Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Windows 7: Chrome öffnet sich von selbst und leitet Seiten auf Werbung um

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 04.07.2014, 13:13   #1
Faranir
 
Windows 7: Chrome öffnet sich von selbst und leitet Seiten auf Werbung um - Standard

Windows 7: Chrome öffnet sich von selbst und leitet Seiten auf Werbung um



Hallo.
Mein Chrome öffnet sich von selbst mit unterschiedlichen Werbeseiten und öffnet auch sonst immer wieder neue Tabs und Fenster, ohne mein zutun. Es kommt auch vor, dass ein Link oder eine neue geöffnete Seite auf Werbung umgeleitet wird. Beim zweiten Versuch öffnet sich die Seite oder der Link dann wieder ganz normal.
An und für sich nervt dies eher jedoch beunruhigt mich das ganze doch. Eine neue Installation von Chrome bringt nichts und auch Adblocker sind wirkungslos. Meine Sicherheitssoftware (Norton) findet allerdings keine Fehler.

Hier sind meine Logs:
_____________________________________________________________________________
Defogger

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 11:56 on 04/07/2014 (Simone)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-
_____________________________________________________________________________

FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:03-07-2014
Ran by Simone (administrator) on JAMIE on 04-07-2014 12:08:18
Running from C:\Users\Simone\Desktop
Platform: Microsoft Windows 7 Professional N Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
() C:\Program Files\EZ Software Updater\EZ Software Updater.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.3.0.12\NIS.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
() C:\Users\Simone\AppData\Local\fst_de_55\upfst_de_55.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.3.0.12\NIS.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
() C:\Program Files\fst_de_55\fst_de_55.exe
() C:\Program Files\fst_de_56\fst_de_56.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
() C:\Users\Simone\AppData\Local\Genesis_06211741\Genesis_06211741.exe
() C:\Program Files\Boost\BoostUpdater.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-15] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM\...\Run: [mobilegeni daemon] => C:\Program Files\Mobogenie\DaemonProcess.exe
HKLM\...\Run: [fst_de_55] => C:\Program Files\fst_de_55\fst_de_55.exe [3980784 2014-06-20] ()
HKLM\...\Run: [fst_de_56] => C:\Program Files\fst_de_56\fst_de_56.exe [3979760 2014-06-20] ()
HKLM\...\RunOnce: [upfst_de_55.exe] - C:\Users\Simone\AppData\Local\fst_de_55\upfst_de_55.exe -runonce [3355632 2014-06-20] ()
HKU\S-1-5-21-1871973915-1044618656-3300570338-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1564016 2013-07-15] (Samsung)
HKU\S-1-5-21-1871973915-1044618656-3300570338-1000\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-1871973915-1044618656-3300570338-1000\...\Run: [genesis_06211741] => c:\users\simone\appdata\local\genesis_06211741\genesis_06211741.exe [3067904 2014-06-21] ()
HKU\S-1-5-21-1871973915-1044618656-3300570338-1000\...\MountPoints2: {3c3622e5-1c90-11e3-b8b5-806e6f6e6963} - E:\Start.exe
HKU\S-1-5-21-1871973915-1044618656-3300570338-1000\...\MountPoints2: {ff716f4a-1d28-11e3-862a-00235a569b0d} - G:\SETUP.EXE
AppInit_DLLs: C:\PROGRA~1\SupTab\SEARCH~1.DLL => C:\Program Files\SupTab\SearchProtect32.dll [91248 2014-05-08] (Skytech Co., Ltd.)
Startup: C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BoostUpdater.lnk
ShortcutTarget: BoostUpdater.lnk -> C:\Program Files\Boost\BoostUpdater.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaJRTF_CeucR4HuqXmFP92t7LXoE4BE6fWlRTO_2hnBTFdwEEcwA8xEAO6D24SsJFUbb_yC0MNW7LTuxsiODP6dhE076fMDjHz6LkhnFasrP9aNn7H_-k_JHA65jxFsB-1hH6FXU1jpP4JjHxHbD6xhv5m6XqcYPQIpRSQzEOZSg4B0,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=B8AA00242B9976EB&affID=119357&tsp=5004
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xAA149BC4C0B0CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=B8AA00242B9976EB&affID=121565&tsp=5004
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaJRTF_CeucR4HuqXmFP92t7LXoE4BE6fWlRTO_2hnBTFdwEEcwA8xEAO6D24SsJFUbb_yC0MNW7LTuxsiODP6dhE076fMDjHz6LkhnFasrP9aNn7H_-k_JHA65jxFsB-1hH6FXU1jpP4JjHxHbD6xhv5m6XqcYPQIpRSQzEOZSg4B0,&q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1403372576&from=tugs&uid=WDCXWD1600BEVT-00ZCT0_WD-WXE208HT0437T0437
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://istart.webssearches.com/?type=hp&ts=1403372576&from=tugs&uid=WDCXWD1600BEVT-00ZCT0_WD-WXE208HT0437T0437
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403372576&from=tugs&uid=WDCXWD1600BEVT-00ZCT0_WD-WXE208HT0437T0437&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://istart.webssearches.com/?type=hp&ts=1403372576&from=tugs&uid=WDCXWD1600BEVT-00ZCT0_WD-WXE208HT0437T0437
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://istart.webssearches.com/web/?type=ds&ts=1403372576&from=tugs&uid=WDCXWD1600BEVT-00ZCT0_WD-WXE208HT0437T0437&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1403372576&from=tugs&uid=WDCXWD1600BEVT-00ZCT0_WD-WXE208HT0437T0437
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403372576&from=tugs&uid=WDCXWD1600BEVT-00ZCT0_WD-WXE208HT0437T0437&q={searchTerms}
SearchScopes: HKLM - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaJRTF_CeucR4HuqXmFP92t7LXoE4BE6fWlRTO_2hnBTFdwEEcwA8xEAO6D24SsJFUbb_yC0MNW7LTuxsiODP6dhE076fMDjHz6LkhnFasrP9aNn7H_-k_JHA65jxFsB-1hH6FXU1jpP4JjHxHbD6xhv5m6XqcYPQIpRSQzEOZSg4Bo,&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403372576&from=tugs&uid=WDCXWD1600BEVT-00ZCT0_WD-WXE208HT0437T0437&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403372576&from=tugs&uid=WDCXWD1600BEVT-00ZCT0_WD-WXE208HT0437T0437&q={searchTerms}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaJRTF_CeucR4HuqXmFP92t7LXoE4BE6fWlRTO_2hnBTFdwEEcwA8xEAO6D24SsJFUbb_yC0MNW7LTuxsiODP6dhE076fMDjHz6LkhnFasrP9aNn7H_-k_JHA65jxFsB-1hH6FXU1jpP4JjHxHbD6xhv5m6XqcYPQIpRSQzEOZSg4B0,&q={searchTerms}
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1403372576&from=tugs&uid=WDCXWD1600BEVT-00ZCT0_WD-WXE208HT0437T0437&q={searchTerms}
BHO: IETabPage Class - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Boost - {8DE6FC60-E023-4AD7-A3B7-591E1460E7F7} - C:\Program Files\Boost\Boost.dll (Jigsaw)
BHO: DVDVideoSoft IE Extension - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default
FF Homepage: user_pref("browser.startup.homepage", );
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\user.js
FF SearchPlugin: C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\searchplugins\amazon.xml
FF Extension: Amazon Browser Bar - C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com [2013-09-14]
FF Extension: Boost - C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\boost@boost.net.xpi [2014-05-31]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\coFFPlgn [2014-07-03]
FF HKLM\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff [2013-09-13]
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\IPSFF [2014-06-07]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff [2013-09-13]

Chrome:
=======
CHR StartupUrls: "https://www.google.com/"
CHR Extension: (Google Docs) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-01]
CHR Extension: (Google Drive) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-01]
CHR Extension: (YouTube) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-01]
CHR Extension: (Adblock Plus) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-01]
CHR Extension: (Google-Suche) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-01]
CHR Extension: (Block site) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2014-07-01]
CHR Extension: (JavaScript Popup Blocker) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiajdlfgbgnnjakkbnpdhmhfhklkbiol [2014-07-01]
CHR Extension: (Norton Identity Protection) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-07-01]
CHR Extension: (Google Wallet) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-01]
CHR Extension: (Google Mail) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-01]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Internet Security\Engine\21.3.0.12\Exts\Chrome.crx [2014-06-04]
CHR HKLM\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-06-04]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-09-13]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 EZ Software Updater; C:\Program Files\EZ Software Updater\EZ Software Updater.exe [202752 2014-05-05] () [File not signed]
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [704112 2014-05-08] (Cherished Technololgy LIMITED)
R2 NIS; C:\Program Files\Norton Internet Security\Engine\21.3.0.12\NIS.exe [276376 2014-05-11] (Symantec Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1723744 2012-11-29] (TuneUp Software)
S2 ZAPrivacyService; "C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe" [X]

==================== Drivers (Whitelisted) ====================

R1 BHDrvx86; C:\Program Files\Norton Internet Security\NortonData\21.3.0.12\Definitions\BASHDefs\20140606.001\BHDrvx86.sys [1101616 2014-05-10] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1503000.00C\ccSetx86.sys [127064 2014-02-21] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [377648 2014-06-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [109872 2014-06-11] (Symantec Corporation)
R1 IDSVix86; C:\Program Files\Norton Internet Security\NortonData\21.3.0.12\Definitions\IPSDefs\20140703.001\IDSvix86.sys [395992 2014-06-06] (Symantec Corporation)
R3 NAVENG; C:\Program Files\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20140703.034\NAVENG.SYS [93272 2014-06-25] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20140703.034\NAVEX15.SYS [1612376 2014-06-25] (Symantec Corporation)
R1 SRTSP; C:\Windows\System32\Drivers\NIS\1503000.00C\SRTSP.SYS [664280 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1503000.00C\SRTSPX.SYS [32344 2013-10-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NIS\1503000.00C\SYMDS.SYS [367704 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1503000.00C\SYMEFA.SYS [936152 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142936 2014-06-04] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1503000.00C\Ironx86.SYS [206936 2013-10-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NIS\1503000.00C\SYMNETS.SYS [447704 2014-02-18] (Symantec Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-11-16] (TuneUp Software)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-04 12:07 - 2014-07-04 12:07 - 00016935 _____ () C:\Users\Simone\Desktop\Addition.txt
2014-07-04 12:06 - 2014-07-04 12:08 - 00016909 _____ () C:\Users\Simone\Desktop\FRST.txt
2014-07-04 12:06 - 2014-07-04 12:08 - 00000000 ____D () C:\FRST
2014-07-04 11:56 - 2014-07-04 11:56 - 00000474 _____ () C:\Users\Simone\Desktop\defogger_disable.log
2014-07-04 11:56 - 2014-07-04 11:56 - 00000000 _____ () C:\Users\Simone\defogger_reenable
2014-07-04 11:34 - 2014-07-04 11:35 - 00380416 _____ () C:\Users\Simone\Desktop\69qtyzo7.exe
2014-07-04 11:34 - 2014-07-04 11:34 - 01073664 _____ (Farbar) C:\Users\Simone\Desktop\FRST.exe
2014-07-04 11:33 - 2014-07-04 11:33 - 00050477 _____ () C:\Users\Simone\Desktop\Defogger.exe
2014-07-01 11:00 - 2014-07-04 11:30 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-01 11:00 - 2014-07-04 11:30 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-01 11:00 - 2014-07-01 11:00 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-01 11:00 - 2014-07-01 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-01 10:50 - 2014-07-01 10:50 - 00000000 __SHD () C:\Users\Simone\AppData\Local\EmieUserList
2014-07-01 10:50 - 2014-07-01 10:50 - 00000000 __SHD () C:\Users\Simone\AppData\Local\EmieSiteList
2014-07-01 10:45 - 2014-07-01 10:46 - 40514640 _____ (Google Inc.) C:\Users\Simone\Desktop\ChromeStandaloneSetup_35.0.1916.153.exe
2014-06-29 16:15 - 2014-06-29 16:15 - 01509720 _____ () C:\Windows\Minidump\062914-28938-01.dmp
2014-06-25 14:40 - 2014-06-25 14:40 - 00227104 _____ (Premium Installer ) C:\Users\Simone\Downloads\Player-Chrome.exe
2014-06-24 20:20 - 2014-06-24 20:20 - 00228216 _____ (Fusion Install ) C:\Users\Simone\Downloads\Drivers_Setup.exe
2014-06-22 20:32 - 2014-06-22 20:32 - 00000000 ____D () C:\Users\Simone\Documents\Jojos Fashion Show 2
2014-06-22 20:32 - 2014-06-22 20:32 - 00000000 ____D () C:\Users\Simone\AppData\Roaming\Gamelab
2014-06-22 20:31 - 2014-07-01 10:57 - 00000000 ____D () C:\Program Files\Jojo's Fashion Show 2
2014-06-22 20:30 - 2014-06-22 21:32 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-22 20:29 - 2014-07-01 10:54 - 00000000 ____D () C:\ProgramData\Big Fish
2014-06-22 20:28 - 2014-06-22 20:30 - 00000000 ____D () C:\Users\Simone\AppData\Local\Big Fish
2014-06-22 10:54 - 2014-06-22 10:54 - 00000000 ____D () C:\Program Files\SearchProtect
2014-06-21 20:25 - 2014-06-21 20:25 - 00000000 ____D () C:\ProgramData\2308189059
2014-06-21 20:10 - 2014-06-21 20:10 - 00000000 ____D () C:\Users\Simone\AppData\Local\fst_de_56
2014-06-21 20:10 - 2014-06-21 20:10 - 00000000 ____D () C:\Program Files\fst_de_56
2014-06-21 20:03 - 2014-06-21 20:03 - 00000000 ____D () C:\IePluginServices
2014-06-21 20:01 - 2014-06-18 11:44 - 00608179 _____ (Click Me In Limited) C:\Users\Simone\AppData\Local\AnyProtectScannerSetup.exe
2014-06-21 20:00 - 2014-06-21 20:01 - 00000000 ____D () C:\Program Files\AnyProtectEx
2014-06-21 19:59 - 2014-06-21 19:59 - 00000000 ____D () C:\Users\Simone\AppData\Local\PennyBee
2014-06-21 19:58 - 2014-06-21 20:53 - 00000000 ____D () C:\Program Files\PC Speed Maximizer
2014-06-21 19:58 - 2014-06-21 20:13 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-21 19:58 - 2014-06-21 19:59 - 00000000 ____D () C:\ProgramData\WindowsProtectManger
2014-06-21 19:58 - 2014-06-21 19:58 - 00000000 ____D () C:\Users\Simone\AppData\Roaming\SupTab
2014-06-21 19:58 - 2014-06-21 19:58 - 00000000 ____D () C:\Program Files\SupTab
2014-06-21 19:49 - 2014-06-22 10:13 - 00000000 ____D () C:\Program Files\globalUpdate
2014-06-21 19:49 - 2014-06-21 19:49 - 00000000 ____D () C:\Users\Simone\AppData\Local\globalUpdate
2014-06-21 19:45 - 2014-06-21 19:45 - 00000000 ____D () C:\ProgramData\CheckPoint
2014-06-21 19:42 - 2014-07-03 22:11 - 00000000 ____D () C:\Users\Simone\AppData\Local\fst_de_55
2014-06-21 19:42 - 2014-06-21 20:45 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-06-21 19:42 - 2014-06-21 20:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREE_SOFT_TODAY
2014-06-21 19:42 - 2014-06-21 19:42 - 00000000 ____D () C:\Program Files\fst_de_55
2014-06-21 19:41 - 2014-07-04 11:57 - 00000000 ____D () C:\Users\Simone\AppData\Local\Genesis_06211741
2014-06-21 19:40 - 2014-06-22 10:54 - 00000000 ____D () C:\Users\Simone\AppData\Local\SearchProtect
2014-06-21 19:38 - 2014-06-21 19:38 - 01392632 _____ () C:\Users\Simone\Downloads\Setup (1).exe
2014-06-21 19:37 - 2014-06-21 19:37 - 34516480 _____ (DVDVideoSoft Ltd. ) C:\Users\Simone\Downloads\FreeYouTubeToMP3Converter (2).exe
2014-06-21 19:37 - 2014-06-21 19:37 - 00000000 ____D () C:\Users\Simone\AppData\Local\cache
2014-06-21 19:37 - 2014-06-21 19:37 - 00000000 ____D () C:\Users\Simone\.android
2014-06-21 19:37 - 2014-06-21 19:37 - 00000000 _____ () C:\Users\Simone\daemonprocess.txt
2014-06-21 19:36 - 2014-06-21 20:55 - 00000000 ____D () C:\Users\Simone\AppData\Local\Mobogenie
2014-06-21 19:36 - 2014-06-21 19:37 - 34516480 _____ (DVDVideoSoft Ltd. ) C:\Users\Simone\Downloads\FreeYouTubeToMP3Converter (1).exe
2014-06-21 19:36 - 2014-06-21 19:36 - 00000000 ____D () C:\Users\Simone\Documents\Mobogenie
2014-06-21 19:32 - 2014-06-21 20:57 - 00000000 ____D () C:\Program Files\Boost
2014-06-21 19:30 - 2014-06-21 20:14 - 00000000 ____D () C:\Program Files\BooZaka
2014-06-21 19:28 - 2014-06-21 20:50 - 00002256 _____ () C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-06-21 19:27 - 2014-06-21 19:27 - 00000000 ____D () C:\Program Files\EZ Software Updater
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL4AA6.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL499D.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL498D.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL497E.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL4865.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL46CF.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL4614.tmp
2014-06-21 19:24 - 2014-06-21 19:24 - 34516480 _____ (DVDVideoSoft Ltd. ) C:\Users\Simone\Downloads\FreeYouTubeToMP3Converter.exe
2014-06-19 18:12 - 2014-06-19 18:12 - 01508320 _____ () C:\Windows\Minidump\061914-34351-01.dmp
2014-06-17 21:01 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-17 21:01 - 2014-05-30 11:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-17 21:01 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-17 21:01 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-17 21:01 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-17 21:01 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-17 21:01 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-17 21:01 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-17 21:01 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-17 21:01 - 2014-05-30 10:28 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-17 21:01 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-17 21:01 - 2014-05-30 10:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-17 21:01 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-17 21:01 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-17 21:01 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-17 21:01 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-17 21:01 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-17 21:01 - 2014-05-30 09:57 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-17 21:01 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-17 21:01 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-17 21:01 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-17 21:01 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-17 21:01 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-17 21:01 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-17 21:01 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-17 21:00 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-17 21:00 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-17 21:00 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-17 20:50 - 2014-06-08 10:48 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-17 20:50 - 2014-06-08 10:43 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-17 20:50 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-17 20:50 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-17 20:50 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-17 20:50 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-17 20:50 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-17 20:50 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-16 19:34 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 12:07 - 2014-07-04 11:30 - 00000000 ____D () C:\Users\Simone\AppData\Local\CrashDumps
2014-06-07 16:06 - 2014-06-07 16:06 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security

