\CT3326313\ddt.csf, In Quarantäne, [6edbf50aee8c79bd7d8774132ad89868], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\background.html, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\chromeCoreFilesIndex.txt, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\crossriderManifest.json, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\manifest.json, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\popup.html, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\manifest.xml, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins.json, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\1.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\103.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\123.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\13.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\14.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\17.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\177.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\180.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\182.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\183.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\19.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\192.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\207.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\21.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\22.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\239.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\246.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\28.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\4.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\47.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\64.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\72.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\78.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\80.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\91.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\97.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\userCode\background.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\userCode\extension.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\icons\icon128.png, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\icons\icon16.png, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\icons\icon48.png, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\icons\actions\1.png, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\background.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\main.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\platformVersion.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\api\chrome.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\api\cookie.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\api\message.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\api\monitor.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\api\pageAction.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\api\pageActionBG.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\app_api.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\bg_app_api.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\consts.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\cookie_store.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\crossriderAPI.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\delegate.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\events.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\extensionDataStore.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\installer.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\logFile.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\logging.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\onBGDocumentLoad.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\reports.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\storageWrapper.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\updateManager.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\util.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\xhr.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\popupResource\newPopup.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\popupResource\popup.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\1.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\102.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\104.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\13.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\14.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\17.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\177.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\182.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\183.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\184.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\19.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\207.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\21.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\217.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\22.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\223.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\242.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\244.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\246.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\28.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\4.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\47.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\64.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\7.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\72.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\78.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\80.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\9.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\91.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\93.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\97.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\userCode\background.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\userCode\extension.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\background.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\main.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\platformVersion.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\api\chrome.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\api\cookie.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\api\message.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\api\monitor.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\api\pageAction.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\api\pageActionBG.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\app_api.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\bg_app_api.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\consts.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\cookie_store.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\crossriderAPI.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\delegate.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\events.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\extensionDataStore.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\installer.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\logFile.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\logging.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\onBGDocumentLoad.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\reports.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\storageWrapper.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\updateManager.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\util.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\xhr.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\popupResource\newPopup.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\popupResource\popup.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], Physische Sektoren: 0 (No malicious items detected) (end) Malwarebytes Anti-Malware Malwarebytes | Free Anti-Malware & Internet Security Software Suchlauf Datum: 18.06.2014 Suchlauf-Zeit: 14:26:35 Logdatei: mbam.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.03.04.09 Rootkit Datenbank: v2014.06.02.01 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Br. Pirminius Seber Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 240915 Verstrichene Zeit: 8 Min, 20 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registrierungsschlüssel: 127 PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\APPID\{A2D3FB7A-6873-45E8-AF96-57092D721828}, In Quarantäne, [e8618679c0bac86e904c300f5da501ff], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc, In Quarantäne, [e8618679c0bac86e904c300f5da501ff], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc.1.0, In Quarantäne, [e8618679c0bac86e904c300f5da501ff], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc, In Quarantäne, [e8618679c0bac86e904c300f5da501ff], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassSvc.1.0, In Quarantäne, [e8618679c0bac86e904c300f5da501ff], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{A2D3FB7A-6873-45E8-AF96-57092D721828}, In Quarantäne, [e8618679c0bac86e904c300f5da501ff], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A2D3FB7A-6873-45E8-AF96-57092D721828}, In Quarantäne, [e8618679c0bac86e904c300f5da501ff], PUP.Optional.WebSteroids.A, HKLM\SOFTWARE\CLASSES\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}, In Quarantäne, [61e8c03fcbaf79bde1fc6dd23ac8b947], PUP.Optional.WebSteroids.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}, In Quarantäne, [61e8c03fcbaf79bde1fc6dd23ac8b947], PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\CLASSES\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b89129d67307dc5ab9f680f606fc36ca], PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{8FB1A663-2820-468B-95C4-5060A4C5F413}, In Quarantäne, [b89129d67307dc5ab9f680f606fc36ca], PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}, In Quarantäne, [b89129d67307dc5ab9f680f606fc36ca], PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{03C0AC00-86DE-4B55-81BA-2E7CD61C51B1}, In Quarantäne, [b89129d67307dc5ab9f680f606fc36ca], PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{8FB1A663-2820-468B-95C4-5060A4C5F413}, In Quarantäne, [b89129d67307dc5ab9f680f606fc36ca], PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\CLASSES\ShopperPro.ShopperProBHO.1, In Quarantäne, [b89129d67307dc5ab9f680f606fc36ca], PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\CLASSES\ShopperPro.ShopperProBHO, In Quarantäne, [b89129d67307dc5ab9f680f606fc36ca], PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ShopperPro.ShopperProBHO, In Quarantäne, [b89129d67307dc5ab9f680f606fc36ca], PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b89129d67307dc5ab9f680f606fc36ca], PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b89129d67307dc5ab9f680f606fc36ca], PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\ShopperPro.ShopperProBHO.1, In Quarantäne, [b89129d67307dc5ab9f680f606fc36ca], PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b89129d67307dc5ab9f680f606fc36ca], PUP.Optional.ShopperPro.A, HKU\S-1-5-21-3090635963-4145032168-3900013317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b89129d67307dc5ab9f680f606fc36ca], PUP.Optional.ShopperPro.A, HKU\S-1-5-21-3090635963-4145032168-3900013317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b89129d67307dc5ab9f680f606fc36ca], PUP.Optional.ShopperPro.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}, In Quarantäne, [b89129d67307dc5ab9f680f606fc36ca], PUP.Optional.DynConIE.A, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, In Quarantäne, [14358d72601a2c0a119a97a841c1be42], PUP.Optional.DynConIE.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, In Quarantäne, [14358d72601a2c0a119a97a841c1be42], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [1d2ca9563e3c181e6fa7142b4db5db25], PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [1d2ca9563e3c181e6fa7142b4db5db25], PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [1d2ca9563e3c181e6fa7142b4db5db25], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [1d2ca9563e3c181e6fa7142b4db5db25], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [1d2ca9563e3c181e6fa7142b4db5db25], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [1d2ca9563e3c181e6fa7142b4db5db25], PUP.Optional.SupTab.A, HKU\S-1-5-21-3090635963-4145032168-3900013317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [1d2ca9563e3c181e6fa7142b4db5db25], PUP.Optional.SupTab.A, HKU\S-1-5-21-3090635963-4145032168-3900013317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [1d2ca9563e3c181e6fa7142b4db5db25], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0035510.BHO, In Quarantäne, [29204fb0760459dd13a7d5d6ba494fb1], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0035510.BHO.1, In Quarantäne, [dd6ce21d1169b2841f9b406b996a659b], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0035510.Sandbox, In Quarantäne, [183103fc1862db5be4d6406bb64d49b7], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0035510.Sandbox.1, In Quarantäne, [cc7d03fc58225fd78436258606fdbe42], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLive.OneClickCtrl.9, In Quarantäne, [ac9d02fd2c4e6fc7a82bebcef40f758b], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLive.OneClickProcessLauncherMachine, In Quarantäne, [ba8fbd42552592a4ad26e7d2fa094fb1], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLive.OneClickProcessLauncherMachine.1.0, In Quarantäne, [1039fa05d4a640f6a52ebefb70937090], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLive.Update3WebControl.3, In Quarantäne, [91b8fd026614ac8a755e1f9a26ddc040], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoCreateAsync, In Quarantäne, [e56434cb295168ce15befebb4cb708f8], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoCreateAsync.1.0, In Quarantäne, [10399669d0aa64d26f64714839caec14], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreClass, In Quarantäne, [55f4ef107802c86ef3e0a019cd36ee12], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreClass.1, In Quarantäne, [56f3af505228ab8b93409c1dbc47837d], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreMachineClass, In Quarantäne, [26237c8399e180b6d4ffac0d8a79fa06], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CoreMachineClass.1, In Quarantäne, [1b2eba455a2045f1785bb405748f08f8], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CredentialDialogMachine, In Quarantäne, [32177e815327d561c40febce2ad9e31d], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.CredentialDialogMachine.1.0, In Quarantäne, [67e28b74bdbd1d19af24c0f9b15207f9], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachine, In Quarantäne, [b7923ec1453551e532a17f3a25de51af], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachine.1.0, In Quarantäne, [3712fb0458222511666d4178ff0416ea], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback, In Quarantäne, [68e106f9e09a59ddcd06615882816799], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback.1.0, In Quarantäne, [b990e31c5129d561e9eabefb06fd06fa], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.ProcessLauncher, In Quarantäne, [a9a0b946adcdc27430a384351de6e11f], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.ProcessLauncher.1.0, In Quarantäne, [ff4a27d87604f93d4a89f2c77192ce32], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService, In Quarantäne, [ab9ed52a5a203600478cf7c26b989868], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService.1.0, In Quarantäne, [5decaa5587f391a5eee557623dc654ac], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachine, In Quarantäne, [f554de21a0da3ef8953ed1e843c0867a], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachine.1.0, In Quarantäne, [3019f00f2e4c73c3f6dd2594748f9a66], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachineFallback, In Quarantäne, [3a0fa659502a7bbb70633a7f3ac9a65a], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebMachineFallback.1.0, In Quarantäne, [b891fb04eb8f94a2a033695042c19d63], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc, In Quarantäne, [26239966d0aae94df4dfbcfd4ab93ac6], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc.1.0, In Quarantäne, [7dcc04fb710965d120b33c7d34cffd03], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\CLASSES\APPID\SaveSenseLive.exe, In Quarantäne, [f950c936a5d568ce369c843530d340c0], PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [71d8758ae19959dd515572447f8403fd], PUP.Optional.DealPly.A, HKLM\SOFTWARE\WOW6432NODE\DealPlyLive, In Quarantäne, [63e6c33c6515c274d85cd6d60102867a], PUP.Optional.iWebar.A, HKLM\SOFTWARE\WOW6432NODE\iWebar, In Quarantäne, [f851ff00770373c3bdfe8b279c67fc04], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\SaveSenseLive, In Quarantäne, [55f4e6199cdeb086b424d8e181826d93], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0035510.BHO, In Quarantäne, [4108f40b84f604326951dfccd42fe41c], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0035510.BHO.1, In Quarantäne, [b594629d22581026f6c41794ff047888], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0035510.Sandbox, In Quarantäne, [80c92ad51f5b3303cded961530d327d9], PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0035510.Sandbox.1, In Quarantäne, [381125daf783b68009b17f2c6a996b95], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLive.OneClickCtrl.9, In Quarantäne, [53f650af66148ea8ddf614a513f053ad], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLive.OneClickProcessLauncherMachine, In Quarantäne, [5decbf40d0aa0630f2e1962354afeb15], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLive.OneClickProcessLauncherMachine.1.0, In Quarantäne, [3c0dd7286f0bf640597afcbd1ae93bc5], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLive.Update3WebControl.3, In Quarantäne, [e3666699205a0531eee56d4ce91ac040], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoCreateAsync, In Quarantäne, [89c055aa4733d85ee4ef3b7ede25837d], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoCreateAsync.1.0, In Quarantäne, [9baedb2402789f9717bc3188649ffb05], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoreClass, In Quarantäne, [173215ea6812c472fdd621989d6601ff], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoreClass.1, In Quarantäne, [272240bf89f195a1953ef9c004ffc63a], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoreMachineClass, In Quarantäne, [1534807fe4963501567d6158996a7090], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CoreMachineClass.1, In Quarantäne, [8abf05fabfbb2b0b7f5473469d66c33d], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CredentialDialogMachine, In Quarantäne, [014869962d4d989e8d46f5c4f3100bf5], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.CredentialDialogMachine.1.0, In Quarantäne, [16335ea1265486b0557e95242fd47987], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachine, In Quarantäne, [9dace21de199d46260732f8af013ac54], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachine.1.0, In Quarantäne, [14356699bfbbea4ca2314178d033d030], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback, In Quarantäne, [81c86b947a00f4422ba804b5f112b749], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback.1.0, In Quarantäne, [c386629d720844f291427c3da65d02fe], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.ProcessLauncher, In Quarantäne, [0d3c649bc3b795a17f547049a95a748c], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.ProcessLauncher.1.0, In Quarantäne, [e861f20d24565bdbd6fdae0b7b88b050], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService, In Quarantäne, [85c4a956c8b21620567db2071ae9ab55], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3COMClassService.1.0, In Quarantäne, [4cfd748b7703a39323b0dbde659e8e72], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebMachine, In Quarantäne, [ab9e48b7a1d967cf953ef4c5be45aa56], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebMachine.1.0, In Quarantäne, [1f2a36c905751e1872614e6b7b8833cd], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebMachineFallback, In Quarantäne, [054429d6afcb2e0803d0caef1fe4d42c], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebMachineFallback.1.0, In Quarantäne, [38118f70cab02214468da217a75c8080], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc, In Quarantäne, [f25752ad6515be78c112f3c6a85b8d73], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SaveSenseLiveUpdate.Update3WebSvc.1.0, In Quarantäne, [9bae06f95624191d05ce5564aa59e719], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\SaveSenseLive.exe, In Quarantäne, [97b210ef58221620a82a269362a1fc04], PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [74d5e7188ded58de6c3a07aff0133ec2], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@tools.updaterss.com/SaveSenseLive Update;version=3, In Quarantäne, [61e84cb37505eb4b379f45748d76c63a], PUP.Optional.SaveSense.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@tools.updaterss.com/SaveSenseLive Update;version=9, In Quarantäne, [0e3bbb44d9a161d5b125c9f0ac57a45c], PUP.Optional.BundleInstaller.A, HKLM\SOFTWARE\WOW6432NODE\VITTALIA\AxtanInstaller, In Quarantäne, [d17834cbb3c70531bb3e3160bc46c739], PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginService, In Quarantäne, [62e742bddc9eb97d4ccf652cdd254eb2], PUP.Optional.SaveSense, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\savesenselive, In Quarantäne, [ce7b837c88f2e2543e5295246e9539c7], PUP.Optional.SaveSense, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\savesenselivem, In Quarantäne, [b89142bdd2a8d16520703287c1423fc1], PUP.Optional.WpManager.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WPM, In Quarantäne, [a7a26c931169270ff5922c8f26dd817f], PUP.Optional.iWebar.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, In Quarantäne, [6fdac03f08728caa8324ff9016ecce32], PUP.Optional.SaveSense.A, HKU\S-1-5-21-3090635963-4145032168-3900013317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SaveSenseLive, In Quarantäne, [dc6d9c6385f5cd693e978e2b788b32ce], PUP.Optional.CrossRider.A, HKU\S-1-5-21-3090635963-4145032168-3900013317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, In Quarantäne, [1d2cdb249ae0e353e88e9629857efd03], PUP.Optional.iWebar.A, HKU\S-1-5-21-3090635963-4145032168-3900013317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\iWebar, In Quarantäne, [341544bb5921e84e12950e81c33feb15], PUP.Optional.Qone8, HKU\S-1-5-21-3090635963-4145032168-3900013317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [80c94cb3f882a78ffaabf7bfe61dc23e], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110311551110}, In Quarantäne, [86c3f50ac0ba1323768b67cbb64ef30d], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110311551110}, In Quarantäne, [86c3f50ac0ba1323768b67cbb64ef30d], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440344554410}, In Quarantäne, [86c3f50ac0ba1323768b67cbb64ef30d], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550355555510}, In Quarantäne, [86c3f50ac0ba1323768b67cbb64ef30d], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660366556610}, In Quarantäne, [86c3f50ac0ba1323768b67cbb64ef30d], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550355555510}, In Quarantäne, [86c3f50ac0ba1323768b67cbb64ef30d], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{66666666-6666-6666-6666-660366556610}, In Quarantäne, [86c3f50ac0ba1323768b67cbb64ef30d], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{44444444-4444-4444-4444-440344554410}, In Quarantäne, [86c3f50ac0ba1323768b67cbb64ef30d], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110311551110}, In Quarantäne, [86c3f50ac0ba1323768b67cbb64ef30d], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{11111111-1111-1111-1111-110311551110}, In Quarantäne, [86c3f50ac0ba1323768b67cbb64ef30d], PUP.Optional.CrossRider.M, HKU\S-1-5-21-3090635963-4145032168-3900013317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{11111111-1111-1111-1111-110311551110}, In Quarantäne, [86c3f50ac0ba1323768b67cbb64ef30d], PUP.Optional.CrossRider.M, HKU\S-1-5-21-3090635963-4145032168-3900013317-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{11111111-1111-1111-1111-110311551110}, In Quarantäne, [86c3f50ac0ba1323768b67cbb64ef30d], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110411821192}, In Quarantäne, [94b5c6393f3bcc6a629f56dcf410f709], PUP.Optional.CrossRider.M, HKLM\SOFTWARE\CLASSES\CLSID\{11111111-1111-1111-1111-110411821192}, In Quarantäne, [94b5c6393f3bcc6a629f56dcf410f709], Registrierungswerte: 1 PUP.Optional.WpManager.