Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: InstallBrain5BA in C:\Windows\System\32\ = gesichert, MalSign.OpenCandy.7AF... C:\Documentsand Settin.... = gesichert, Trojaner : Crypt

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 19.10.2015, 10:15   #1
Golfplayer85
 
InstallBrain5BA in C:\Windows\System\32\   = gesichert, MalSign.OpenCandy.7AF...  C:\Documentsand Settin....  = gesichert, Trojaner : Crypt - Standard

InstallBrain5BA in C:\Windows\System\32\ = gesichert, MalSign.OpenCandy.7AF... C:\Documentsand Settin.... = gesichert, Trojaner : Crypt



Hallo, schreibe on anderem Lapi da der andere NICHT mehr ins Internet geht !! Es ist ein Lapi mit XP
Hier das Ergebnis des Scan`s : InstallBrain5BA in C:\Windows\System\32\ = gesichert,
MalSign.OpenCandy.7AF... C:\Documentsand Settin.... = gesichert,
Trojaner : Crypt3.CEIP in C:\ Downoads\Tools\New = gesichert,

Info C:\ProgramFiles\Pinnacle.... Die Datei wird von einner .....

Hallo, das ist alles was ich fand der Scan war 10/3/15 ( ist ein amerikanischer Lapi ) ist ein XP Lapi

Ich bin vollkommener Laie am PC , kenne mich nicht aus ; außer was ich zum Filme einladen und schneiden brauche und das versenden - nur damit kenn ich mich aus !!!!

Alt 19.10.2015, 11:27   #2
schrauber
/// the machine
/// TB-Ausbilder
 

InstallBrain5BA in C:\Windows\System\32\   = gesichert, MalSign.OpenCandy.7AF...  C:\Documentsand Settin....  = gesichert, Trojaner : Crypt - Standard

InstallBrain5BA in C:\Windows\System\32\ = gesichert, MalSign.OpenCandy.7AF... C:\Documentsand Settin.... = gesichert, Trojaner : Crypt



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 19.10.2015, 12:05   #3
Golfplayer85
 
InstallBrain5BA in C:\Windows\System\32\   = gesichert, MalSign.OpenCandy.7AF...  C:\Documentsand Settin....  = gesichert, Trojaner : Crypt - Standard

Trojaner



Hallo, leider kann ich deine Maßnahme nicht befolgen , da ich ja nicht mit dem infizierten PC ins INTERNET kann und daher auch nicht DAS Downloaden kann !
Ich kann nur über anderen PC - diesem hier ( gesunden ) Downloaden und das dann auf meinen Stick laden und dann dies auf den Infizierten draufspielen - wenn DAS SO Geht !
otto
__________________

Alt 19.10.2015, 20:04   #4
schrauber
/// the machine
/// TB-Ausbilder
 

InstallBrain5BA in C:\Windows\System\32\   = gesichert, MalSign.OpenCandy.7AF...  C:\Documentsand Settin....  = gesichert, Trojaner : Crypt - Standard

InstallBrain5BA in C:\Windows\System\32\ = gesichert, MalSign.OpenCandy.7AF... C:\Documentsand Settin.... = gesichert, Trojaner : Crypt



Klar geht das. Genauso umgekehrt mit den Logfiles. Nur aufpassen dass Du den Autostart für Sticks am sauberen PC abschaltest.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 20.10.2015, 15:14   #5
Golfplayer85
 
InstallBrain5BA in C:\Windows\System\32\   = gesichert, MalSign.OpenCandy.7AF...  C:\Documentsand Settin....  = gesichert, Trojaner : Crypt - Standard

Trojaner



Wie , Autostart am Stick ???? Wie , wo sieht man das am Stick ? noch nie dies bemerkt. Der Stick ist sauber , nichts anderes drauf .

und was ist Logfiles ? wie, was macht man dies ?

Hallo Herr Schrauber , also ich habe es auf dem Stick und dann in den defeckten PC gesteckt , dort dann den FST 32 gestartet und jetzt fertig und eine lange Liste steht jetzt dort !!!! Was soll ich WIE weiter tun (bitte genaue Anweisung da ich ein Laie bin am PC )

Hallo, Herr Schrauber , ich habe jetzt alles auf dem Stick ; wo muß ich jetzt anklicken hier damit ich Ihnen das senden kann.
Gruß Otto , 20.10.15 um 14.50 erstellt und gesendet

FRST Additions Logfile:
[CODE]Additional
FRST Logfile:

FRST Logfile:
Code:
ATTFilter
scan result of Farbar Recovery Scan Tool (x86) Version:18-10-2015
Ran by Mang (2015-10-20 14:10:57)
Running from E:\
Microsoft Windows XP Professional Service Pack 3 (X86) (2006-12-23 01:11:41)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2802971340-371014867-2627472942-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
ASPNET (S-1-5-21-2802971340-371014867-2627472942-1003 - Limited - Enabled)
Guest (S-1-5-21-2802971340-371014867-2627472942-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-2802971340-371014867-2627472942-1004 - Limited - Disabled)
Mang (S-1-5-21-2802971340-371014867-2627472942-1005 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Mang
SUPPORT_388945a0 (S-1-5-21-2802971340-371014867-2627472942-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus Free Edition 2014 (Enabled - Out of date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: AVG update module (Disabled) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.1.0.5790 - Adobe Systems Inc.)
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Reader 8.1.5 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A81300000003}) (Version: 8.1.5 - Adobe Systems Incorporated)
Adobe Reader 9.4.3 - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-A94000000001}) (Version: 9.4.3 - Adobe Systems Incorporated)
Any Video Converter 5.5.3 (HKLM\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Photo Commander 11 v.11.0.5 (HKLM\...\{C92AB6F1-0F9C-8526-5DF1-0A2FD0FB33D9}_is1) (Version: 11.0.5 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander 5 FREE (HKLM\...\Ashampoo Photo Commander 5 FREE_is1) (Version: 5.4.1 - ashampoo GmbH & Co. KG)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4354 - AVG Technologies)
AVG 2014 (Version: 14.0.4354 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4365 - AVG Technologies) Hidden
AVG Security Toolbar (HKLM\...\AVG Secure Search) (Version: 18.8.0.180 - AVG Technologies)
Avira SearchFree Toolbar (HKLM\...\{41564952-412D-5637-4300-A758B70C0A03}) (Version: 12.10.3.4691 - APN, LLC)
Babylon (HKLM\...\Babylon) (Version:  - )
Bewerbungsfoto-/Passbild-Generator v3.2a (HKLM\...\Passbild-Generator_is1) (Version:  - )
Bluetooth Stack for Windows by Toshiba (HKLM\...\{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}) (Version: v4.00.23(T) - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Camera Driver (HKLM\...\{D1B3874F-3057-11D6-B2EA-0050BA18806B}) (Version:  - )
Canon MP160 User Registration (HKLM\...\Canon MP160 User Registration) (Version:  - )
CD/DVD Drive Acoustic Silencer (HKLM\...\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}) (Version: 1.00.008 - TOSHIBA)
CP2101 USB to UART Bridge Controller (HKLM\...\SLABCOMM) (Version:  - )
Critical Update for Windows Media Player 11 (KB959772) (HKLM\...\KB959772_WM11) (Version:  - Microsoft Corporation)
DTV4PC 1.6.3 (HKLM\...\DTV4PC_is1) (Version:  - 3B Software, Inc.)
DVD-RAM Driver (HKLM\...\{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}) (Version: 5.0.2.5 - )
Easy-WebPrint (HKLM\...\Easy-WebPrint) (Version:  - )
ESPNMotion (HKLM\...\ESPNMotion) (Version: 2.1.6.0011 - ESPN Internet Ventures)
FileViewPro (HKLM\...\{29938C06-6962-4C27-A94C-25E4F424A665}_is1) (Version: 1.5 - Solvusoft Corporation)
Firebird SQL Server - MAGIX Edition (HKLM\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
FUJIFILM MyFinePix Studio 4.1 (HKLM\...\MyFinePix Studio_is1) (Version:  - )
G3 Manager (HKLM\...\{5672579F-D0BD-4960-BF29-0ADCAAB77286}) (Version: 1.2.4000 - DECA System)
G3 Manager (Version: 1.2.4000 - DECA System) Hidden
GemMaster Mystic (HKLM\...\12133444-BF36-4d4e-B7FB-A3424C645DE4) (Version:  - )
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.5 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.13 - Google Inc.) Hidden
Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Google+ Auto Backup (HKU\.DEFAULT\...\Google+ Auto Backup) (Version: 1.0.27.161 - Google, Inc.)
High Definition Audio Driver Package - KB888111 (HKLM\...\KB888111WXPSP2) (Version: 20040219.000000 - Microsoft Corporation)
Hollywood FX 5.5 Additional Effects (HKLM\...\Hollywood FX 5.5 Additional Effects) (Version:  - )
HP Deskjet 2510 series Basic Device Software (HKLM\...\{867988FA-BCE7-46E9-A7E8-DC084A843319}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2510 series Help (HKLM\...\{234DADAD-3C3C-4FB1-90A4-0AF015D56E18}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 2510 series Product Improvement Study (HKLM\...\{79992AEE-6F58-4DAB-97D0-ADDF278F08F4}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
HP Deskjet 2510 series Setup Guide (HKLM\...\{216C7F38-4BBC-4E9A-8392-C9FA21B54386}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 3520 series Basic Device Software (HKLM\...\{5C2ECF15-B7FF-4E0E-9D00-2000354BD9C2}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Help (HKLM\...\{C13E1F46-84FE-4D3B-8581-0F2F624C7EEC}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 3520 series Product Improvement Study (HKLM\...\{64A90D6D-E741-4BCD-935C-BB09F3AEBF98}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 3520 series Setup Guide (HKLM\...\{AEEDCEB7-00B8-4BE1-B492-AB04803D5F1E}) (Version: 27.0.0 - Hewlett Packard)
HP FWUpdateEDO2 (HKLM\...\{415FA9AD-DA10-4ABE-97B6-5051D4795C90}) (Version: 1.2.0.0 - Hewlett-Packard)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.12992 - HP)
HP Update (HKLM\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
IncrediMail (Version: 6.3.9.5274 - IncrediMail) Hidden
IncrediMail 2.0 (HKLM\...\IncrediMail) (Version: 6.3.9.5274 - IncrediMail Ltd.)
InstallIQ Updater (HKLM\...\{13597237-E360-4F2B-9A43-332C4E9D5C9C}) (Version: 1.3.0.0 - W3i, LLC)
InstallMgr (Version: 1.0.39.0 - Microsoft Corporation) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4436 - )
Intel(R) PRO Network Connections Drivers (HKLM\...\PROSet) (Version:  - )
Intel(R) PROSet/Wireless Software (HKLM\...\ProInst) (Version: 10.01.0000 - Intel Corporation)
InterVideo WinDVD Creator 2 (HKLM\...\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}) (Version: 2.0.14.376 - InterVideo Inc.)
InterVideo WinDVD for TOSHIBA (HKLM\...\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}) (Version: 5.0-B11.561 - InterVideo Inc.)
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
J2SE Runtime Environment 5.0 Update 10 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0150100}) (Version: 1.5.0.100 - Sun Microsystems, Inc.)
J2SE Runtime Environment 5.0 Update 4 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0150040}) (Version: 1.5.0.40 - Sun Microsystems, Inc.)
Java(TM) 6 Update 31 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
Java(TM) 6 Update 7 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160070}) (Version: 1.6.0.70 - Sun Microsystems, Inc.)
MAGIX Foto Manager MX Deluxe (HKLM\...\MAGIX_{4CAD11B3-9066-4106-B7A0-CCFB466DED13}) (Version: 9.0.1.250 - MAGIX AG)
MAGIX Foto Manager MX Deluxe (Version: 9.0.1.250 - MAGIX AG) Hidden
MAGIX Foto Manager MX Deluxe Update (Version: 9.0.2.256 - MAGIX AG) Hidden
MAGIX Fotos auf DVD easy (HKLM\...\MAGIX_{8323182D-3718-43B0-8A03-E493FBCEB25B}) (Version: 1.0.2.12 - MAGIX AG)
MAGIX Fotos auf DVD easy (Version: 1.0.2.12 - MAGIX AG) Hidden
MAGIX Slideshow Maker 2 (HKLM\...\MAGIX_{48897B17-3DD2-4BAA-A81D-4E4EA8E9FD51}) (Version: 2.0.1.9 - MAGIX AG)
MAGIX Slideshow Maker 2 (Version: 2.0.1.9 - MAGIX AG) Hidden
MAGIX Speed burnR (MSI) (HKLM\...\MAGIX_{18215B8F-2133-421A-BB8B-372F4959A234}) (Version: 7.0.2.6 - MAGIX AG)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden
mCore (Version: 5.40.0000 - Intel Corporation) Hidden
mDrWiFi (Version: 5.40.0000 - Intel Corporation) Hidden
mHelp (Version: 5.40.0000 - Intel) Hidden
Microsoft .NET Framework 1.0 Hotfix (KB2572066) (HKLM\...\KB2572066) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2604042) (HKLM\...\KB2604042) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2656378) (HKLM\...\KB2656378) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2698035) (HKLM\...\KB2698035) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2742607) (HKLM\...\KB2742607) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2833951) (HKLM\...\KB2833951) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2904878) (HKLM\...\KB2904878) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft ActiveSync 3.7 (HKLM\...\Windows CE Services) (Version:  - )
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM\...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Media Manager 1.5 (HKLM\...\Media Manager 1.5) (Version:  - )
Microsoft Office PowerPoint Viewer 2003 (HKLM\...\{90AF0409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8305.0 - Microsoft Corporation)
Microsoft Office XP Professional mit FrontPage (HKLM\...\{90280407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.0 - Microsoft Corporation)
Microsoft Outlook 2002 (HKLM\...\{911A0407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2701.01 - Microsoft Corporation)
Microsoft Picture It! 2.0 (HKLM\...\Microsoft Picture It!) (Version:  - )
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM\...\MSTTS) (Version:  - )
Microsoft User-Mode Driver Framework Feature Pack 1.9 (HKLM\...\Wudf01009) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