==================== One Month Modified Files and Folders =======

2014-07-04 12:08 - 2014-07-04 12:06 - 00016909 _____ () C:\Users\Simone\Desktop\FRST.txt
2014-07-04 12:08 - 2014-07-04 12:06 - 00000000 ____D () C:\FRST
2014-07-04 12:07 - 2014-07-04 12:07 - 00016935 _____ () C:\Users\Simone\Desktop\Addition.txt
2014-07-04 11:57 - 2014-06-21 19:41 - 00000000 ____D () C:\Users\Simone\AppData\Local\Genesis_06211741
2014-07-04 11:56 - 2014-07-04 11:56 - 00000474 _____ () C:\Users\Simone\Desktop\defogger_disable.log
2014-07-04 11:56 - 2014-07-04 11:56 - 00000000 _____ () C:\Users\Simone\defogger_reenable
2014-07-04 11:56 - 2013-09-13 18:50 - 00000000 ____D () C:\Users\Simone
2014-07-04 11:35 - 2014-07-04 11:34 - 00380416 _____ () C:\Users\Simone\Desktop\69qtyzo7.exe
2014-07-04 11:34 - 2014-07-04 11:34 - 01073664 _____ (Farbar) C:\Users\Simone\Desktop\FRST.exe
2014-07-04 11:33 - 2014-07-04 11:33 - 00050477 _____ () C:\Users\Simone\Desktop\Defogger.exe
2014-07-04 11:30 - 2014-07-01 11:00 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-04 11:30 - 2014-07-01 11:00 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-04 11:30 - 2014-06-11 12:07 - 00000000 ____D () C:\Users\Simone\AppData\Local\CrashDumps
2014-07-04 11:30 - 2013-09-13 22:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-04 11:30 - 2013-09-13 18:23 - 01095458 _____ () C:\Windows\WindowsUpdate.log
2014-07-03 22:15 - 2009-07-14 06:02 - 00020144 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-03 22:15 - 2009-07-14 06:02 - 00020144 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-03 22:11 - 2014-06-21 19:42 - 00000000 ____D () C:\Users\Simone\AppData\Local\fst_de_55
2014-07-03 22:07 - 2009-07-14 06:17 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-03 22:07 - 2009-07-14 06:07 - 00036918 _____ () C:\Windows\setupact.log
2014-07-01 12:15 - 2010-11-20 23:49 - 00100240 _____ () C:\Windows\PFRO.log
2014-07-01 11:00 - 2014-07-01 11:00 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-01 11:00 - 2014-07-01 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-01 11:00 - 2014-02-08 10:31 - 00000000 ____D () C:\Program Files\Google
2014-07-01 10:57 - 2014-06-22 20:31 - 00000000 ____D () C:\Program Files\Jojo's Fashion Show 2
2014-07-01 10:57 - 2009-07-14 06:51 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-01 10:54 - 2014-06-22 20:29 - 00000000 ____D () C:\ProgramData\Big Fish
2014-07-01 10:50 - 2014-07-01 10:50 - 00000000 __SHD () C:\Users\Simone\AppData\Local\EmieUserList
2014-07-01 10:50 - 2014-07-01 10:50 - 00000000 __SHD () C:\Users\Simone\AppData\Local\EmieSiteList
2014-07-01 10:46 - 2014-07-01 10:45 - 40514640 _____ (Google Inc.) C:\Users\Simone\Desktop\ChromeStandaloneSetup_35.0.1916.153.exe
2014-06-29 16:15 - 2014-06-29 16:15 - 01509720 _____ () C:\Windows\Minidump\062914-28938-01.dmp
2014-06-29 16:15 - 2014-02-20 17:39 - 00000000 ____D () C:\Windows\Minidump
2014-06-29 16:14 - 2014-02-20 17:39 - 269455862 _____ () C:\Windows\MEMORY.DMP
2014-06-25 22:01 - 2013-09-14 11:31 - 00000000 ____D () C:\Users\Simone\AppData\Roaming\Spider Player
2014-06-25 14:40 - 2014-06-25 14:40 - 00227104 _____ (Premium Installer ) C:\Users\Simone\Downloads\Player-Chrome.exe
2014-06-24 20:20 - 2014-06-24 20:20 - 00228216 _____ (Fusion Install ) C:\Users\Simone\Downloads\Drivers_Setup.exe
2014-06-22 21:32 - 2014-06-22 20:30 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-22 20:32 - 2014-06-22 20:32 - 00000000 ____D () C:\Users\Simone\Documents\Jojos Fashion Show 2
2014-06-22 20:32 - 2014-06-22 20:32 - 00000000 ____D () C:\Users\Simone\AppData\Roaming\Gamelab
2014-06-22 20:30 - 2014-06-22 20:28 - 00000000 ____D () C:\Users\Simone\AppData\Local\Big Fish
2014-06-22 10:54 - 2014-06-22 10:54 - 00000000 ____D () C:\Program Files\SearchProtect
2014-06-22 10:54 - 2014-06-21 19:40 - 00000000 ____D () C:\Users\Simone\AppData\Local\SearchProtect
2014-06-22 10:13 - 2014-06-21 19:49 - 00000000 ____D () C:\Program Files\globalUpdate
2014-06-21 20:57 - 2014-06-21 19:32 - 00000000 ____D () C:\Program Files\Boost
2014-06-21 20:55 - 2014-06-21 19:36 - 00000000 ____D () C:\Users\Simone\AppData\Local\Mobogenie
2014-06-21 20:53 - 2014-06-21 19:58 - 00000000 ____D () C:\Program Files\PC Speed Maximizer
2014-06-21 20:50 - 2014-06-21 19:28 - 00002256 _____ () C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-06-21 20:50 - 2013-09-13 18:50 - 00001413 _____ () C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-21 20:45 - 2014-06-21 19:42 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-06-21 20:25 - 2014-06-21 20:25 - 00000000 ____D () C:\ProgramData\2308189059
2014-06-21 20:22 - 2010-11-20 23:03 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-21 20:14 - 2014-06-21 19:30 - 00000000 ____D () C:\Program Files\BooZaka
2014-06-21 20:13 - 2014-06-21 19:58 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-06-21 20:10 - 2014-06-21 20:10 - 00000000 ____D () C:\Users\Simone\AppData\Local\fst_de_56
2014-06-21 20:10 - 2014-06-21 20:10 - 00000000 ____D () C:\Program Files\fst_de_56
2014-06-21 20:10 - 2014-06-21 19:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FREE_SOFT_TODAY
2014-06-21 20:03 - 2014-06-21 20:03 - 00000000 ____D () C:\IePluginServices
2014-06-21 20:01 - 2014-06-21 20:00 - 00000000 ____D () C:\Program Files\AnyProtectEx
2014-06-21 19:59 - 2014-06-21 19:59 - 00000000 ____D () C:\Users\Simone\AppData\Local\PennyBee
2014-06-21 19:59 - 2014-06-21 19:58 - 00000000 ____D () C:\ProgramData\WindowsProtectManger
2014-06-21 19:58 - 2014-06-21 19:58 - 00000000 ____D () C:\Users\Simone\AppData\Roaming\SupTab
2014-06-21 19:58 - 2014-06-21 19:58 - 00000000 ____D () C:\Program Files\SupTab
2014-06-21 19:58 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-06-21 19:49 - 2014-06-21 19:49 - 00000000 ____D () C:\Users\Simone\AppData\Local\globalUpdate
2014-06-21 19:45 - 2014-06-21 19:45 - 00000000 ____D () C:\ProgramData\CheckPoint
2014-06-21 19:43 - 2013-09-13 23:02 - 00002276 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-06-21 19:43 - 2013-09-13 23:02 - 00000000 ____D () C:\Users\Simone\AppData\Roaming\DVDVideoSoft
2014-06-21 19:43 - 2013-09-13 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-06-21 19:43 - 2013-09-13 23:02 - 00000000 ____D () C:\Program Files\DVDVideoSoft
2014-06-21 19:42 - 2014-06-21 19:42 - 00000000 ____D () C:\Program Files\fst_de_55
2014-06-21 19:42 - 2009-07-14 04:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-21 19:41 - 2013-09-13 23:02 - 00000000 ____D () C:\Users\Simone\AppData\Roaming\OpenCandy
2014-06-21 19:41 - 2013-09-13 23:02 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-06-21 19:40 - 2013-04-01 13:43 - 00000000 _____ () C:\END
2014-06-21 19:38 - 2014-06-21 19:38 - 01392632 _____ () C:\Users\Simone\Downloads\Setup (1).exe
2014-06-21 19:37 - 2014-06-21 19:37 - 34516480 _____ (DVDVideoSoft Ltd. ) C:\Users\Simone\Downloads\FreeYouTubeToMP3Converter (2).exe
2014-06-21 19:37 - 2014-06-21 19:37 - 00000000 ____D () C:\Users\Simone\AppData\Local\cache
2014-06-21 19:37 - 2014-06-21 19:37 - 00000000 ____D () C:\Users\Simone\.android
2014-06-21 19:37 - 2014-06-21 19:37 - 00000000 _____ () C:\Users\Simone\daemonprocess.txt
2014-06-21 19:37 - 2014-06-21 19:36 - 34516480 _____ (DVDVideoSoft Ltd. ) C:\Users\Simone\Downloads\FreeYouTubeToMP3Converter (1).exe
2014-06-21 19:36 - 2014-06-21 19:36 - 00000000 ____D () C:\Users\Simone\Documents\Mobogenie
2014-06-21 19:27 - 2014-06-21 19:27 - 00000000 ____D () C:\Program Files\EZ Software Updater
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL4AA6.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL499D.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL498D.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL497E.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL4865.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL46CF.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL4614.tmp
2014-06-21 19:24 - 2014-06-21 19:24 - 34516480 _____ (DVDVideoSoft Ltd. ) C:\Users\Simone\Downloads\FreeYouTubeToMP3Converter.exe
2014-06-19 21:36 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-06-19 18:12 - 2014-06-19 18:12 - 01508320 _____ () C:\Windows\Minidump\061914-34351-01.dmp
2014-06-18 11:44 - 2014-06-21 20:01 - 00608179 _____ (Click Me In Limited) C:\Users\Simone\AppData\Local\AnyProtectScannerSetup.exe
2014-06-18 09:38 - 2014-05-15 16:59 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-17 21:02 - 2013-09-13 22:58 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-08 15:08 - 2013-09-13 19:12 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-06-08 10:48 - 2014-06-17 20:50 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 10:43 - 2014-06-17 20:50 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-07 16:06 - 2014-06-07 16:06 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-06-07 16:06 - 2013-09-13 19:12 - 00002423 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-06-07 16:06 - 2013-09-13 19:11 - 00000000 ____D () C:\Windows\system32\Drivers\NIS
2014-06-07 15:44 - 2013-09-13 19:09 - 00000000 ____D () C:\ProgramData\Norton
2014-06-04 09:33 - 2013-09-13 19:12 - 00142936 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT.SYS
2014-06-04 09:33 - 2013-09-13 19:12 - 00008194 _____ () C:\Windows\system32\Drivers\SYMEVENT.CAT
2014-06-04 09:31 - 2013-09-13 19:10 - 00000000 ____D () C:\Program Files\Norton Internet Security
2014-06-04 09:27 - 2013-11-17 22:23 - 00000000 ____D () C:\Users\Public\Downloads\Norton

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.2552.dll


Some content of TEMP:
====================
C:\Users\Simone\AppData\Local\Temp\BackupSetup.exe
C:\Users\Simone\AppData\Local\Temp\dlLogic.exe
C:\Users\Simone\AppData\Local\Temp\dltr.exe
C:\Users\Simone\AppData\Local\Temp\GCVerifier.dll
C:\Users\Simone\AppData\Local\Temp\nsa4889.exe
C:\Users\Simone\AppData\Local\Temp\nsaB1F9.exe
C:\Users\Simone\AppData\Local\Temp\nslAAE7.exe
C:\Users\Simone\AppData\Local\Temp\nsq42CE.exe
C:\Users\Simone\AppData\Local\Temp\ose00000.exe
C:\Users\Simone\AppData\Local\Temp\pennybee.exe
C:\Users\Simone\AppData\Local\Temp\setup_72.exe
C:\Users\Simone\AppData\Local\Temp\uninst1.exe
C:\Users\Simone\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Simone\AppData\Local\Temp\verifier.exe
C:\Users\Simone\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NIS_6745.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-06-19 21:28

==================== End Of Log ============================
_____________________________________________________________________________
Addition

Additional scan result of Farbar Recovery Scan Tool (x86) Version:03-07-2014
Ran by Simone at 2014-07-04 12:08:47
Running from C:\Users\Simone\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
BitGuard (HKLM\...\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}) (Version: - MediaTechSoft Inc.) <==== ATTENTION
EZ Software Updater version 1.0.0.0 (HKLM\...\EZ Software Updater_is1) (Version: 1.0.0.0 - )
foobar2000 v1.2.9 (HKLM\...\foobar2000) (Version: 1.2.9 - Peter Pawlowski)
Free YouTube to MP3 Converter version 3.12.39.604 (HKLM\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.39.604 - DVDVideoSoft Ltd.)
fst_de_55 (HKLM\...\fst_de_55_is1) (Version: - FREE_SOFT_TODAY) <==== ATTENTION
fst_de_56 (HKLM\...\fst_de_56_is1) (Version: - FREE_SOFT_TODAY) <==== ATTENTION
Genesis (HKCU\...\genesis_06211741) (Version: - ) <==== ATTENTION
Google Chrome (HKLM\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
Norton Internet Security (HKLM\...\NIS) (Version: 21.3.0.12 - Symantec Corporation)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
Search Protect (HKLM\...\SearchProtect) (Version: 2.13.3.38 - Client Connect LTD) <==== ATTENTION
Spider Player 2.5.3 (HKLM\...\Spider Player_is1) (Version: 2.5.3.0 - VIT Software, LLC)
TuneUp Utilities 2013 (HKLM\...\TuneUp Utilities 2013) (Version: 13.0.3000.132 - TuneUp Software)
TuneUp Utilities 2013 (Version: 13.0.3000.132 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (de-DE) (Version: 13.0.3000.132 - TuneUp Software) Hidden
ZoneAlarm Security (Version: 13.1.211.000 - Check Point Software Technologies Ltd.) Hidden

==================== Restore Points =========================

21-06-2014 17:41:55 Uniblue SpeedUpMyPC installation
01-07-2014 08:55:34 TuneUp Utilities 2013 wird entfernt

==================== Hosts content: ==========================

2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {2EF67B92-1337-46FF-B2DC-3C8D2E2924B5} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files\Norton Internet Security\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {349FD80F-09E7-4571-8894-73FA57E0823B} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2013\OneClick.exe [2012-11-29] (TuneUp Software)
Task: {3C21495A-14A4-40F5-B678-8C417B76061B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-14] (Adobe Systems Incorporated)
Task: {60334A51-1E0C-4568-B105-FEF1D26B93AF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-01] (Google Inc.)
Task: {8D9435EF-2EB0-4478-9213-45B58CD7B2A2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-07-01] (Google Inc.)
Task: {B1D4B710-3CCE-4E62-9C39-28E28DABBEEB} - System32\Tasks\Norton WSC Integration => C:\Program Files\Norton Internet Security\Engine\21.3.0.12\WSCStub.exe [2014-05-11] (Symantec Corporation)
Task: {F6B4177D-04E5-48B7-8EA5-2AB60D107D1E} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files\Norton Internet Security\Engine\21.3.0.12\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-06-21 19:27 - 2014-05-05 11:25 - 00202752 _____ () C:\Program Files\EZ Software Updater\EZ Software Updater.exe
2014-06-21 19:42 - 2014-06-20 16:32 - 03355632 _____ () C:\Users\Simone\AppData\Local\fst_de_55\upfst_de_55.exe
2014-06-21 19:42 - 2014-06-20 16:32 - 03980784 _____ () C:\Program Files\fst_de_55\fst_de_55.exe
2014-06-21 20:10 - 2014-06-20 16:32 - 03979760 _____ () C:\Program Files\fst_de_56\fst_de_56.exe
2013-07-12 14:52 - 2013-07-12 14:52 - 00036352 _____ () C:\Program Files\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.Interface.dll
2013-07-12 14:53 - 2013-07-12 14:53 - 17223680 _____ () C:\Program Files\Samsung\Kies\Theme\Kies.Theme.dll
2013-07-12 14:52 - 2013-07-12 14:52 - 00564736 _____ () C:\Program Files\Samsung\Kies\Common\Kies.UI.dll
2013-06-18 16:36 - 2013-06-18 16:36 - 00023040 _____ () C:\Program Files\Samsung\Kies\MVVM\Kies.MVVM.dll
2013-06-14 19:57 - 2013-06-14 19:57 - 00057856 _____ () C:\Program Files\Samsung\Kies\External\MediaModules\ASF_cSharpAPI.dll
2014-06-21 19:41 - 2014-06-21 19:41 - 03067904 _____ () C:\Users\Simone\AppData\Local\Genesis_06211741\Genesis_06211741.exe
2014-04-21 21:24 - 2014-04-21 21:24 - 00392704 _____ () C:\Program Files\Boost\BoostUpdater.exe
2014-07-01 11:00 - 2014-06-05 15:58 - 00716616 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-07-01 11:00 - 2014-06-05 15:58 - 00126280 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-07-01 11:00 - 2014-06-05 15:58 - 04217672 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-07-01 11:00 - 2014-06-05 15:58 - 00414536 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-07-01 11:00 - 2014-06-05 15:58 - 01732424 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-07-01 11:00 - 2014-06-05 15:58 - 14612296 _____ () C:\Program Files\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:01690B01

==================== Safe Mode (whitelisted) ===================


==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/04/2014 11:30:47 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: OneClick.exe, Version: 13.0.3000.132, Zeitstempel: 0x50b7788d
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7601.18247, Zeitstempel: 0x521ea91c
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00052ca9
ID des fehlerhaften Prozesses: 0x113c
Startzeit der fehlerhaften Anwendung: 0xOneClick.exe0
Pfad der fehlerhaften Anwendung: OneClick.exe1
Pfad des fehlerhaften Moduls: OneClick.exe2
Berichtskennung: OneClick.exe3

Error: (07/03/2014 10:09:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/02/2014 00:31:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/01/2014 00:17:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/30/2014 04:56:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rundll32.exe_EZ Software Updater.dll, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc637
Name des fehlerhaften Moduls: EZ Software Updater.dll, Version: 1.0.0.0, Zeitstempel: 0x53674af5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001c9e5
ID des fehlerhaften Prozesses: 0xf14
Startzeit der fehlerhaften Anwendung: 0xrundll32.exe_EZ Software Updater.dll0
Pfad der fehlerhaften Anwendung: rundll32.exe_EZ Software Updater.dll1
Pfad des fehlerhaften Moduls: rundll32.exe_EZ Software Updater.dll2
Berichtskennung: rundll32.exe_EZ Software Updater.dll3

Error: (06/29/2014 04:16:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/28/2014 05:43:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rundll32.exe_EZ Software Updater.dll, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc637
Name des fehlerhaften Moduls: EZ Software Updater.dll, Version: 1.0.0.0, Zeitstempel: 0x53674af5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001c9e5
ID des fehlerhaften Prozesses: 0x17a0
Startzeit der fehlerhaften Anwendung: 0xrundll32.exe_EZ Software Updater.dll0
Pfad der fehlerhaften Anwendung: rundll32.exe_EZ Software Updater.dll1
Pfad des fehlerhaften Moduls: rundll32.exe_EZ Software Updater.dll2
Berichtskennung: rundll32.exe_EZ Software Updater.dll3

Error: (06/26/2014 10:56:06 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/25/2014 10:04:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (06/25/2014 02:27:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: rundll32.exe_EZ Software Updater.dll, Version: 6.1.7600.16385, Zeitstempel: 0x4a5bc637
Name des fehlerhaften Moduls: EZ Software Updater.dll, Version: 1.0.0.0, Zeitstempel: 0x53674af5
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001c9e5
ID des fehlerhaften Prozesses: 0x8f8
Startzeit der fehlerhaften Anwendung: 0xrundll32.exe_EZ Software Updater.dll0
Pfad der fehlerhaften Anwendung: rundll32.exe_EZ Software Updater.dll1
Pfad des fehlerhaften Moduls: rundll32.exe_EZ Software Updater.dll2
Berichtskennung: rundll32.exe_EZ Software Updater.dll3


System errors:
=============
Error: (07/04/2014 11:30:15 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst SysMain erreicht.