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WPM|ImagePath, C:\ProgramData\WPM\wprotectmanager.exe -service, In Quarantäne, [a7a26c931169270ff5922c8f26dd817f] Registrierungsdaten: 2 PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[83c6aa554733c472a3a03ff00ff53ac6] PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[ec5d3cc30b6f2b0b251ecf60b35160a0] Ordner: 21 PUP.Optional.Conduit.A, C:\Users\Br. Pirminius Seber\AppData\Local\Temp\CT3326313, In Quarantäne, [6edbf50aee8c79bd7d8774132ad89868], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\userCode, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\icons, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\icons\actions, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\api, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\popupResource, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\userCode, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\api, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\popupResource, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], Dateien: 134 PUP.Optional.SpeedUpMyPC, C:\Users\Br. Pirminius Seber\AppData\Local\Temp\0967d265-08c9-4fb3-929e-9662bc5292a5\software\speedupmypc.exe, In Quarantäne, [a2a7b54a24563df9d80fbce4d22f4db3], PUP.Optional.SpeedUpMyPC, C:\Users\Br. Pirminius Seber\AppData\Local\Temp\is-OE159.tmp\SpeedUpMyPC-standalone-setup.exe, In Quarantäne, [79d0cb34b0caef478f58336d6899768a], PUP.Optional.SkyTech.A, C:\Users\Br. Pirminius Seber\AppData\Local\Temp\fullpackage_temp1396034792\package1.zip, In Quarantäne, [55f4b9465a200531b44a91eeb64a6f91], PUP.Optional.SaveSense, C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job, In Quarantäne, [96b318e73446b086137eedccda29f709], PUP.Optional.SaveSense, C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job, In Quarantäne, [4bfe9c634d2d96a0f59ccaef07fce818], PUP.Optional.Conduit.A, C:\Users\Br. Pirminius Seber\AppData\Local\Temp\CT3326313\ddt.csf, In Quarantäne, [6edbf50aee8c79bd7d8774132ad89868], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\background.html, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\chromeCoreFilesIndex.txt, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\crossriderManifest.json, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\manifest.json, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\popup.html, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\manifest.xml, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins.json, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\1.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\103.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\123.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\13.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\14.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\17.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\177.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\180.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\182.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\183.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\19.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\192.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\207.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\21.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\22.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\239.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\246.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\28.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\4.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\47.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\64.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\72.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\78.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\80.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\91.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\plugins\97.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\userCode\background.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\extensionData\userCode\extension.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\icons\icon128.png, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\icons\icon16.png, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\icons\icon48.png, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\icons\actions\1.png, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\background.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\main.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\platformVersion.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\api\chrome.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\api\cookie.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\api\message.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\api\monitor.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\api\pageAction.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\api\pageActionBG.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\app_api.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\bg_app_api.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\consts.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\cookie_store.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\crossriderAPI.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\delegate.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\events.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\extensionDataStore.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\installer.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\logFile.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\logging.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\onBGDocumentLoad.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\reports.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\storageWrapper.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\updateManager.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\util.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\xhr.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\popupResource\newPopup.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfohdbmjdkfijghgklbickfnaepghgba\1.26.33_0\js\lib\popupResource\popup.js, In Quarantäne, [a0a9926dabcf45f116a1f296887a3dc3], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\1.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\102.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\104.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\13.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\14.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\17.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\177.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\182.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\183.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\184.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\19.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\207.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\21.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\217.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\22.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\223.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\242.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\244.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\246.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\28.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\4.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\47.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\64.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\7.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\72.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\78.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\80.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\9.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\91.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\93.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\plugins\97.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\userCode\background.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\extensionData\userCode\extension.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\background.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\main.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\platformVersion.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\api\chrome.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\api\cookie.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\api\message.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\api\monitor.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\api\pageAction.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\api\pageActionBG.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\app_api.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\bg_app_api.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\consts.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\cookie_store.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\crossriderAPI.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\delegate.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\events.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\extensionDataStore.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\installer.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\logFile.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\logging.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\onBGDocumentLoad.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\reports.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\storageWrapper.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\updateManager.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\util.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\xhr.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\popupResource\newPopup.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], PUP.Optional.CrossRider.A, C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam\1.26.249_0\js\lib\popupResource\popup.js, In Quarantäne, [5ced4ab5ea90f4426f08b2d9ce34966a], Physische Sektoren: 0 (No malicious items detected) (end) |
|
18.06.2014, 14:36
| #8 |
| | Schrift erscheint grün und doppelt unterstrichen, der Computer ist sehr langsam, viel Werbung AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v3.212 - Bericht erstellt am 18/06/2014 um 12:59:41
# Aktualisiert 05/06/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Br. Pirminius Seber - BRUDERPIRMINIUS
# Gestartet von : C:\Users\Br. Pirminius Seber\Downloads\adwcleaner_3.212.exe
# Option : Löschen
***** [ Dienste ] *****
Dienst Gelöscht : {0782648b-1717-4fef-ac58-8cb3ce03adb3}Gw64
[#] Dienst Gelöscht : CltMngSvc
[#] Dienst Gelöscht : IePluginService
[#] Dienst Gelöscht : savesenselive
[#] Dienst Gelöscht : savesenselivem
Dienst Gelöscht : SECUREASSIST
[#] Dienst Gelöscht : Update Caramava
[#] Dienst Gelöscht : Update ConstaSurf
[#] Dienst Gelöscht : Util Caramava
[#] Dienst Gelöscht : Util ConstaSurf
Dienst Gelöscht : VOsrv
[#] Dienst Gelöscht : Wpm
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\IePluginService
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\RegClean
Ordner Gelöscht : C:\ProgramData\SaveSenseLive
Ordner Gelöscht : C:\ProgramData\ShopperPro
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Maximizer
Ordner Gelöscht : C:\Program Files (x86)\AnyProtectEx
Ordner Gelöscht : C:\Program Files (x86)\BrowserSafeguard
[!] Ordner Gelöscht : C:\Program Files (x86)\ConstaSurf
Ordner Gelöscht : C:\Program Files (x86)\FoxTab
Ordner Gelöscht : C:\Program Files (x86)\PC Speed Maximizer
Ordner Gelöscht : C:\Program Files (x86)\SearchProtect
Ordner Gelöscht : C:\Program Files\003
Ordner Gelöscht : C:\Program Files\SupraSavings
Ordner Gelöscht : C:\Users\Br. Pirminius Seber\AppData\Local\iLivid
Ordner Gelöscht : C:\Users\Br. Pirminius Seber\AppData\Local\SaveSenseLive
Ordner Gelöscht : C:\Users\Br. Pirminius Seber\AppData\Local\SearchProtect
Ordner Gelöscht : C:\Users\Br. Pirminius Seber\AppData\Local\Tuguu_SL
Ordner Gelöscht : C:\Users\Br. Pirminius Seber\AppData\Local\Websteroids
Ordner Gelöscht : C:\Users\BRD788~1.PIR\AppData\Local\Temp\ConstaSurf
Ordner Gelöscht : C:\Users\Br. Pirminius Seber\AppData\LocalLow\iWebar
Ordner Gelöscht : C:\Users\Br. Pirminius Seber\AppData\LocalLow\Sense
Ordner Gelöscht : C:\Users\Br. Pirminius Seber\AppData\Roaming\FoxTab
Ordner Gelöscht : C:\Users\Br. Pirminius Seber\AppData\Roaming\PC Speed Maximizer
Ordner Gelöscht : C:\Users\Br. Pirminius Seber\AppData\Roaming\SaveSense
Ordner Gelöscht : C:\Users\Br. Pirminius Seber\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\Br. Pirminius Seber\AppData\Roaming\VOPackage
Ordner Gelöscht : C:\Users\Br. Pirminius Seber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
Ordner Gelöscht : C:\Users\Br. Pirminius Seber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
Ordner Gelöscht : C:\Users\Br. Pirminius Seber\Documents\PC Speed Maximizer
Ordner Gelöscht : C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\Extensions\{2d7886a0-85bb-4bf2-b684-ba92b4b21d23}
Ordner Gelöscht : C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\Extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF}
Ordner Gelöscht : C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\Extensions\quick_start@gmail.com
Ordner Gelöscht : C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\Extensions\143f44cf-d99c-4e45-8cd9-ef929de77aa8@bdbf6038-0097-480c-8d8e-fc48e28131a8.com
Ordner Gelöscht : C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\Extensions\2eb528f3-950d-48a3-be4b-5d7de6c8331e@a41e199b-6ca4-4d23-ab87-73f2d1973314.com
Ordner Gelöscht : C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\cigiagpbkapepgklncnajbakkpkopmam
Datei Gelöscht : C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\Extensions\{0782648b-1717-4fef-ac58-8cb3ce03adb3}.xpi
Datei Gelöscht : C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\Extensions\{5ebdca98-43b3-45bb-87e0-716029fb42ab}.xpi
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Windows\SysWOW64\SecureAssist.dll
Datei Gelöscht : C:\Windows\SysWOW64\SecureAssist.ini
Datei Gelöscht : C:\Windows\SysWOW64\SecureAssistOff.ini
Datei Gelöscht : C:\Windows\System32\drivers\{0782648b-1717-4fef-ac58-8cb3ce03adb3}Gw64.sys
Datei Gelöscht : C:\Windows\System32\SecureAssist.ini
Datei Gelöscht : C:\Windows\System32\SecureAssist64.dll
Datei Gelöscht : C:\Windows\System32\SecureAssistOff.ini
Datei Gelöscht : C:\Users\Br. Pirminius Seber\AppData\Local\AnyProtectScannerSetup.exe
Datei Gelöscht : C:\Users\BRD788~1.PIR\AppData\Local\Temp\uninstaller.exe
Datei Gelöscht : C:\Users\Br. Pirminius Seber\AppData\Roaming\aps.scan.quick.results
Datei Gelöscht : C:\Users\Br. Pirminius Seber\AppData\Roaming\aps.scan.results
Datei Gelöscht : C:\Users\Br. Pirminius Seber\AppData\Roaming\aps.uninstall.scan.results
Datei Gelöscht : C:\Users\Br. Pirminius Seber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
Datei Gelöscht : C:\Users\Br. Pirminius Seber\Desktop\AnyProtect.lnk
Datei Gelöscht : C:\Users\Br. Pirminius Seber\Desktop\Configure VO Package.lnk
Datei Gelöscht : C:\Users\Br. Pirminius Seber\Desktop\PC Speed Maximizer.lnk
Datei Gelöscht : C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\invalidprefs.js
Datei Gelöscht : C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\searchplugins\11-suche.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\webssearches.xml
Datei Gelöscht : C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\user.js
Datei Gelöscht : C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx
Datei Gelöscht : C:\Windows\Tasks\APSnotifierPP1.job
Datei Gelöscht : C:\Windows\System32\Tasks\APSnotifierPP1
Datei Gelöscht : C:\Windows\Tasks\APSnotifierPP2.job
Datei Gelöscht : C:\Windows\System32\Tasks\APSnotifierPP2
Datei Gelöscht : C:\Windows\Tasks\APSnotifierPP3.job
Datei Gelöscht : C:\Windows\System32\Tasks\APSnotifierPP3
Datei Gelöscht : C:\Windows\System32\Tasks\BrowserSafeguard Update Task
Datei Gelöscht : C:\Windows\Tasks\FoxTab.job
Datei Gelöscht : C:\Windows\System32\Tasks\FoxTab
Datei Gelöscht : C:\Windows\System32\Tasks\PC Speed Maximizer Schedule
Datei Gelöscht : C:\Windows\Tasks\SaveSense.job
Datei Gelöscht : C:\Windows\System32\Tasks\SaveSense
Datei Gelöscht : C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineCore.job
Datei Gelöscht : C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineCore
Datei Gelöscht : C:\Windows\Tasks\SaveSenseLiveUpdateTaskMachineUA.job
Datei Gelöscht : C:\Windows\System32\Tasks\SaveSenseLiveUpdateTaskMachineUA
Datei Gelöscht : C:\Windows\System32\Tasks\ShopperPro
Datei Gelöscht : C:\Windows\System32\Tasks\ShopperProJSUpd
Datei Gelöscht : C:\Windows\System32\Tasks\SPDriver
Datei Gelöscht : C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-1.job
Datei Gelöscht : C:\Windows\System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-1
Datei Gelöscht : C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-2.job
Datei Gelöscht : C:\Windows\System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-2
Datei Gelöscht : C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-3.job
Datei Gelöscht : C:\Windows\System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-3
Datei Gelöscht : C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-4.job
Datei Gelöscht : C:\Windows\System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-4
Datei Gelöscht : C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-5.job
Datei Gelöscht : C:\Windows\System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-5
Datei Gelöscht : C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-1.job
Datei Gelöscht : C:\Windows\System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-1
Datei Gelöscht : C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-2.job
Datei Gelöscht : C:\Windows\System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-2
Datei Gelöscht : C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-3.job
Datei Gelöscht : C:\Windows\System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-3
Datei Gelöscht : C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-4.job
Datei Gelöscht : C:\Windows\System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-4
Datei Gelöscht : C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-5.job
Datei Gelöscht : C:\Windows\System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-5
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Verknüpfung Desinfiziert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Br. Pirminius Seber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Br. Pirminius Seber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Br. Pirminius Seber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Br. Pirminius Seber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Br. Pirminius Seber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Br. Pirminius Seber\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [quick_start@gmail.com]
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Schlüssel Gelöscht : HKCU\Software\Classes\iLivid.torrent
Wert Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [iLivid]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\SaveSenseLive.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\iLivid.torrent
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLive.OneClickCtrl.9
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLive.OneClickProcessLauncherMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLive.OneClickProcessLauncherMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLive.Update3WebControl.3
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoCreateAsync
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoCreateAsync.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoreClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoreClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoreMachineClass
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CoreMachineClass.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CredentialDialogMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.CredentialDialogMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.OnDemandCOMClassSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.ProcessLauncher
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.ProcessLauncher.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3COMClassService
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3COMClassService.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebMachine
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebMachine.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebMachineFallback
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebMachineFallback.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SaveSenseLiveUpdate.Update3WebSvc.1.0
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ShopperPro.ShopperProBHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayer_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Websteroids_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Websteroids_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebsteroidsService_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WebsteroidsService_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=3
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@tools.updaterss.com/SaveSenseLive Update;version=9
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0035510.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0035510.BHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0035510.Sandbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0035510.Sandbox.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{76A60138-58B3-4E27-85FB-8FEF344A8998}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{A2D3FB7A-6873-45E8-AF96-57092D721828}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{998745A3-2AE4-488D-8092-B98FB20A00C2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A2D3FB7A-6873-45E8-AF96-57092D721828}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D7356335-81BF-4769-BFBD-2E2889138641}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311551110}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322552210}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{41E2BE59-5C34-46AB-B743-6678BC94F42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355555510}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366556610}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{52654F2B-3A13-4569-AB52-EF4201F79221}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{9863E762-BACC-46E4-8CAA-2A6ADA06B65B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344554410}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D7356335-81BF-4769-BFBD-2E2889138641}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551110}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311551110}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311551110}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{03EF41A4-BA24-4E49-A2C0-E1D047299287}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{130CCD34-0382-48E5-B307-0E7E72166828}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{26D25DD5-F17A-4D93-9A94-997E2124EEB4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{30279F40-D76B-443C-A34D-F43B35B35CE1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{796D0AA0-DC0E-44C9-A398-C874F04D55A4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{CE2102F0-DF63-452E-9CA7-0F75FF4DDD4B}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{DADFCC6F-66D2-4E1D-A01B-7064CAD2F583}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EBE666C3-F26C-4CF6-8ABA-3D5F5D2625E1}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311551110}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322552210}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110411821192}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{41E2BE59-5C34-46AB-B743-6678BC94F42C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355555510}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366556610}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551110}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411821192}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\AnyProtect
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\ConstaSurf
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKCU\Software\pc speed maximizer
Schlüssel Gelöscht : HKCU\Software\SaveSenseLive
Schlüssel Gelöscht : HKCU\Software\SearchProtectINT
Schlüssel Gelöscht : HKCU\Software\smarttweak
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\DynConIE
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Rr Savings
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Supra Savings
Schlüssel Gelöscht : HKLM\Software\ConstaSurf
Schlüssel Gelöscht : HKLM\Software\DealPlyLive
Schlüssel Gelöscht : HKLM\Software\InstallCore
Schlüssel Gelöscht : HKLM\Software\installedbrowserextensions
Schlüssel Gelöscht : HKLM\Software\Rr Savings
Schlüssel Gelöscht : HKLM\Software\SaveSenseLive
Schlüssel Gelöscht : HKLM\Software\SearchProtect
Schlüssel Gelöscht : HKLM\Software\suprasavings
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\Vittalia
Schlüssel Gelöscht : HKLM\Software\webssearchesSoftware
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC Speed Maximizer_is1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\installedbrowserextensions
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Rr Savings
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\suprasavings
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ConstaSurf
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC32Loader.dll
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~1.DLL
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SearchProtect\SearchProtect\bin\SPVC64Loader.dll
Daten Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\SupTab\SEARCH~2.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SaveSenseLive.exe
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17126
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v29.0.1 (de)
[ Datei : C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\prefs.js ]
Zeile gelöscht : user_pref("browser.search.defaultenginename", "Trovi search");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "Trovi search");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://www.trovi.com/?gd=&ctid=CT3323900&octid=EB_ORIGINAL_CTID&ISID=ME5532AC7-0436-444B-8316-DB8596915435&SearchSource=55&CUI=&UM=5&UP=SPAD7B6FE3-E0CF-415C-9FF3[...]