mIWA (Version: 5.40.0000 - Intel Corporation) Hidden
mLogView (Version: 5.40.0000 - Intel Corporation) Hidden
mMHouse (Version: 5.40.0000 - Intel Corporation) Hidden
Mozilla Firefox 30.0 (x86 de) (HKLM\...\Mozilla Firefox 30.0 (x86 de)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
mPfMgr (Version: 5.40.0000 - Intel Corporation) Hidden
mPfWiz (Version: 5.40.0000 - Intel Corporation) Hidden
mProSafe (Version: 9.00.0000 - Intel) Hidden
MSN Toolbar (HKLM\...\{A8AC89BA-D8CB-4372-9743-1C54D23286B0}) (Version: 1.0.39.0 - Microsoft Corporation)
MSN Toolbar (Version: 3.0.1125.0 - Microsoft Corporation) Hidden
MSVC80_x86 (Version: 1.0.1.0 - Nokia) Hidden
MSVC80_x86_v2 (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 6 Service Pack 2 (KB973686) (HKLM\...\{56EA8BC0-3751-4B93-BC9D-6651CC36E5AA}) (Version: 6.20.2003.0 - Microsoft Corporation)
mWlsSafe (Version: 9.00.0000 - Intel) Hidden
mXML (Version: 5.40.0000 - Intel Corporation) Hidden
myBabylon Toolbar (HKLM\...\myBabylon Toolbar) (Version:  - ) <==== ATTENTION
MyFreeCodec (HKU\S-1-5-21-2802971340-371014867-2627472942-1005\...\MyFreeCodec) (Version:  - )
mZConfig (Version: 5.40.0000 - Intel Corporation) Hidden
Nero 7 Ultra Edition (HKLM\...\{F90D6825-8F1F-4E3A-9E42-A9C8A9DD1031}) (Version: 7.03.1152 - Nero AG)
Nokia Connectivity Cable Driver (HKLM\...\{A57025CC-5F2E-4D01-B387-06DB10500D43}) (Version: 7.1.78.0 - Nokia)
Nokia PC Suite (HKLM\...\Nokia PC Suite) (Version: 7.1.180.94 - Nokia)
Nokia PC Suite (Version: 7.1.180.94 - Nokia) Hidden
Nokia Software Updater (HKLM\...\{59367F7E-D7C1-4629-8AEC-71AA24A68F31}) (Version: 01.04.085.36837 - Nokia Corporation)
Office 2003 Trial Assistant (Version: 1.0.0 - Microsoft) Hidden
Open Media Player (HKLM\...\{739126B3-1B80-4F9F-8D59-312A19633E1A}_is1) (Version:  - )
Open Media Player 1.0 (HKLM\...\{729E66B3-1B80-4F1F-8D59-342A89623E4A}_is1) (Version:  - )
Otto (HKLM\...\B3EE3001-DC24-4cd1-8743-5692C716659F) (Version:  - )
OutfoxTV (HKLM\...\OutfoxTV) (Version:  - OutfoxTV)
PC Connectivity Solution (HKLM\...\{644F4910-E812-49AD-93EC-86828CB81A0D}) (Version: 12.0.27.0 - Nokia)
PC Inspector smart recovery (HKLM\...\{C9A87D86-FDFD-418B-BF96-EF09320973B3}) (Version: 4.50 - )
Philips ThumbCam (HKLM\...\{868C40D3-49C9-46FC-A143-5775826D3115}) (Version:  - )
Philips ThumbCam Photo Manager (HKLM\...\{5B60DF81-2DC1-49DE-A0C4-0B05146EC5DD}) (Version:  - ArcSoft)
Photo Notifier and Animation Creator (HKLM\...\Photo Notifier and Animation Creator) (Version: 1.0.0.1009 - IncrediMail Ltd.)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Pinnacle Hollywood FX (HKLM\...\Hollywood FX) (Version:  - )
PL-2303 USB-to-Serial (HKLM\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version:  - )
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealDownloader (Version: 1.3.3 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2005 Runtime (Version: 8.0 - RealNetworks) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM\...\RealPlayer 16.0) (Version: 16.0.3 - RealNetworks)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 2.02 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (Version: 1.1.0 - RealNetworks, Inc.) Hidden
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.34.0 - SAMSUNG Electronics Co., Ltd.)
SD Secure Module (HKLM\...\{C45F4811-31D5-4786-801D-F79CD06EDD85}) (Version: 1.0.3 - TOSHIBA Corporation)
Security Task Manager 1.7e (HKLM\...\Security Task Manager) (Version: 1.7e - Neuber GmbH)
SkyCaddie Desktop (HKLM\...\SkyCaddieDesktop) (Version:  - SkyHawke Technologies)
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype™ 7.8 (HKLM\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)
SmartSound Quicktracks Plugin (HKLM\...\InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}) (Version: 3.0.2.4 - SmartSound Software Inc)
SmartSound Quicktracks Plugin (Version: 3.0.2.4 - SmartSound Software Inc) Hidden
Sonic Encoders (HKLM\...\{9941F0AA-B903-4AF4-A055-83A9815CC011}) (Version: 1.00 - Sonic Solutions)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.0 - Safer Networking Limited)
Studio 9 (HKLM\...\{9E491AB7-4589-48CA-9CBB-874CB2788391}) (Version: 9.1 - Pinnacle Systems)
Studio 9 Content CD/DVD (HKLM\...\{B67624DE-75CE-4FAD-9F29-5C115773CE61}) (Version: 1.00.000 - )
Studio 9.4 Patch (HKLM\...\{16E217EA-C3E0-402D-8D4F-6189DB74497A}) (Version: 9.4.3.70 - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 8.2.9.0 - Synaptics)
Texas Instruments PCIxx21/x515/xx12 drivers. (HKLM\...\InstallShield_{4497AFF6-98C4-4F49-B073-F48F42BCBF9E}) (Version: 1.16.0000 - Texas Instruments Inc.)
TIPCI (Version: 1.16.0000 - Texas Instruments Inc.) Hidden
TomTom HOME (HKLM\...\{99072AB4-D795-44D5-9D65-E3C9F8322C97}) (Version: 2.9.7 - Ihr Firmenname)
TomTom HOME Visual Studio Merge Modules (HKLM\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version:  - )
TOSHIBA ConfigFree (HKLM\...\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}) (Version: 5.90.05 - )
TOSHIBA Controls (HKLM\...\{A6690C0E-B96E-4F0F-A8EB-D5B332454AC6}) (Version:  - )
TOSHIBA Hotkey Utility (HKLM\...\{64DD71BC-3109-4C88-9AD3-D5422644B722}) (Version: 1.00.01ST - )
Toshiba Media Center Game Console (HKLM\...\{F21B28BF-8A4D-4F1A-A61B-69DD5B4A9BBA}) (Version: 1.0.0 - WildTangent)
TOSHIBA PC Diagnostic Tool (HKLM\...\PC Diagnostic Tool) (Version:  - )
TOSHIBA Power Saver (HKLM\...\Power Saver) (Version: 7.03.07.I - )
Toshiba Registration (HKLM\...\{F6C405D2-C50D-4D10-B89E-73A233A14D74}) (Version: 1.00.0000 - Toshiba)
TOSHIBA SD Memory Card Format (HKLM\...\{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}) (Version:  - )
TOSHIBA Software Modem (HKLM\...\TOSHIBA Software Modem) (Version: 2.1.62 (SM2162ALD04) - )
TOSHIBA Software Upgrades (HKLM\...\{425A2BC2-AA64-4107-9C29-484245BBEA05}) (Version:  - )
TOSHIBA Speech System Applications (HKLM\...\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}) (Version:  - )
TOSHIBA Speech System SR Engine(U.S.) Version1.0 (HKLM\...\{008D69EB-70FF-46AB-9C75-924620DF191A}) (Version:  - )
TOSHIBA Speech System TTS Engine(U.S.) Version1.0 (HKLM\...\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}) (Version:  - )
TOSHIBA TouchPad ON/Off Utility (HKLM\...\{69BE47C2-36FE-4397-8199-85D8EAE69982}) (Version: 1.00.01ST - )
TOSHIBA TV Tuner 4.0.12.73 (HKLM\...\TOSHIBA TV Tuner) (Version: 4.0.12.73 - AVerMedia TECHNOLOGIES, Inc.)
TOSHIBA Utilities (HKLM\...\{78C68CB9-3DF5-44F3-AB9D-FA305C5EB85C}) (Version: 1.00.07ST - )
TOSHIBA Virtual Sound (HKLM\...\{8B12BA86-ADAC-4BA6-B441-FFC591087252}) (Version:  - )
TOSHIBA Zooming Utility (HKLM\...\{64212898-097F-4F3F-AECA-6D34A7EF82DF}) (Version:  - )
TuneUp Utilities 2006 (HKLM\...\{868D7896-99D4-4513-BC62-2B3AD3E24926}) (Version: 5.3.2343 - TuneUp Software)
Update Rollup 2 for Windows XP Media Center Edition 2005 (HKLM\...\KB900325) (Version:  - Microsoft Corporation)
Viewpoint Media Player (HKLM\...\ViewpointMediaPlayer) (Version:  - )
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VoipStunt (HKLM\...\VoipStunt_is1) (Version: 3.00 build 408 - Finarea S.A. Switzerland)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
WeFi 3.4.2.0 (HKLM\...\WeFi) (Version: 3.4.2.0 - WeFi Inc.)
Windows Defender (HKLM\...\{A06275F4-324B-4E85-95E6-87B2CD729401}) (Version: 1.1.1593.21 - Microsoft Corporation)
Windows Driver Package - Nokia Modem  (02/25/2011 4.7) (HKLM\...\E0AC723A3DE3A04256288CADBBB011B112AED454) (Version: 02/25/2011 4.7 - Nokia)
Windows Driver Package - Nokia Modem  (02/25/2011 7.01.0.9) (HKLM\...\72A50F48CC5601190B9C4E74D81161693133E7F7) (Version: 02/25/2011 7.01.0.9 - Nokia)
Windows Driver Package - Nokia Modem  (05/22/2008 3.8) (HKLM\...\C5A76DC11BABDA0A881E7BE8DDEB641365A77FFD) (Version: 05/22/2008 3.8 - Nokia)
Windows Driver Package - Nokia Modem  (05/22/2008 7.00.0.1) (HKLM\...\9CD348AE9C64C4B939B624E8E24F3903EFDFC82B) (Version: 05/22/2008 7.00.0.1 - Nokia)
Windows Driver Package - Nokia pccsmcfd “LegacyDriver”  (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Imaging Component (HKLM\...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM\...\Windows Media Format Runtime) (Version:  - )
Windows Media Player 11 (HKLM\...\Windows Media Player) (Version:  - )
Windows XP Media Center Edition 2005 KB2502898 (HKLM\...\KB2502898) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2619340 (HKLM\...\KB2619340) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2628259 (HKLM\...\KB2628259) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB888316 (HKLM\...\KB888316) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB894553 (HKLM\...\KB894553) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB895678 (HKLM\...\KB895678) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB925766 (HKLM\...\KB925766) (Version:  - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB973768 (HKLM\...\KB973768) (Version:  - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM\...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
WinPatrol 2008 (HKLM\...\WinPatrol) (Version: 15.9.2008.5 - BillP Studios)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2802971340-371014867-2627472942-1005_Classes\CLSID\{49BBAA3C-C574-419E-8378-783C362E9C15}\InprocServer32 -> C:\Program Files\HP\Common\FWUpdateEDO2.dll (Hewlett-Packard Co.)