Error: (07/04/2014 09:48:19 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Wlansvc erreicht.

Error: (07/03/2014 10:07:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ZoneAlarm Privacy Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (07/02/2014 06:36:16 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (07/02/2014 00:29:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ZoneAlarm Privacy Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (07/01/2014 00:15:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ZoneAlarm Privacy Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (07/01/2014 10:40:47 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst ShellHWDetection erreicht.

Error: (07/01/2014 02:45:52 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst TuneUp.UtilitiesSvc erreicht.

Error: (06/30/2014 08:41:49 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst Wlansvc erreicht.

Error: (06/29/2014 04:15:22 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "ZoneAlarm Privacy Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Percentage of memory in use: 42%
Total physical RAM: 3002.02 MB
Available physical RAM: 1714.61 MB
Total Pagefile: 6002.34 MB
Available Pagefile: 4576.87 MB
Total Virtual: 2047.88 MB
Available Virtual: 1901.48 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:68.36 GB) (Free:39.88 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:80.68 GB) (Free:70.27 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149 GB) (Disk ID: 9BA91AAD)
Partition 1: (Active) - (Size=68 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=81 GB) - (Type=OF Extended)

==================== End Of Log ============================
_____________________________________________________________________________
GMER:

GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-07-04 12:32:19
Windows 6.1.7601 Service Pack 1 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0 WDC_WD1600BEVT-00ZCT0 rev.11.01A11 149,05GB
Running: 69qtyzo7.exe; Driver: C:\Users\Simone\AppData\Local\Temp\uxldypod.sys


---- System - GMER 2.1 ----

SSDT 862899B0 ZwAlertResumeThread
SSDT 86289A48 ZwAlertThread
SSDT 8626A398 ZwAllocateVirtualMemory
SSDT 86157E10 ZwAlpcConnectPort
SSDT 86289428 ZwAssignProcessToJobObject
SSDT 862897D8 ZwCreateMutant
SSDT 86289220 ZwCreateSymbolicLinkObject
SSDT 86285188 ZwCreateThread
SSDT 862892C8 ZwCreateThreadEx
SSDT 862894C0 ZwDebugActiveProcess
SSDT 8626A4B8 ZwDuplicateObject
SSDT 86289F38 ZwFreeVirtualMemory
SSDT 86289880 ZwImpersonateAnonymousToken
SSDT 86289918 ZwImpersonateThread
SSDT 861B1E90 ZwLoadDriver
SSDT 86289E80 ZwMapViewOfSection
SSDT 86289740 ZwOpenEvent
SSDT 86285100 ZwOpenProcess
SSDT 8626A440 ZwOpenProcessToken
SSDT 86289610 ZwOpenSection
SSDT 86285078 ZwOpenThread
SSDT 86289380 ZwProtectVirtualMemory
SSDT 86289AE0 ZwResumeThread
SSDT 86289CA8 ZwSetContextThread
SSDT 86289D40 ZwSetInformationProcess
SSDT 86289558 ZwSetSystemInformation
SSDT 862896A8 ZwSuspendProcess
SSDT 86289B78 ZwSuspendThread
SSDT 862655A0 ZwTerminateProcess
SSDT 86289C10 ZwTerminateThread
SSDT 86289DE8 ZwUnmapViewOfSection
SSDT 86289FC0 ZwWriteVirtualMemory

---- Kernel code sections - GMER 2.1 ----

.text ntkrnlpa.exe!ZwRollbackEnlistment + 142D 82A85A15 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82ABF212 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text ntkrnlpa.exe!KeRemoveQueueEx + 10DB 82AC6470 8 Bytes [B0, 99, 28, 86, 48, 9A, 28, ...] {MOV AL, 0x99; SUB [ESI-0x79d765b8], AL}
.text ntkrnlpa.exe!KeRemoveQueueEx + 10F3 82AC6488 4 Bytes [98, A3, 26, 86]
.text ntkrnlpa.exe!KeRemoveQueueEx + 10FF 82AC6494 4 Bytes [10, 7E, 15, 86]
.text ntkrnlpa.exe!KeRemoveQueueEx + 1153 82AC64E8 4 Bytes [28, 94, 28, 86]
.text ntkrnlpa.exe!KeRemoveQueueEx + 11CF 82AC6564 4 Bytes [D8, 97, 28, 86]
.text ...

---- User code sections - GMER 2.1 ----

.text C:\Users\Simone\Desktop\69qtyzo7.exe[1680] ntdll.dll!NtTerminateThread 77676918 5 Bytes JMP 00020050
.text C:\Users\Simone\Desktop\69qtyzo7.exe[1680] USER32.dll!ChangeWindowMessageFilterEx + F 762124D7 7 Bytes JMP 00210A12
.text C:\Users\Simone\Desktop\69qtyzo7.exe[1680] USER32.dll!RecordShutdownReason + 372 762506C2 7 Bytes JMP 00210930
.text C:\Users\Simone\AppData\Local\Genesis_06211741\Genesis_06211741.exe[3604] ntdll.dll!NtTerminateThread 77676918 5 Bytes JMP 00020050
.text C:\Users\Simone\AppData\Local\Genesis_06211741\Genesis_06211741.exe[3604] USER32.dll!ChangeWindowMessageFilterEx + F 762124D7 7 Bytes JMP 0021012A
.text C:\Users\Simone\AppData\Local\Genesis_06211741\Genesis_06211741.exe[3604] USER32.dll!RecordShutdownReason + 372 762506C2 7 Bytes JMP 00210048

---- EOF - GMER 2.1 ----

Alt 04.07.2014, 13:22   #2
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: Chrome öffnet sich von selbst und leitet Seiten auf Werbung um - Standard

Windows 7: Chrome öffnet sich von selbst und leitet Seiten auf Werbung um



hi,

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.





Adware & Co. deinstallieren
  • Lade Dir bitte von hier Revo Uninstaller herunter.
  • Installiere und starte das Programm.
  • Suche im Uninstallerfeld nach den Programmen, die unter:

    diesen Zusatz haben:
  • Wähle die Programme nacheinander aus und klicke jedesmal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

Solltest Du ein Programm nicht finden oder nicht deinstallieren können, mache bitte mit dem nächsten Schritt weiter:




Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________

__________________

Alt 05.07.2014, 15:46   #3
Faranir
 
Windows 7: Chrome öffnet sich von selbst und leitet Seiten auf Werbung um - Standard

Windows 7: Chrome öffnet sich von selbst und leitet Seiten auf Werbung um



Wow vielen Dank für die schnelle Antwort.
Hab alles erledigt, wie du es gesagt hast. Bis jetzt siehts schon viel besser aus.
Die Logs waren leider so groß, dass ich sie packen musste.

Vielen Dank
__________________

Alt 06.07.2014, 12:00   #4
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: Chrome öffnet sich von selbst und leitet Seiten auf Werbung um - Standard

Windows 7: Chrome öffnet sich von selbst und leitet Seiten auf Werbung um



Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 06.07.2014, 20:24   #5
Faranir
 
Windows 7: Chrome öffnet sich von selbst und leitet Seiten auf Werbung um - Standard

Windows 7: Chrome öffnet sich von selbst und leitet Seiten auf Werbung um



Ist gebongt. Entschuldige die zusätzliche Arbeit.

MBAM
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 05.07.2014
Suchlauf-Zeit: 13:43:14
Logdatei: MBAM.txt
Administrator: Ja

Version: 2.00.2.1012
Malware Datenbank: v2014.07.05.04
Rootkit Datenbank: v2014.07.03.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Self-protection: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x86
Dateisystem: NTFS
Benutzer: Simone

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 246767
Verstrichene Zeit: 33 Min, 26 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristics: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registrierungsschlüssel: 37
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [4f99f4a7651672c4471c88ad9070fb05], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, In Quarantäne, [4f99f4a7651672c4471c88ad9070fb05], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, In Quarantäne, [4f99f4a7651672c4471c88ad9070fb05], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [4f99f4a7651672c4471c88ad9070fb05], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [4f99f4a7651672c4471c88ad9070fb05], 
PUP.Optional.SupTab.A, HKU\S-1-5-21-1871973915-1044618656-3300570338-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [4f99f4a7651672c4471c88ad9070fb05], 
PUP.Optional.SupTab.A, HKU\S-1-5-21-1871973915-1044618656-3300570338-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [4f99f4a7651672c4471c88ad9070fb05], 
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}\INPROCSERVER32, In Quarantäne, [4f99f4a7651672c4471c88ad9070fb05], 
PUP.Optional.PricePeep.A, HKLM\SOFTWARE\CLASSES\APPID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}, In Quarantäne, [9355dbc01467d0669b85fa8cda2833cd], 
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, In Quarantäne, [fdeb08932a514ee8901d444156ac837d], 
Adware.Agent, HKLM\SOFTWARE\CLASSES\TYPELIB\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}, In Quarantäne, [8f59bedd6b1093a3128dc98b8f73857b], 
Adware.Agent, HKLM\SOFTWARE\CLASSES\INTERFACE\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}, In Quarantäne, [8f59bedd6b1093a3128dc98b8f73857b], 
Adware.Agent, HKLM\SOFTWARE\CLASSES\INTERFACE\{75BF416E-4326-45B5-8A2D-AE32D05B930B}, In Quarantäne, [8f59bedd6b1093a3128dc98b8f73857b], 
Adware.Agent, HKLM\SOFTWARE\CLASSES\CLSID\{8DE6FC60-E023-4AD7-A3B7-591E1460E7F7}, In Quarantäne, [8f59bedd6b1093a3128dc98b8f73857b], 
Adware.Agent, HKLM\SOFTWARE\CLASSES\Boost.BoostBho.1, In Quarantäne, [8f59bedd6b1093a3128dc98b8f73857b], 
Adware.Agent, HKLM\SOFTWARE\CLASSES\Boost.BoostBho, In Quarantäne, [8f59bedd6b1093a3128dc98b8f73857b], 
Adware.Agent, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{8DE6FC60-E023-4AD7-A3B7-591E1460E7F7}, In Quarantäne, [8f59bedd6b1093a3128dc98b8f73857b], 
Adware.Agent, HKU\S-1-5-21-1871973915-1044618656-3300570338-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{8DE6FC60-E023-4AD7-A3B7-591E1460E7F7}, In Quarantäne, [8f59bedd6b1093a3128dc98b8f73857b], 
Adware.Agent, HKU\S-1-5-21-1871973915-1044618656-3300570338-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{8DE6FC60-E023-4AD7-A3B7-591E1460E7F7}, In Quarantäne, [8f59bedd6b1093a3128dc98b8f73857b], 
Adware.Agent, HKLM\SOFTWARE\CLASSES\CLSID\{8DE6FC60-E023-4AD7-A3B7-591E1460E7F7}\INPROCSERVER32, In Quarantäne, [8f59bedd6b1093a3128dc98b8f73857b], 
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\DataMngr, In Quarantäne, [5a8e0497433879bd4df817a40ef40ff1], 
PUP.Optional.WindowsProtectManger.A, HKLM\SOFTWARE\supWindowsProtectManger, In Quarantäne, [67811685d7a4a4925e2e496a32d032ce], 
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\webssearchesSoftware, In Quarantäne, [3bad712a661563d3449f9239c43ec13f], 
PUP.Optional.QuickStart.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\pelmeidfhdlhlbjimpabfcbnnojbboma, In Quarantäne, [edfb118a0c6f5ed87b2376568280d52b], 
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [c6226e2df88383b3e0606d8d4cb7758b], 
PUP.Optional.VideoMediaPlayer.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\video MediaPlayer, In Quarantäne, [d315910a4a31f640a20eeccaf50d6e92], 
PUP.Optional.DataMngr.A, HKU\S-1-5-21-1871973915-1044618656-3300570338-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr, In Quarantäne, [6286059613688da9125413db887bb64a], 
PUP.Optional.DataMngr.A, HKU\S-1-5-21-1871973915-1044618656-3300570338-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar, In Quarantäne, [9a4ef4a75a21da5c1d486a849e65f010], 
PUP.Optional.AmazonTB.A, HKU\S-1-5-21-1871973915-1044618656-3300570338-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\ALEXA INTERNET\ALEXA9\Amazon, In Quarantäne, [6a7e495289f2003675a15b9af01327d9], 
PUP.Optional.CrossRider.A, HKU\S-1-5-21-1871973915-1044618656-3300570338-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, In Quarantäne, [65835f3c39429a9c846ec141e420fb05], 
PUP.Optional.Babylon.A, HKU\S-1-5-21-1871973915-1044618656-3300570338-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BABSOLUTION\Updater, In Quarantäne, [c226acefe8932115c9a11fd031d2eb15], 
PUP.Optional.AlexaTB.A, HKU\S-1-5-21-1871973915-1044618656-3300570338-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DISTROMATIC\Toolbars, In Quarantäne, [a4445b40a9d2c076c44fde1715ee14ec], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1871973915-1044618656-3300570338-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [e40458435d1e191db2c7469259a904fc], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1871973915-1044618656-3300570338-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, In Quarantäne, [36b2d4c7ed8e9d9959306c829c673ac6], 
PUP.Optional.Qone8, HKU\S-1-5-21-1871973915-1044618656-3300570338-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [ce1a7823d8a32016c6798476d72ca35d], 
PUP.Optional.BProtector.A, HKU\S-1-5-21-1871973915-1044618656-3300570338-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\bProtectSettings, In Quarantäne, [bb2d9407b4c79e987f3c11e06e9539c7], 
PUP.Optional.IePluginServices.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginServices, In Quarantäne, [4d9b96050e6d0135942587278d75cd33], 

Registrierungswerte: 7
PUP.Optional.BrowserProtect.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|bProtectTabs, hxxp://www2.delta-search.com/?babsrc=NT_ss&mntrId=B8AA00242B9976EB&affID=121565&tsp=5004, In Quarantäne, [a840e8b3d6a5152154871ad781829d63]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~1\SupTab\SEARCH~1.DLL, In Quarantäne, [29bfa7f4a0db9c9ae3054f6446bcf50b]
PUP.Optional.FirstSeenToday.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fst_de_55, In Quarantäne, [6088752682f9280ecc14566ed9296d93], 
PUP.Optional.FirstSeenToday.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|fst_de_56, In Quarantäne, [b8302675e49754e2cd1319ab9e64b24e], 
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1871973915-1044618656-3300570338-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0R2Y1I1P1N0J1U1C, In Quarantäne, [36b2d4c7ed8e9d9959306c829c673ac6]
PUP.BProtector, HKU\S-1-5-21-1871973915-1044618656-3300570338-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|bProtector Start Page, hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=B8AA00242B9976EB&affID=121565&tsp=5004, In Quarantäne, [f3f5227916655fd790d78668689ba759]
PUP.BProtector, HKU\S-1-5-21-1871973915-1044618656-3300570338-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|bProtectorDefaultScope, {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, In Quarantäne, [e9ff5a414536999d244407e74fb4c53b]