Zeile gelöscht : user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Zeile gelöscht : user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_meta.value", "%7B%22handlebars.js%22%3A%7B%22id%22%3A183015%2C%22ver%22%3A2%2[...]
Zeile gelöscht : user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_resource_646958.value", "%22function%20startAskCom%28e%2Ct%2Cr%29%7Bfunction%[...]
Zeile gelöscht : user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Zeile gelöscht : user_pref("extensions.crossrider.bic", "14509f200072e80b8f197da86c217ca2");
-\\ Google Chrome v35.0.1916.153
[ Datei : C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Gelöscht [Search Provider] : hxxp://de.ask.com/web?q={searchTerms}
Gelöscht [Search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1396034803&from=tugs&uid=TOSHIBAXMK5075GSX_52BJCFG5TXX52BJCFG5T&q={searchTerms}
Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3323900&octid=EB_ORIGINAL_CTID&ISID=ME5532AC7-0436-444B-8316-DB8596915435&SearchSource=58&CUI=&UM=5&UP=SPAD7B6FE3-E0CF-415C-9FF3-D56682FA8B82&q={searchTerms}&SSPV=
Gelöscht [Startup_urls] : hxxp://www.trovi.com/?gd=&ctid=CT3323900&octid=EB_ORIGINAL_CTID&ISID=ME5532AC7-0436-444B-8316-DB8596915435&SearchSource=55&CUI=&UM=5&UP=SPAD7B6FE3-E0CF-415C-9FF3-D56682FA8B82&SSPV=
Gelöscht [Homepage] : hxxp://www.trovi.com/?gd=&ctid=CT3323900&octid=EB_ORIGINAL_CTID&ISID=ME5532AC7-0436-444B-8316-DB8596915435&SearchSource=55&CUI=&UM=5&UP=SPAD7B6FE3-E0CF-415C-9FF3-D56682FA8B82&SSPV=
Gelöscht [Extension] : cigiagpbkapepgklncnajbakkpkopmam
*************************
AdwCleaner[R0].txt - [33034 octets] - [18/06/2014 12:56:46]
AdwCleaner[S0].txt - [28216 octets] - [18/06/2014 12:59:41]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [28277 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Br. Pirminius Seber on 18.06.2014 at 15:10:25,69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{998745A3-2AE4-488D-8092-B98FB20A00C2}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A18D16ED-27B2-4B83-B70C-15E73F099546}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{BEE7E029-5037-4DAD-A2DB-82E397AB1A44}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{C1424421-D274-491E-9D47-11C8D8CB5F9A}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\ilivid
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installcore
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smarttweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\dynconie
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\speedupmypc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220322552210}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{22222222-2222-2222-2222-220322552210}
~~~ Files
Successfully deleted: [File] "C:\Users\Br. Pirminius Seber\AppData\Roaming\microsoft\windows\start menu\programs\ilivid.lnk"
Successfully deleted: [File] C:\Windows\syswow64\sho9211.tmp
Successfully deleted: [File] C:\Windows\syswow64\shoDBB1.tmp
~~~ Folders
Successfully deleted: [Empty Folder] C:\Users\Br. Pirminius Seber\appdata\local\{4E3EFD72-51B3-431E-BE8A-960857FDD168}
Successfully deleted: [Empty Folder] C:\Users\Br. Pirminius Seber\appdata\local\{A8D79117-8E6F-4F4B-A13A-1B4D64940D25}
Successfully deleted: [Empty Folder] C:\Users\Br. Pirminius Seber\appdata\local\{CC7FE976-DBE6-4B38-9384-9B2B72B5A523}
Successfully deleted: [Empty Folder] C:\Users\Br. Pirminius Seber\appdata\local\{E6BD331D-5DA1-4086-AD02-5AC499185192}
Successfully deleted: [Empty Folder] C:\Users\Br. Pirminius Seber\appdata\local\{F276B3EF-6B7B-4597-8090-D7C73C8C945A}
~~~ FireFox
Successfully deleted: [File] C:\Users\Br. Pirminius Seber\AppData\Roaming\mozilla\firefox\profiles\2x0a1rkf.default\user.js
Successfully deleted: [File] C:\Users\Br. Pirminius Seber\AppData\Roaming\mozilla\firefox\profiles\2x0a1rkf.default\invalidprefs.js
Successfully deleted the following from C:\Users\Br. Pirminius Seber\AppData\Roaming\mozilla\firefox\profiles\2x0a1rkf.default\prefs.js
user_pref("extensions.a143f44cfd99c4e458cd9ef929de77aa8bdbf60380097480c8d8efc48e28131a8com48292.48292.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A
user_pref("extensions.a2eb528f3950d48a3be4b5d7de6c8331ea41e199b6ca44d23ab8773f2d1973314com35510.35510.internaldb.Resources_meta.value", "%7B%22handlebars.js%22%3A%7B%22id%22%3
user_pref("extensions.crossrider.bic", "14509f200072e80b8f197da86c217ca2");
Emptied folder: C:\Users\Br. Pirminius Seber\AppData\Roaming\mozilla\firefox\profiles\2x0a1rkf.default\minidumps [416 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.06.2014 at 15:19:38,53
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-06-2014 Ran by Br. Pirminius Seber (administrator) on BRUDERPIRMINIUS on 18-06-2014 15:33:45 Running from C:\Users\Br. Pirminius Seber\Downloads Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: Downloading Farbar Recovery Scan Tool Download link for 64-Bit Version: Downloading Farbar Recovery Scan Tool Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials ==================== Processes (Whitelisted) ================= (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe (SecureAssist) C:\Program Files\suprasavings\SecureAssist.exe (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe (Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (TOSHIBA) C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\TOPI.exe (Microsoft Corporation) C:\Windows\System32\StikyNot.exe (Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (Toshiba) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe (TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (Intel Corporation) C:\Windows\System32\igfxext.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSwMgr.exe (TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [597928 2011-03-03] (TOSHIBA Corporation) HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-12-14] (TOSHIBA Corporation) HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe [1546720 2011-02-10] (Toshiba Europe GmbH) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11101800 2010-07-28] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2120808 2010-07-28] (Realtek Semiconductor) HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566184 2010-09-28] (TOSHIBA Corporation) HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [570680 2009-08-13] (TOSHIBA Corporation) HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated) HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation) HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation) HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation) HKLM\...\Run: [Toshiba Registration] => C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe [150992 2011-07-27] (Toshiba Europe GmbH) HKLM-x32\...\Run: [NBAgent] => c:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1409424 2011-06-29] (Nero AG) HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.) HKLM-x32\...\Run: [SVPWUTIL] => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [352256 2010-03-03] (TOSHIBA) HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2010-08-15] (TOSHIBA CORPORATION) HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1294136 2009-10-06] (TOSHIBA Corporation) HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-03-24] (Hewlett-Packard) HKLM-x32\...\Run: [] => [X] HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-06-16] (AVAST Software) HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [296520 2014-05-09] (RealNetworks, Inc.) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\.DEFAULT\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA) HKU\S-1-5-19\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA) HKU\S-1-5-20\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA) HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\Run: [TOPI.EXE] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\topi.exe [846936 2011-05-16] (TOSHIBA) HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\Run: [Facebook Update] => C:\Users\Br. Pirminius Seber\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-09-28] (Facebook Inc.) HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation) HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\Run: [HP Deskjet 3050A J611 series (NET)] => C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.) HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\Run: [iLivid] => C:\Users\Br. Pirminius Seber\AppData\Local\iLivid\iLivid.exe [6827008 2013-09-09] (Bandoo Media Inc.) HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\MountPoints2: F - F:\.\Autorun.exe AUTORUN=1 HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\MountPoints2: {6990a982-fa63-11e1-9c64-b888e31620a2} - F:\.\Autorun.exe AUTORUN=1 HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\MountPoints2: {7788dee7-f745-11e1-9ecd-b888e31620a2} - F:\.\Autorun.exe AUTORUN=1 HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\MountPoints2: {7788def6-f745-11e1-9ecd-b888e31620a2} - F:\.\Autorun.exe AUTORUN=1 HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\MountPoints2: {7788df31-f745-11e1-9ecd-b888e31620a2} - F:\.\Autorun.exe AUTORUN=1 HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\MountPoints2: {c40c67f7-12a4-11e2-9840-74e543436fc5} - F:\.\Autorun.exe AUTORUN=1 HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\MountPoints2: {d6e0105c-6e9f-11e2-8ff2-b888e31620a2} - F:\autorun.exe AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => "C:\PROGRA~2\SupTab\SEARCH~1.DLL" File Not Found Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe (McAfee, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Toshiba Places Icon Utility.lnk ShortcutTarget: Toshiba Places Icon Utility.lnk -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe (Toshiba) Startup: C:\Users\Br. Pirminius Seber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 3050A J611 series (Kopie 1).lnk ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 3050A J611 series (Kopie 1).lnk -> C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.) Startup: C:\Users\Br. Pirminius Seber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Tintenwarnungen überwachen - HP Deskjet 3050A J611 series (Netzwerk).lnk ShortcutTarget: Tintenwarnungen überwachen - HP Deskjet 3050A J611 series (Netzwerk).lnk -> C:\Program Files\HP\HP Deskjet 3050A J611 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.) Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk ShortcutTarget: TRDCReminder.lnk -> C:\Program Files (x86)\TOSHIBA\TRDCReminder\TRDCReminder.exe (TOSHIBA Europe) ==================== Internet (Whitelisted) ==================== ProxyServer: http=:;https=: HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = WebSearches HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = WebSearches HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396034803&from=tugs&uid=TOSHIBAXMK5075GSX_52BJCFG5TXX52BJCFG5T&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = WebSearches HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = WebSearches HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1396034803&from=tugs&uid=TOSHIBAXMK5075GSX_52BJCFG5TXX52BJCFG5T&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396034803&from=tugs&uid=TOSHIBAXMK5075GSX_52BJCFG5TXX52BJCFG5T&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = WebSearches HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = WebSearches HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1396034803&from=tugs&uid=TOSHIBAXMK5075GSX_52BJCFG5TXX52BJCFG5T&q={searchTerms} StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe WebSearches BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader) BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120902183624.dll No File BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.) BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) BHO-x32: Caramava - {1e50bbda-c15a-47d5-9853-d829ff890664} - C:\Program Files (x86)\Caramava\Caramavabho.dll No File BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120902183624.dll No File BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) BHO-x32: TOSHIBA Media Controller Plug-in - {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (<TOSHIBA>) Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog9 01 C:\Windows\SysWOW64\SecureAssist.dll [295080] (SecureAssist) Winsock: Catalog9 02 C:\Windows\SysWOW64\SecureAssist.dll [295080] (SecureAssist) Winsock: Catalog9 03 C:\Windows\SysWOW64\SecureAssist.dll [295080] (SecureAssist) Winsock: Catalog9 04 C:\Windows\SysWOW64\SecureAssist.dll [295080] (SecureAssist) Winsock: Catalog9 15 C:\Windows\SysWOW64\SecureAssist.dll [295080] (SecureAssist) Winsock: Catalog9-x64 01 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist) Winsock: Catalog9-x64 02 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist) Winsock: Catalog9-x64 03 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist) Winsock: Catalog9-x64 04 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist) Winsock: Catalog9-x64 15 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist) Tcpip\Parameters: [DhcpNameServer] 192.168.178.1 FireFox: ======== FF ProfilePath: C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default FF NewTab: chrome://unitedtb/content/newtab/newtab-page.xhtml FF DefaultSearchEngine: webssearches FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll () FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll () FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @real.com/nppl3260;version=17.0.9.17 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=17.0.9 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.9 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=17.0.9 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=17.0.9.17 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer Cloud) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Br. Pirminius Seber\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited) FF SearchPlugin: C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\searchplugins\englische-ergebnisse.xml FF SearchPlugin: C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\searchplugins\gmx-suche.xml FF SearchPlugin: C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\searchplugins\lastminute.xml FF SearchPlugin: C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\searchplugins\webde-suche.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: GMX MailCheck - C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\Extensions\toolbar@gmx.net.xpi [2013-03-21] FF HKLM-x32\...\Firefox\Extensions: [{D19CA586-DD6C-4a0a-96F8-14644F340D60}] - C:\Program Files (x86)\Common Files\McAfee\SystemCore FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-10-07] FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-05-09] FF HKLM-x32\...\Firefox\Extensions: [quick_start@gmail.com] - C:\Users\Br. Pirminius Seber\AppData\Roaming\Mozilla\Firefox\Profiles\2x0a1rkf.default\extensions\quick_start@gmail.com FF HKLM-x32\...