==================== Restore Points =========================

07-09-2015 19:03:31 System Checkpoint
07-09-2015 21:00:26 Software Distribution Service 3.0
10-09-2015 12:43:22 Software Distribution Service 3.0
12-09-2015 19:48:50 Software Distribution Service 3.0
03-10-2015 17:32:44 Software Distribution Service 3.0
04-10-2015 09:44:52 Software Distribution Service 3.0
18-10-2015 18:15:24 System Checkpoint

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-02-15 16:02 - 2004-08-10 14:00 - 00000734 ____N C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\1-Click Maintenance.job => C:\Program Files\TuneUp Utilities 2006\SystemOptimizer.exe
Task: C:\WINDOWS\Tasks\20090411_114200_Mang.job => C:\Program Files\Nero\Nero 7\Nero BackItUp\BackItUp.exe8/TASKTYPE:NBSERVICE /JOBFILE:20090411_114200_Mang.nji
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\At1.job => C:\Program Files\HP\HP Deskjet 2510 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\At2.job => C:\Program Files\HP\HP Deskjet 2510 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\At3.job => C:\Program Files\HP\HP Deskjet 2510 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\At4.job => C:\Program Files\HP\HP Deskjet 2510 series\Bin\HPCustPartic.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job => C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job => C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\HP Photo Creations Communicator.job => C:\Documents and Settings\All Users\Application Data\HP Photo Creations\Communicator.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2802971340-371014867-2627472942-1005.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2802971340-371014867-2627472942-1005.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-2802971340-371014867-2627472942-1005.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-2802971340-371014867-2627472942-1005.job => C:\Program Files\Real\RealUpgrade\realupgrade.exe
Task: C:\WINDOWS\Tasks\{21E04F2D-0BB1-488B-B0BA-C3246E1FFDC7}_OTTO_Mang.job => C:\WINDOWS\system32\mobsync.exe
Task: C:\WINDOWS\Tasks\{700D1BF3-5389-4C8C-95C2-B0384496ADCF}_OTTO_Mang.job => C:\WINDOWS\system32\mobsync.exe
Task: C:\WINDOWS\Tasks\{FF123339-38E0-4957-893E-7E91FC7133EB}_OTTO_Mang.job => C:\WINDOWS\system32\mobsync.exe