Registrierungsdaten: 14
PUP.Optional.Skytech.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\PROGRA~1\SupTab\SEARCH~1.DLL, Gut: (), Schlecht: (C:\PROGRA~1\SupTab\SEARCH~1.DLL),Ersetzt,[9d4b52498fecf343c8fd741717ea7888]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1403372576&from=tugs&uid=WDCXWD1600BEVT-00ZCT0_WD-WXE208HT0437T0437, Gut: (iexplore.exe), Schlecht: (C:\Program Files\Internet Explorer\iexplore.exe hxxp://istart.webssearches.com/?type=sc&ts=1403372576&from=tugs&uid=WDCXWD1600BEVT-00ZCT0_WD-WXE208HT0437T0437),Ersetzt,[ca1e1685403b4cea8a4f1c6d0df7fe02]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://istart.webssearches.com/?type=hp&ts=1403372576&from=tugs&uid=WDCXWD1600BEVT-00ZCT0_WD-WXE208HT0437T0437, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1403372576&from=tugs&uid=WDCXWD1600BEVT-00ZCT0_WD-WXE208HT0437T0437),Ersetzt,[1ace83182c4f14229939c7c246bea759]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://istart.webssearches.com/web/?type=ds&ts=1403372576&from=tugs&uid=WDCXWD1600BEVT-00ZCT0_WD-WXE208HT0437T0437&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/web/?type=ds&ts=1403372576&from=tugs&uid=WDCXWD1600BEVT-00ZCT0_WD-WXE208HT0437T0437&q={searchTerms}),Ersetzt,[a840e9b24437c0768c44ed9c7f85669a]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://istart.webssearches.com/?type=hp&ts=1403372576&from=tugs&uid=WDCXWD1600BEVT-00ZCT0_WD-WXE208HT0437T0437, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1403372576&from=tugs&uid=WDCXWD1600BEVT-00ZCT0_WD-WXE208HT0437T0437),Ersetzt,[a0485d3e196285b13896bdcc44c03ac6]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[42a65645a9d249ed4ab7a5efa75d2fd1]
PUP.Optional.SnapDo.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaJRTF_CeucR4HuqXmFP92t7LXoE4BE6fWlRTO_2hnBTFdwEEcwA8xEAO6D24SsJFUbb_yC0MNW7LTuxsiODP6dhE076fMDjHz6LkhnFasrP9aNn7H_-k_JHA65jxFsB-1hH6FXU1jpP4JjHxHbD6xhv5m6XqcYPQIpRSQzEOZSg4Bo,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaJRTF_CeucR4HuqXmFP92t7LXoE4BE6fWlRTO_2hnBTFdwEEcwA8xEAO6D24SsJFUbb_yC0MNW7LTuxsiODP6dhE076fMDjHz6LkhnFasrP9aNn7H_-k_JHA65jxFsB-1hH6FXU1jpP4JjHxHbD6xhv5m6XqcYPQIpRSQzEOZSg4Bo,&q={searchTerms}),Ersetzt,[5098b5e6d0abb4821bf0c1c926def10f]
PUP.Optional.Snapdo, HKU\S-1-5-21-1871973915-1044618656-3300570338-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaJRTF_CeucR4HuqXmFP92t7LXoE4BE6fWlRTO_2hnBTFdwEEcwA8xEAO6D24SsJFUbb_yC0MNW7LTuxsiODP6dhE076fMDjHz6LkhnFasrP9aNn7H_-k_JHA65jxFsB-1hH6FXU1jpP4JjHxHbD6xhv5m6XqcYPQIpRSQzEOZSg4B0,&q={searchTerms}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaJRTF_CeucR4HuqXmFP92t7LXoE4BE6fWlRTO_2hnBTFdwEEcwA8xEAO6D24SsJFUbb_yC0MNW7LTuxsiODP6dhE076fMDjHz6LkhnFasrP9aNn7H_-k_JHA65jxFsB-1hH6FXU1jpP4JjHxHbD6xhv5m6XqcYPQIpRSQzEOZSg4B0,&q={searchTerms}),Ersetzt,[2eba9a01522940f687ea30637a8afb05]
PUP.Optional.StartPage, HKU\S-1-5-21-1871973915-1044618656-3300570338-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=B8AA00242B9976EB&affID=119357&tsp=5004, Gut: (hxxp://www.google.com), Schlecht: (hxxp://www2.delta-search.com/?babsrc=HP_ss&mntrId=B8AA00242B9976EB&affID=119357&tsp=5004),Ersetzt,[3aae4259403bd46245473c57a85cc23e]
PUP.Optional.Snapdo, HKU\S-1-5-21-1871973915-1044618656-3300570338-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaJRTF_CeucR4HuqXmFP92t7LXoE4BE6fWlRTO_2hnBTFdwEEcwA8xEAO6D24SsJFUbb_yC0MNW7LTuxsiODP6dhE076fMDjHz6LkhnFasrP9aNn7H_-k_JHA65jxFsB-1hH6FXU1jpP4JjHxHbD6xhv5m6XqcYPQIpRSQzEOZSg4B0,&q={searchTerms}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaJRTF_CeucR4HuqXmFP92t7LXoE4BE6fWlRTO_2hnBTFdwEEcwA8xEAO6D24SsJFUbb_yC0MNW7LTuxsiODP6dhE076fMDjHz6LkhnFasrP9aNn7H_-k_JHA65jxFsB-1hH6FXU1jpP4JjHxHbD6xhv5m6XqcYPQIpRSQzEOZSg4B0,&q={searchTerms}),Ersetzt,[ebfdb8e3394282b4c0b0c5cea0646799]
PUP.Optional.WebsSearches.A, HKU\S-1-5-21-1871973915-1044618656-3300570338-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://istart.webssearches.com/?type=hp&ts=1403372576&from=tugs&uid=WDCXWD1600BEVT-00ZCT0_WD-WXE208HT0437T0437, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1403372576&from=tugs&uid=WDCXWD1600BEVT-00ZCT0_WD-WXE208HT0437T0437),Ersetzt,[61876239ea91201609c64c3da55f51af]
PUP.Optional.Snapdo, HKU\S-1-5-21-1871973915-1044618656-3300570338-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaJRTF_CeucR4HuqXmFP92t7LXoE4BE6fWlRTO_2hnBTFdwEEcwA8xEAO6D24SsJFUbb_yC0MNW7LTuxsiODP6dhE076fMDjHz6LkhnFasrP9aNn7H_-k_JHA65jxFsB-1hH6FXU1jpP4JjHxHbD6xhv5m6XqcYPQIpRSQzEOZSg4B0,&q={searchTerms}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaJRTF_CeucR4HuqXmFP92t7LXoE4BE6fWlRTO_2hnBTFdwEEcwA8xEAO6D24SsJFUbb_yC0MNW7LTuxsiODP6dhE076fMDjHz6LkhnFasrP9aNn7H_-k_JHA65jxFsB-1hH6FXU1jpP4JjHxHbD6xhv5m6XqcYPQIpRSQzEOZSg4B0,&q={searchTerms}),Ersetzt,[9a4ec8d3ee8dfa3c99da187be0242bd5]
PUP.Optional.Snapdo, HKU\S-1-5-21-1871973915-1044618656-3300570338-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaJRTF_CeucR4HuqXmFP92t7LXoE4BE6fWlRTO_2hnBTFdwEEcwA8xEAO6D24SsJFUbb_yC0MNW7LTuxsiODP6dhE076fMDjHz6LkhnFasrP9aNn7H_-k_JHA65jxFsB-1hH6FXU1jpP4JjHxHbD6xhv5m6XqcYPQIpRSQzEOZSg4B0,&q={searchTerms}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaJRTF_CeucR4HuqXmFP92t7LXoE4BE6fWlRTO_2hnBTFdwEEcwA8xEAO6D24SsJFUbb_yC0MNW7LTuxsiODP6dhE076fMDjHz6LkhnFasrP9aNn7H_-k_JHA65jxFsB-1hH6FXU1jpP4JjHxHbD6xhv5m6XqcYPQIpRSQzEOZSg4B0,&q={searchTerms}),Ersetzt,[9850efacafcc93a391e3514215efb54b]
PUP.Optional.SnapDo.A, HKU\S-1-5-21-1871973915-1044618656-3300570338-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaJRTF_CeucR4HuqXmFP92t7LXoE4BE6fWlRTO_2hnBTFdwEEcwA8xEAO6D24SsJFUbb_yC0MNW7LTuxsiODP6dhE076fMDjHz6LkhnFasrP9aNn7H_-k_JHA65jxFsB-1hH6FXU1jpP4JjHxHbD6xhv5m6XqcYPQIpRSQzEOZSg4B0,&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaJRTF_CeucR4HuqXmFP92t7LXoE4BE6fWlRTO_2hnBTFdwEEcwA8xEAO6D24SsJFUbb_yC0MNW7LTuxsiODP6dhE076fMDjHz6LkhnFasrP9aNn7H_-k_JHA65jxFsB-1hH6FXU1jpP4JjHxHbD6xhv5m6XqcYPQIpRSQzEOZSg4B0,&q={searchTerms}),Ersetzt,[09dfa3f894e70f2716f615757b8941bf]

Ordner: 67
PUP.Optional.SupTab.A, C:\Program Files\SupTab, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\en-US, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\es-419, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\es-ES, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-BE, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-CA, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-CH, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-FR, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-LU, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\it-CH, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\it-IT, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\pl, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\pt, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\pt-BR, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\ru, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\ru-MO, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\tr-TR, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\vi-VI, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\zh-CN, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\zh-TW, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
Rogue.Multiple, C:\ProgramData\2308189059, In Quarantäne, [26c2752695e6b28466c36a1f6d9533cd], 
PUP.Optional.Wajam.A, C:\Program Files\Wajam, In Quarantäne, [7c6c009b3e3df442950abfd906fc7090], 
PUP.Optional.OpenCandy, C:\Users\Simone\AppData\Roaming\OpenCandy, In Quarantäne, [32b6b1ea9edd00363e909602ac56d62a], 
PUP.Optional.OpenCandy, C:\Users\Simone\AppData\Roaming\OpenCandy\4857B82472F54864BC82CB8E0AA79CF0, In Quarantäne, [32b6b1ea9edd00363e909602ac56d62a], 
PUP.Optional.OpenCandy, C:\Users\Simone\AppData\Roaming\OpenCandy\51DCDC55B11D44AA846E75374FB438D8, In Quarantäne, [32b6b1ea9edd00363e909602ac56d62a], 
PUP.Optional.OpenCandy, C:\Users\Simone\AppData\Roaming\OpenCandy\C75AFFAFA4F24C0C92E8D46CC448B67A, In Quarantäne, [32b6b1ea9edd00363e909602ac56d62a], 
PUP.Optional.OpenCandy, C:\Users\Simone\AppData\Roaming\OpenCandy\D62EA76AA81B47938953BCAB3FE00279, In Quarantäne, [32b6b1ea9edd00363e909602ac56d62a], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\components, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\buttons, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\buttons\sparkline, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\firstrun, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\firstrun\Buttons, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\firstrun\Buttons\de_DE, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\firstrun\Buttons\es_ES, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\firstrun\Buttons\fr_FR, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\firstrun\Buttons\it_IT, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\firstrun\Buttons\ja_JP, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\firstrun\Buttons\zh_CN, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\oemdefault, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\defaults, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\defaults\preferences, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\locale, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\locale\en-US, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\locale\zh-CN, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\META-INF, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\images, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\oemdefault, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\bubblebox, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\gadget, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\rank, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\reviews, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, In Quarantäne, [4d9b96050e6d0135942587278d75cd33], 
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, In Quarantäne, [4d9b96050e6d0135942587278d75cd33], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger, In Quarantäne, [09dfb3e82b505ed8eb752788c43e05fb], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\log, In Quarantäne, [09dfb3e82b505ed8eb752788c43e05fb], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\update, In Quarantäne, [09dfb3e82b505ed8eb752788c43e05fb], 
PUP.Optional.Extutil.A, C:\Users\Simone\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B, In Quarantäne, [6b7dc7d4304b20166eaf0aa720e2bf41], 
PUP.Optional.Managera.A, C:\Users\Simone\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42, In Quarantäne, [97512a7184f77cba59c5cce53bc760a0], 