\Firefox\Extensions: [{53D8DD28-1C83-41F3-B171-C2ED5B3E5DE8}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [] FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR DefaultSearchKeyword: trovi.search CHR DefaultSearchProvider: Trovi search CHR DefaultSearchURL: hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3323900&octid=EB_ORIGINAL_CTID&ISID=ME5532AC7-0436-444B-8316-DB8596915435&SearchSource=58&CUI=&UM=5&UP=SPAD7B6FE3-E0CF-415C-9FF3-D56682FA8B82&q={searchTerms}&SSPV= CHR Extension: (No Name) - C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda [2012-10-07] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-16] CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-04-06] CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Br. Pirminius Seber\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-04-06] ==================== Services (Whitelisted) ================= R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-16] (AVAST Software) R2 IconMan_R; C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1811456 2010-08-27] (Realsil Microelectronics Inc.) [File not signed] S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.) R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-04-06] () R2 RealPlayer Cloud Service; c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe [1141848 2014-05-09] (RealNetworks, Inc.) R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-04-07] () [File not signed] R2 SecureAssist; C:\Program Files\SupraSavings\SecureAssist.exe [1558032 2014-03-12] (SecureAssist) [File not signed] S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [112080 2011-02-10] (Toshiba Europe GmbH) S2 Update Caramava; "C:\Program Files (x86)\Caramava\updateCaramava.exe" [X] S2 Util Caramava; "C:\Program Files (x86)\Caramava\bin\utilCaramava.exe" [X] ==================== Drivers (Whitelisted) ==================== R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-16] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-16] (AVAST Software) R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-16] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-16] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-16] (AVAST Software) R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-06-16] () S3 ew_hwusbdev; C:\Windows\System32\DRIVERS\ew_hwusbdev.sys [117248 2012-09-06] (Huawei Technologies Co., Ltd.) [File not signed] S3 hwdatacard; C:\Windows\System32\DRIVERS\ewusbmdm.sys [121600 2012-09-06] (Huawei Technologies Co., Ltd.) [File not signed] R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-06-18] (Malwarebytes Corporation) R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61112 2014-03-29] (StdLib) S3 massfilter; system32\drivers\massfilter.sys [X] S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X] S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X] S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-06-18 15:29 - 2014-06-18 15:30 - 02081280 _____ (Farbar) C:\Users\Br. Pirminius Seber\Downloads\FRST64.exe 2014-06-18 15:19 - 2014-06-18 15:19 - 00003876 _____ () C:\Users\Br. Pirminius Seber\Desktop\JRT.txt 2014-06-18 15:10 - 2014-06-18 15:10 - 00000000 ____D () C:\Windows\ERUNT 2014-06-18 15:09 - 2014-06-18 15:10 - 01016261 _____ (Thisisu) C:\Users\Br. Pirminius Seber\Downloads\JRT.exe 2014-06-18 15:04 - 2014-06-18 15:04 - 00057486 _____ () C:\Users\Br. Pirminius Seber\Desktop\mbam.txt 2014-06-18 14:08 - 2014-06-18 14:25 - 00001073 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-06-18 14:08 - 2014-06-18 14:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-06-18 14:08 - 2014-06-18 14:25 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-06-18 14:08 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-06-18 14:08 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-06-18 14:08 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-06-18 13:52 - 2014-06-18 14:05 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Br. Pirminius Seber\Downloads\mbam-setup-2.0.2.1012.exe 2014-06-18 13:04 - 2014-06-18 13:04 - 00000000 __SHD () C:\Users\Br. Pirminius Seber\AppData\Local\EmieUserList 2014-06-18 13:04 - 2014-06-18 13:04 - 00000000 __SHD () C:\Users\Br. Pirminius Seber\AppData\Local\EmieSiteList 2014-06-18 12:55 - 2014-06-18 13:00 - 00000000 ____D () C:\AdwCleaner 2014-06-17 22:21 - 2014-06-18 15:33 - 00029690 _____ () C:\Users\Br. Pirminius Seber\Downloads\Addition.txt 2014-06-17 22:20 - 2014-06-18 15:33 - 00026358 _____ () C:\Users\Br. Pirminius Seber\Downloads\FRST.txt 2014-06-17 22:19 - 2014-06-18 15:33 - 00000000 ____D () C:\FRST 2014-06-17 20:44 - 2014-06-18 12:59 - 00000000 ____D () C:\Program Files (x86)\ConstaSurf 2014-06-16 20:04 - 2014-06-16 20:04 - 00014814 _____ () C:\Users\Br. Pirminius Seber\Documents\Organistendienste St. Marien Zehlendorf April bis Juli 2014.odt 2014-06-16 12:18 - 2014-06-16 12:18 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-06-16 12:18 - 2014-06-16 12:18 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-06-12 16:46 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-06-12 16:46 - 2014-05-30 12:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-06-12 16:46 - 2014-05-30 11:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-06-12 16:46 - 2014-05-30 11:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-06-12 16:46 - 2014-05-30 11:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-06-12 16:46 - 2014-05-30 11:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-06-12 16:46 - 2014-05-30 11:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-06-12 16:46 - 2014-05-30 11:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-06-12 16:46 - 2014-05-30 11:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-06-12 16:46 - 2014-05-30 11:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-06-12 16:46 - 2014-05-30 11:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-06-12 16:46 - 2014-05-30 11:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-06-12 16:46 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-06-12 16:46 - 2014-05-30 11:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-06-12 16:46 - 2014-05-30 11:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-06-12 16:46 - 2014-05-30 11:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-06-12 16:46 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-06-12 16:46 - 2014-05-30 10:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-12 16:46 - 2014-05-30 10:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-06-12 16:46 - 2014-05-30 10:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-06-12 16:46 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-06-12 16:46 - 2014-05-30 10:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-06-12 16:46 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-06-12 16:46 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-12 16:46 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-06-12 16:46 - 2014-05-30 10:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-06-12 16:46 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-06-12 16:46 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-06-12 16:46 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-06-12 16:46 - 2014-05-30 10:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-06-12 16:46 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-06-12 16:46 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-06-12 16:46 - 2014-05-30 10:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-06-12 16:46 - 2014-05-30 10:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-06-12 16:46 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-06-12 16:46 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-12 16:46 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-06-12 16:46 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-06-12 16:46 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-06-12 16:46 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-06-12 16:46 - 2014-05-30 09:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-06-12 16:46 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-06-12 16:46 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-12 16:46 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-06-12 16:46 - 2014-05-30 09:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-06-12 16:46 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-06-12 16:46 - 2014-05-30 09:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-06-12 16:46 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-06-12 16:46 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-06-12 16:46 - 2014-05-30 09:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-06-12 16:46 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-06-12 16:46 - 2014-04-25 04:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-06-12 16:46 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll 2014-06-12 16:46 - 2014-04-05 04:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys 2014-06-12 16:46 - 2014-04-05 04:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS 2014-06-12 16:46 - 2014-03-26 16:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll 2014-06-12 16:46 - 2014-03-26 16:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll 2014-06-12 16:46 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll 2014-06-12 16:46 - 2014-03-26 16:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll 2014-06-12 16:46 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll 2014-06-12 16:46 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll 2014-06-12 16:46 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll 2014-06-12 16:46 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll 2014-06-12 16:45 - 2014-05-30 12:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-06-12 16:44 - 2014-06-08 11:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-12 16:44 - 2014-06-08 11:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-05-19 16:21 - 2014-06-18 14:18 - 00003404 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3090635963-4145032168-3900013317-1001 ==================== One Month Modified Files and Folders ======= 2014-06-18 15:33 - 2014-06-17 22:21 - 00029690 _____ () C:\Users\Br. Pirminius Seber\Downloads\Addition.txt 2014-06-18 15:33 - 2014-06-17 22:20 - 00026358 _____ () C:\Users\Br. Pirminius Seber\Downloads\FRST.txt 2014-06-18 15:33 - 2014-06-17 22:19 - 00000000 ____D () C:\FRST 2014-06-18 15:33 - 2012-09-02 12:07 - 00000000 ____D () C:\Users\Br. Pirminius Seber\AppData\Local\Temp 2014-06-18 15:30 - 2014-06-18 15:29 - 02081280 _____ (Farbar) C:\Users\Br. Pirminius Seber\Downloads\FRST64.exe 2014-06-18 15:26 - 2014-03-28 21:26 - 00000334 _____ () C:\Windows\Tasks\SaveSense.job 2014-06-18 15:25 - 2014-05-10 13:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-18 15:19 - 2014-06-18 15:19 - 00003876 _____ () C:\Users\Br. Pirminius Seber\Desktop\JRT.txt 2014-06-18 15:15 - 2012-09-02 15:51 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-06-18 15:14 - 2011-07-27 10:59 - 00001124 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-06-18 15:10 - 2014-06-18 15:10 - 00000000 ____D () C:\Windows\ERUNT 2014-06-18 15:10 - 2014-06-18 15:09 - 01016261 _____ (Thisisu) C:\Users\Br. Pirminius Seber\Downloads\JRT.exe 2014-06-18 15:04 - 2014-06-18 15:04 - 00057486 _____ () C:\Users\Br. Pirminius Seber\Desktop\mbam.txt 2014-06-18 15:01 - 2014-03-29 03:13 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-06-18 15:01 - 2012-12-20 14:01 - 00000284 _____ () C:\Windows\Tasks\HP Photo Creations Messager.job 2014-06-18 14:55 - 2009-07-14 06:45 - 00024912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-06-18 14:55 - 2009-07-14 06:45 - 00024912 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-06-18 14:51 - 2012-06-19 11:12 - 01503628 _____ () C:\Windows\WindowsUpdate.log 2014-06-18 14:49 - 2014-03-28 20:14 - 00002576 _____ () C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-4.job 2014-06-18 14:49 - 2014-03-28 20:14 - 00001896 _____ () C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-5.job 2014-06-18 14:49 - 2014-03-28 20:14 - 00001892 _____ () C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-5.job 2014-06-18 14:49 - 2014-03-28 20:14 - 00001792 _____ () C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-1.job 2014-06-18 14:49 - 2014-03-28 20:14 - 00001786 _____ () C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-1.job 2014-06-18 14:49 - 2014-03-28 20:14 - 00001720 _____ () C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-2.job 2014-06-18 14:49 - 2014-03-28 20:14 - 00001716 _____ () C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-2.job 2014-06-18 14:49 - 2014-03-28 20:13 - 00003468 _____ () C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-3.job 2014-06-18 14:49 - 2014-03-28 20:13 - 00003466 _____ () C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-3.job 2014-06-18 14:49 - 2014-03-28 20:13 - 00002578 _____ () C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-4.job 2014-06-18 14:49 - 2012-12-27 13:09 - 00003382 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3090635963-4145032168-3900013317-1001 2014-06-18 14:49 - 2012-12-27 13:09 - 00003276 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3090635963-4145032168-3900013317-1001 2014-06-18 14:49 - 2011-07-27 10:59 - 00001120 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-06-18 14:48 - 2013-02-25 21:54 - 00065536 _____ () C:\Windows\system32\Ikeext.etl 2014-06-18 14:48 - 2010-11-21 09:00 - 00000000 ____D () C:\Windows\ShellNew 2014-06-18 14:48 - 2010-11-21 05:47 - 00230982 _____ () C:\Windows\PFRO.log 2014-06-18 14:48 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-06-18 14:48 - 2009-07-14 06:51 - 00083757 _____ () C:\Windows\setupact.log 2014-06-18 14:25 - 2014-06-18 14:08 - 00001073 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-06-18 14:25 - 2014-06-18 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-06-18 14:25 - 2014-06-18 14:08 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-06-18 14:18 - 2014-05-19 16:21 - 00003404 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3090635963-4145032168-3900013317-1001 2014-06-18 14:18 - 2014-03-28 20:30 - 00003298 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3090635963-4145032168-3900013317-1001 2014-06-18 14:17 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing 2014-06-18 14:05 - 2014-06-18 13:52 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Br. Pirminius Seber\Downloads\mbam-setup-2.0.2.1012.exe 2014-06-18 13:49 - 2012-10-07 00:34 - 00001973 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk 2014-06-18 13:46 - 2012-10-07 00:33 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update 2014-06-18 13:45 - 2013-10-30 19:29 - 00000000 ____D () C:\Users\Br. Pirminius Seber\AppData\Local\iLivid 2014-06-18 13:44 - 2012-09-02 12:07 - 00000000 ____D () C:\Users\Br. Pirminius Seber 2014-06-18 13:42 - 2014-03-28 21:29 - 00000000 ____D () C:\Users\Br. Pirminius Seber\AppData\Local\Tuguu_SL 2014-06-18 13:42 - 2014-03-28 21:28 - 00000000 ____D () C:\Users\Br. Pirminius Seber\AppData\Roaming\SupTab 2014-06-18 13:42 - 2014-03-28 21:27 - 00000000 ____D () C:\Program Files\suprasavings 2014-06-18 13:42 - 2012-09-05 00:41 - 00000000 ____D () C:\Users\Br. Pirminius Seber\Downloads\SJB - geographische Verteilung (außer Ost)-Dateien 2014-06-18 13:42 - 2012-09-02 15:51 - 00000000 ____D () C:\ProgramData\McAfee Security Scan 2014-06-18 13:42 - 2012-09-02 12:07 - 00000000 ___RD () C:\Users\Br. Pirminius Seber\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2014-06-18 13:42 - 2011-07-27 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-06-18 13:42 - 2010-11-21 09:00 - 00000000 ___RD () C:\Users\Public\Recorded TV 2014-06-18 13:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-06-18 13:42 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2014-06-18 13:41 - 2012-11-23 03:04 - 00000000 ____D () C:\ProgramData\Real 2014-06-18 13:04 - 2014-06-18 13:04 - 00000000 __SHD () C:\Users\Br. Pirminius Seber\AppData\Local\EmieUserList 2014-06-18 13:04 - 2014-06-18 13:04 - 00000000 __SHD () C:\Users\Br. Pirminius Seber\AppData\Local\EmieSiteList 2014-06-18 13:00 - 2014-06-18 12:55 - 00000000 ____D () C:\AdwCleaner 2014-06-18 12:59 - 2014-06-17 20:44 - 00000000 ____D () C:\Program Files (x86)\ConstaSurf 2014-06-17 01:27 - 2012-09-28 13:22 - 00000984 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3090635963-4145032168-3900013317-1001UA.job 2014-06-16 20:04 - 2014-06-16 20:04 - 00014814 _____ () C:\Users\Br. Pirminius Seber\Documents\Organistendienste St. Marien Zehlendorf April bis Juli 2014.odt 2014-06-16 18:22 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-06-16 13:27 - 2012-09-28 13:22 - 00000962 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3090635963-4145032168-3900013317-1001Core.job 2014-06-16 12:19 - 2012-10-07 00:38 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys 2014-06-16 12:19 - 2012-10-07 00:38 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2014-06-16 12:18 - 2014-06-16 12:18 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr 2014-06-16 12:18 - 2014-06-16 12:18 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys 2014-06-16 12:18 - 2013-03-19 23:12 - 00208416 _____ () C:\Windows\system32\Drivers\aswVmm.sys 2014-06-16 12:18 - 2013-03-19 23:12 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys 2014-06-16 12:18 - 2012-10-07 00:33 - 00334648 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2014-06-16 12:18 - 2012-10-07 00:33 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2014-06-13 22:35 - 2011-07-27 10:59 - 00002356 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-06-13 02:01 - 2014-05-07 01:35 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-06-08 11:13 - 2014-06-12 16:44 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-08 11:08 - 2014-06-12 16:44 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-05 21:26 - 2012-11-24 04:20 - 00018915 _____ () C:\Users\Br. Pirminius Seber\Documents\Hochkirchliche St.