==================== Loaded Modules (Whitelisted) ==============

2005-11-28 21:59 - 2005-11-28 21:59 - 00876544 ____N () C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll
2005-11-28 21:59 - 2005-11-28 21:59 - 00053322 ____N () C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
2005-11-28 21:59 - 2005-11-28 21:59 - 00208965 ____N () C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL
2004-07-21 03:04 - 2004-07-21 03:04 - 00094208 ____N () C:\WINDOWS\system32\TosBtHcrpAPI.dll
2014-01-20 20:17 - 2014-01-20 20:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 20:16 - 2014-01-20 20:16 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2006-02-25 06:28 - 2002-03-03 14:40 - 00045056 ____N () C:\WINDOWS\system32\TDispVol.dll
2006-02-16 11:19 - 2005-07-13 03:14 - 00040960 ____N () c:\TOSHIBA\IVP\swupdate\swupdtmr.exe
2015-09-07 18:37 - 2015-09-07 18:31 - 00152064 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.8.0\loggingserver.exe
2015-09-07 18:37 - 2015-09-07 18:32 - 00512000 _____ () C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.8.0\log4cplusU.dll
2006-02-15 18:25 - 2005-11-24 00:55 - 00118784 ____N () C:\WINDOWS\system32\TCtrlIO.DLL
2006-02-15 18:25 - 2006-01-05 04:14 - 00049152 ____N () C:\Program Files\Toshiba\Toshiba Applet\TouchPad_OnOff.dll
2005-11-28 21:59 - 2005-11-28 21:59 - 00876544 ____N () C:\Program Files\Intel\Wireless\bin\LIBEAY32.dll
2005-11-28 21:59 - 2005-11-28 21:59 - 00053322 ____N () C:\Program Files\Intel\Wireless\bin\IntStngs.dll
2013-08-13 13:09 - 2015-09-07 18:32 - 02567568 _____ () C:\Program Files\AVG Secure Search\vprot.exe
2013-12-09 03:51 - 2014-03-21 00:12 - 01603608 _____ () C:\Program Files\AVG Secure Search\TBAPI.dll
2013-07-12 14:52 - 2014-02-14 14:53 - 00036864 _____ () C:\Program Files\Samsung\Kies\Common\Kies.Common.DeviceServiceLib.Interface.dll
2013-07-12 14:53 - 2014-02-14 14:54 - 14959616 _____ () C:\Program Files\Samsung\Kies\Theme\Kies.Theme.dll
2013-07-12 14:52 - 2014-02-14 14:53 - 00594944 _____ () C:\Program Files\Samsung\Kies\Common\Kies.UI.dll
2013-06-18 16:36 - 2014-02-14 14:53 - 00023040 _____ () C:\Program Files\Samsung\Kies\MVVM\Kies.MVVM.dll
2013-06-14 19:57 - 2013-06-14 19:57 - 00057856 _____ () C:\Program Files\Samsung\Kies\External\MediaModules\ASF_cSharpAPI.dll
2012-06-26 13:11 - 2012-06-26 13:11 - 02302040 _____ () C:\Program Files\Nokia\Nokia PC Suite 7\QtCore4.dll
2012-06-26 13:11 - 2012-06-26 13:11 - 08197208 _____ () C:\Program Files\Nokia\Nokia PC Suite 7\QtGui4.dll
2012-06-26 13:11 - 2012-06-26 13:11 - 00345688 _____ () C:\Program Files\Nokia\Nokia PC Suite 7\QtXml4.dll
2012-06-26 13:10 - 2012-06-26 13:10 - 00202328 _____ () C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qjpeg4.dll
2012-06-26 13:10 - 2012-06-26 13:10 - 00027736 _____ () C:\Program Files\Nokia\Nokia PC Suite 7\imageformats\qsvg4.dll
2012-06-26 13:11 - 2012-06-26 13:11 - 00282200 _____ () C:\Program Files\Nokia\Nokia PC Suite 7\QtSvg4.dll
2013-08-13 22:46 - 2013-08-13 22:46 - 00033128 _____ () C:\Program Files\IncrediMail\bin\IMHttpComm.dll
2013-08-13 22:46 - 2013-08-13 22:46 - 00072104 _____ () C:\Program Files\IncrediMail\bin\wlessfp1.dll
2013-08-13 22:46 - 2013-08-13 22:46 - 00268712 _____ () C:\Program Files\IncrediMail\bin\ImLookExU.dll
2013-07-21 11:54 - 2013-07-21 11:54 - 00108888 _____ () C:\Program Files\IncrediMail\bin\pmc.dll
2006-02-15 16:02 - 2008-04-14 02:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2006-02-15 16:03 - 2008-04-14 02:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2005-07-23 07:30 - 2005-07-23 07:30 - 00065536 ____N () C:\WINDOWS\system32\TosCommAPI.dll
2005-11-03 21:37 - 2005-11-03 21:37 - 00970862 ____N () C:\Program Files\Intel\Wireless\Bin\acAuth.dll
2005-11-28 21:59 - 2005-11-28 21:59 - 00208965 ____N () C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
2005-11-28 21:59 - 2005-11-28 21:59 - 00876544 ____N () C:\Program Files\Intel\Wireless\Bin\Libeay32.dll
2013-08-13 22:46 - 2013-08-13 22:46 - 00033128 _____ () C:\Program Files\IncrediMail\Bin\IMHttpComm.dll
2013-08-13 22:46 - 2013-08-13 22:46 - 00072104 _____ () C:\Program Files\IncrediMail\Bin\wlessfp1.dll
2013-08-13 22:46 - 2013-08-13 22:46 - 00268712 _____ () C:\Program Files\IncrediMail\Bin\ImLookExU.dll
2013-08-13 22:46 - 2013-08-13 22:46 - 00080296 _____ () C:\Program Files\IncrediMail\bin\ImAppRU.dll
2013-08-13 22:46 - 2013-08-13 22:46 - 00133544 _____ () C:\Program Files\IncrediMail\Bin\ImComUtlU.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1-extreme.biz -> www.1-extreme.biz
IE restricted site: HKU\.DEFAULT\...\1001-search.info -> www.1001-search.info
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> 100sexlinks.com*-*Diese Website steht zum Verkauf!*-*Informationen zum Thema Sexlinks.
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\123topsearch.com -> www.123topsearch.com
IE restricted site: HKU\.DEFAULT\...\132.com -> www.132.com
IE restricted site: HKU\.DEFAULT\...\136136.net -> down.136136.net
IE restricted site: HKU\.DEFAULT\...\139mm.com -> 139mm.com
IE restricted site: HKU\.DEFAULT\...\163.com -> ÍøÒ×
IE restricted site: HKU\.DEFAULT\...\163ns.com -> ert0003.e76.163ns.com
IE restricted site: HKU\.DEFAULT\...\17-plus.com -> 17-plus.com
IE restricted site: HKU\.DEFAULT\...\171203.com -> 171203.com

There are 13028 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2802971340-371014867-2627472942-1005\Control Panel\Desktop\\Wallpaper -> Picasa\Backgrounds\picasabackground-001.bmp
HKU\S-1-5-21-2802971340-371014867-2627472942-500\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Toshiba.bmp
DNS Servers: Media is not connected to internet.
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^Mang^Start Menu^Programs^Startup^Einführung zu Media Manager.lnk => C:\WINDOWS\pss\Einführung zu Media Manager.lnkStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: InstallIQUpdater => "C:\Program Files\W3i\InstallIQUpdater\InstallIQUpdater.exe" /silent /autorun
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\qttask.exe" -atboottime
MSCONFIG\startupreg: SpybotSD TeaTimer => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: VoipStunt => "C:\Program Files\VoipStunt.com\VoipStunt\voipstunt.exe" -nosplash -minimized