Dateien: 399
PUP.Optional.Skytech.A, C:\Program Files\SupTab\SearchProtect32.dll, In Quarantäne, [9d4b52498fecf343c8fd741717ea7888], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\SupTab.dll, In Quarantäne, [4f99f4a7651672c4471c88ad9070fb05], 
Adware.Agent, C:\Program Files\Boost\Boost.dll, In Quarantäne, [8f59bedd6b1093a3128dc98b8f73857b], 
PUP.Optional.Delta.A, C:\ProgramData\DSearchLink\DSearchLink.exe, In Quarantäne, [22c6debdff7cf640093ee172d0344db3], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\wprotectmanager.exe, In Quarantäne, [9751a3f890eb70c602724a456f926997], 
PUP.Optional.Searchprotect, C:\Users\Simone\AppData\Roaming\OpenCandy\4857B82472F54864BC82CB8E0AA79CF0\INTERNALWRAPPER.exe, In Quarantäne, [b236f9a284f78fa72aadc35e4eb30af6], 
PUP.Optional.Babylon.A, C:\Users\Simone\AppData\Roaming\OpenCandy\51DCDC55B11D44AA846E75374FB438D8\Deltabar_p1v6.exe, In Quarantäne, [0bdd0c8f2d4ecd6939fa7e8e7b86a957], 
PUP.Optional.Babylon.A, C:\Users\Simone\AppData\Roaming\OpenCandy\51DCDC55B11D44AA846E75374FB438D8\DeltaTB.exe, In Quarantäne, [e800aeed136894a22b08020a758cd828], 
PUP.Optional.OpenCandy.A, C:\Users\Simone\AppData\Roaming\OpenCandy\51DCDC55B11D44AA846E75374FB438D8\LatestDLMgr.exe, In Quarantäne, [54940d8ec1ba2f07c3eb35ddc73a55ab], 
PUP.Optional.OpenCandy.A, C:\Users\Simone\AppData\Roaming\OpenCandy\C75AFFAFA4F24C0C92E8D46CC448B67A\ZADlm_1.exe, In Quarantäne, [5692cad1f7840c2ad5beab7ae021e31d], 
PUP.Optional.Conduit.A, C:\Users\Simone\AppData\Local\Temp\nsa4889.exe, In Quarantäne, [ae3a5b407b00f34327313058ce336c94], 
PUP.Optional.Conduit.A, C:\Users\Simone\AppData\Local\Temp\nsaB1F9.exe, In Quarantäne, [36b2613a9edd62d49fb95a2e25dcd32d], 
PUP.Optional.Conduit.A, C:\Users\Simone\AppData\Local\Temp\nse88B4.exe, In Quarantäne, [b830b9e2aecd023444148602c23fc53b], 
PUP.Optional.Conduit.A, C:\Users\Simone\AppData\Local\Temp\nslAAE7.exe, In Quarantäne, [6187e3b8f3887bbb9cbc5533a160837d], 
PUP.Optional.Conduit.A, C:\Users\Simone\AppData\Local\Temp\nsq42CE.exe, In Quarantäne, [64846b3091ea45f182d69aee679af30d], 
PUP.Optional.Conduit.A, C:\Users\Simone\AppData\Local\Temp\verifier.exe, In Quarantäne, [b137b2e9ea912a0c8842152d42be38c8], 
PUP.Optional.Conduit.A, C:\Users\Simone\AppData\Local\Temp\D623.tmp, In Quarantäne, [9d4b881381fae1552d06180f877a7090], 
PUP.Optional.Conduit.A, C:\Users\Simone\AppData\Local\Temp\dlLogic.exe, In Quarantäne, [4a9e712adaa1d066dced370b4bb59d63], 
PUP.Optional.Conduit.A, C:\Users\Simone\AppData\Local\Temp\dltr.exe, In Quarantäne, [747452498cef03334d7d4ef4f70912ee], 
PUP.Optional.Conduit.A, C:\Users\Simone\AppData\Local\Temp\GCVerifier.dll, In Quarantäne, [23c57724c7b40036d2f6d86ad42c728e], 
PUP.Optional.Babylon.A, C:\Users\Simone\AppData\Local\Temp\04626678-BAB0-7891-B8D9-43267A581C03\Latest\BExternal.dll, In Quarantäne, [04e4dbc03a41d660fffcca584fb19967], 
PUP.Optional.Conduit.A, C:\Users\Simone\AppData\Local\Temp\04626678-BAB0-7891-B8D9-43267A581C03\Latest\ccp.exe, In Quarantäne, [ab3d24778cefbd7966cd6bbc5da4fe02], 
PUP.Optional.Babylon.A, C:\Users\Simone\AppData\Local\Temp\04626678-BAB0-7891-B8D9-43267A581C03\Latest\CrxInstaller.dll, In Quarantäne, [eff9faa1bbc070c689d374ab25dcde22], 
PUP.Optional.Delta.A, C:\Users\Simone\AppData\Local\Temp\04626678-BAB0-7891-B8D9-43267A581C03\Latest\DSearchLink.exe, In Quarantäne, [d71159420576033381c683d0b3510ff1], 
PUP.Optional.Babylon.A, C:\Users\Simone\AppData\Local\Temp\04626678-BAB0-7891-B8D9-43267A581C03\Latest\MntrDLLInstall.dll, In Quarantäne, [7d6b52498cef74c205584bd44fb24ab6], 
PUP.Optional.Delta.A, C:\Users\Simone\AppData\Local\Temp\04626678-BAB0-7891-B8D9-43267A581C03\Latest\MyDeltaTB.exe, In Quarantäne, [f7f1fd9ea6d59a9ca7b265110bf6c63a], 
PUP.Optional.Babylon.A, C:\Users\Simone\AppData\Local\Temp\04626678-BAB0-7891-B8D9-43267A581C03\Latest\Setup.exe, In Quarantäne, [7b6d613a9fdc1b1b1d806db48d7315eb], 
PUP.Optional.Babylon.A, C:\Users\Simone\AppData\Local\Temp\is1293689599\789543_stp\DeltaTB.exe, In Quarantäne, [41a76338ea9136002f04a06cae53e51b], 
PUP.Optional.Wajam.A, C:\Users\Simone\AppData\Local\Temp\is1293689599\789573_stp\wajam_download.exe, In Quarantäne, [a0482e6d9ddecc6ad728d86e7a86847c], 
PUP.Optional.CRX.A, C:\Users\Simone\AppData\Local\Temp\bus9BB4\CrxUpdater_d.exe, In Quarantäne, [7078198292e9a591a49b93c37f85a060], 
PUP.Optional.CRX.A, C:\Users\Simone\AppData\Local\Temp\busE8C5\CrxUpdater_d.exe, In Quarantäne, [e9ff6e2ddf9c8bab7bc4cf877b89b050], 
PUP.Optional.CrossRider.A, C:\Users\Simone\AppData\Local\Temp\8CBFtmp\setup.exe, In Quarantäne, [4c9cf2a9a6d557df5d7dbd8c2ad6b34d], 
PUP.Optional.OpenCandy, C:\Users\Simone\AppData\Local\Temp\is-RNAS1.tmp\OCSetupHlp.dll, In Quarantäne, [06e23a61285354e290e0f4c460a4758b], 
PUP.Optional.Wajam.A, C:\Users\Simone\AppData\Local\Temp\Wajam\tmp\1\wajam_install.exe, In Quarantäne, [4c9c1c7fa4d7c86ef609bf87ec14837d], 
PUP.Optional.Conduit.A, C:\Users\Simone\AppData\Local\Temp\8065tmp\spidentifierimpl.exe, In Quarantäne, [02e60893ef8c82b44d7442471de4c040], 
PUP.Optional.NewPlayer.A, C:\Users\Simone\AppData\Local\Temp\8CADtmp\newvideoplayersetup.exe, In Quarantäne, [5692bcdf4a316ec8c709394b8f72fa06], 
PUP.Optional.InstallVibes, C:\Users\Simone\AppData\Local\Temp\3463a2cc-86fe-43f4-a7e7-69a5b2465448\setup.exe, In Quarantäne, [f0f8217a710a171f7e5ff096e321956b], 
PUP.Optional.CRX.A, C:\Users\Simone\AppData\Local\Temp\bus3ECB\CrxUpdater_d.exe, In Quarantäne, [1ecad9c21c5f3df9c57a88cebd470ff1], 
PUP.Optional.CRX.A, C:\Users\Simone\AppData\Local\Temp\bus6842\CrxUpdater_d.exe, In Quarantäne, [7c6ca8f3b4c7d85edf60a2b416ee867a], 
PUP.Optional.CRX.A, C:\Users\Simone\AppData\Local\Temp\bus6B1B\CrxUpdater_d.exe, In Quarantäne, [5890b3e8413ae84e122d83d342c224dc], 
PUP.Optional.FreeSoftToday.A, C:\Users\Simone\AppData\Local\Temp\8CD0tmp\freesofttoday.exe, In Quarantäne, [f7f1b1ea1764dd596f90d3baa06117e9], 
PUP.Optional.SearchHijacker.A, C:\Users\Simone\AppData\Local\Temp\8CD1tmp\lly_webssearches.exe, In Quarantäne, [a34542596a1175c15745652fe120768a], 
PUP.Optional.Babylon.A, C:\Users\Simone\AppData\Local\Temp\EF99036C-BAB0-7891-9737-59BAFE19F93C\Latest\BExternal.dll, In Quarantäne, [5f89ecaf611a43f323d871b1857bb44c], 
PUP.Optional.Babylon.A, C:\Users\Simone\AppData\Local\Temp\EF99036C-BAB0-7891-9737-59BAFE19F93C\Latest\Setup.exe, In Quarantäne, [3dabdac1d9a2c175adf027fa19e711ef], 
PUP.Optional.Searchprotect, C:\Windows\Temp\TBU003\Update.exe, In Quarantäne, [b33567340f6c63d325b240e134cdb64a], 
PUP.Optional.Searchprotect, C:\Windows\Temp\TBU002\Update.exe, In Quarantäne, [38b03269eb902f0721b676abbd44768a], 
PUP.Optional.Searchprotect, C:\Windows\Temp\TBU004\Update.exe, In Quarantäne, [18d09b004932bb7bac2b38e9d0312ed2], 
PUP.Optional.Searchprotect, C:\Windows\Temp\TBU005\Update.exe, In Quarantäne, [02e62d6e5c1f6dc98f486ab78e73d12f], 
PUP.Optional.Searchprotect, C:\Windows\Temp\TBU006\Update.exe, In Quarantäne, [0fd91f7cc1ba5ed80bcce53c03feea16], 
PUP.Optional.Searchprotect, C:\Windows\Temp\TBU007\Update.exe, In Quarantäne, [4f995a417803bc7ad502ef329c655ba5], 
PUP.Optional.OptimumInstaller.A, C:\Users\Simone\Downloads\Player-Chrome.exe, In Quarantäne, [8d5bd5c66e0d280e42b3a6addb26cd33], 
PUP.Optional.Downloader, C:\Users\Simone\Downloads\Setup (1).exe, In Quarantäne, [af392873ff7cd2645785820e04fde51b], 
PUP.Optional.OptimumInstaller.A, C:\Users\Simone\Downloads\Drivers_Setup.exe, In Quarantäne, [8d5b6b301e5d1026c332361d25dcb24e], 
PUP.Optional.OpenCandy, C:\Users\Simone\Downloads\DTLite4471-0333.exe, In Quarantäne, [6088ecaf7b0095a11a563f7913f106fa], 
PUP.Optional.Superfish.A, C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, In Quarantäne, [e503d6c5e2998bab29f0c1ff07fbe31d], 
PUP.Optional.Superfish.A, C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, In Quarantäne, [6484a3f835461f171009952bbc461de3], 
PUP.Optional.BProtector.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\bProtector_extensions.sqlite, In Quarantäne, [cd1bc9d2a7d4d0666a2810bd9f63d22e], 
PUP.Optional.BProtector.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\bprotector_prefs.js, In Quarantäne, [a0484c4f2a51df577b185f6e5aa89868], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\install.data, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\DpInterface32.dll, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\DpInterface64.dll, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\DpInterfacef32.dll, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\ient.json, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\RSHP.exe, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\SearchProtect64.dll, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\SpAPPSv32.dll, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\SpAPPSv64.dll, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\uninstall.exe, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\WebDataJs, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\data.html, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\indexIE.html, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\indexIE8.html, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\main.css, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\ver.txt, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\arrow.png, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\default_add_logo.png, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\default_add_logo_hover.png, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\default_logo.png, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\googlelogo.png, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\googlelogo2.png, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\google_trends.png, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\icon128.png, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\icon16.png, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\icon48.png, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\loading.gif, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\logo32.ico, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\img\weather\0.png, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\common.js, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\ga.js, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\ie8.js, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\jquery-1.11.0.min.js, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\jquery.autocomplete.js, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\js.js, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\library.js, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\js\xagainit.js, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\en-US\messages.json, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\es-419\messages.json, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\es-ES\messages.json, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-BE\messages.json, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-CA\messages.json, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-CH\messages.json, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-FR\messages.json, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\fr-LU\messages.json, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\it-CH\messages.json, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\it-IT\messages.json, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\pl\messages.json, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\pt\messages.json, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\pt-BR\messages.json, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\ru\messages.json, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\ru-MO\messages.json, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\tr-TR\messages.json, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\vi-VI\messages.json, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\zh-CN\messages.json, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
PUP.Optional.SupTab.A, C:\Program Files\SupTab\web\_locales\zh-TW\messages.json, In Quarantäne, [994f3a61e4972c0adf62ac2936cc3bc5], 
Rogue.Multiple, C:\ProgramData\2308189059\BIT4411.tmp, In Quarantäne, [26c2752695e6b28466c36a1f6d9533cd], 
PUP.Optional.Wajam.A, C:\Program Files\Wajam\install.log, In Quarantäne, [7c6c009b3e3df442950abfd906fc7090], 
PUP.Optional.OpenCandy, C:\Users\Simone\AppData\Roaming\OpenCandy\C75AFFAFA4F24C0C92E8D46CC448B67A\zafwSetupWeb_131_211_000.exe, In Quarantäne, [32b6b1ea9edd00363e909602ac56d62a], 
PUP.Optional.OpenCandy, C:\Users\Simone\AppData\Roaming\OpenCandy\C75AFFAFA4F24C0C92E8D46CC448B67A\ZoneAlarm_p1v5.exe, In Quarantäne, [32b6b1ea9edd00363e909602ac56d62a], 
PUP.Optional.OpenCandy, C:\Users\Simone\AppData\Roaming\OpenCandy\D62EA76AA81B47938953BCAB3FE00279\TuneUpUtilities2013-2200218_de-DE.exe, In Quarantäne, [32b6b1ea9edd00363e909602ac56d62a], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\chrome.manifest, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\install.rdf, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\components\herb.js, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\components\herb.xpt, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\components\utility.js, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\components\utility.xpt, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\extensions-4.0.xul, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\about.xul, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\alxtb2ff.js, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\alxtb2ff.xul, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\Bestseller.xml, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\bestsellers.xml, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\button.css, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\button.xml, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\buttons.js, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\buttons.xul, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\cba.js, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\close.xul, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\cs.js, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\default.xml, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\Department.xml, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\dialogWrapper.xul, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\ellipsis.xml, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\extension-uninstall.xul, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\extensions.xul, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\feedUrls.xml, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\giurls.js, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\inject_api.js, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\install.xml, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\install.xul, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\myamazon.xml, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\newreleases.xml, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\option.xml, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\option1.xml, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\option2.xml, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\options.xul, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\overlay.js, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\overlay.xul, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\product.xml, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\results.js, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\search.xml, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\searches.xml, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\search_conf.js, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\toolbar.xml, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\toolbar1.xml, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\buttons\sparkline\sparkline.xml, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\firstrun\Cancel-button.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\firstrun\Continue-button.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\firstrun\firstrun.css, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\firstrun\firstrun.js, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\firstrun\firstrun.xul, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\firstrun\firstupdate.js, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\firstrun\firstupdate.xul, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\firstrun\Up-Arrow.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\firstrun\Buttons\de_DE\Continue-button.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\firstrun\Buttons\es_ES\Continue-button.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\firstrun\Buttons\fr_FR\Continue-button.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\firstrun\Buttons\it_IT\Continue-button.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\firstrun\Buttons\ja_JP\Continue-button.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\firstrun\Buttons\zh_CN\Continue-button.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\content\oemdefault\toolbar.xml, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\defaults\preferences\buttons.js, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\defaults\preferences\install.js, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\defaults\preferences\preferences.js, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\locale\en-US\branding.dtd, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\locale\en-US\branding.properties, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\locale\zh-CN\branding.dtd, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\locale\zh-CN\branding.properties, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\META-INF\manifest.mf, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\META-INF\zigbert.rsa, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\META-INF\zigbert.sf, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\hotsearches.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\siteinfo-down.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\1px-trans.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\a-smile-sm.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\about.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\add.ico, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\ai_bg.gif, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa_internet.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alxtb2ff.css, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\amazonbasket.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\amazongift.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\amazonheart.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\amazonlogo.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\amazonmusic.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\amazonorders.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\amazonsearch.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\amazonwishlist.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\amazon_logo_small-hover.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\amazon_logo_small.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\amzn-tb-options-hover.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\amzn-tb-options.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\hoturls-hover.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\hoturls.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\icon.ico, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\install.css, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\installed.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\ip-blocked.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\logo-hover.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\logo.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\middot.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\myamazon.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\siteinfo-hover.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\siteinfo-up-hover.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\siteinfo-up.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\siteinfo.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\star.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\tl.gif, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\tl.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\tl_arrow.gif, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\tr.gif, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\tr.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\twitter-hover.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\twitter-new.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\twitter.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\twitterimdb-new.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\twitterimdb.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\update-arrow-down.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\url.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\wayback-hover.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\wayback.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\wishlist.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\an_amazon_company.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\arrowdown.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\arrowdown_white.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\a_com_border.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\bl.gif, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\bl.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\blank.htm, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\br.gif, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\br.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\catalog-hover.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\catalog.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\china_comment.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\china_globe.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\close.xul, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\comment.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\default.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\hb.ico, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\hotsearches-hover.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\overlay.css, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\related-hover.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\related.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\rss.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\search-hover.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\search-icon.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\search.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\separator.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\shim.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\shim_new.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\siteinfo-down-hover.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa\0.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa\1.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa\2.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa\3.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa\4.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa\5.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa\6.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa\7.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa\8.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa\9.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa\a.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa\b.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa\c.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa\d.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa\e.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa\f.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa\g.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa\graph0.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa\graph1.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa\graph10.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa\graph2.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa\graph3.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa\graph4.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa\graph5.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa\graph6.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa\graph7.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa\graph8.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa\graph9.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa\h.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\alexa\x.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\images\amazonlogo-small.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\images\star-0.0.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\images\star-0.5.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\images\star-1.0.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\images\star-1.5.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\images\star-2.0.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\images\star-2.5.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\images\star-3.0.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\images\star-3.5.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\images\star-4.0.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\images\star-4.5.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\images\star-5.0.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\images\stars.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\oemdefault\amazonJQ.js, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\oemdefault\amazonlogo.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\oemdefault\countryMap.js, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\oemdefault\DefaultButton.htm, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\oemdefault\toolbar-sprite-HTML.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\bubblebox\description.xml, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\bubblebox\img-bublebox-bottom.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\bubblebox\img-bublebox-middle.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\bubblebox\img-bublebox-top.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\gadget\btn-close-over.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\gadget\btn-close.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\gadget\img-boxB.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\gadget\img-boxL.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\gadget\img-boxLB.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\gadget\img-boxLT.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\gadget\img-boxPK.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\gadget\img-boxR.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\gadget\img-boxRB.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\gadget\img-boxRT.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\gadget\img-boxRT2.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\gadget\img-boxT.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\gadget\spinner.gif, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\rank\0.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\rank\1.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\rank\2.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\rank\3.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\rank\4.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\rank\5.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\rank\6.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\rank\7.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\rank\8.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\rank\9.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\rank\a.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\rank\b.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\rank\c.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\rank\d.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\rank\e.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\rank\f.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\rank\x.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\reviews\stars.0.0.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\reviews\stars.0.5.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\reviews\stars.1.0.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\reviews\stars.1.5.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\reviews\stars.2.0.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\reviews\stars.2.5.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\reviews\stars.3.0.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\reviews\stars.3.5.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\reviews\stars.4.0.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\reviews\stars.4.5.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\reviews\stars.5.0.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\reviews\stars.unrated.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\reviews\write-disabled.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\reviews\write-hover.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.AmazonTB.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\abb@amazon.com\skin\reviews\write.png, In Quarantäne, [65836338ef8c9e9890aaa0fe1ae88c74], 
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\PluginService.exe, In Quarantäne, [4d9b96050e6d0135942587278d75cd33], 
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update\conf, In Quarantäne, [4d9b96050e6d0135942587278d75cd33], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\log\wprotectmanager_2014-06-21[19-58-53-941].log, In Quarantäne, [09dfb3e82b505ed8eb752788c43e05fb], 
PUP.Optional.WPM.A, C:\ProgramData\WindowsProtectManger\update\conf, In Quarantäne, [09dfb3e82b505ed8eb752788c43e05fb], 
PUP.Optional.Extutil.A, C:\Users\Simone\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\bk.js, In Quarantäne, [6b7dc7d4304b20166eaf0aa720e2bf41], 
PUP.Optional.Extutil.A, C:\Users\Simone\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\cs.js, In Quarantäne, [6b7dc7d4304b20166eaf0aa720e2bf41], 
PUP.Optional.Extutil.A, C:\Users\Simone\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B\manifest.json, In Quarantäne, [6b7dc7d4304b20166eaf0aa720e2bf41], 
PUP.Optional.Managera.A, C:\Users\Simone\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\cs.js, In Quarantäne, [97512a7184f77cba59c5cce53bc760a0], 
PUP.Optional.Managera.A, C:\Users\Simone\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42\manifest.json, In Quarantäne, [97512a7184f77cba59c5cce53bc760a0], 
PUP.Optional.Delta.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.admin", false);), Ersetzt,[a93f5c3f2b503303cbe3774b669e20e0]
PUP.Optional.Delta.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.aflt", "babsst");), Ersetzt,[05e3c8d3de9df83ecbe330920ef621df]
PUP.Optional.Delta.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");), Ersetzt,[895fcecd3249ff37feb0556d5ea6a15f]
PUP.Optional.Delta.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.autoRvrt", "false");), Ersetzt,[47a1cbd00f6c30065955279b46bead53]
PUP.Optional.Delta.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.dfltLng", "de");), Ersetzt,[96520497bebdbd79a10d2f93fc087987]
PUP.Optional.Delta.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.excTlbr", false);), Ersetzt,[bf290c8f89f268ce8a2461619f6530d0]
PUP.Optional.Delta.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.ffxUnstlRst", true);), Ersetzt,[c91f9209b6c59b9bb8f6a0224eb655ab]
PUP.Optional.Delta.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.id", "b8aa338f00000000000000242b9976eb");), Ersetzt,[e60285169be059dd7935428042c20ef2]
PUP.Optional.Delta.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.instlDay", "15961");), Ersetzt,[1cccf1aa0477d46208a61fa35ca849b7]
PUP.Optional.Delta.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.instlRef", "sst");), Ersetzt,[1fc92576d9a290a64e6001c10004b24e]
PUP.Optional.Delta.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.newTab", false);), Ersetzt,[08e035665d1eba7c6b43a61c976da759]
PUP.Optional.Delta.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.prdct", "delta");), Ersetzt,[7474e9b209725ed86b43596961a36997]
PUP.Optional.Delta.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.prtnrId", "delta");), Ersetzt,[41a724775b2004321a94b909d1331ae6]
PUP.Optional.Delta.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.rvrt", "false");), Ersetzt,[eafee9b2b3c8fe38713d814109fb57a9]
PUP.Optional.Delta.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.smplGrp", "none");), Ersetzt,[d711f7a48bf064d2cce279497d87af51]
PUP.Optional.Delta.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.tlbrId", "base");), Ersetzt,[f7f1cad11368e74fddd190327d877d83]
PUP.Optional.Delta.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.tlbrSrchUrl", "");), Ersetzt,[8f597d1ec3b87eb8733bb60c887ce41c]
PUP.Optional.Delta.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.vrsn", "1.8.24.6");), Ersetzt,[da0e3962463522144d61f3cf5ea61be5]
PUP.Optional.Delta.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.vrsnTs", "1.8.24.623:04:02");), Ersetzt,[32b6059695e66bcbd6d8843e669e9967]
PUP.Optional.Delta.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta.vrsni", "1.8.24.6");), Ersetzt,[ad3b108b98e3c670b6f8d8ea61a3847c]
PUP.Optional.Delta.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta_i.babExt", "");), Ersetzt,[44a4b1ea2655e74f8628fdc5fe067b85]
PUP.Optional.Delta.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta_i.babTrack", "affID=121565&tsp=5004");), Ersetzt,[ffe969326e0d88ae09a5b50d46be9e62]
PUP.Optional.Delta.A, C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.delta_i.srcExt", "ss");), Ersetzt,[edfb7c1f7dfec373624ceed4cf35e11f]

Physische Sektoren: 0
(No malicious items detected)


(end)
         

JRT

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional N x86
Ran by Simone on 05.07.2014 at 14:55:12,63
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1871973915-1044618656-3300570338-1000\Software\sweetim



~~~ Files



~~~ Folders

Failed to delete: [Folder] "C:\ProgramData\big fish"
Successfully deleted: [Folder] "C:\ProgramData\application data\big fish"
Successfully deleted: [Folder] "C:\Program Files\myfree codec"



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 05.07.2014 at 15:01:01,26
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
AdwCleaner
Code:
ATTFilter
# AdwCleaner v3.214 - Bericht erstellt am 05/07/2014 um 14:43:26
# Aktualisiert 29/06/2014 von Xplode
# Betriebssystem : Windows 7 Professional N Service Pack 1 (32 bits)
# Benutzername : Simone - JAMIE
# Gestartet von : C:\Users\Simone\Desktop\adwcleaner_3.214.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\IePluginServices
Ordner Gelöscht : C:\SearchProtect
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\BitGuard
Ordner Gelöscht : C:\ProgramData\DSearchLink
Ordner Gelöscht : C:\Program Files\AnyProtectEx
Ordner Gelöscht : C:\Program Files\globalUpdate
Ordner Gelöscht : C:\Program Files\PC Speed Maximizer
Ordner Gelöscht : C:\Program Files\predm
Ordner Gelöscht : C:\Users\Simone\AppData\Local\Babylon
Ordner Gelöscht : C:\Users\Simone\AppData\Local\globalUpdate
Ordner Gelöscht : C:\Users\Simone\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Simone\AppData\Local\PennyBee
Ordner Gelöscht : C:\Users\Simone\AppData\Local\Temp\OCS
Ordner Gelöscht : C:\Users\Simone\AppData\Local\Temp\Wajam
Ordner Gelöscht : C:\Users\Simone\AppData\Roaming\Babylon
Ordner Gelöscht : C:\Users\Simone\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Simone\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\Simone\Documents\Mobogenie
Datei Gelöscht : C:\END
Datei Gelöscht : C:\Users\Simone\daemonprocess.txt
Datei Gelöscht : C:\Users\Simone\AppData\Local\AnyProtectScannerSetup.exe
Datei Gelöscht : C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\user.js

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
[#] Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8BA2A2E1-685C-4E01-8CF6-236AD591713C}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ScriptHost.Tool.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\secman.OutlookSecurityManager.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\BackupStack_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\MyDeltaTB_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\NewPlayerUpdater_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\speedupmypc_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_download_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\wajam_install_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Schlüssel Gelöscht : HKCU\Software\9e8f88b73fe417
Schlüssel Gelöscht : HKLM\SOFTWARE\9e8f88b73fe417
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{19D2F415-D58B-46BC-9390-C03DCBC21EB2}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E45F3E8-2683-4824-A6BE-08108022FB36}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9F0F16DD-4E76-4049-A9B1-7A91E48F0323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F4288797-CB12-49CE-9DF8-7CDFA1143BEA}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Schlüssel Gelöscht : HKCU\Software\Alexa Internet
Schlüssel Gelöscht : HKCU\Software\AnyProtect
Schlüssel Gelöscht : HKCU\Software\BABSOLUTION
Schlüssel Gelöscht : HKCU\Software\ClickConnect
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\distromatic
Schlüssel Gelöscht : HKCU\Software\FreeSoftToday
Schlüssel Gelöscht : HKCU\Software\Myfree Codec
Schlüssel Gelöscht : HKCU\Software\OCS
Schlüssel Gelöscht : HKCU\Software\SmartBar
Schlüssel Gelöscht : HKCU\Software\Wajam
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : HKLM\Software\Conduit
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\Software\Free_soft_today
Schlüssel Gelöscht : HKLM\Software\Myfree Codec
Schlüssel Gelöscht : HKLM\Software\SupDp
Schlüssel Gelöscht : HKLM\Software\SupTab
Schlüssel Gelöscht : HKLM\Software\Tutorials
Schlüssel Gelöscht : HKLM\Software\Uniblue
Schlüssel Gelöscht : HKLM\Software\Wpm
Schlüssel Gelöscht : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17126

Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]

-\\ Mozilla Firefox v

[ Datei : C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\prefs.js ]


-\\ Google Chrome v35.0.1916.153

[ Datei : C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [9151 octets] - [05/07/2014 14:42:33]
AdwCleaner[S0].txt - [8952 octets] - [05/07/2014 14:43:26]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9012 octets] ##########
         


Alt 06.07.2014, 20:28   #6
Faranir
 
Windows 7: Chrome öffnet sich von selbst und leitet Seiten auf Werbung um - Standard

Windows 7: Chrome öffnet sich von selbst und leitet Seiten auf Werbung um



Und das frische FRST


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-07-2014
Ran by Simone (administrator) on JAMIE on 05-07-2014 15:13:44
Running from C:\Users\Simone\Desktop\FRST-OlderVersion
Platform: Microsoft Windows 7 Professional N  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