-Johannes-Bruderschaft - Namenstage.odt 2014-06-05 12:42 - 2014-01-27 23:02 - 00014877 _____ () C:\Users\Br. Pirminius Seber\Documents\Organistendienste St. Marien Zehlendorf April bis Juni 2014.odt 2014-05-30 12:21 - 2014-06-12 16:45 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-05-30 12:02 - 2014-06-12 16:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-05-30 12:02 - 2014-06-12 16:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-05-30 11:45 - 2014-06-12 16:46 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-05-30 11:39 - 2014-06-12 16:46 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-05-30 11:39 - 2014-06-12 16:46 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-05-30 11:38 - 2014-06-12 16:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-05-30 11:28 - 2014-06-12 16:46 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-05-30 11:27 - 2014-06-12 16:46 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-05-30 11:24 - 2014-06-12 16:46 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-05-30 11:21 - 2014-06-12 16:46 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-05-30 11:21 - 2014-06-12 16:46 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-05-30 11:20 - 2014-06-12 16:46 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-05-30 11:18 - 2014-06-12 16:46 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-05-30 11:11 - 2014-06-12 16:46 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-05-30 11:08 - 2014-06-12 16:46 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-05-30 11:06 - 2014-06-12 16:46 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-05-30 11:02 - 2014-06-12 16:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-05-30 10:55 - 2014-06-12 16:46 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-05-30 10:49 - 2014-06-12 16:46 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-05-30 10:46 - 2014-06-12 16:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-05-30 10:44 - 2014-06-12 16:46 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-05-30 10:44 - 2014-06-12 16:46 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-05-30 10:43 - 2014-06-12 16:46 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-05-30 10:42 - 2014-06-12 16:46 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-05-30 10:38 - 2014-06-12 16:46 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-05-30 10:35 - 2014-06-12 16:46 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-05-30 10:34 - 2014-06-12 16:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-05-30 10:33 - 2014-06-12 16:46 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-05-30 10:30 - 2014-06-12 16:46 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-05-30 10:29 - 2014-06-12 16:46 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-05-30 10:28 - 2014-06-12 16:46 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-05-30 10:27 - 2014-06-12 16:46 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-05-30 10:24 - 2014-06-12 16:46 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-05-30 10:23 - 2014-06-12 16:46 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-05-30 10:16 - 2014-06-12 16:46 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-05-30 10:10 - 2014-06-12 16:46 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-05-30 10:06 - 2014-06-12 16:46 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-05-30 10:04 - 2014-06-12 16:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-05-30 10:02 - 2014-06-12 16:46 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-05-30 09:56 - 2014-06-12 16:46 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-05-30 09:56 - 2014-06-12 16:46 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-05-30 09:54 - 2014-06-12 16:46 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-05-30 09:50 - 2014-06-12 16:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-05-30 09:49 - 2014-06-12 16:46 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-05-30 09:43 - 2014-06-12 16:46 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-05-30 09:40 - 2014-06-12 16:46 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-05-30 09:30 - 2014-06-12 16:46 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-05-30 09:21 - 2014-06-12 16:46 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-05-30 09:15 - 2014-06-12 16:46 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-05-30 09:13 - 2014-06-12 16:46 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-05-30 09:13 - 2014-06-12 16:46 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-05-19 16:25 - 2010-11-21 08:50 - 00699682 _____ () C:\Windows\system32\perfh007.dat 2014-05-19 16:25 - 2010-11-21 08:50 - 00149790 _____ () C:\Windows\system32\perfc007.dat 2014-05-19 16:25 - 2009-07-14 07:13 - 01620684 _____ () C:\Windows\system32\PerfStringBackup.INI Some content of TEMP: ==================== C:\Users\Br. Pirminius Seber\AppData\Local\Temp\25829-656347-openoffice.exe C:\Users\Br. Pirminius Seber\AppData\Local\Temp\BackupSetup.exe C:\Users\Br. Pirminius Seber\AppData\Local\Temp\cabex.dll C:\Users\Br. Pirminius Seber\AppData\Local\Temp\Caramava_bs.exe C:\Users\Br. Pirminius Seber\AppData\Local\Temp\FixMyRegistry.exe C:\Users\Br. Pirminius Seber\AppData\Local\Temp\instloffer.exe C:\Users\Br. Pirminius Seber\AppData\Local\Temp\mfc80.dll C:\Users\Br. Pirminius Seber\AppData\Local\Temp\mfc80u.dll C:\Users\Br. Pirminius Seber\AppData\Local\Temp\mfcm80.dll C:\Users\Br. Pirminius Seber\AppData\Local\Temp\mfcm80u.dll C:\Users\Br. Pirminius Seber\AppData\Local\Temp\msvcm80.dll C:\Users\Br. Pirminius Seber\AppData\Local\Temp\msvcp80.dll C:\Users\Br. Pirminius Seber\AppData\Local\Temp\msvcr80.dll C:\Users\Br. Pirminius Seber\AppData\Local\Temp\OSU.exe C:\Users\Br. Pirminius Seber\AppData\Local\Temp\PCSpeedMaximizer.exe C:\Users\Br. Pirminius Seber\AppData\Local\Temp\Quarantine.exe C:\Users\Br. Pirminius Seber\AppData\Local\Temp\SkypeSetup.exe C:\Users\Br. Pirminius Seber\AppData\Local\Temp\Somoto_23_03_2014(delay).exe C:\Users\Br. Pirminius Seber\AppData\Local\Temp\SpeedUpMyComputer.exe C:\Users\Br. Pirminius Seber\AppData\Local\Temp\speedupmypc.exe C:\Users\Br. Pirminius Seber\AppData\Local\Temp\SpOrder.dll C:\Users\Br. Pirminius Seber\AppData\Local\Temp\stubhelper.dll C:\Users\Br. Pirminius Seber\AppData\Local\Temp\unelevate.exe C:\Users\Br. Pirminius Seber\AppData\Local\Temp\Uninstaller.exe C:\Users\Br. Pirminius Seber\AppData\Local\Temp\VersionUpdater.exe C:\Users\Br. Pirminius Seber\AppData\Local\Temp\WtgDriverInstallX.dll C:\Users\Br. Pirminius Seber\AppData\Local\Temp\WTGXMLUtil.dll C:\Users\Br. Pirminius Seber\AppData\Local\Temp\WtgZip.dll C:\Users\Br. Pirminius Seber\AppData\Local\Temp\ytai_ytareg_setup.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-06-10 23:47 ==================== End Of Log ============================ --- --- --- --- --- --- FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-06-2014
Ran by Br. Pirminius Seber at 2014-06-18 15:34:14
Running from C:\Users\Br. Pirminius Seber\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.02) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.02 - Adobe Systems Incorporated)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Facebook Video Calling 1.2.0.287 (HKLM-x32\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
High-Definition Video Playback (x32 Version: 7.3.10900.8.0 - Nero AG) Hidden
HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.5192 - HP Photo Creations)
HP Update (HKLM-x32\...\{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}) (Version: 5.003.000.004 - Hewlett-Packard)
iLivid (HKCU\...\iLivid) (Version: 5.0.0.4286 - Bandoo Media Inc) <==== ATTENTION
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2189 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.7.1002 - Intel Corporation)
Java Auto Updater (x32 Version: 2.0.2.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.8 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 10 Movie ThemePack Basic (x32 Version: 10.6.10000.1.0 - Nero AG) Hidden
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.8.10900.8.100 - Nero AG)
Nero BackItUp 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.4.10400.2.100 - Nero AG)
Nero BurnRights 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.6.12700.0.7 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.6.10800 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.20000.9.12 - Nero AG) Hidden
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10700.5.100 - Nero AG)
Nero Express 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.4.10300.1.100 - Nero AG)
Nero InfoTool 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Kwik Media (HKLM-x32\...\{1F7D9F37-C39C-486C-BDF8-8F440FFB3352}) (Version: 1.6.15100.59.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{2063D199-D79F-471A-9019-9E647296394D}) (Version: 10.6.10300 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.6.10500.3.100 - Nero AG)
Nero RescueAgent 10 Help (CHM) (x32 Version: 10.6.10800 - Nero AG) Hidden
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.6.10500.3.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.10900.31.0 - Nero AG)
NeroKwikMedia Help (CHM) (x32 Version: 10.6.10900 - Nero AG) Hidden
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
RealDownloader (x32 Version: 17.0.9 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.9 - RealNetworks)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6167 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0013 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SupraSavings (Version: 1.0.0.0 - SupraSavings) Hidden <==== ATTENTION
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.01.00 - TOSHIBA CORPORATION)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{43DBC64B-3DD1-47E2-8788-D3C3B110C574}) (Version: 2.1.10.64 - TOSHIBA Corporation)
TOSHIBA Bulletin Board (Version: 2.1.10.64 - TOSHIBA Corporation) Hidden
TOSHIBA ConfigFree (HKLM-x32\...\{38C52F7D-A6CB-4CE7-A189-8AABE8774D8A}) (Version: 8.0.38 - TOSHIBA CORPORATION)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (Version: 3.1.3.64 - TOSHIBA Corporation) Hidden
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.11C - TOSHIBA CORPORATION)
TOSHIBA Flash Cards Support Utility (x32 Version: 1.63.0.11C - TOSHIBA CORPORATION) Hidden
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.30C - TOSHIBA CORPORATION)
TOSHIBA Hardware Setup (x32 Version: 1.63.0.30C - TOSHIBA CORPORATION) Hidden
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
TOSHIBA HDD/SSD Alert (x32 Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
Toshiba Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.02 - TOSHIBA)
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.8.64 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.5.11 - TOSHIBA CORPORATION)
TOSHIBA Online Product Information (HKLM-x32\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 4.01.0000 - TOSHIBA)
TOSHIBA Places Icon Utility (HKLM-x32\...\{461F6F0D-7173-4902-9604-AB1A29108AF2}) (Version: 1.1.1.4 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.5 x64 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA)
TOSHIBA Recovery Media Creator Reminder (x32 Version: 1.00.0019 - TOSHIBA) Hidden
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.17.64 - TOSHIBA Corporation)
TOSHIBA ReelTime (Version: 1.7.17.64 - TOSHIBA Corporation) Hidden
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.40 - TOSHIBA)
TOSHIBA Supervisor Password (x32 Version: 1.63.0.10C - TOSHIBA CORPORATION) Hidden
TOSHIBA Supervisorkennwort (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.10C - TOSHIBA CORPORATION)
TOSHIBA TEMPRO (HKLM-x32\...\{F082CB11-4794-4259-99A1-D91BA762AD15}) (Version: 3.35 - Toshiba Europe GmbH)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.19.64 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.3.19.64 - TOSHIBA Corporation) Hidden
TOSHIBA Value Added Package (x32 Version: 1.3.19.64 - TOSHIBA Corporation) Hidden
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.1.5 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (x32 Version: 2.0.1.5 - TOSHIBA Corporation) Hidden
TOSHIBA Wireless LAN Indicator (HKLM-x32\...\{5BA99779-6E12-49EF-BE49-F35B1EDB4DF9}) (Version: 1.0.4 - TOSHIBA CORPORATION)
TRORMCLauncher (HKLM-x32\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version: - )
TRORMCLauncher (Version: 1.0.0.10 - TOSHIBA) Hidden
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Utility Common Driver (x32 Version: 1.0.52.2C - TOSHIBA) Hidden
Video Player (HKCU\...\Video Player) (Version: - ) <==== ATTENTION
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Restore Points =========================
15-05-2014 08:29:34 Windows Update
18-05-2014 18:26:39 Windows Update
21-05-2014 18:28:15 Windows Update
05-06-2014 10:08:21 Windows Update
10-06-2014 14:25:48 Windows Update
13-06-2014 00:01:18 Windows Update
16-06-2014 10:13:39 avast! antivirus system restore point
17-06-2014 15:31:01 Windows Update
18-06-2014 11:39:01 Wiederherstellungsvorgang
18-06-2014 11:44:04 avast! antivirus system restore point
18-06-2014 11:49:48 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {00861946-591E-4280-A18C-28971A50D87F} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3090635963-4145032168-3900013317-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {02723420-C324-4033-9D54-D1C58B5C2B9C} - System32\Tasks\ShopperPro => C:\Program Files (x86)\ShopperPro\ShopperPro.exe <==== ATTENTION
Task: {06AAD3C0-96D5-45EB-96E0-F4D999110471} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3090635963-4145032168-3900013317-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {2E72B586-D272-4CF0-81BA-04BEF39AFCC9} - System32\Tasks\SPDriver => C:\Program Files (x86)\ShopperPro\JSDriver\1.35.1.155\jsdrv.exe <==== ATTENTION
Task: {39453143-C890-4E73-B425-DD43C80766D3} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3090635963-4145032168-3900013317-1001UA => C:\Users\Br. Pirminius Seber\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-28] (Facebook Inc.)
Task: {3CF585E3-A203-43CB-BBF1-C608B9FF06B5} - System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-2 => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-2.exe <==== ATTENTION
Task: {40ABC68F-87ED-4C69-A56E-4E4D95F35835} - System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-1 => C:\Program Files (x86)\iWebar\iWebar-codedownloader.exe <==== ATTENTION
Task: {5BEA0EB2-19DB-4E1C-AF8D-90C45DE99150} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3090635963-4145032168-3900013317-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {5F459C19-110D-40F7-B927-7F3BC56FF8FF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-16] (AVAST Software)
Task: {7216ABB7-626D-42B9-A692-CAEFFCB1CCFA} - System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-3 => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-3.exe <==== ATTENTION
Task: {7BD09033-2839-46D8-8D10-5BA7EE0958DF} - System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-2 => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-2.exe <==== ATTENTION
Task: {7D9C35AF-D8F1-4275-8B58-1A5B0A1DE3BD} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3090635963-4145032168-3900013317-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-04-06] (RealNetworks, Inc.)
Task: {89AE3122-54EC-4511-9EDF-EE89B28AD869} - System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-4 => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-4.exe <==== ATTENTION
Task: {8D04FCCB-254B-4A93-BA8B-EF46881055C6} - System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-1 => C:\Program Files (x86)\Sense\Sense-codedownloader.exe <==== ATTENTION
Task: {9027BC15-68ED-4BF8-9258-0432480EDC5B} - System32\Tasks\HP Photo Creations Messager => C:\ProgramData\HP Photo Creations\MessageCheck.exe [2011-02-15] ()
Task: {94CD2741-56EF-4B90-A3AD-04F59638ABBF} - System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-5 => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-5.exe <==== ATTENTION
Task: {96BD8039-57AF-4010-A67B-B98537FAFB52} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-27] (Google Inc.)
Task: {B2FF1A69-6E16-4126-AC47-61057E9D47E3} - System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-4 => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-4.exe <==== ATTENTION
Task: {B8B9E4A1-5F54-4687-8149-92E7BA6FB3DD} - System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-3 => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-3.exe <==== ATTENTION
Task: {BB28F385-CB84-451E-9245-DA859554C905} - System32\Tasks\{93CF5D12-ADD9-4933-AE8A-EBCB6D15719F} => C:\Program Files (x86)\1&1 Surf-Stick\UIMain.exe
Task: {BBBB4417-70D0-46D0-83D2-28D2D628C9DE} - System32\Tasks\SaveSense => C:\Users\BRD788~1.PIR\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {C031F401-D170-471B-A47C-39591E3B8CDA} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3090635963-4145032168-3900013317-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {CC767EAC-B4BE-4F97-9067-BDDC780B074B} - System32\Tasks\ShopperProJSUpd => C:\Program Files (x86)\ShopperPro\updater.exe <==== ATTENTION
Task: {D77EB404-188A-4315-A436-D63E23453434} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3090635963-4145032168-3900013317-1001Core => C:\Users\Br. Pirminius Seber\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-28] (Facebook Inc.)
Task: {DD88F62D-C58A-458E-AE8A-54539D6A368E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-18] (Adobe Systems Incorporated)
Task: {EFCCC7CD-08FE-44A2-8C79-0CA153CCE1C7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-27] (Google Inc.)