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

StandardProfile\AuthorizedApplications: [C:\TOSHIBA\ivp\NetInt\Netint.exe] => Enabled:NIE - Toshiba Software Upgrade Engine
StandardProfile\AuthorizedApplications: [C:\TOSHIBA\Ivp\ISM\pinger.exe] => C:\TOSHIBA\IVP\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger
StandardProfile\AuthorizedApplications: [C:\Program Files\Real\RealPlayer\realplay.exe] => Enabled:RealPlayer
StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\AOL\Loader\aolload.exe] => Disabled:AOL Application Loader
StandardProfile\AuthorizedApplications: [C:\Program Files\VoipStunt.com\VoipStunt\VoipStunt.exe] => Enabled:VoipStunt
StandardProfile\AuthorizedApplications: [C:\Program Files\Messenger\msmsgs.exe] => Enabled:Windows Messenger
StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe] => Enabled:Nero ProductSetup
StandardProfile\AuthorizedApplications: [C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe] => Enabled:Nero Home
StandardProfile\AuthorizedApplications: [C:\Program Files\Microsoft ActiveSync\wcescomm.exe] => Enabled:ActiveSync Connection Manager
StandardProfile\AuthorizedApplications: [C:\Program Files\Microsoft ActiveSync\WcesMgr.exe] => Enabled:ActiveSync Application
StandardProfile\AuthorizedApplications: [C:\Program Files\Nokia\Nokia Software Updater\nsu_ui_client.exe] => Enabled:Nokia Software Updater
StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\Nokia\Service Layer\A\nsl_host_process.exe] => Enabled:Nokia Service Layer Host Process 
StandardProfile\AuthorizedApplications: [C:\Program Files\SkyGolf\SkyCaddie Desktop\SkyCaddieDesktop.exe] => Enabled:SkyCaddie Desktop
StandardProfile\AuthorizedApplications: [C:\Program Files\Google\Google Earth\client\googleearth.exe] => Enabled:Google Earth
StandardProfile\AuthorizedApplications: [C:\Program Files\IncrediMail\Bin\IncMail.exe] => Enabled:IncrediMail
StandardProfile\AuthorizedApplications: [C:\Program Files\IncrediMail\Bin\ImApp.exe] => Enabled:IncrediMail
StandardProfile\AuthorizedApplications: [C:\Program Files\IncrediMail\Bin\ImpCnt.exe] => Enabled:IncrediMail
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\HP Deskjet 3520 series\Bin\DeviceSetup.exe] => :LocalSubNet:Enabled:HP Device Setup (HP Deskjet 3520 series)
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicator.exe] => :LocalSubNet:Enabled:HP Network Communicator (HP Deskjet 3520 series)
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPNetworkCommunicatorCom.exe] => :LocalSubNet:Enabled:HP Network Communicator COM (HP Deskjet 3520 series)
StandardProfile\AuthorizedApplications: [C:\Program Files\HP\HP Deskjet 2510 series\Bin\USBSetup.exe] => :LocalSubNet:Enabled:HP Device Setup (HP Deskjet 2510 series)
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\rundll32.exe] => Enabled:Run a DLL as an App
StandardProfile\AuthorizedApplications: [C:\WINDOWS\system32\dpvsetup.exe] => Enabled:Microsoft DirectPlay Voice Test
StandardProfile\AuthorizedApplications: [C:\Program Files\Bonjour\mDNSResponder.exe] => Enabled:Bonjour Service
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\AVG2014\avgmfapx.exe] => Enabled:AVG-Installationsprogramm
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\AVG2014\avgnsx.exe] => Enabled:Online Shield
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\AVG2014\avgdiagex.exe] => Enabled:AVG-Diagnose 2014
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\AVG2014\avgemcx.exe] => Enabled:Personal E-Mail-Scanner
StandardProfile\AuthorizedApplications: [C:\Program Files\iTunes\iTunes.exe] => Enabled:iTunes
StandardProfile\AuthorizedApplications: [C:\Program Files\Skype\Phone\Skype.exe] => Enabled:Skype
DomainProfile\GloballyOpenPorts: [139:TCP] => Enabled:@xpsp2res.dll,-22004
DomainProfile\GloballyOpenPorts: [445:TCP] => Enabled:@xpsp2res.dll,-22005
DomainProfile\GloballyOpenPorts: [137:UDP] => Enabled:@xpsp2res.dll,-22001
DomainProfile\GloballyOpenPorts: [138:UDP] => Enabled:@xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [2869:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22008
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [1900:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22007

==================== Faulty Device Manager Devices =============

Name: Nokia 9500
Description: Nokia 9500
Class Guid: {EEC5AD98-8080-425F-922A-DABF3DE3F69A}
Manufacturer: Nokia
Service: WUDFRd
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/18/2015 05:41:55 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: )
Description: HRESULT:0x8004FF04
Description:.  0x8004FF04.

Error: (10/18/2015 05:41:47 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (10/04/2015 12:40:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application apc.exe, version 1.0.0.0, faulting module apc.exe, version 1.0.0.0, fault address 0x00180011.
Processing media-specific event for [apc.exe!ws!]

Error: (10/04/2015 12:40:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application apc.exe, version 1.0.0.0, faulting module apc.exe, version 1.0.0.0, fault address 0x00180011.
Processing media-specific event for [apc.exe!ws!]

Error: (10/04/2015 12:40:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application apc.exe, version 1.0.0.0, faulting module apc.exe, version 1.0.0.0, fault address 0x00180011.
Processing media-specific event for [apc.exe!ws!]

Error: (10/04/2015 09:54:06 AM) (Source: MsiInstaller) (EventID: 1024) (User: OTTO)
Description: Product: Microsoft Outlook 2002 - Update '{4757E865-0292-4E04-940D-9C51052A5DD6}' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (10/04/2015 09:54:05 AM) (Source: MsiInstaller) (EventID: 11706) (User: OTTO)
Description: Produkt: Microsoft Outlook 2002 -- Fehler 1706. Setup kann die benötigten Dateien nicht finden. Überprüfen Sie Ihre Verbindung mit dem Netzwerk oder dem CD-ROM-Laufwerk. Um mehr über mögliche Lösungen für dieses Problem zu erfahren, sehen sie bitte nach in C:\Program Files\Microsoft Office\Office10\1031\SETUP.HLP.