() C:\Program Files\EZ Software Updater\EZ Software Updater.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.3.0.12\NIS.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.3.0.12\NIS.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
() C:\Program Files\Boost\BoostUpdater.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-15] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKU\S-1-5-21-1871973915-1044618656-3300570338-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1564016 2013-07-15] (Samsung)
HKU\S-1-5-21-1871973915-1044618656-3300570338-1000\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-1871973915-1044618656-3300570338-1000\...\MountPoints2: {3c3622e5-1c90-11e3-b8b5-806e6f6e6963} - E:\Start.exe
HKU\S-1-5-21-1871973915-1044618656-3300570338-1000\...\MountPoints2: {ff716f4a-1d28-11e3-862a-00235a569b0d} - G:\SETUP.EXE
Startup: C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BoostUpdater.lnk
ShortcutTarget: BoostUpdater.lnk -> C:\Program Files\Boost\BoostUpdater.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xAA149BC4C0B0CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default
FF Homepage: user_pref("browser.startup.homepage", );
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\searchplugins\amazon.xml
FF Extension: Boost - C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\boost@boost.net.xpi [2014-05-31]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\coFFPlgn [2014-07-05]
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\IPSFF [2014-06-07]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff [2013-09-13]

Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: "https://www.google.com/"
CHR Extension: (Google Docs) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-01]
CHR Extension: (Google Drive) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-01]
CHR Extension: (YouTube) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-01]
CHR Extension: (Adblock Plus) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-01]
CHR Extension: (Google-Suche) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-01]
CHR Extension: (Block site) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2014-07-01]
CHR Extension: (JavaScript Popup Blocker) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiajdlfgbgnnjakkbnpdhmhfhklkbiol [2014-07-01]
CHR Extension: (Norton Identity Protection) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-07-01]
CHR Extension: (Google Wallet) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-01]
CHR Extension: (Google Mail) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-01]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Internet Security\Engine\21.3.0.12\Exts\Chrome.crx [2014-06-04]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 EZ Software Updater; C:\Program Files\EZ Software Updater\EZ Software Updater.exe [202752 2014-05-05] () [File not signed]
R2 NIS; C:\Program Files\Norton Internet Security\Engine\21.3.0.12\NIS.exe [276376 2014-05-11] (Symantec Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1723744 2012-11-29] (TuneUp Software)
S2 ZAPrivacyService; "C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe" [X]

==================== Drivers (Whitelisted) ====================

R1 BHDrvx86; C:\Program Files\Norton Internet Security\NortonData\21.3.0.12\Definitions\BASHDefs\20140606.001\BHDrvx86.sys [1101616 2014-05-10] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1503000.00C\ccSetx86.sys [127064 2014-02-21] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [377648 2014-06-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [109872 2014-06-11] (Symantec Corporation)
R1 IDSVix86; C:\Program Files\Norton Internet Security\NortonData\21.3.0.12\Definitions\IPSDefs\20140703.001\IDSvix86.sys [395992 2014-06-06] (Symantec Corporation)
R3 NAVENG; C:\Program Files\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20140704.017\NAVENG.SYS [93272 2014-06-25] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20140704.017\NAVEX15.SYS [1612376 2014-06-25] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NIS\1503000.00C\SRTSP.SYS [664280 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1503000.00C\SRTSPX.SYS [32344 2013-10-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NIS\1503000.00C\SYMDS.SYS [367704 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1503000.00C\SYMEFA.SYS [936152 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142936 2014-06-04] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1503000.00C\Ironx86.SYS [206936 2013-10-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NIS\1503000.00C\SYMNETS.SYS [447704 2014-02-18] (Symantec Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-11-16] (TuneUp Software)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-05 15:09 - 2014-07-05 15:13 - 00000000 ____D () C:\Users\Simone\Desktop\FRST-OlderVersion
2014-07-05 15:01 - 2014-07-05 15:01 - 00001013 _____ () C:\Users\Simone\Desktop\JRT.txt
2014-07-05 14:55 - 2014-07-05 14:55 - 00000000 ____D () C:\Windows\ERUNT
2014-07-05 14:54 - 2014-07-05 14:54 - 01016261 _____ (Thisisu) C:\Users\Simone\Desktop\JRT (1).exe
2014-07-05 14:46 - 2014-07-05 14:46 - 00009092 _____ () C:\Users\Simone\Desktop\AdwCleaner[S0].txt
2014-07-05 14:42 - 2014-07-05 14:43 - 00000000 ____D () C:\AdwCleaner
2014-07-05 14:42 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-07-05 13:39 - 2014-07-05 14:40 - 00099107 _____ () C:\Users\Simone\Desktop\MBAM.txt
2014-07-05 13:16 - 2014-07-05 14:21 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-05 13:16 - 2014-07-05 14:01 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-07-05 13:16 - 2014-07-05 13:16 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-05 13:16 - 2014-07-05 13:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-05 13:16 - 2014-07-05 13:16 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-05 13:16 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-05 13:16 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-05 13:16 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-05 13:02 - 2014-07-05 13:02 - 00001226 _____ () C:\Users\Simone\Desktop\Revo Uninstaller.lnk
2014-07-05 13:02 - 2014-07-05 13:02 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-07-05 12:59 - 2014-07-05 12:59 - 00843322 _____ (Thisisu) C:\Users\Simone\Desktop\JRT.exe
2014-07-05 12:58 - 2014-07-05 12:58 - 01346519 _____ () C:\Users\Simone\Desktop\adwcleaner_3.214.exe
2014-07-05 12:57 - 2014-07-05 12:57 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Simone\Desktop\mbam-setup-2.0.2.1012.exe
2014-07-05 12:55 - 2014-07-05 12:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Simone\Desktop\revosetup95.exe
2014-07-04 12:32 - 2014-07-04 12:32 - 00007435 _____ () C:\Users\Simone\Desktop\GMER.log
2014-07-04 12:07 - 2014-07-04 12:09 - 00016936 _____ () C:\Users\Simone\Desktop\Addition.txt
2014-07-04 12:06 - 2014-07-05 15:13 - 00000000 ____D () C:\FRST
2014-07-04 12:06 - 2014-07-04 12:09 - 00039761 _____ () C:\Users\Simone\Desktop\FRST.txt
2014-07-04 11:56 - 2014-07-04 11:56 - 00000474 _____ () C:\Users\Simone\Desktop\defogger_disable.log
2014-07-04 11:56 - 2014-07-04 11:56 - 00000000 _____ () C:\Users\Simone\defogger_reenable
2014-07-04 11:34 - 2014-07-04 11:35 - 00380416 _____ () C:\Users\Simone\Desktop\69qtyzo7.exe
2014-07-04 11:33 - 2014-07-04 11:33 - 00050477 _____ () C:\Users\Simone\Desktop\Defogger.exe
2014-07-01 11:00 - 2014-07-05 15:15 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-01 11:00 - 2014-07-05 14:45 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-01 11:00 - 2014-07-01 11:00 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-01 11:00 - 2014-07-01 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-01 10:50 - 2014-07-01 10:50 - 00000000 __SHD () C:\Users\Simone\AppData\Local\EmieUserList
2014-07-01 10:50 - 2014-07-01 10:50 - 00000000 __SHD () C:\Users\Simone\AppData\Local\EmieSiteList
2014-07-01 10:45 - 2014-07-01 10:46 - 40514640 _____ (Google Inc.) C:\Users\Simone\Desktop\ChromeStandaloneSetup_35.0.1916.153.exe
2014-06-29 16:15 - 2014-06-29 16:15 - 01509720 _____ () C:\Windows\Minidump\062914-28938-01.dmp
2014-06-22 20:32 - 2014-06-22 20:32 - 00000000 ____D () C:\Users\Simone\Documents\Jojos Fashion Show 2
2014-06-22 20:32 - 2014-06-22 20:32 - 00000000 ____D () C:\Users\Simone\AppData\Roaming\Gamelab
2014-06-22 20:31 - 2014-07-01 10:57 - 00000000 ____D () C:\Program Files\Jojo's Fashion Show 2
2014-06-22 20:30 - 2014-06-22 21:32 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-22 20:28 - 2014-06-22 20:30 - 00000000 ____D () C:\Users\Simone\AppData\Local\Big Fish
2014-06-21 19:45 - 2014-06-21 19:45 - 00000000 ____D () C:\ProgramData\CheckPoint
2014-06-21 19:42 - 2014-06-21 20:45 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-06-21 19:37 - 2014-06-21 19:37 - 34516480 _____ (DVDVideoSoft Ltd. ) C:\Users\Simone\Downloads\FreeYouTubeToMP3Converter (2).exe
2014-06-21 19:37 - 2014-06-21 19:37 - 00000000 ____D () C:\Users\Simone\AppData\Local\cache
2014-06-21 19:37 - 2014-06-21 19:37 - 00000000 ____D () C:\Users\Simone\.android
2014-06-21 19:36 - 2014-06-21 19:37 - 34516480 _____ (DVDVideoSoft Ltd. ) C:\Users\Simone\Downloads\FreeYouTubeToMP3Converter (1).exe
2014-06-21 19:32 - 2014-07-05 14:17 - 00000000 ____D () C:\Program Files\Boost
2014-06-21 19:30 - 2014-06-21 20:14 - 00000000 ____D () C:\Program Files\BooZaka
2014-06-21 19:28 - 2014-06-21 20:50 - 00002256 _____ () C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-06-21 19:27 - 2014-06-21 19:27 - 00000000 ____D () C:\Program Files\EZ Software Updater
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL4AA6.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL499D.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL498D.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL497E.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL4865.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL46CF.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL4614.tmp
2014-06-21 19:24 - 2014-06-21 19:24 - 34516480 _____ (DVDVideoSoft Ltd. ) C:\Users\Simone\Downloads\FreeYouTubeToMP3Converter.exe
2014-06-19 18:12 - 2014-06-19 18:12 - 01508320 _____ () C:\Windows\Minidump\061914-34351-01.dmp
2014-06-17 21:01 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-17 21:01 - 2014-05-30 11:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-17 21:01 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-17 21:01 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-17 21:01 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-17 21:01 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-17 21:01 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-17 21:01 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-17 21:01 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-17 21:01 - 2014-05-30 10:28 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-17 21:01 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-17 21:01 - 2014-05-30 10:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-17 21:01 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-17 21:01 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-17 21:01 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-17 21:01 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-17 21:01 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-17 21:01 - 2014-05-30 09:57 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-17 21:01 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-17 21:01 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-17 21:01 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-17 21:01 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-17 21:01 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-17 21:01 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-17 21:01 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-17 21:00 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-17 21:00 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-17 21:00 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-17 20:50 - 2014-06-08 10:48 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-17 20:50 - 2014-06-08 10:43 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-17 20:50 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-17 20:50 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-17 20:50 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-17 20:50 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-17 20:50 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-17 20:50 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-16 19:34 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 12:07 - 2014-07-04 11:30 - 00000000 ____D () C:\Users\Simone\AppData\Local\CrashDumps
2014-06-07 16:06 - 2014-06-07 16:06 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security

==================== One Month Modified Files and Folders =======

2014-07-05 15:15 - 2014-07-01 11:00 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-05 15:13 - 2014-07-05 15:09 - 00000000 ____D () C:\Users\Simone\Desktop\FRST-OlderVersion
2014-07-05 15:13 - 2014-07-04 12:06 - 00000000 ____D () C:\FRST
2014-07-05 15:01 - 2014-07-05 15:01 - 00001013 _____ () C:\Users\Simone\Desktop\JRT.txt
2014-07-05 14:55 - 2014-07-05 14:55 - 00000000 ____D () C:\Windows\ERUNT
2014-07-05 14:54 - 2014-07-05 14:54 - 01016261 _____ (Thisisu) C:\Users\Simone\Desktop\JRT (1).exe
2014-07-05 14:52 - 2009-07-14 06:02 - 00020144 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-05 14:52 - 2009-07-14 06:02 - 00020144 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-05 14:48 - 2013-09-13 18:23 - 01141805 _____ () C:\Windows\WindowsUpdate.log
2014-07-05 14:46 - 2014-07-05 14:46 - 00009092 _____ () C:\Users\Simone\Desktop\AdwCleaner[S0].txt
2014-07-05 14:45 - 2014-07-01 11:00 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-05 14:44 - 2010-11-20 23:49 - 00247662 _____ () C:\Windows\PFRO.log
2014-07-05 14:44 - 2009-07-14 06:17 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-05 14:44 - 2009-07-14 06:07 - 00037142 _____ () C:\Windows\setupact.log
2014-07-05 14:43 - 2014-07-05 14:42 - 00000000 ____D () C:\AdwCleaner
2014-07-05 14:43 - 2013-09-13 18:50 - 00000000 ____D () C:\Users\Simone
2014-07-05 14:40 - 2014-07-05 13:39 - 00099107 _____ () C:\Users\Simone\Desktop\MBAM.txt
2014-07-05 14:23 - 2013-09-13 22:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-05 14:21 - 2014-07-05 13:16 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-05 14:18 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\SchCache
2014-07-05 14:17 - 2014-06-21 19:32 - 00000000 ____D () C:\Program Files\Boost
2014-07-05 14:01 - 2014-07-05 13:16 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-07-05 13:16 - 2014-07-05 13:16 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-05 13:16 - 2014-07-05 13:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-05 13:16 - 2014-07-05 13:16 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-05 13:02 - 2014-07-05 13:02 - 00001226 _____ () C:\Users\Simone\Desktop\Revo Uninstaller.lnk
2014-07-05 13:02 - 2014-07-05 13:02 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-07-05 12:59 - 2014-07-05 12:59 - 00843322 _____ (Thisisu) C:\Users\Simone\Desktop\JRT.exe
2014-07-05 12:58 - 2014-07-05 12:58 - 01346519 _____ () C:\Users\Simone\Desktop\adwcleaner_3.214.exe
2014-07-05 12:57 - 2014-07-05 12:57 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Simone\Desktop\mbam-setup-2.0.2.1012.exe
2014-07-05 12:55 - 2014-07-05 12:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Simone\Desktop\revosetup95.exe
2014-07-04 12:32 - 2014-07-04 12:32 - 00007435 _____ () C:\Users\Simone\Desktop\GMER.log
2014-07-04 12:09 - 2014-07-04 12:07 - 00016936 _____ () C:\Users\Simone\Desktop\Addition.txt
2014-07-04 12:09 - 2014-07-04 12:06 - 00039761 _____ () C:\Users\Simone\Desktop\FRST.txt
2014-07-04 11:56 - 2014-07-04 11:56 - 00000474 _____ () C:\Users\Simone\Desktop\defogger_disable.log
2014-07-04 11:56 - 2014-07-04 11:56 - 00000000 _____ () C:\Users\Simone\defogger_reenable
2014-07-04 11:35 - 2014-07-04 11:34 - 00380416 _____ () C:\Users\Simone\Desktop\69qtyzo7.exe
2014-07-04 11:33 - 2014-07-04 11:33 - 00050477 _____ () C:\Users\Simone\Desktop\Defogger.exe
2014-07-04 11:30 - 2014-06-11 12:07 - 00000000 ____D () C:\Users\Simone\AppData\Local\CrashDumps
2014-07-01 11:00 - 2014-07-01 11:00 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-01 11:00 - 2014-07-01 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-01 11:00 - 2014-02-08 10:31 - 00000000 ____D () C:\Program Files\Google
2014-07-01 10:57 - 2014-06-22 20:31 - 00000000 ____D () C:\Program Files\Jojo's Fashion Show 2
2014-07-01 10:57 - 2009-07-14 06:51 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-01 10:50 - 2014-07-01 10:50 - 00000000 __SHD () C:\Users\Simone\AppData\Local\EmieUserList
2014-07-01 10:50 - 2014-07-01 10:50 - 00000000 __SHD () C:\Users\Simone\AppData\Local\EmieSiteList
2014-07-01 10:46 - 2014-07-01 10:45 - 40514640 _____ (Google Inc.) C:\Users\Simone\Desktop\ChromeStandaloneSetup_35.0.1916.153.exe
2014-06-29 16:15 - 2014-06-29 16:15 - 01509720 _____ () C:\Windows\Minidump\062914-28938-01.dmp
2014-06-29 16:15 - 2014-02-20 17:39 - 00000000 ____D () C:\Windows\Minidump
2014-06-29 16:14 - 2014-02-20 17:39 - 269455862 _____ () C:\Windows\MEMORY.DMP
2014-06-25 22:01 - 2013-09-14 11:31 - 00000000 ____D () C:\Users\Simone\AppData\Roaming\Spider Player
2014-06-22 21:32 - 2014-06-22 20:30 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-22 20:32 - 2014-06-22 20:32 - 00000000 ____D () C:\Users\Simone\Documents\Jojos Fashion Show 2
2014-06-22 20:32 - 2014-06-22 20:32 - 00000000 ____D () C:\Users\Simone\AppData\Roaming\Gamelab
2014-06-22 20:30 - 2014-06-22 20:28 - 00000000 ____D () C:\Users\Simone\AppData\Local\Big Fish
2014-06-21 20:50 - 2014-06-21 19:28 - 00002256 _____ () C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-06-21 20:50 - 2013-09-13 18:50 - 00001413 _____ () C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-21 20:45 - 2014-06-21 19:42 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-06-21 20:22 - 2010-11-20 23:03 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-21 20:14 - 2014-06-21 19:30 - 00000000 ____D () C:\Program Files\BooZaka
2014-06-21 19:58 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-06-21 19:45 - 2014-06-21 19:45 - 00000000 ____D () C:\ProgramData\CheckPoint
2014-06-21 19:43 - 2013-09-13 23:02 - 00002276 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-06-21 19:43 - 2013-09-13 23:02 - 00000000 ____D () C:\Users\Simone\AppData\Roaming\DVDVideoSoft
2014-06-21 19:43 - 2013-09-13 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-06-21 19:43 - 2013-09-13 23:02 - 00000000 ____D () C:\Program Files\DVDVideoSoft
2014-06-21 19:42 - 2009-07-14 04:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-21 19:41 - 2013-09-13 23:02 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-06-21 19:37 - 2014-06-21 19:37 - 34516480 _____ (DVDVideoSoft Ltd. ) C:\Users\Simone\Downloads\FreeYouTubeToMP3Converter (2).exe
2014-06-21 19:37 - 2014-06-21 19:37 - 00000000 ____D () C:\Users\Simone\AppData\Local\cache
2014-06-21 19:37 - 2014-06-21 19:37 - 00000000 ____D () C:\Users\Simone\.android
2014-06-21 19:37 - 2014-06-21 19:36 - 34516480 _____ (DVDVideoSoft Ltd. ) C:\Users\Simone\Downloads\FreeYouTubeToMP3Converter (1).exe
2014-06-21 19:27 - 2014-06-21 19:27 - 00000000 ____D () C:\Program Files\EZ Software Updater
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL4AA6.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL499D.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL498D.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL497E.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL4865.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL46CF.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL4614.tmp
2014-06-21 19:24 - 2014-06-21 19:24 - 34516480 _____ (DVDVideoSoft Ltd. ) C:\Users\Simone\Downloads\FreeYouTubeToMP3Converter.exe
2014-06-19 21:36 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-06-19 18:12 - 2014-06-19 18:12 - 01508320 _____ () C:\Windows\Minidump\061914-34351-01.dmp
2014-06-18 09:38 - 2014-05-15 16:59 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-17 21:02 - 2013-09-13 22:58 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-08 15:08 - 2013-09-13 19:12 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-06-08 10:48 - 2014-06-17 20:50 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 10:43 - 2014-06-17 20:50 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-07 16:06 - 2014-06-07 16:06 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-06-07 16:06 - 2013-09-13 19:12 - 00002423 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-06-07 16:06 - 2013-09-13 19:11 - 00000000 ____D () C:\Windows\system32\Drivers\NIS
2014-06-07 15:44 - 2013-09-13 19:09 - 00000000 ____D () C:\ProgramData\Norton

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.2552.dll


Some content of TEMP:
====================
C:\Users\Simone\AppData\Local\Temp\BackupSetup.exe
C:\Users\Simone\AppData\Local\Temp\ose00000.exe
C:\Users\Simone\AppData\Local\Temp\Quarantine.exe
C:\Users\Simone\AppData\Local\Temp\setup_72.exe
C:\Users\Simone\AppData\Local\Temp\uninst1.exe
C:\Users\Simone\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Simone\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NIS_6745.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-05 14:39

==================== End Of Log ============================
         
--- --- ---

Alt 07.07.2014, 13:53   #7
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: Chrome öffnet sich von selbst und leitet Seiten auf Werbung um - Standard

Windows 7: Chrome öffnet sich von selbst und leitet Seiten auf Werbung um




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 07.07.2014, 21:36   #8
Faranir
 
Windows 7: Chrome öffnet sich von selbst und leitet Seiten auf Werbung um - Standard

Windows 7: Chrome öffnet sich von selbst und leitet Seiten auf Werbung um



Deine schnelle Hilfe ist echt super. Jetzt habe ich keine der Probleme mehr mit meinem Browser.