Task: {F201AE44-C9F1-439B-B9A1-FC8DD0475121} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3090635963-4145032168-3900013317-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {F9FCFF82-C0AA-4A06-BE08-4A2FE39223C8} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2010-12-03] (TOSHIBA CORPORATION)
Task: {FABB902B-7C9F-428D-802A-28406F71842F} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3090635963-4145032168-3900013317-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {FFFBD286-540E-4859-830C-C5FFE98DDE93} - System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-5 => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-1.job => C:\Program Files (x86)\Sense\Sense-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-2.job => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-3.job => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-4.job => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-5.job => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-1.job => C:\Program Files (x86)\iWebar\iWebar-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-2.job => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-3.job => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-4.job => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-5.job => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3090635963-4145032168-3900013317-1001Core.job => C:\Users\Br. Pirminius Seber\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3090635963-4145032168-3900013317-1001UA.job => C:\Users\Br. Pirminius Seber\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe
Task: C:\Windows\Tasks\SaveSense.job => C:\Users\BRD788~1.PIR\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2014-04-06 23:00 - 2014-04-06 23:00 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-04-07 03:06 - 2014-04-07 03:06 - 00023552 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2014-03-21 13:55 - 2014-03-21 13:55 - 00162816 _____ () c:\program files\suprasavings\pcproxydll64.dll
2011-03-03 23:21 - 2011-03-03 23:21 - 03420584 _____ () C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll
2010-04-07 16:07 - 2010-04-07 16:07 - 09468728 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2009-11-03 13:26 - 2009-11-03 13:26 - 00053560 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
2010-03-03 14:15 - 2010-03-03 14:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll
2010-03-03 14:15 - 2010-03-03 14:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll
2011-07-27 10:29 - 2010-08-31 15:21 - 00017272 _____ () C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
2009-03-12 19:08 - 2009-03-12 19:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll
2009-07-25 16:38 - 2009-07-25 16:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2011-07-27 10:40 - 2011-02-22 11:16 - 00559104 _____ () C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\de\Humphrey.resources.dll
2011-07-27 10:58 - 2011-12-15 15:56 - 00022400 _____ () C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\de\TosDILangPack.resources.dll
2011-07-27 10:58 - 2011-12-15 15:55 - 00063360 _____ () C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIInternal.XmlSerializers.dll
2010-02-05 17:44 - 2010-02-05 17:44 - 00079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2014-06-18 13:50 - 2014-06-18 13:50 - 02776064 _____ () C:\Program Files\AVAST Software\Avast\defs\14061800\algo.dll
2014-05-09 18:24 - 2014-05-09 18:24 - 00859224 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2014-02-16 00:36 - 2014-02-16 00:36 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-05-10 13:39 - 2014-05-10 13:39 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-05-18 21:16 - 2014-05-18 21:16 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:AD022376
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => ""="service"
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 47%
Total physical RAM: 3890.67 MB
Available physical RAM: 2032.76 MB
Total Pagefile: 7779.52 MB
Available Pagefile: 5558.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (WINDOWS) (Fixed) (Total:232.88 GB) (Free:185.72 GB) NTFS
Drive d: (Data) (Fixed) (Total:232.49 GB) (Free:224.04 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 9E527146)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=233 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=232 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
18.06.2014, 14:37
| #9 |
| | Schrift erscheint grün und doppelt unterstrichen, der Computer ist sehr langsam, viel Werbung FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-06-2014
Ran by Br. Pirminius Seber at 2014-06-18 15:34:14
Running from C:\Users\Br. Pirminius Seber\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installed Programs ======================
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.02) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.02 - Adobe Systems Incorporated)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Facebook Video Calling 1.2.0.287 (HKLM-x32\...\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}) (Version: 1.2.287 - Skype Limited)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
High-Definition Video Playback (x32 Version: 7.3.10900.8.0 - Nero AG) Hidden
HP Deskjet 3050A J611 series - Grundlegende Software für das Gerät (HKLM\...\{61ADDE9C-3AE6-46FC-9127-DFFF637AED03}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3050A J611 series Hilfe (HKLM-x32\...\{97DDCAB8-B770-4089-A10F-67568069D78A}) (Version: 140.0.2.2 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.5192 - HP Photo Creations)
HP Update (HKLM-x32\...\{85DF2EED-08BC-46FB-90DA-28B0D0A8E8A8}) (Version: 5.003.000.004 - Hewlett-Packard)
iLivid (HKCU\...\iLivid) (Version: 5.0.0.4286 - Bandoo Media Inc) <==== ATTENTION
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2189 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.7.1002 - Intel Corporation)
Java Auto Updater (x32 Version: 2.0.2.1 - Sun Microsystems, Inc.) Hidden
Java(TM) 6 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Malwarebytes Anti-Malware Version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.130.8 - McAfee, Inc.)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 de)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 10 Movie ThemePack Basic (x32 Version: 10.6.10000.1.0 - Nero AG) Hidden
Nero BackItUp 10 (HKLM-x32\...\{68AB6930-5BFF-4FF6-923B-516A91984FE6}) (Version: 5.8.10900.8.100 - Nero AG)
Nero BackItUp 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero BurnRights 10 (HKLM-x32\...\{943CFD7D-5336-47AF-9418-E02473A5A517}) (Version: 4.4.10400.2.100 - Nero AG)
Nero BurnRights 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Control Center 10 (x32 Version: 10.6.12700.0.7 - Nero AG) Hidden
Nero ControlCenter 10 Help (CHM) (x32 Version: 10.6.10800 - Nero AG) Hidden
Nero Core Components 10 (x32 Version: 2.0.20000.9.12 - Nero AG) Hidden
Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.6.10700.5.100 - Nero AG)
Nero Express 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero InfoTool 10 (HKLM-x32\...\{F412B4AF-388C-4FF5-9B2F-33DB1C536953}) (Version: 7.4.10300.1.100 - Nero AG)
Nero InfoTool 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Kwik Media (HKLM-x32\...\{1F7D9F37-C39C-486C-BDF8-8F440FFB3352}) (Version: 1.6.15100.59.100 - Nero AG)
Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{2063D199-D79F-471A-9019-9E647296394D}) (Version: 10.6.10300 - Nero AG)
Nero RescueAgent 10 (HKLM-x32\...\{E337E787-CF61-4B7B-B84F-509202A54023}) (Version: 3.6.10500.3.100 - Nero AG)
Nero RescueAgent 10 Help (CHM) (x32 Version: 10.6.10800 - Nero AG) Hidden
Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.6.10500.3.100 - Nero AG)
Nero StartSmart 10 Help (CHM) (x32 Version: 10.6.10700 - Nero AG) Hidden
Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.10900.31.0 - Nero AG)
NeroKwikMedia Help (CHM) (x32 Version: 10.6.10900 - Nero AG) Hidden
OpenOffice.org 3.4 (HKLM-x32\...\{4C552FD3-2CCD-4E00-AC64-0681DBB3F8B5}) (Version: 3.4.9590 - OpenOffice.org)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
RealDownloader (x32 Version: 17.0.9 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.9 - RealNetworks)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.23.623.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6167 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30111 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0013 - REALTEK Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SupraSavings (Version: 1.0.0.0 - SupraSavings) Hidden <==== ATTENTION
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.01.00 - TOSHIBA CORPORATION)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{43DBC64B-3DD1-47E2-8788-D3C3B110C574}) (Version: 2.1.10.64 - TOSHIBA Corporation)
TOSHIBA Bulletin Board (Version: 2.1.10.64 - TOSHIBA Corporation) Hidden
TOSHIBA ConfigFree (HKLM-x32\...\{38C52F7D-A6CB-4CE7-A189-8AABE8774D8A}) (Version: 8.0.38 - TOSHIBA CORPORATION)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (Version: 3.1.3.64 - TOSHIBA Corporation) Hidden
TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.11C - TOSHIBA CORPORATION)
TOSHIBA Flash Cards Support Utility (x32 Version: 1.63.0.11C - TOSHIBA CORPORATION) Hidden
TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.30C - TOSHIBA CORPORATION)
TOSHIBA Hardware Setup (x32 Version: 1.63.0.30C - TOSHIBA CORPORATION) Hidden
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
TOSHIBA HDD/SSD Alert (x32 Version: 3.1.64.6 - TOSHIBA Corporation) Hidden
Toshiba Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.02 - TOSHIBA)
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.8.64 - TOSHIBA CORPORATION)
TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.5.11 - TOSHIBA CORPORATION)
TOSHIBA Online Product Information (HKLM-x32\...\{2290A680-4083-410A-ADCC-7092C67FC052}) (Version: 4.01.0000 - TOSHIBA)
TOSHIBA Places Icon Utility (HKLM-x32\...\{461F6F0D-7173-4902-9604-AB1A29108AF2}) (Version: 1.1.1.4 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.5 x64 - TOSHIBA Corporation)
TOSHIBA Recovery Media Creator Reminder (HKLM-x32\...\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}) (Version: 1.00.0019 - TOSHIBA)
TOSHIBA Recovery Media Creator Reminder (x32 Version: 1.00.0019 - TOSHIBA) Hidden
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.17.64 - TOSHIBA Corporation)
TOSHIBA ReelTime (Version: 1.7.17.64 - TOSHIBA Corporation) Hidden
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.40 - TOSHIBA)
TOSHIBA Supervisor Password (x32 Version: 1.63.0.10C - TOSHIBA CORPORATION) Hidden
TOSHIBA Supervisorkennwort (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.10C - TOSHIBA CORPORATION)
TOSHIBA TEMPRO (HKLM-x32\...\{F082CB11-4794-4259-99A1-D91BA762AD15}) (Version: 3.35 - Toshiba Europe GmbH)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.19.64 - TOSHIBA Corporation)
TOSHIBA Value Added Package (Version: 1.3.19.64 - TOSHIBA Corporation) Hidden
TOSHIBA Value Added Package (x32 Version: 1.3.19.64 - TOSHIBA Corporation) Hidden
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.1.5 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (x32 Version: 2.0.1.5 - TOSHIBA Corporation) Hidden
TOSHIBA Wireless LAN Indicator (HKLM-x32\...\{5BA99779-6E12-49EF-BE49-F35B1EDB4DF9}) (Version: 1.0.4 - TOSHIBA CORPORATION)
TRORMCLauncher (HKLM-x32\...\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}) (Version: - )
TRORMCLauncher (Version: 1.0.0.10 - TOSHIBA) Hidden
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Utility Common Driver (x32 Version: 1.0.52.2C - TOSHIBA) Hidden
Video Player (HKCU\...\Video Player) (Version: - ) <==== ATTENTION
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh ActiveX control for remote connections (HKLM-x32\...\{C5398A89-516C-4DAF-BA07-EE7949090E56}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Restore Points =========================
15-05-2014 08:29:34 Windows Update
18-05-2014 18:26:39 Windows Update
21-05-2014 18:28:15 Windows Update
05-06-2014 10:08:21 Windows Update
10-06-2014 14:25:48 Windows Update
13-06-2014 00:01:18 Windows Update
16-06-2014 10:13:39 avast! antivirus system restore point
17-06-2014 15:31:01 Windows Update
18-06-2014 11:39:01 Wiederherstellungsvorgang
18-06-2014 11:44:04 avast! antivirus system restore point
18-06-2014 11:49:48 Windows Update
==================== Hosts content: ==========================
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {00861946-591E-4280-A18C-28971A50D87F} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-3090635963-4145032168-3900013317-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {02723420-C324-4033-9D54-D1C58B5C2B9C} - System32\Tasks\ShopperPro => C:\Program Files (x86)\ShopperPro\ShopperPro.exe <==== ATTENTION
Task: {06AAD3C0-96D5-45EB-96E0-F4D999110471} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3090635963-4145032168-3900013317-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {2E72B586-D272-4CF0-81BA-04BEF39AFCC9} - System32\Tasks\SPDriver => C:\Program Files (x86)\ShopperPro\JSDriver\1.35.1.155\jsdrv.exe <==== ATTENTION
Task: {39453143-C890-4E73-B425-DD43C80766D3} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3090635963-4145032168-3900013317-1001UA => C:\Users\Br. Pirminius Seber\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-28] (Facebook Inc.)
Task: {3CF585E3-A203-43CB-BBF1-C608B9FF06B5} - System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-2 => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-2.exe <==== ATTENTION
Task: {40ABC68F-87ED-4C69-A56E-4E4D95F35835} - System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-1 => C:\Program Files (x86)\iWebar\iWebar-codedownloader.exe <==== ATTENTION
Task: {5BEA0EB2-19DB-4E1C-AF8D-90C45DE99150} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-3090635963-4145032168-3900013317-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {5F459C19-110D-40F7-B927-7F3BC56FF8FF} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-16] (AVAST Software)
Task: {7216ABB7-626D-42B9-A692-CAEFFCB1CCFA} - System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-3 => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-3.exe <==== ATTENTION
Task: {7BD09033-2839-46D8-8D10-5BA7EE0958DF} - System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-2 => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-2.exe <==== ATTENTION
Task: {7D9C35AF-D8F1-4275-8B58-1A5B0A1DE3BD} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-3090635963-4145032168-3900013317-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-04-06] (RealNetworks, Inc.)
Task: {89AE3122-54EC-4511-9EDF-EE89B28AD869} - System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-4 => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-4.exe <==== ATTENTION
Task: {8D04FCCB-254B-4A93-BA8B-EF46881055C6} - System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-1 => C:\Program Files (x86)\Sense\Sense-codedownloader.exe <==== ATTENTION
Task: {9027BC15-68ED-4BF8-9258-0432480EDC5B} - System32\Tasks\HP Photo Creations Messager => C:\ProgramData\HP Photo Creations\MessageCheck.exe [2011-02-15] ()
Task: {94CD2741-56EF-4B90-A3AD-04F59638ABBF} - System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-5 => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-5.exe <==== ATTENTION
Task: {96BD8039-57AF-4010-A67B-B98537FAFB52} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-27] (Google Inc.)
Task: {B2FF1A69-6E16-4126-AC47-61057E9D47E3} - System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-4 => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-4.exe <==== ATTENTION
Task: {B8B9E4A1-5F54-4687-8149-92E7BA6FB3DD} - System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-3 => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-3.exe <==== ATTENTION
Task: {BB28F385-CB84-451E-9245-DA859554C905} - System32\Tasks\{93CF5D12-ADD9-4933-AE8A-EBCB6D15719F} => C:\Program Files (x86)\1&1 Surf-Stick\UIMain.exe
Task: {BBBB4417-70D0-46D0-83D2-28D2D628C9DE} - System32\Tasks\SaveSense => C:\Users\BRD788~1.PIR\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {C031F401-D170-471B-A47C-39591E3B8CDA} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3090635963-4145032168-3900013317-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {CC767EAC-B4BE-4F97-9067-BDDC780B074B} - System32\Tasks\ShopperProJSUpd => C:\Program Files (x86)\ShopperPro\updater.exe <==== ATTENTION
Task: {D77EB404-188A-4315-A436-D63E23453434} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3090635963-4145032168-3900013317-1001Core => C:\Users\Br. Pirminius Seber\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-09-28] (Facebook Inc.)
Task: {DD88F62D-C58A-458E-AE8A-54539D6A368E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-18] (Adobe Systems Incorporated)
Task: {EFCCC7CD-08FE-44A2-8C79-0CA153CCE1C7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-07-27] (Google Inc.)
Task: {F201AE44-C9F1-439B-B9A1-FC8DD0475121} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-3090635963-4145032168-3900013317-1001 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {F9FCFF82-C0AA-4A06-BE08-4A2FE39223C8} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [2010-12-03] (TOSHIBA CORPORATION)
Task: {FABB902B-7C9F-428D-802A-28406F71842F} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-3090635963-4145032168-3900013317-1001 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-04-07] (RealNetworks, Inc.)
Task: {FFFBD286-540E-4859-830C-C5FFE98DDE93} - System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-5 => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-1.job => C:\Program Files (x86)\Sense\Sense-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-2.job => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-3.job => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-4.job => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-5.job => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-1.job => C:\Program Files (x86)\iWebar\iWebar-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-2.job => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-3.job => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-4.job => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-5.job => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3090635963-4145032168-3900013317-1001Core.job => C:\Users\Br. Pirminius Seber\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3090635963-4145032168-3900013317-1001UA.job => C:\Users\Br. Pirminius Seber\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HP Photo Creations Messager.job => C:\ProgramData\HP Photo Creations\MessageCheck.exe
Task: C:\Windows\Tasks\SaveSense.job => C:\Users\BRD788~1.PIR\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2014-04-06 23:00 - 2014-04-06 23:00 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-04-07 03:06 - 2014-04-07 03:06 - 00023552 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2014-03-21 13:55 - 2014-03-21 13:55 - 00162816 _____ () c:\program files\suprasavings\pcproxydll64.dll
2011-03-03 23:21 - 2011-03-03 23:21 - 03420584 _____ () C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll
2010-04-07 16:07 - 2010-04-07 16:07 - 09468728 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2009-11-03 13:26 - 2009-11-03 13:26 - 00053560 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
2010-03-03 14:15 - 2010-03-03 14:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll
2010-03-03 14:15 - 2010-03-03 14:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll
2011-07-27 10:29 - 2010-08-31 15:21 - 00017272 _____ () C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
2009-03-12 19:08 - 2009-03-12 19:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll
2009-07-25 16:38 - 2009-07-25 16:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2011-07-27 10:40 - 2011-02-22 11:16 - 00559104 _____ () C:\Program Files (x86)\TOSHIBA\TOSHIBA Online Product Information\de\Humphrey.resources.dll
2011-07-27 10:58 - 2011-12-15 15:56 - 00022400 _____ () C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\de\TosDILangPack.resources.dll
2011-07-27 10:58 - 2011-12-15 15:55 - 00063360 _____ () C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIInternal.XmlSerializers.dll
2010-02-05 17:44 - 2010-02-05 17:44 - 00079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2014-06-18 13:50 - 2014-06-18 13:50 - 02776064 _____ () C:\Program Files\AVAST Software\Avast\defs\14061800\algo.dll
2014-05-09 18:24 - 2014-05-09 18:24 - 00859224 _____ () c:\program files (x86)\real\realplayer\RPDS\Plugins\cldplin.dll
2014-02-16 00:36 - 2014-02-16 00:36 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-05-10 13:39 - 2014-05-10 13:39 - 03839088 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-05-18 21:16 - 2014-05-18 21:16 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:AD022376
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SecureAssist => ""="service"
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Percentage of memory in use: 47%
Total physical RAM: 3890.67 MB
Available physical RAM: 2032.76 MB
Total Pagefile: 7779.52 MB
Available Pagefile: 5558.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
==================== Drives ================================
Drive c: (WINDOWS) (Fixed) (Total:232.88 GB) (Free:185.72 GB) NTFS
Drive d: (Data) (Fixed) (Total:232.49 GB) (Free:224.04 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 9E527146)
Partition 1: (Active) - (Size=400 MB) - (Type=27)
Partition 2: (Not Active) - (Size=233 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=232 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
18.06.2014, 17:09
| #10 |
| | Schrift erscheint grün und doppelt unterstrichen, der Computer ist sehr langsam, viel Werbung Schritt 1: Uninstalls Bitte deinstalliere folgende Software:
Schritt 2: Chrome Reset Bitte folge den Anweisungen hier um Chrome auf die Standard-Einstellungen zurückzusetzen. Schritt 3: Längster FRST Fix den ich jemals für einen User gemacht habe Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\Run: [iLivid] => C:\Users\Br. Pirminius Seber\AppData\Local\iLivid\iLivid.exe [6827008 2013-09-09] (Bandoo Media Inc.)
HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\MountPoints2: F - F:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\MountPoints2: {6990a982-fa63-11e1-9c64-b888e31620a2} - F:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\MountPoints2: {7788dee7-f745-11e1-9ecd-b888e31620a2} - F:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\MountPoints2: {7788def6-f745-11e1-9ecd-b888e31620a2} - F:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\MountPoints2: {7788df31-f745-11e1-9ecd-b888e31620a2} - F:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\MountPoints2: {c40c67f7-12a4-11e2-9840-74e543436fc5} - F:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\MountPoints2: {d6e0105c-6e9f-11e2-8ff2-b888e31620a2} - F:\autorun.exe
AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found
AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => "C:\PROGRA~2\SupTab\SEARCH~1.DLL" File Not Found
ProxyServer: http=:;https=:
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = WebSearches
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = WebSearches
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396034803&from=tugs&uid=TOSHIBAXMK5075GSX_52BJCFG5TXX52BJCFG5T&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = WebSearches
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = WebSearches
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1396034803&from=tugs&uid=TOSHIBAXMK5075GSX_52BJCFG5TXX52BJCFG5T&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396034803&from=tugs&uid=TOSHIBAXMK5075GSX_52BJCFG5TXX52BJCFG5T&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = WebSearches
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = WebSearches
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1396034803&from=tugs&uid=TOSHIBAXMK5075GSX_52BJCFG5TXX52BJCFG5T&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe WebSearches
BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120902183624.dll No File
BHO-x32: Caramava - {1e50bbda-c15a-47d5-9853-d829ff890664} - C:\Program Files (x86)\Caramava\Caramavabho.dll No File
BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120902183624.dll No File
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Winsock: Catalog9 01 C:\Windows\SysWOW64\SecureAssist.dll [295080] (SecureAssist)
Winsock: Catalog9 02 C:\Windows\SysWOW64\SecureAssist.dll [295080] (SecureAssist)
Winsock: Catalog9 03 C:\Windows\SysWOW64\SecureAssist.dll [295080] (SecureAssist)
Winsock: Catalog9 04 C:\Windows\SysWOW64\SecureAssist.dll [295080] (SecureAssist)
Winsock: Catalog9 15 C:\Windows\SysWOW64\SecureAssist.dll [295080] (SecureAssist)
Winsock: Catalog9-x64 01 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 02 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 03 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 04 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
Winsock: Catalog9-x64 15 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist)
FF DefaultSearchEngine: webssearches
R2 SecureAssist; C:\Program Files\SupraSavings\SecureAssist.exe [1558032 2014-03-12] (SecureAssist) [File not signed]
S2 Update Caramava; "C:\Program Files (x86)\Caramava\updateCaramava.exe" [X]
S2 Util Caramava; "C:\Program Files (x86)\Caramava\bin\utilCaramava.exe" [X]
R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61112 2014-03-29] (StdLib)
2014-06-18 15:26 - 2014-03-28 21:26 - 00000334 _____ () C:\Windows\Tasks\SaveSense.job
2014-06-18 14:49 - 2014-03-28 20:14 - 00002576 _____ () C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-4.job
2014-06-18 14:49 - 2014-03-28 20:14 - 00001896 _____ () C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-5.job
2014-06-18 14:49 - 2014-03-28 20:14 - 00001892 _____ () C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-5.job
2014-06-18 14:49 - 2014-03-28 20:14 - 00001792 _____ () C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-1.job
2014-06-18 14:49 - 2014-03-28 20:14 - 00001786 _____ () C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-1.job
2014-06-18 14:49 - 2014-03-28 20:14 - 00001720 _____ () C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-2.job
2014-06-18 14:49 - 2014-03-28 20:14 - 00001716 _____ () C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-2.job
2014-06-18 14:49 - 2014-03-28 20:13 - 00003468 _____ () C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-3.job
2014-06-18 14:49 - 2014-03-28 20:13 - 00003466 _____ () C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-3.job
2014-06-18 14:49 - 2014-03-28 20:13 - 00002578 _____ () C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-4.job
2014-06-18 13:45 - 2013-10-30 19:29 - 00000000 ____D () C:\Users\Br. Pirminius Seber\AppData\Local\iLivid
2014-06-18 13:42 - 2014-03-28 21:29 - 00000000 ____D () C:\Users\Br. Pirminius Seber\AppData\Local\Tuguu_SL
2014-06-18 13:42 - 2014-03-28 21:28 - 00000000 ____D () C:\Users\Br. Pirminius Seber\AppData\Roaming\SupTab
2014-06-18 13:42 - 2014-03-28 21:27 - 00000000 ____D () C:\Program Files\suprasavings
2014-06-18 12:59 - 2014-06-17 20:44 - 00000000 ____D () C:\Program Files (x86)\ConstaSurf
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\25829-656347-openoffice.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\BackupSetup.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\cabex.dll
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\Caramava_bs.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\FixMyRegistry.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\instloffer.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\mfc80.dll
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\mfc80u.dll
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\mfcm80.dll
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\mfcm80u.dll
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\msvcm80.dll
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\msvcp80.dll
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\msvcr80.dll
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\OSU.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\PCSpeedMaximizer.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\Quarantine.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\Somoto_23_03_2014(delay).exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\SpeedUpMyComputer.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\speedupmypc.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\SpOrder.dll
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\stubhelper.dll
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\unelevate.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\Uninstaller.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\VersionUpdater.exe
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\WtgDriverInstallX.dll
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\WTGXMLUtil.dll
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\WtgZip.dll
C:\Users\Br. Pirminius Seber\AppData\Local\Temp\ytai_ytareg_setup.exe
Task: {02723420-C324-4033-9D54-D1C58B5C2B9C} - System32\Tasks\ShopperPro => C:\Program Files (x86)\ShopperPro\ShopperPro.exe <==== ATTENTION
Task: {2E72B586-D272-4CF0-81BA-04BEF39AFCC9} - System32\Tasks\SPDriver => C:\Program Files (x86)\ShopperPro\JSDriver\1.35.1.155\jsdrv.exe <==== ATTENTION
Task: {3CF585E3-A203-43CB-BBF1-C608B9FF06B5} - System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-2 => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-2.exe <==== ATTENTION
Task: {40ABC68F-87ED-4C69-A56E-4E4D95F35835} - System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-1 => C:\Program Files (x86)\iWebar\iWebar-codedownloader.exe <==== ATTENTION
Task: {7216ABB7-626D-42B9-A692-CAEFFCB1CCFA} - System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-3 => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-3.exe <==== ATTENTION
Task: {7BD09033-2839-46D8-8D10-5BA7EE0958DF} - System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-2 => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-2.exe <==== ATTENTION
Task: {89AE3122-54EC-4511-9EDF-EE89B28AD869} - System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-4 => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-4.exe <==== ATTENTION
Task: {8D04FCCB-254B-4A93-BA8B-EF46881055C6} - System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-1 => C:\Program Files (x86)\Sense\Sense-codedownloader.exe <==== ATTENTION
Task: {94CD2741-56EF-4B90-A3AD-04F59638ABBF} - System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-5 => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-5.exe <==== ATTENTION
Task: {B2FF1A69-6E16-4126-AC47-61057E9D47E3} - System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-4 => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-4.exe <==== ATTENTION
Task: {B8B9E4A1-5F54-4687-8149-92E7BA6FB3DD} - System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-3 => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-3.exe <==== ATTENTION
Task: {BBBB4417-70D0-46D0-83D2-28D2D628C9DE} - System32\Tasks\SaveSense => C:\Users\BRD788~1.PIR\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: {CC767EAC-B4BE-4F97-9067-BDDC780B074B} - System32\Tasks\ShopperProJSUpd => C:\Program Files (x86)\ShopperPro\updater.exe <==== ATTENTION
Task: {FFFBD286-540E-4859-830C-C5FFE98DDE93} - System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-5 => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-1.job => C:\Program Files (x86)\Sense\Sense-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-2.job => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-3.job => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-4.job => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-5.job => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-1.job => C:\Program Files (x86)\iWebar\iWebar-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-2.job => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-3.job => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-4.job => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-5.job => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\SaveSense.job => C:\Users\BRD788~1.PIR\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:AD022376
cmd: netsh winsock reset
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 4: FRST Scan  Bitte starte FRST erneut, setze den Haken auch bei Addition.txt und drücke auf Scan.
__________________ Proud member of Unite |
|
18.06.2014, 20:13
| #11 |
| | Schrift erscheint grün und doppelt unterstrichen, der Computer ist sehr langsam, viel Werbung Das Chrome-Reset funktioniert nicht, auf meinem Mozilla Firefox wird das vollkommen anders angezeigt als in der Beschreibung auf support.google.com erklärt. |
|
18.06.2014, 20:20
| #12 |
| | Schrift erscheint grün und doppelt unterstrichen, der Computer ist sehr langsam, viel Werbung Na, warum heißt es Chrome Reset und nicht FireFox Reset? 
__________________ Proud member of Unite |
|
18.06.2014, 20:51
| #13 |
| | Schrift erscheint grün und doppelt unterstrichen, der Computer ist sehr langsam, viel Werbung FRST findet Fixlist.txt nicht. |
|
18.06.2014, 20:57
| #14 |
| | Schrift erscheint grün und doppelt unterstrichen, der Computer ist sehr langsam, viel Werbung Wo befindet sich Fixlist.txt?
__________________ Proud member of Unite |
|
18.06.2014, 21:01
| #15 |
| | Schrift erscheint grün und doppelt unterstrichen, der Computer ist sehr langsam, viel Werbung Entschuldigung, war ein kleines Dummerle. Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 18-06-2014 Ran by Br. Pirminius Seber at 2014-06-18 21:54:47 Run:1 Running from C:\Users\Br. Pirminius Seber\Downloads\FRST-OlderVersion\FRST-OlderVersion\FRST-OlderVersion\FRST-OlderVersion Boot Mode: Normal ============================================== Content of fixlist: ***************** HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\Run: [iLivid] => C:\Users\Br. Pirminius Seber\AppData\Local\iLivid\iLivid.exe [6827008 2013-09-09] (Bandoo Media Inc.) HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\MountPoints2: F - F:\.\Autorun.exe AUTORUN=1 HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\MountPoints2: {6990a982-fa63-11e1-9c64-b888e31620a2} - F:\.\Autorun.exe AUTORUN=1 HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\MountPoints2: {7788dee7-f745-11e1-9ecd-b888e31620a2} - F:\.\Autorun.exe AUTORUN=1 HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\MountPoints2: {7788def6-f745-11e1-9ecd-b888e31620a2} - F:\.\Autorun.exe AUTORUN=1 HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\MountPoints2: {7788df31-f745-11e1-9ecd-b888e31620a2} - F:\.\Autorun.exe AUTORUN=1 HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\MountPoints2: {c40c67f7-12a4-11e2-9840-74e543436fc5} - F:\.\Autorun.exe AUTORUN=1 HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\...\MountPoints2: {d6e0105c-6e9f-11e2-8ff2-b888e31620a2} - F:\autorun.exe AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~2.DLL => C:\PROGRA~2\SupTab\SEARCH~2.DLL File Not Found AppInit_DLLs-x32: C:\PROGRA~2\SupTab\SEARCH~1.DLL => "C:\PROGRA~2\SupTab\SEARCH~1.DLL" File Not Found ProxyServer: http=:;https=: HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = WebSearches HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = WebSearches HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396034803&from=tugs&uid=TOSHIBAXMK5075GSX_52BJCFG5TXX52BJCFG5T&q={searchTerms} HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = WebSearches HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = WebSearches HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1396034803&from=tugs&uid=TOSHIBAXMK5075GSX_52BJCFG5TXX52BJCFG5T&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1396034803&from=tugs&uid=TOSHIBAXMK5075GSX_52BJCFG5TXX52BJCFG5T&q={searchTerms} HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = WebSearches HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = WebSearches HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1396034803&from=tugs&uid=TOSHIBAXMK5075GSX_52BJCFG5TXX52BJCFG5T&q={searchTerms} StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe WebSearches BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\Common Files\McAfee\SystemCore\ScriptSn.20120902183624.dll No File BHO-x32: Caramava - {1e50bbda-c15a-47d5-9853-d829ff890664} - C:\Program Files (x86)\Caramava\Caramavabho.dll No File BHO-x32: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120902183624.dll No File Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Winsock: Catalog9 01 C:\Windows\SysWOW64\SecureAssist.dll [295080] (SecureAssist) Winsock: Catalog9 02 C:\Windows\SysWOW64\SecureAssist.dll [295080] (SecureAssist) Winsock: Catalog9 03 C:\Windows\SysWOW64\SecureAssist.dll [295080] (SecureAssist) Winsock: Catalog9 04 C:\Windows\SysWOW64\SecureAssist.dll [295080] (SecureAssist) Winsock: Catalog9 15 C:\Windows\SysWOW64\SecureAssist.dll [295080] (SecureAssist) Winsock: Catalog9-x64 01 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist) Winsock: Catalog9-x64 02 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist) Winsock: Catalog9-x64 03 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist) Winsock: Catalog9-x64 04 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist) Winsock: Catalog9-x64 15 C:\Windows\system32\SecureAssist64.dll [338120] (SecureAssist) FF DefaultSearchEngine: webssearches R2 SecureAssist; C:\Program Files\SupraSavings\SecureAssist.exe [1558032 2014-03-12] (SecureAssist) [File not signed] S2 Update Caramava; "C:\Program Files (x86)\Caramava\updateCaramava.exe" [X] S2 Util Caramava; "C:\Program Files (x86)\Caramava\bin\utilCaramava.exe" [X] R1 wStLibG64; C:\Windows\System32\drivers\wStLibG64.sys [61112 2014-03-29] (StdLib) 2014-06-18 15:26 - 2014-03-28 21:26 - 00000334 _____ () C:\Windows\Tasks\SaveSense.job 2014-06-18 14:49 - 2014-03-28 20:14 - 00002576 _____ () C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-4.job 2014-06-18 14:49 - 2014-03-28 20:14 - 00001896 _____ () C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-5.job 2014-06-18 14:49 - 2014-03-28 20:14 - 00001892 _____ () C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-5.job 2014-06-18 14:49 - 2014-03-28 20:14 - 00001792 _____ () C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-1.job 2014-06-18 14:49 - 2014-03-28 20:14 - 00001786 _____ () C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-1.job 2014-06-18 14:49 - 2014-03-28 20:14 - 00001720 _____ () C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-2.job 2014-06-18 14:49 - 2014-03-28 20:14 - 00001716 _____ () C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-2.job 2014-06-18 14:49 - 2014-03-28 20:13 - 00003468 _____ () C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-3.job 2014-06-18 14:49 - 2014-03-28 20:13 - 00003466 _____ () C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-3.job 2014-06-18 14:49 - 2014-03-28 20:13 - 00002578 _____ () C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-4.job 2014-06-18 13:45 - 2013-10-30 19:29 - 00000000 ____D () C:\Users\Br. Pirminius Seber\AppData\Local\iLivid 2014-06-18 13:42 - 2014-03-28 21:29 - 00000000 ____D () C:\Users\Br. Pirminius Seber\AppData\Local\Tuguu_SL 2014-06-18 13:42 - 2014-03-28 21:28 - 00000000 ____D () C:\Users\Br. Pirminius Seber\AppData\Roaming\SupTab 2014-06-18 13:42 - 2014-03-28 21:27 - 00000000 ____D () C:\Program Files\suprasavings 2014-06-18 12:59 - 2014-06-17 20:44 - 00000000 ____D () C:\Program Files (x86)\ConstaSurf C:\Users\Br. Pirminius Seber\AppData\Local\Temp\25829-656347-openoffice.exe C:\Users\Br. Pirminius Seber\AppData\Local\Temp\BackupSetup.exe C:\Users\Br. Pirminius Seber\AppData\Local\Temp\cabex.dll C:\Users\Br. Pirminius Seber\AppData\Local\Temp\Caramava_bs.exe C:\Users\Br. Pirminius Seber\AppData\Local\Temp\FixMyRegistry.exe C:\Users\Br. Pirminius Seber\AppData\Local\Temp\instloffer.exe C:\Users\Br. Pirminius Seber\AppData\Local\Temp\mfc80.dll C:\Users\Br. Pirminius Seber\AppData\Local\Temp\mfc80u.dll C:\Users\Br. Pirminius Seber\AppData\Local\Temp\mfcm80.dll C:\Users\Br. Pirminius Seber\AppData\Local\Temp\mfcm80u.dll C:\Users\Br. Pirminius Seber\AppData\Local\Temp\msvcm80.dll C:\Users\Br. Pirminius Seber\AppData\Local\Temp\msvcp80.dll C:\Users\Br. Pirminius Seber\AppData\Local\Temp\msvcr80.dll C:\Users\Br. Pirminius Seber\AppData\Local\Temp\OSU.exe C:\Users\Br. Pirminius Seber\AppData\Local\Temp\PCSpeedMaximizer.exe C:\Users\Br. Pirminius Seber\AppData\Local\Temp\Quarantine.exe C:\Users\Br. Pirminius Seber\AppData\Local\Temp\SkypeSetup.exe C:\Users\Br. Pirminius Seber\AppData\Local\Temp\Somoto_23_03_2014(delay).exe C:\Users\Br. Pirminius Seber\AppData\Local\Temp\SpeedUpMyComputer.exe C:\Users\Br. Pirminius Seber\AppData\Local\Temp\speedupmypc.exe C:\Users\Br. Pirminius Seber\AppData\Local\Temp\SpOrder.dll C:\Users\Br. Pirminius Seber\AppData\Local\Temp\stubhelper.dll C:\Users\Br. Pirminius Seber\AppData\Local\Temp\unelevate.exe C:\Users\Br. Pirminius Seber\AppData\Local\Temp\Uninstaller.exe C:\Users\Br. Pirminius Seber\AppData\Local\Temp\VersionUpdater.exe C:\Users\Br. Pirminius Seber\AppData\Local\Temp\WtgDriverInstallX.dll C:\Users\Br. Pirminius Seber\AppData\Local\Temp\WTGXMLUtil.dll