Error: (10/03/2015 05:34:43 PM) (Source: MsiInstaller) (EventID: 1024) (User: OTTO)
Description: Product: Microsoft Outlook 2002 - Update '{4757E865-0292-4E04-940D-9C51052A5DD6}' could not be installed. Error code 1603. Windows Installer can create logs to help troubleshoot issues with installing software packages. Use the following link for instructions on turning on logging support: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (10/03/2015 05:34:41 PM) (Source: MsiInstaller) (EventID: 11706) (User: OTTO)
Description: Produkt: Microsoft Outlook 2002 -- Fehler 1706. Setup kann die benötigten Dateien nicht finden. Überprüfen Sie Ihre Verbindung mit dem Netzwerk oder dem CD-ROM-Laufwerk. Um mehr über mögliche Lösungen für dieses Problem zu erfahren, sehen sie bitte nach in C:\Program Files\Microsoft Office\Office10\1031\SETUP.HLP.

Error: (09/16/2015 08:20:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application ufdsvc.exe, version 1.0.0.7, faulting module ufdsvc.exe, version 1.0.0.7, fault address 0x00006b7f.
Processing media-specific event for [ufdsvc.exe!ws!]


System errors:
=============
Error: (10/20/2015 02:00:50 PM) (Source: W32Time) (EventID: 29) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible. 
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.

Error: (10/20/2015 02:00:50 PM) (Source: W32Time) (EventID: 17) (User: )
Description: Time Provider NtpClient: An error occurred during DNS lookup of the manually
configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15
minutes.
The error was: A socket operation was attempted to an unreachable host. (0x80072751)

Error: (10/20/2015 02:00:38 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The AVG Firewall service terminated with service-specific error 3758162007 (0xE0010057).

Error: (10/20/2015 02:00:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Application Layer Gateway Service service failed to start due to the following error: 
%%1053

Error: (10/20/2015 02:00:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Application Layer Gateway Service service to connect.

Error: (10/20/2015 01:59:27 PM) (Source: DCOM) (EventID: 10005) (User: OTTO)
Description: DCOM got error "%%1058" attempting to start the service upnphost with arguments ""
in order to run the server:
{204810B9-73B2-11D4-BF42-00B0D0118B56}

Error: (10/20/2015 01:59:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Media Center Extender Service service depends on the SSDP Discovery Service service which failed to start because of the following error: 
%%1058

Error: (10/20/2015 01:59:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Philips ThumbCam Video Device service failed to start due to the following error: 
%%1058

Error: (10/20/2015 01:59:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The StarOpen service failed to start due to the following error: 
%%2

Error: (10/19/2015 10:33:16 AM) (Source: W32Time) (EventID: 29) (User: )
Description: The time provider NtpClient is configured to acquire time from one or more
time sources, however none of the sources are currently accessible. 
No attempt to contact a source will be made for 14 minutes.
NtpClient has no source of accurate time.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 CPU T5200 @ 1.60GHz
Percentage of memory in use: 71%
Total physical RAM: 1525.98 MB
Available physical RAM: 438.21 MB
Total Virtual: 3424.56 MB
Available Virtual: 2358.93 MB

==================== Drives ================================

Drive c: (Laptop Toshiba(C:)) (Fixed) (Total:148.8 GB) (Free:54.5 GB) NTFS ==>[drive with boot components (Windows XP)]
Drive e: (JG WIRTSCH) (Removable) (Total:1.86 GB) (Free:1.86 GB) FAT

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 149.1 GB) (Disk ID: 42B142B1)
Partition 1: (Active) - (Size=148.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=251 MB) - (Type=88)

========================================================
Disk: 1 (Size: 1.9 GB) (Disk ID: 73696420)
No partition Table on disk 1.

==================== End of Addition.txt ============================
         
--- --- ---

--- --- ---

--- --- ---


FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:18-10-2015
Ran by Mang (administrator) on OTTO (20-10-2015 14:06:55)
Running from E:\
Loaded Profiles: Mang & Administrator (Available Profiles: Mang & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(TOSHIBA CORPORATION) C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
(Matsushita Electric Industrial Co., Ltd.) C:\WINDOWS\system32\DVDRAMSV.exe
(MAGIX AG) C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe
(Sun Microsystems, Inc.) C:\Program Files\Java\jre6\bin\jqs.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Media Manager\AIRSVCU.EXE
(Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Skype Technologies S.A.) C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
() C:\TOSHIBA\IVP\swupdate\swupdtmr.exe
(TOSHIBA Corp.) C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
(Generic) C:\WINDOWS\system32\ufdsvc.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.8.0\ToolbarUpdater.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.8.0\loggingserver.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
(TOSHIBA Corporation) C:\WINDOWS\system32\TDispVol.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA) C:\Program Files\TOSHIBA\TOSHIBA Applet\THotkey.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
(Agere Systems) C:\WINDOWS\agrsmmsg.exe
(TOSHIBA Corporation) C:\WINDOWS\system32\TPSMain.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\Toshiba.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
(Babylon Ltd.) C:\Program Files\Babylon\Babylon-Pro\Babylon.exe
(BillP Studios) C:\Program Files\BillP Studios\WinPatrol\WinPatrol.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
() C:\Program Files\AVG Secure Search\vprot.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(TOSHIBA Corporation) C:\WINDOWS\system32\TPSBattM.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(RealNetworks, Inc.) C:\Program Files\Real\RealPlayer\Update\realsched.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Program Files\Microsoft ActiveSync\wcescomm.exe
(Samsung) C:\Program Files\Samsung\Kies\Kies.exe
(Nokia) C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
(TomTom) C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
(IncrediMail, Ltd.) C:\Program Files\IncrediMail\Bin\IncMail.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TOSHIBA CORPORATION.) C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(Intel Corporation) C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
(Microsoft Corporation) C:\WINDOWS\system32\rundll32.exe
(TOSHIBA CORPORATION.) C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosA2dp.exe
(TOSHIBA CORPORATION.) C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtHSP.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(IncrediMail, Ltd.) C:\Program Files\IncrediMail\Bin\ImApp.exe
(Nokia) C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
(Nokia) C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TFncKy] => TFncKy.exe
HKLM\...\Run: [TDispVol] => C:\WINDOWS\system32\TDispVol.exe [73728 2005-03-12] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [761945 2005-12-16] (Synaptics, Inc.)
HKLM\...\Run: [THotkey] => C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe [352256 2006-01-06] (TOSHIBA)
HKLM\...\Run: [SynTPLpr] => C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [82009 2005-12-16] (Synaptics, Inc.)
HKLM\...\Run: [AGRSMMSG] => C:\WINDOWS\AGRSMMSG.exe [88203 2005-10-15] (Agere Systems)
HKLM\...\Run: [TPSMain] => C:\WINDOWS\system32\TPSMain.exe [282624 2005-06-01] (TOSHIBA Corporation)
HKLM\...\Run: [Pinger] => c:\toshiba\ivp\ism\pinger.exe [151552 2005-03-18] (TOSHIBA Corporation)
HKLM\...\Run: [IntelZeroConfig] => C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [667718 2005-12-05] (Intel Corporation)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [602182 2005-11-28] (Intel Corporation)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [866584 2006-11-04] (Microsoft Corporation)
HKLM\...\Run: [Babylon Client] => C:\Program Files\Babylon\Babylon-Pro\Babylon.exe [3551456 2008-03-11] (Babylon Ltd.)
HKLM\...\Run: [WinPatrol] => C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [333120 2008-10-09] (BillP Studios)
HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\...\Run: [vProt] => C:\Program Files\AVG Secure Search\vprot.exe [2567568 2015-09-07] ()
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [4971024 2014-03-20] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [TkBellExe] => C:\program files\real\realplayer\update\realsched.exe [295512 2014-03-02] (RealNetworks, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\...\Run: [H/PC Connection Agent] => C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE [401491 2004-02-03] (Microsoft Corporation)
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\...\Run: [PC Suite Tray] => C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\...\Run: [TomTomHOME.exe] => C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom)
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-02-14] (Samsung)
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\...\Run: [IncrediMail] => C:\Program Files\IncrediMail\bin\IncMail.exe [367016 2013-08-13] (IncrediMail, Ltd.)
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\...\MountPoints2: {61ac6e6f-a7fa-11de-8aca-0018de53a3d3} - E:\LaunchU3.exe -a
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\...\MountPoints2: {ae0efffa-6a92-11e5-8e66-0018de53a3d3} - E:\MotoCastSetup.exe -a
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\wpgldfsh.scr [4396544 2004-08-10] (Microsoft Corporation)
HKU\S-1-5-21-2802971340-371014867-2627472942-500\...\Run: [MSMSGS] => C:\Program Files\Messenger\msmsgs.exe [1695232 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-21-2802971340-371014867-2627472942-500\...\Run: [TOSCDSPD] => C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [65536 2004-12-30] (TOSHIBA)
HKU\S-1-5-21-2802971340-371014867-2627472942-500\...\RunOnce: [NeroHomeFirstStart] => C:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe [16680 2008-01-22] (Nero AG)
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => c:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [39264 2007-03-13] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Google Update] => C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [116648 2015-07-19] (Google Inc.)
HKU\S-1-5-18\...\Run: [Google+ Auto Backup] => C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3754312 2015-02-13] (Google Inc.)
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll [83224 2006-11-04] (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk [2012-06-28]
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\Documents and Settings\Mang\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 2510 series.lnk [2013-12-06]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 2510 series.lnk -> C:\Program Files\HP\HP Deskjet 2510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Documents and Settings\Mang\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3520 series.lnk [2013-10-03]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 3520 series.lnk -> C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.)