Hier die Logs:
Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=d32aadfdc78fe249a5b15f5c0dd86fb0
# engine=19064
# end=stopped
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-07 07:23:12
# local_time=2014-07-07 09:23:12 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Norton Internet Security'
# compatibility_mode=3597 16777213 100 100 1034271 167357577 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 25606365 156392183 0 0
# scanned=30409
# found=28
# cleaned=0
# scan_time=1490
sh=848C686280EAA04B172FCCFFBD312132A0C46172 ft=1 fh=7764b0effb0b9556 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Simone\AppData\Local\Temp\OCS\ocs_v7f.exe.vir"
sh=CF6185A9EDFBA0217C9D36D25CA9F6ADCC9F6BC8 ft=1 fh=f90d49fcbe154eac vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe"
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Conduit\Community Alerts\Alert.dll"
sh=5F1274BB228892131502528652B6D1A10CBE90F5 ft=0 fh=0000000000000000 vn="Win32/DealPly.E evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\DealPly\DealPly.crx"
sh=AC5FF20D276340CF87044B6A9D603BE9B6520460 ft=0 fh=0000000000000000 vn="Win32/DealPly.J evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\DealPly\DealPly.xpi"
sh=D6E3758123FA1C4B9945BBF3359584ABA79C90F3 ft=1 fh=1253b0cb81c9b1bd vn="Win32/DealPly.D evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\DealPly\DealPlyUpdate.exe"
sh=1409EBB3A3E32D47579100DF86DC75C2C3251B1D ft=1 fh=1bb22fea6c29b3c4 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaApp.dll"
sh=D698B030B32596B463C472026A960115CF8BA08D ft=1 fh=757d60309ad51e46 vn="möglicherweise Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaEng.dll"
sh=FF2381AE65749BA610DF97FAF88952CF15FEF138 ft=1 fh=d64f7ddedf260d1b vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Delta\delta\1.8.10.0\deltasrv.exe"
sh=074AD2C240AB3B311E098DA70E99C4C89063B7C8 ft=1 fh=6104037dd21597ba vn="Variante von Win32/Toolbar.Montiera.F evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll"
sh=3400046C996E0D40BFDA36663BE83C5AF213497E ft=1 fh=ee0b8dcbe432084b vn="Win32/Toolbar.Montiera.J evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Delta\delta\1.8.10.0\escortShld.dll"
sh=C9B1C1D6B536D17E425934058F0D49A0876B8C14 ft=1 fh=0271089e341685c4 vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Delta\delta\1.8.10.0\uninstall.exe"
sh=B268732563F607687B0B5E63991763FEBF315D46 ft=1 fh=a9a8061b52917652 vn="Variante von Win32/Toolbar.Escort.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll"
sh=41E6A773F891985CB0C40E7381FD78376C7976DE ft=1 fh=eb5f68de5bb078dd vn="Variante von Win32/ELEX.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Desk 365\deskplusdl.exe"
sh=682F916F1C2C58133AF729EA874253A9A353156E ft=1 fh=15cd768a0d5095c2 vn="Variante von Win32/ELEX.Y evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\Desk 365\deskSvc.exe"
sh=34FF8E2D281CBFECE71100A04C0FF4436818382E ft=1 fh=7b66b1ed06cb1b80 vn="Variante von Win64/Toolbar.Conduit.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\DVDvideoSoft_2.0\hk64tbDVDv.dll"
sh=AE7B8F3BB6E040CE20B02DE558471FAA4C58386E ft=1 fh=6a41a8d0046fd7b4 vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\DVDvideoSoft_2.0\hktbDVDv.dll"
sh=87BE5F13318AC3BA3F403A73E332E1784304C21D ft=1 fh=3e5cd6b65c184efc vn="Variante von Win32/Toolbar.Conduit.P evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\DVDvideoSoft_2.0\ldrtbDVDv.dll"
sh=2647A8D25068D715D97EE42DCB86CF9AA55946BC ft=1 fh=5fd80ae6b91e806a vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\DVDvideoSoft_2.0\prxtbDVDv.dll"
sh=1E6279D9317A709616211812CCA5AB8B26EB4AB2 ft=1 fh=dd2582521ac42eea vn="Variante von Win32/Toolbar.Conduit.X evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\DVDvideoSoft_2.0\tbDVDv.dll"
sh=3E528BF4BF06F3491D6D62CB756FACD726252E87 ft=1 fh=fdc38ff3be82d55a vn="möglicherweise Variante von Win32/Conduit.SearchProtect.C evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\SearchProtect\bin\ChromeModule.dll"
sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Variante von Win32/Conduit.SearchProtect.B evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\SearchProtect\bin\cltmng.exe"
sh=77448BD92178191EF5A4D6A6A0A7FB1B8B45F3B8 ft=1 fh=270e4b58be3d8987 vn="Win32/Conduit.SearchProtect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe"
sh=6DC7867B24FA6111D0C6F71D4356B2EBC5C2C876 ft=1 fh=6a49d7d1db4b2cc3 vn="möglicherweise Variante von Win32/Conduit.SearchProtect.C evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\SearchProtect\bin\FirefoxModule.dll"
sh=CDB2DB2021C21556EB82F4316978B0382329809A ft=1 fh=0ce4d20c39ddf5b9 vn="möglicherweise Variante von Win32/Conduit.SearchProtect.C evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\SearchProtect\bin\InternetExplorerModule.dll"
sh=76A69E2AF9F1BAC40D8D9FE128364894CA2E9F08 ft=1 fh=004b198f29fb0ef4 vn="möglicherweise Variante von Win32/Conduit.SearchProtect.C evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\SearchProtect\bin\SPHook32.dll"
sh=FC96B1F32B9320881BA847B4B84AF0EF096CB99D ft=1 fh=e2b5ce1f1ae776f7 vn="Win32/Conduit.SearchProtect.D evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\SearchProtect\bin\SPRunner.exe"
sh=77801D0E0DC02E8C50CDC73562F4D7F13FC1C18B ft=0 fh=0000000000000000 vn="Win32/Conduit.SearchProtect.A evtl. unerwünschte Anwendung" ac=I fn="C:\Program Files (x86)\SearchProtect\ffprotect\application.js"
         
Code:
ATTFilter
 Results of screen317's Security Check version 0.99.85  
 Windows 7 Service Pack 1 x86 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Norton Internet Security   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 TuneUp Utilities 2013   
 TuneUp Utilities Language Pack (de-DE) 
  Adobe Flash Player 	13.0.0.214 Flash Player out of Date!  
 Adobe Reader XI  
 Google Chrome 35.0.1916.153  
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:05-07-2014 01
Ran by Simone (administrator) on JAMIE on 07-07-2014 21:32:06
Running from C:\Users\Simone\Desktop\FRST-OlderVersion\FRST-OlderVersion
Platform: Microsoft Windows 7 Professional N  Service Pack 1 (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

() C:\Program Files\EZ Software Updater\EZ Software Updater.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.3.0.12\NIS.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe
(Symantec Corporation) C:\Program Files\Norton Internet Security\Engine\21.3.0.12\NIS.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesApp32.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
() C:\Program Files\Boost\BoostUpdater.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-15] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKU\S-1-5-21-1871973915-1044618656-3300570338-1000\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1564016 2013-07-15] (Samsung)
HKU\S-1-5-21-1871973915-1044618656-3300570338-1000\...\Run: [KiesAirMessage] => C:\Program Files\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-1871973915-1044618656-3300570338-1000\...\MountPoints2: {3c3622e5-1c90-11e3-b8b5-806e6f6e6963} - E:\Start.exe
HKU\S-1-5-21-1871973915-1044618656-3300570338-1000\...\MountPoints2: {ff716f4a-1d28-11e3-862a-00235a569b0d} - G:\SETUP.EXE
Startup: C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\BoostUpdater.lnk
ShortcutTarget: BoostUpdater.lnk -> C:\Program Files\Boost\BoostUpdater.exe ()
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xAA149BC4C0B0CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\21.3.0.12\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\21.3.0.12\coIEPlg.dll (Symantec Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default
FF Homepage: user_pref("browser.startup.homepage", );
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\searchplugins\amazon.xml
FF Extension: Boost - C:\Users\Simone\AppData\Roaming\Mozilla\Firefox\Profiles\igi1igxm.default\Extensions\boost@boost.net.xpi [2014-05-31]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\coFFPlgn [2014-07-06]
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.3.0.12\IPSFF [2014-06-07]
FF HKCU\...\Firefox\Extensions: [{B64D9B05-48E1-4CEB-BF58-E0643994E900}] - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff
FF Extension: Download videos and MP3s from YouTube - C:\Program Files\Common Files\DVDVideoSoft\plugins\ff [2013-09-13]

Chrome: 
=======
CHR HomePage: 
CHR StartupUrls: "https://www.google.com/"
CHR Extension: (Google Docs) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-01]
CHR Extension: (Google Drive) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-01]
CHR Extension: (YouTube) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-01]
CHR Extension: (Adblock Plus) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-01]
CHR Extension: (Google-Suche) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-01]
CHR Extension: (Block site) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2014-07-01]
CHR Extension: (JavaScript Popup Blocker) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiajdlfgbgnnjakkbnpdhmhfhklkbiol [2014-07-01]
CHR Extension: (Norton Identity Protection) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-07-01]
CHR Extension: (Google Wallet) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-01]
CHR Extension: (Google Mail) - C:\Users\Simone\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-01]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton Internet Security\Engine\21.3.0.12\Exts\Chrome.crx [2014-06-04]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

========================== Services (Whitelisted) =================

R2 EZ Software Updater; C:\Program Files\EZ Software Updater\EZ Software Updater.exe [202752 2014-05-05] () [File not signed]
R2 NIS; C:\Program Files\Norton Internet Security\Engine\21.3.0.12\NIS.exe [276376 2014-05-11] (Symantec Corporation)
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesService32.exe [1723744 2012-11-29] (TuneUp Software)
S2 ZAPrivacyService; "C:\Program Files\CheckPoint\ZoneAlarm\ZAPrivacyService.exe" [X]

==================== Drivers (Whitelisted) ====================

R1 BHDrvx86; C:\Program Files\Norton Internet Security\NortonData\21.3.0.12\Definitions\BASHDefs\20140606.001\BHDrvx86.sys [1101616 2014-05-10] (Symantec Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NIS\1503000.00C\ccSetx86.sys [127064 2014-02-21] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [377648 2014-06-11] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [109872 2014-06-11] (Symantec Corporation)
R1 IDSVix86; C:\Program Files\Norton Internet Security\NortonData\21.3.0.12\Definitions\IPSDefs\20140703.001\IDSvix86.sys [395992 2014-06-06] (Symantec Corporation)
R3 NAVENG; C:\Program Files\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20140707.003\NAVENG.SYS [93272 2014-06-25] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton Internet Security\NortonData\21.3.0.12\Definitions\VirusDefs\20140707.003\NAVEX15.SYS [1612376 2014-06-25] (Symantec Corporation)
R3 SRTSP; C:\Windows\System32\Drivers\NIS\1503000.00C\SRTSP.SYS [664280 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NIS\1503000.00C\SRTSPX.SYS [32344 2013-10-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NIS\1503000.00C\SYMDS.SYS [367704 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NIS\1503000.00C\SYMEFA.SYS [936152 2014-03-04] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT.SYS [142936 2014-06-04] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NIS\1503000.00C\Ironx86.SYS [206936 2013-10-30] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NIS\1503000.00C\SYMNETS.SYS [447704 2014-02-18] (Symantec Corporation)
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2013\TuneUpUtilitiesDriver32.sys [10088 2012-11-16] (TuneUp Software)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-07 21:29 - 2014-07-07 21:29 - 00000843 _____ () C:\Users\Simone\Desktop\SecurityCheck.txt
2014-07-07 21:27 - 2014-07-07 21:27 - 00854390 _____ () C:\Users\Simone\Desktop\SecurityCheck.exe
2014-07-07 21:26 - 2014-07-07 21:26 - 00006543 _____ () C:\Users\Simone\Desktop\ESET.txt
2014-07-07 20:51 - 2014-07-07 20:51 - 00000000 ____D () C:\Program Files\ESET
2014-07-07 20:50 - 2014-07-07 20:50 - 02347384 _____ (ESET) C:\Users\Simone\Desktop\esetsmartinstaller_deu.exe
2014-07-05 15:36 - 2014-07-05 15:36 - 00019475 _____ () C:\Users\Simone\Desktop\Logfiles.zip
2014-07-05 15:35 - 2014-07-05 15:35 - 00016306 _____ () C:\Users\Simone\Desktop\Logfiles.7z
2014-07-05 15:26 - 2014-07-05 15:26 - 01110476 _____ () C:\Users\Simone\Desktop\7z920.exe
2014-07-05 15:26 - 2014-07-05 15:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-07-05 15:26 - 2014-07-05 15:26 - 00000000 ____D () C:\Program Files\7-Zip
2014-07-05 15:13 - 2014-07-05 15:16 - 00031507 _____ () C:\Users\Simone\Desktop\FRST (2).txt
2014-07-05 15:09 - 2014-07-05 15:45 - 00000000 ____D () C:\Users\Simone\Desktop\FRST-OlderVersion
2014-07-05 15:01 - 2014-07-05 15:01 - 00001013 _____ () C:\Users\Simone\Desktop\JRT.txt
2014-07-05 14:55 - 2014-07-05 14:55 - 00000000 ____D () C:\Windows\ERUNT
2014-07-05 14:54 - 2014-07-05 14:54 - 01016261 _____ (Thisisu) C:\Users\Simone\Desktop\JRT (1).exe
2014-07-05 14:46 - 2014-07-05 14:46 - 00009092 _____ () C:\Users\Simone\Desktop\AdwCleaner[S0].txt
2014-07-05 14:42 - 2014-07-05 14:43 - 00000000 ____D () C:\AdwCleaner
2014-07-05 14:42 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-07-05 13:39 - 2014-07-05 14:40 - 00099107 _____ () C:\Users\Simone\Desktop\MBAM.txt
2014-07-05 13:16 - 2014-07-05 14:21 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-05 13:16 - 2014-07-05 14:01 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-07-05 13:16 - 2014-07-05 13:16 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-05 13:16 - 2014-07-05 13:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-05 13:16 - 2014-07-05 13:16 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-05 13:16 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-05 13:16 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-05 13:16 - 2014-05-12 07:25 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-05 13:02 - 2014-07-05 13:02 - 00001226 _____ () C:\Users\Simone\Desktop\Revo Uninstaller.lnk
2014-07-05 13:02 - 2014-07-05 13:02 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-07-05 12:59 - 2014-07-05 12:59 - 00843322 _____ (Thisisu) C:\Users\Simone\Desktop\JRT.exe
2014-07-05 12:58 - 2014-07-05 12:58 - 01346519 _____ () C:\Users\Simone\Desktop\adwcleaner_3.214.exe
2014-07-05 12:57 - 2014-07-05 12:57 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Simone\Desktop\mbam-setup-2.0.2.1012.exe
2014-07-05 12:55 - 2014-07-05 12:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Simone\Desktop\revosetup95.exe
2014-07-04 12:32 - 2014-07-04 12:32 - 00007435 _____ () C:\Users\Simone\Desktop\GMER.log
2014-07-04 12:07 - 2014-07-04 12:09 - 00016936 _____ () C:\Users\Simone\Desktop\Addition.txt
2014-07-04 12:06 - 2014-07-07 21:32 - 00000000 ____D () C:\FRST
2014-07-04 12:06 - 2014-07-04 12:09 - 00039761 _____ () C:\Users\Simone\Desktop\FRST.txt
2014-07-04 11:56 - 2014-07-04 11:56 - 00000474 _____ () C:\Users\Simone\Desktop\defogger_disable.log
2014-07-04 11:56 - 2014-07-04 11:56 - 00000000 _____ () C:\Users\Simone\defogger_reenable
2014-07-04 11:34 - 2014-07-04 11:35 - 00380416 _____ () C:\Users\Simone\Desktop\69qtyzo7.exe
2014-07-04 11:33 - 2014-07-04 11:33 - 00050477 _____ () C:\Users\Simone\Desktop\Defogger.exe
2014-07-01 11:00 - 2014-07-07 21:15 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-01 11:00 - 2014-07-07 11:15 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-01 11:00 - 2014-07-01 11:00 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-01 11:00 - 2014-07-01 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-01 10:50 - 2014-07-01 10:50 - 00000000 __SHD () C:\Users\Simone\AppData\Local\EmieUserList
2014-07-01 10:50 - 2014-07-01 10:50 - 00000000 __SHD () C:\Users\Simone\AppData\Local\EmieSiteList
2014-07-01 10:45 - 2014-07-01 10:46 - 40514640 _____ (Google Inc.) C:\Users\Simone\Desktop\ChromeStandaloneSetup_35.0.1916.153.exe
2014-06-29 16:15 - 2014-06-29 16:15 - 01509720 _____ () C:\Windows\Minidump\062914-28938-01.dmp
2014-06-22 20:32 - 2014-06-22 20:32 - 00000000 ____D () C:\Users\Simone\Documents\Jojos Fashion Show 2
2014-06-22 20:32 - 2014-06-22 20:32 - 00000000 ____D () C:\Users\Simone\AppData\Roaming\Gamelab
2014-06-22 20:31 - 2014-07-01 10:57 - 00000000 ____D () C:\Program Files\Jojo's Fashion Show 2
2014-06-22 20:30 - 2014-06-22 21:32 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-22 20:28 - 2014-06-22 20:30 - 00000000 ____D () C:\Users\Simone\AppData\Local\Big Fish
2014-06-21 19:45 - 2014-06-21 19:45 - 00000000 ____D () C:\ProgramData\CheckPoint
2014-06-21 19:42 - 2014-06-21 20:45 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-06-21 19:37 - 2014-06-21 19:37 - 34516480 _____ (DVDVideoSoft Ltd. ) C:\Users\Simone\Downloads\FreeYouTubeToMP3Converter (2).exe
2014-06-21 19:37 - 2014-06-21 19:37 - 00000000 ____D () C:\Users\Simone\AppData\Local\cache
2014-06-21 19:37 - 2014-06-21 19:37 - 00000000 ____D () C:\Users\Simone\.android
2014-06-21 19:36 - 2014-06-21 19:37 - 34516480 _____ (DVDVideoSoft Ltd. ) C:\Users\Simone\Downloads\FreeYouTubeToMP3Converter (1).exe
2014-06-21 19:32 - 2014-07-05 14:17 - 00000000 ____D () C:\Program Files\Boost
2014-06-21 19:30 - 2014-06-21 20:14 - 00000000 ____D () C:\Program Files\BooZaka
2014-06-21 19:28 - 2014-06-21 20:50 - 00002256 _____ () C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-06-21 19:27 - 2014-06-21 19:27 - 00000000 ____D () C:\Program Files\EZ Software Updater
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL4AA6.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL499D.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL498D.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL497E.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL4865.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL46CF.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL4614.tmp
2014-06-21 19:24 - 2014-06-21 19:24 - 34516480 _____ (DVDVideoSoft Ltd. ) C:\Users\Simone\Downloads\FreeYouTubeToMP3Converter.exe
2014-06-19 18:12 - 2014-06-19 18:12 - 01508320 _____ () C:\Windows\Minidump\061914-34351-01.dmp
2014-06-17 21:01 - 2014-05-30 11:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-17 21:01 - 2014-05-30 11:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-17 21:01 - 2014-05-30 10:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-17 21:01 - 2014-05-30 10:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-17 21:01 - 2014-05-30 10:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-17 21:01 - 2014-05-30 10:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-17 21:01 - 2014-05-30 10:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-17 21:01 - 2014-05-30 10:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-17 21:01 - 2014-05-30 10:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-17 21:01 - 2014-05-30 10:28 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-17 21:01 - 2014-05-30 10:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-17 21:01 - 2014-05-30 10:21 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-17 21:01 - 2014-05-30 10:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-17 21:01 - 2014-05-30 10:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-17 21:01 - 2014-05-30 10:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-17 21:01 - 2014-05-30 10:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-17 21:01 - 2014-05-30 10:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-17 21:01 - 2014-05-30 09:57 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-17 21:01 - 2014-05-30 09:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-17 21:01 - 2014-05-30 09:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-17 21:01 - 2014-05-30 09:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-17 21:01 - 2014-05-30 09:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-17 21:01 - 2014-05-30 09:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-17 21:01 - 2014-05-30 09:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-17 21:01 - 2014-05-30 09:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-17 21:00 - 2014-05-30 11:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-17 21:00 - 2014-05-30 10:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-17 21:00 - 2014-05-30 09:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-17 20:50 - 2014-06-08 10:48 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-17 20:50 - 2014-06-08 10:43 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-17 20:50 - 2014-04-05 04:25 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-17 20:50 - 2014-04-05 04:24 - 00187840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-17 20:50 - 2014-03-26 16:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-17 20:50 - 2014-03-26 16:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-17 20:50 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-17 20:50 - 2014-03-26 16:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-16 19:34 - 2014-04-25 04:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-11 12:07 - 2014-07-04 11:30 - 00000000 ____D () C:\Users\Simone\AppData\Local\CrashDumps
2014-06-07 16:06 - 2014-06-07 16:06 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security