C:\Users\Br. Pirminius Seber\AppData\Local\Temp\WtgZip.dll C:\Users\Br. Pirminius Seber\AppData\Local\Temp\ytai_ytareg_setup.exe Task: {02723420-C324-4033-9D54-D1C58B5C2B9C} - System32\Tasks\ShopperPro => C:\Program Files (x86)\ShopperPro\ShopperPro.exe <==== ATTENTION Task: {2E72B586-D272-4CF0-81BA-04BEF39AFCC9} - System32\Tasks\SPDriver => C:\Program Files (x86)\ShopperPro\JSDriver\1.35.1.155\jsdrv.exe <==== ATTENTION Task: {3CF585E3-A203-43CB-BBF1-C608B9FF06B5} - System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-2 => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-2.exe <==== ATTENTION Task: {40ABC68F-87ED-4C69-A56E-4E4D95F35835} - System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-1 => C:\Program Files (x86)\iWebar\iWebar-codedownloader.exe <==== ATTENTION Task: {7216ABB7-626D-42B9-A692-CAEFFCB1CCFA} - System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-3 => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-3.exe <==== ATTENTION Task: {7BD09033-2839-46D8-8D10-5BA7EE0958DF} - System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-2 => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-2.exe <==== ATTENTION Task: {89AE3122-54EC-4511-9EDF-EE89B28AD869} - System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-4 => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-4.exe <==== ATTENTION Task: {8D04FCCB-254B-4A93-BA8B-EF46881055C6} - System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-1 => C:\Program Files (x86)\Sense\Sense-codedownloader.exe <==== ATTENTION Task: {94CD2741-56EF-4B90-A3AD-04F59638ABBF} - System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-5 => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-5.exe <==== ATTENTION Task: {B2FF1A69-6E16-4126-AC47-61057E9D47E3} - System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-4 => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-4.exe <==== ATTENTION Task: {B8B9E4A1-5F54-4687-8149-92E7BA6FB3DD} - System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-3 => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-3.exe <==== ATTENTION Task: {BBBB4417-70D0-46D0-83D2-28D2D628C9DE} - System32\Tasks\SaveSense => C:\Users\BRD788~1.PIR\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: {CC767EAC-B4BE-4F97-9067-BDDC780B074B} - System32\Tasks\ShopperProJSUpd => C:\Program Files (x86)\ShopperPro\updater.exe <==== ATTENTION Task: {FFFBD286-540E-4859-830C-C5FFE98DDE93} - System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-5 => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-5.exe <==== ATTENTION Task: C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-1.job => C:\Program Files (x86)\Sense\Sense-codedownloader.exe <==== ATTENTION Task: C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-2.job => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-2.exe <==== ATTENTION Task: C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-3.job => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-3.exe <==== ATTENTION Task: C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-4.job => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-4.exe <==== ATTENTION Task: C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-5.job => C:\Program Files (x86)\Sense\10496340-28c0-47c5-8c23-0aac03e48614-5.exe <==== ATTENTION Task: C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-1.job => C:\Program Files (x86)\iWebar\iWebar-codedownloader.exe <==== ATTENTION Task: C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-2.job => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-2.exe <==== ATTENTION Task: C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-3.job => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-3.exe <==== ATTENTION Task: C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-4.job => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-4.exe <==== ATTENTION Task: C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-5.job => C:\Program Files (x86)\iWebar\7c82d588-f306-4366-8f8b-71f85e442eb4-5.exe <==== ATTENTION Task: C:\Windows\Tasks\SaveSense.job => C:\Users\BRD788~1.PIR\AppData\Roaming\SAVESE~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION AlternateDataStreams: C:\ProgramData\TEMP:AD022376 cmd: netsh winsock reset ***************** HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully. HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\Software\Microsoft\Windows\CurrentVersion\Run\\iLivid => value deleted successfully. 'HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\S-1-5-21-3090635963-4145032168-3900013317-1001'=> Key not found. 'HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6990a982-fa63-11e1-9c64-b888e31620a2}' => Key deleted successfully. 'HKCR\CLSID\{6990a982-fa63-11e1-9c64-b888e31620a2}'=> Key not found. 'HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7788dee7-f745-11e1-9ecd-b888e31620a2}' => Key deleted successfully. 'HKCR\CLSID\{7788dee7-f745-11e1-9ecd-b888e31620a2}'=> Key not found. 'HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7788def6-f745-11e1-9ecd-b888e31620a2}' => Key deleted successfully. 'HKCR\CLSID\{7788def6-f745-11e1-9ecd-b888e31620a2}'=> Key not found. 'HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7788df31-f745-11e1-9ecd-b888e31620a2}' => Key deleted successfully. 'HKCR\CLSID\{7788df31-f745-11e1-9ecd-b888e31620a2}'=> Key not found. 'HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c40c67f7-12a4-11e2-9840-74e543436fc5}' => Key deleted successfully. 'HKCR\CLSID\{c40c67f7-12a4-11e2-9840-74e543436fc5}'=> Key not found. 'HKU\S-1-5-21-3090635963-4145032168-3900013317-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d6e0105c-6e9f-11e2-8ff2-b888e31620a2}' => Key deleted successfully. 'HKCR\CLSID\{d6e0105c-6e9f-11e2-8ff2-b888e31620a2}'=> Key not found. "C:\PROGRA~2\SupTab\SEARCH~2.DLL" => Value Data removed successfully. "C:\PROGRA~2\SupTab\SEARCH~1.DLL" => Value Data removed successfully. HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value deleted successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKCU\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully. HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Search Page => Value was restored successfully. HKLM\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command\\Default => Value was restored successfully. 'HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}' => Key deleted successfully. 'HKCR\CLSID\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}' => Key deleted successfully. 'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1e50bbda-c15a-47d5-9853-d829ff890664}' => Key deleted successfully. 'HKCR\Wow6432Node\CLSID\{1e50bbda-c15a-47d5-9853-d829ff890664}' => Key deleted successfully. 'HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}' => Key deleted successfully. 'HKCR\Wow6432Node\CLSID\{7DB2D5A0-7241-4E79-B68D-6309F01C5231}' => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} => value deleted successfully. 'HKCR\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}' => Key deleted successfully. HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully. 'HKCR\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}'=> Key not found. HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully. 'HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F}'=> Key not found. Winsock: Catalog entry 000000000001 => Deleted successfully. Winsock: Catalog entry 000000000002 => Deleted successfully. Winsock: Catalog entry 000000000003 => Deleted successfully. Winsock: Catalog entry 000000000004 => Deleted successfully. Winsock: Catalog entry 000000000015 => Deleted successfully. Winsock: Catalog entry 000000000001 => Deleted successfully. Winsock: Catalog entry 000000000002 => Deleted successfully. Winsock: Catalog entry 000000000003 => Deleted successfully. Winsock: Catalog entry 000000000004 => Deleted successfully. Winsock: Catalog entry 000000000015 => Deleted successfully. Firefox DefaultSearchEngine deleted successfully. SecureAssist => Service stopped successfully. SecureAssist => Service deleted successfully. Update Caramava => Service deleted successfully. Util Caramava => Service deleted successfully. wStLibG64 => Service stopped successfully. wStLibG64 => Service deleted successfully. C:\Windows\Tasks\SaveSense.job => Moved successfully. C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-4.job => Moved successfully. C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-5.job => Moved successfully. C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-5.job => Moved successfully. C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-1.job => Moved successfully. C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-1.job => Moved successfully. C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-2.job => Moved successfully. C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-2.job => Moved successfully. C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-3.job => Moved successfully. C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-3.job => Moved successfully. C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-4.job => Moved successfully. "C:\Users\Br. Pirminius Seber\AppData\Local\iLivid" => File/Directory not found. C:\Users\Br. Pirminius Seber\AppData\Local\Tuguu_SL => Moved successfully. C:\Users\Br. Pirminius Seber\AppData\Roaming\SupTab => Moved successfully. C:\Program Files\suprasavings => Moved successfully. C:\Program Files (x86)\ConstaSurf => Moved successfully. C:\Users\Br. Pirminius Seber\AppData\Local\Temp\25829-656347-openoffice.exe => Moved successfully. C:\Users\Br. Pirminius Seber\AppData\Local\Temp\BackupSetup.exe => Moved successfully. C:\Users\Br. Pirminius Seber\AppData\Local\Temp\cabex.dll => Moved successfully. C:\Users\Br. Pirminius Seber\AppData\Local\Temp\Caramava_bs.exe => Moved successfully. C:\Users\Br. Pirminius Seber\AppData\Local\Temp\FixMyRegistry.exe => Moved successfully. C:\Users\Br. Pirminius Seber\AppData\Local\Temp\instloffer.exe => Moved successfully. C:\Users\Br. Pirminius Seber\AppData\Local\Temp\mfc80.dll => Moved successfully. C:\Users\Br. Pirminius Seber\AppData\Local\Temp\mfc80u.dll => Moved successfully. C:\Users\Br. Pirminius Seber\AppData\Local\Temp\mfcm80.dll => Moved successfully. C:\Users\Br. Pirminius Seber\AppData\Local\Temp\mfcm80u.dll => Moved successfully. C:\Users\Br. Pirminius Seber\AppData\Local\Temp\msvcm80.dll => Moved successfully. C:\Users\Br. Pirminius Seber\AppData\Local\Temp\msvcp80.dll => Moved successfully. C:\Users\Br. Pirminius Seber\AppData\Local\Temp\msvcr80.dll => Moved successfully. C:\Users\Br. Pirminius Seber\AppData\Local\Temp\OSU.exe => Moved successfully. C:\Users\Br. Pirminius Seber\AppData\Local\Temp\PCSpeedMaximizer.exe => Moved successfully. C:\Users\Br. Pirminius Seber\AppData\Local\Temp\Quarantine.exe => Moved successfully. C:\Users\Br. Pirminius Seber\AppData\Local\Temp\SkypeSetup.exe => Moved successfully. C:\Users\Br. Pirminius Seber\AppData\Local\Temp\Somoto_23_03_2014(delay).exe => Moved successfully. C:\Users\Br. Pirminius Seber\AppData\Local\Temp\SpeedUpMyComputer.exe => Moved successfully. C:\Users\Br. Pirminius Seber\AppData\Local\Temp\speedupmypc.exe => Moved successfully. C:\Users\Br. Pirminius Seber\AppData\Local\Temp\SpOrder.dll => Moved successfully. C:\Users\Br. Pirminius Seber\AppData\Local\Temp\stubhelper.dll => Moved successfully. C:\Users\Br. Pirminius Seber\AppData\Local\Temp\unelevate.exe => Moved successfully. C:\Users\Br. Pirminius Seber\AppData\Local\Temp\Uninstaller.exe => Moved successfully. C:\Users\Br. Pirminius Seber\AppData\Local\Temp\VersionUpdater.exe => Moved successfully. C:\Users\Br. Pirminius Seber\AppData\Local\Temp\WtgDriverInstallX.dll => Moved successfully. C:\Users\Br. Pirminius Seber\AppData\Local\Temp\WTGXMLUtil.dll => Moved successfully. C:\Users\Br. Pirminius Seber\AppData\Local\Temp\WtgZip.dll => Moved successfully. C:\Users\Br. Pirminius Seber\AppData\Local\Temp\ytai_ytareg_setup.exe => Moved successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{02723420-C324-4033-9D54-D1C58B5C2B9C}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02723420-C324-4033-9D54-D1C58B5C2B9C}' => Key deleted successfully. C:\Windows\System32\Tasks\ShopperPro => Moved successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ShopperPro' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2E72B586-D272-4CF0-81BA-04BEF39AFCC9}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2E72B586-D272-4CF0-81BA-04BEF39AFCC9}' => Key deleted successfully. C:\Windows\System32\Tasks\SPDriver => Moved successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SPDriver' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{3CF585E3-A203-43CB-BBF1-C608B9FF06B5}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3CF585E3-A203-43CB-BBF1-C608B9FF06B5}' => Key deleted successfully. C:\Windows\System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-2 => Moved successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\7c82d588-f306-4366-8f8b-71f85e442eb4-2' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{40ABC68F-87ED-4C69-A56E-4E4D95F35835}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40ABC68F-87ED-4C69-A56E-4E4D95F35835}' => Key deleted successfully. C:\Windows\System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-1 => Moved successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\7c82d588-f306-4366-8f8b-71f85e442eb4-1' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7216ABB7-626D-42B9-A692-CAEFFCB1CCFA}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7216ABB7-626D-42B9-A692-CAEFFCB1CCFA}' => Key deleted successfully. C:\Windows\System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-3 => Moved successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\10496340-28c0-47c5-8c23-0aac03e48614-3' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7BD09033-2839-46D8-8D10-5BA7EE0958DF}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BD09033-2839-46D8-8D10-5BA7EE0958DF}' => Key deleted successfully. C:\Windows\System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-2 => Moved successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\10496340-28c0-47c5-8c23-0aac03e48614-2' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{89AE3122-54EC-4511-9EDF-EE89B28AD869}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{89AE3122-54EC-4511-9EDF-EE89B28AD869}' => Key deleted successfully. C:\Windows\System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-4 => Moved successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\7c82d588-f306-4366-8f8b-71f85e442eb4-4' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8D04FCCB-254B-4A93-BA8B-EF46881055C6}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8D04FCCB-254B-4A93-BA8B-EF46881055C6}' => Key deleted successfully. C:\Windows\System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-1 => Moved successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\10496340-28c0-47c5-8c23-0aac03e48614-1' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{94CD2741-56EF-4B90-A3AD-04F59638ABBF}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94CD2741-56EF-4B90-A3AD-04F59638ABBF}' => Key deleted successfully. C:\Windows\System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-5 => Moved successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\7c82d588-f306-4366-8f8b-71f85e442eb4-5' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B2FF1A69-6E16-4126-AC47-61057E9D47E3}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B2FF1A69-6E16-4126-AC47-61057E9D47E3}' => Key deleted successfully. C:\Windows\System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-4 => Moved successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\10496340-28c0-47c5-8c23-0aac03e48614-4' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B8B9E4A1-5F54-4687-8149-92E7BA6FB3DD}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8B9E4A1-5F54-4687-8149-92E7BA6FB3DD}' => Key deleted successfully. C:\Windows\System32\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-3 => Moved successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\7c82d588-f306-4366-8f8b-71f85e442eb4-3' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BBBB4417-70D0-46D0-83D2-28D2D628C9DE}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BBBB4417-70D0-46D0-83D2-28D2D628C9DE}' => Key deleted successfully. C:\Windows\System32\Tasks\SaveSense => Moved successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SaveSense' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{CC767EAC-B4BE-4F97-9067-BDDC780B074B}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC767EAC-B4BE-4F97-9067-BDDC780B074B}' => Key deleted successfully. C:\Windows\System32\Tasks\ShopperProJSUpd => Moved successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ShopperProJSUpd' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{FFFBD286-540E-4859-830C-C5FFE98DDE93}' => Key deleted successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FFFBD286-540E-4859-830C-C5FFE98DDE93}' => Key deleted successfully. C:\Windows\System32\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-5 => Moved successfully. 'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\10496340-28c0-47c5-8c23-0aac03e48614-5' => Key deleted successfully. C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-1.job not found. C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-2.job not found. C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-3.job not found. C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-4.job not found. C:\Windows\Tasks\10496340-28c0-47c5-8c23-0aac03e48614-5.job not found. C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-1.job not found. C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-2.job not found. C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-3.job not found. C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-4.job not found. C:\Windows\Tasks\7c82d588-f306-4366-8f8b-71f85e442eb4-5.job not found. C:\Windows\Tasks\SaveSense.job not found. C:\ProgramData\TEMP => ":AD022376" ADS removed successfully. ========= netsh winsock reset ========= Die Initialisierungsfunktion InitHelperDll in NSHHTTP.DLL konnte nicht gestartet werden. Fehlercode 10107 Der Winsock-Katalog wurde zur�ckgesetzt. Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en. ========= End of CMD: ========= ==== End of Fixlog ==== |
|
| Themen zu Schrift erscheint grün und doppelt unterstrichen, der Computer ist sehr langsam, viel Werbung |
| msil/adware.ibryte.d, msil/browsefox.e, msil/browsefox.g, pup.optional.bundleinstaller.a, pup.optional.conduit.a, pup.optional.crossrider.a, pup.optional.crossrider.m, pup.optional.dealply.a, pup.optional.dynconie.a, pup.optional.iepluginservice.a, pup.optional.iwebar.a, pup.optional.qone8, pup.optional.savesense, pup.optional.savesense.a, pup.optional.shopperpro.a, pup.optional.skytech.a, pup.optional.speedupmypc, pup.optional.suptab.a, pup.optional.websteroids.a, pup.optional.wpmanager.a, win32/browsefox.f, win32/browsefox.h, win32/browsefox.i, win32/browsefox.k, win64/browsefox.a |
Linear-Darstellung