==================== One Month Modified Files and Folders =======

2014-07-07 21:32 - 2014-07-04 12:06 - 00000000 ____D () C:\FRST
2014-07-07 21:29 - 2014-07-07 21:29 - 00000843 _____ () C:\Users\Simone\Desktop\SecurityCheck.txt
2014-07-07 21:27 - 2014-07-07 21:27 - 00854390 _____ () C:\Users\Simone\Desktop\SecurityCheck.exe
2014-07-07 21:26 - 2014-07-07 21:26 - 00006543 _____ () C:\Users\Simone\Desktop\ESET.txt
2014-07-07 21:23 - 2013-09-13 22:54 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-07 21:15 - 2014-07-01 11:00 - 00001098 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-07 20:52 - 2010-11-20 23:03 - 01618320 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-07 20:51 - 2014-07-07 20:51 - 00000000 ____D () C:\Program Files\ESET
2014-07-07 20:50 - 2014-07-07 20:50 - 02347384 _____ (ESET) C:\Users\Simone\Desktop\esetsmartinstaller_deu.exe
2014-07-07 20:43 - 2013-09-13 18:23 - 01175502 _____ () C:\Windows\WindowsUpdate.log
2014-07-07 11:15 - 2014-07-01 11:00 - 00001094 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-07 09:34 - 2009-07-14 06:02 - 00020144 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-07 09:34 - 2009-07-14 06:02 - 00020144 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-06 09:37 - 2009-07-14 06:17 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-06 09:37 - 2009-07-14 06:07 - 00037198 _____ () C:\Windows\setupact.log
2014-07-05 15:45 - 2014-07-05 15:09 - 00000000 ____D () C:\Users\Simone\Desktop\FRST-OlderVersion
2014-07-05 15:36 - 2014-07-05 15:36 - 00019475 _____ () C:\Users\Simone\Desktop\Logfiles.zip
2014-07-05 15:35 - 2014-07-05 15:35 - 00016306 _____ () C:\Users\Simone\Desktop\Logfiles.7z
2014-07-05 15:26 - 2014-07-05 15:26 - 01110476 _____ () C:\Users\Simone\Desktop\7z920.exe
2014-07-05 15:26 - 2014-07-05 15:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2014-07-05 15:26 - 2014-07-05 15:26 - 00000000 ____D () C:\Program Files\7-Zip
2014-07-05 15:16 - 2014-07-05 15:13 - 00031507 _____ () C:\Users\Simone\Desktop\FRST (2).txt
2014-07-05 15:01 - 2014-07-05 15:01 - 00001013 _____ () C:\Users\Simone\Desktop\JRT.txt
2014-07-05 14:55 - 2014-07-05 14:55 - 00000000 ____D () C:\Windows\ERUNT
2014-07-05 14:54 - 2014-07-05 14:54 - 01016261 _____ (Thisisu) C:\Users\Simone\Desktop\JRT (1).exe
2014-07-05 14:46 - 2014-07-05 14:46 - 00009092 _____ () C:\Users\Simone\Desktop\AdwCleaner[S0].txt
2014-07-05 14:44 - 2010-11-20 23:49 - 00247662 _____ () C:\Windows\PFRO.log
2014-07-05 14:43 - 2014-07-05 14:42 - 00000000 ____D () C:\AdwCleaner
2014-07-05 14:43 - 2013-09-13 18:50 - 00000000 ____D () C:\Users\Simone
2014-07-05 14:40 - 2014-07-05 13:39 - 00099107 _____ () C:\Users\Simone\Desktop\MBAM.txt
2014-07-05 14:21 - 2014-07-05 13:16 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-05 14:20 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\SchCache
2014-07-05 14:17 - 2014-06-21 19:32 - 00000000 ____D () C:\Program Files\Boost
2014-07-05 14:01 - 2014-07-05 13:16 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-07-05 13:16 - 2014-07-05 13:16 - 00001064 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-05 13:16 - 2014-07-05 13:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-07-05 13:16 - 2014-07-05 13:16 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-05 13:02 - 2014-07-05 13:02 - 00001226 _____ () C:\Users\Simone\Desktop\Revo Uninstaller.lnk
2014-07-05 13:02 - 2014-07-05 13:02 - 00000000 ____D () C:\Program Files\VS Revo Group
2014-07-05 12:59 - 2014-07-05 12:59 - 00843322 _____ (Thisisu) C:\Users\Simone\Desktop\JRT.exe
2014-07-05 12:58 - 2014-07-05 12:58 - 01346519 _____ () C:\Users\Simone\Desktop\adwcleaner_3.214.exe
2014-07-05 12:57 - 2014-07-05 12:57 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Simone\Desktop\mbam-setup-2.0.2.1012.exe
2014-07-05 12:55 - 2014-07-05 12:55 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Simone\Desktop\revosetup95.exe
2014-07-04 12:32 - 2014-07-04 12:32 - 00007435 _____ () C:\Users\Simone\Desktop\GMER.log
2014-07-04 12:09 - 2014-07-04 12:07 - 00016936 _____ () C:\Users\Simone\Desktop\Addition.txt
2014-07-04 12:09 - 2014-07-04 12:06 - 00039761 _____ () C:\Users\Simone\Desktop\FRST.txt
2014-07-04 11:56 - 2014-07-04 11:56 - 00000474 _____ () C:\Users\Simone\Desktop\defogger_disable.log
2014-07-04 11:56 - 2014-07-04 11:56 - 00000000 _____ () C:\Users\Simone\defogger_reenable
2014-07-04 11:35 - 2014-07-04 11:34 - 00380416 _____ () C:\Users\Simone\Desktop\69qtyzo7.exe
2014-07-04 11:33 - 2014-07-04 11:33 - 00050477 _____ () C:\Users\Simone\Desktop\Defogger.exe
2014-07-04 11:30 - 2014-06-11 12:07 - 00000000 ____D () C:\Users\Simone\AppData\Local\CrashDumps
2014-07-01 11:00 - 2014-07-01 11:00 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-01 11:00 - 2014-07-01 11:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-01 11:00 - 2014-02-08 10:31 - 00000000 ____D () C:\Program Files\Google
2014-07-01 10:57 - 2014-06-22 20:31 - 00000000 ____D () C:\Program Files\Jojo's Fashion Show 2
2014-07-01 10:57 - 2009-07-14 06:51 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-01 10:50 - 2014-07-01 10:50 - 00000000 __SHD () C:\Users\Simone\AppData\Local\EmieUserList
2014-07-01 10:50 - 2014-07-01 10:50 - 00000000 __SHD () C:\Users\Simone\AppData\Local\EmieSiteList
2014-07-01 10:46 - 2014-07-01 10:45 - 40514640 _____ (Google Inc.) C:\Users\Simone\Desktop\ChromeStandaloneSetup_35.0.1916.153.exe
2014-06-29 16:15 - 2014-06-29 16:15 - 01509720 _____ () C:\Windows\Minidump\062914-28938-01.dmp
2014-06-29 16:15 - 2014-02-20 17:39 - 00000000 ____D () C:\Windows\Minidump
2014-06-29 16:14 - 2014-02-20 17:39 - 269455862 _____ () C:\Windows\MEMORY.DMP
2014-06-25 22:01 - 2013-09-14 11:31 - 00000000 ____D () C:\Users\Simone\AppData\Roaming\Spider Player
2014-06-22 21:32 - 2014-06-22 20:30 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-22 20:32 - 2014-06-22 20:32 - 00000000 ____D () C:\Users\Simone\Documents\Jojos Fashion Show 2
2014-06-22 20:32 - 2014-06-22 20:32 - 00000000 ____D () C:\Users\Simone\AppData\Roaming\Gamelab
2014-06-22 20:30 - 2014-06-22 20:28 - 00000000 ____D () C:\Users\Simone\AppData\Local\Big Fish
2014-06-21 20:50 - 2014-06-21 19:28 - 00002256 _____ () C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
2014-06-21 20:50 - 2013-09-13 18:50 - 00001413 _____ () C:\Users\Simone\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-21 20:45 - 2014-06-21 19:42 - 00000444 __RSH () C:\ProgramData\ntuser.pol
2014-06-21 20:14 - 2014-06-21 19:30 - 00000000 ____D () C:\Program Files\BooZaka
2014-06-21 19:58 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-06-21 19:45 - 2014-06-21 19:45 - 00000000 ____D () C:\ProgramData\CheckPoint
2014-06-21 19:43 - 2013-09-13 23:02 - 00002276 _____ () C:\Users\Public\Desktop\Free YouTube to MP3 Converter.lnk
2014-06-21 19:43 - 2013-09-13 23:02 - 00000000 ____D () C:\Users\Simone\AppData\Roaming\DVDVideoSoft
2014-06-21 19:43 - 2013-09-13 23:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2014-06-21 19:43 - 2013-09-13 23:02 - 00000000 ____D () C:\Program Files\DVDVideoSoft
2014-06-21 19:42 - 2009-07-14 04:37 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-06-21 19:41 - 2013-09-13 23:02 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2014-06-21 19:37 - 2014-06-21 19:37 - 34516480 _____ (DVDVideoSoft Ltd. ) C:\Users\Simone\Downloads\FreeYouTubeToMP3Converter (2).exe
2014-06-21 19:37 - 2014-06-21 19:37 - 00000000 ____D () C:\Users\Simone\AppData\Local\cache
2014-06-21 19:37 - 2014-06-21 19:37 - 00000000 ____D () C:\Users\Simone\.android
2014-06-21 19:37 - 2014-06-21 19:36 - 34516480 _____ (DVDVideoSoft Ltd. ) C:\Users\Simone\Downloads\FreeYouTubeToMP3Converter (1).exe
2014-06-21 19:27 - 2014-06-21 19:27 - 00000000 ____D () C:\Program Files\EZ Software Updater
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL4AA6.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL499D.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL498D.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL497E.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL4865.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL46CF.tmp
2014-06-21 19:26 - 2014-06-21 19:26 - 00000000 _____ () C:\LIL4614.tmp
2014-06-21 19:24 - 2014-06-21 19:24 - 34516480 _____ (DVDVideoSoft Ltd. ) C:\Users\Simone\Downloads\FreeYouTubeToMP3Converter.exe
2014-06-19 21:36 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-06-19 18:12 - 2014-06-19 18:12 - 01508320 _____ () C:\Windows\Minidump\061914-34351-01.dmp
2014-06-18 09:38 - 2014-05-15 16:59 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-17 21:02 - 2013-09-13 22:58 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-06-08 15:08 - 2013-09-13 19:12 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-06-08 10:48 - 2014-06-17 20:50 - 00391680 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 10:43 - 2014-06-17 20:50 - 00302592 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-07 16:06 - 2014-06-07 16:06 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-06-07 16:06 - 2013-09-13 19:12 - 00002423 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-06-07 16:06 - 2013-09-13 19:11 - 00000000 ____D () C:\Windows\system32\Drivers\NIS
2014-06-07 15:44 - 2013-09-13 19:09 - 00000000 ____D () C:\ProgramData\Norton

Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.2552.dll


Some content of TEMP:
====================
C:\Users\Simone\AppData\Local\Temp\BackupSetup.exe
C:\Users\Simone\AppData\Local\Temp\ose00000.exe
C:\Users\Simone\AppData\Local\Temp\Quarantine.exe
C:\Users\Simone\AppData\Local\Temp\setup_72.exe
C:\Users\Simone\AppData\Local\Temp\uninst1.exe
C:\Users\Simone\AppData\Local\Temp\vcredist_x86.exe
C:\Users\Simone\AppData\Local\Temp\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NIS_6745.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-05 14:39

==================== End Of Log ============================
         
--- --- ---



Du bist echt super.

Alt 08.07.2014, 19:25   #9
schrauber
/// the machine
/// TB-Ausbilder
 

Windows 7: Chrome öffnet sich von selbst und leitet Seiten auf Werbung um - Standard

Windows 7: Chrome öffnet sich von selbst und leitet Seiten auf Werbung um



Öffne mal bitte FRST, setz nen Haken bei Addition und scanne, poste bitte beide Logfiles.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu Windows 7: Chrome öffnet sich von selbst und leitet Seiten auf Werbung um
adware.agent, auf werbung umgeleitet, chrome automatisch tab öffnung virus, chrome öffnet automatisch, dvdvideosoft ltd., genesis, pup.bprotector, pup.optional.alexatb.a, pup.optional.amazontb.a, pup.optional.babylon.a, pup.optional.bprotector.a, pup.optional.browserprotect.a, pup.optional.crossrider.a, pup.optional.datamangr.a, pup.optional.datamngr.a, pup.optional.delta.a, pup.optional.firstseentoday.a, pup.optional.iepluginservices.a, pup.optional.installcore.a, pup.optional.pricepeep.a, pup.optional.qone8, pup.optional.quickstart.a, pup.optional.skytech.a, pup.optional.snapdo.a, pup.optional.suptab.a, pup.optional.videomediaplayer.a, pup.optional.webssearches.a, pup.optional.windowsprotectmanger.a, vcredist



Ähnliche Themen: Windows 7: Chrome öffnet sich von selbst und leitet Seiten auf Werbung um


  1. Windows 10 / Google Chrome: watch4.de öffnet sich von selbst
    Plagegeister aller Art und deren Bekämpfung - 13.11.2015 (1)
  2. Windows 8.1: In Firefox und Chrome öffnet sich Werbung
    Log-Analyse und Auswertung - 15.10.2015 (7)
  3. Chrome öffnet sich selbst, bzw. unseriöse Seiten
    Log-Analyse und Auswertung - 17.04.2015 (9)
  4. Windows 7, Google Chrome, neue Tabs (Werbung) öffnet sich dauernd beim Surfen
    Log-Analyse und Auswertung - 11.12.2014 (1)
  5. Google Chrome öffnet ungefragt Seiten/Werbung
    Plagegeister aller Art und deren Bekämpfung - 04.08.2014 (11)
  6. Windows 7, Google Chrome, neue Tabs (Werbung) öffnet sich dauernd beim Surfen
    Log-Analyse und Auswertung - 04.07.2014 (7)
  7. Chrome öffnet komische Seiten,Werbung, Videos. Außerdem erheblich langsam geworden !
    Log-Analyse und Auswertung - 30.05.2014 (11)
  8. Chrome plötzlich voll mit pop up werbung und es öffnen sich beim Klicken auf Links falsche Seiten mit Werbung
    Plagegeister aller Art und deren Bekämpfung - 05.05.2014 (3)
  9. Internetexplorer öffnet sich selbst mit Werbung
    Diskussionsforum - 27.04.2014 (1)
  10. [Google Chrome]Neue Seiten öffnen sich automatisch ( Werbung ) zufällige wörter jeder Internet seiten sind mit URL's verseht
    Plagegeister aller Art und deren Bekämpfung - 01.04.2014 (5)
  11. Firefox leitet auf falsche google-Links weiter und öffnet sich selbst in Popups neu.
    Plagegeister aller Art und deren Bekämpfung - 04.12.2010 (6)
  12. Firefox öffnet selbständig Tabs mit Werbung, leitet Links auf andere Seiten weiter
    Plagegeister aller Art und deren Bekämpfung - 21.06.2010 (18)
  13. Browser öffnet sich von selbst mit Werbung
    Log-Analyse und Auswertung - 07.05.2010 (3)
  14. Internet Explorer öffnet sich und Seiten von selbst
    Plagegeister aller Art und deren Bekämpfung - 31.12.2009 (2)
  15. IE öffnet sich selbst und zeigt nur Werbung
    Log-Analyse und Auswertung - 05.10.2009 (1)
  16. Backdoor Virus öffnet selbst seiten im IE, und verschickt sich selbst über MSN
    Log-Analyse und Auswertung - 22.07.2009 (1)
  17. IE öffnet sich von selbst mit Werbung...
    Log-Analyse und Auswertung - 11.01.2008 (5)

Zum Thema Windows 7: Chrome öffnet sich von selbst und leitet Seiten auf Werbung um - Hallo. Mein Chrome öffnet sich von selbst mit unterschiedlichen Werbeseiten und öffnet auch sonst immer wieder neue Tabs und Fenster, ohne mein zutun. Es kommt auch vor, dass ein Link - Windows 7: Chrome öffnet sich von selbst und leitet Seiten auf Werbung um...
Archiv
Du betrachtest: Windows 7: Chrome öffnet sich von selbst und leitet Seiten auf Werbung um auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.