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.toshibadirect.com/dpdstart
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.toshiba.com/search
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.toshibadirect.com/dpdstart
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.toshiba.com/search
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.toshibadirect.com/dpdstart
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.toshiba.com/search
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://orf.at
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\Software\Microsoft\Internet Explorer\Main,Start Page Restore = hxxp://orf.at/
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://orf.at
HKU\S-1-5-21-2802971340-371014867-2627472942-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.toshibadirect.com/dpdstart
HKU\S-1-5-21-2802971340-371014867-2627472942-500\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxp://www.outfox.tv?referid=180" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
SearchScopes: HKLM -> {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
SearchScopes: HKU\.DEFAULT -> DefaultScope {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = 
SearchScopes: HKU\S-1-5-21-2802971340-371014867-2627472942-1005 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch
SearchScopes: HKU\S-1-5-21-2802971340-371014867-2627472942-1005 -> {23758B0B-0D9F-32A3-A476-D9B1033E7A1E} URL = hxxp://www.bing.com/search?q={searchTerms}&pc=ZUGO&form=ZGAIDF
SearchScopes: HKU\S-1-5-21-2802971340-371014867-2627472942-1005 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-21-2802971340-371014867-2627472942-1005 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={E312C148-C991-4268-97BA-41EE53CD52F3}&mid=11cb3ac03a1b47d3aecad15198b74a20-e73261b1d92cda072a5cfd9b3ff6d538334bd3b2&lang=de&ds=lw011&pr=sa&d=2013-08-13 13:09:52&v=15.4.0.5&pid=avg&sg=0&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2802971340-371014867-2627472942-1005 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT1460988
SearchScopes: HKU\S-1-5-21-2802971340-371014867-2627472942-1005 -> {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&query={searchTerms}&invocationType=tb50winampie7
BHO: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2010-09-23] (Adobe Systems Incorporated)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-23] (Adobe Systems Incorporated)
BHO: myBabylon Toolbar -> {34ea1c70-42cc-42c5-aa29-ec58b95a343e} -> C:\Program Files\myBabylon\tbmyB0.dll [2008-02-14] (Conduit Ltd.)
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2008-09-15] (Safer Networking Limited)
BHO: EWPBrowseObject Class -> {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} -> C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-04-19] ()
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2012-02-17] (Sun Microsystems, Inc.)
BHO: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG Secure Search\18.8.0.180\AVG Secure Search_toolbar.dll [2015-09-07] (AVG Secure Search)
BHO: Search Toolbar -> {9D425283-D487-4337-BAB6-AB8354A81457} -> C:\Program Files\Search Toolbar\SearchToolbar.dll [2010-04-08] ()
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-02-17] (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-02-17] (Sun Microsystems, Inc.)
Toolbar: HKLM - Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2006-04-19] ()
Toolbar: HKLM - myBabylon Toolbar - {34ea1c70-42cc-42c5-aa29-ec58b95a343e} - C:\Program Files\myBabylon\tbmyB0.dll [2008-02-14] (Conduit Ltd.)
Toolbar: HKLM - Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll [2010-04-08] ()
Toolbar: HKLM - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\18.8.0.180\AVG Secure Search_toolbar.dll [2015-09-07] (AVG Secure Search)
Toolbar: HKU\.DEFAULT -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKU\S-1-5-21-2802971340-371014867-2627472942-1005 -> Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -  No File
Toolbar: HKU\S-1-5-21-2802971340-371014867-2627472942-1005 -> myBabylon Toolbar - {34EA1C70-42CC-42C5-AA29-EC58B95A343E} - C:\Program Files\myBabylon\tbmyB0.dll [2008-02-14] (Conduit Ltd.)
Toolbar: HKU\S-1-5-21-2802971340-371014867-2627472942-1005 -> No Name - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} -  No File
Toolbar: HKU\S-1-5-21-2802971340-371014867-2627472942-1005 -> Search Toolbar - {9D425283-D487-4337-BAB6-AB8354A81457} - C:\Program Files\Search Toolbar\SearchToolbar.dll [2010-04-08] ()
Toolbar: HKU\S-1-5-21-2802971340-371014867-2627472942-1005 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  No File
Toolbar: HKU\S-1-5-21-2802971340-371014867-2627472942-500 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
Handler: mctp - {d7b95390-b1c5-11d0-b111-0080c712fe82} - C:\Program Files\Microsoft ActiveSync\aatp.dll [2004-02-03] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2001-06-20] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.8.0\ViProtocol.dll [2015-09-07] (AVG Secure Search)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Mang\Application Data\Mozilla\Firefox\Profiles\dkoeyld7.default
FF Homepage: hxxp://orf.at
hxxp://orf.at
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.8.0\\npsitesafety.dll [No File]
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa2,version=2.0.0 -> C:\Program Files\Picasa2\npPicasa2.dll [No File]
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [2012-02-17] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2014-03-02] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2014-03-02] (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Documents and Settings\All Users\Application Data\Visan\plugins\npRLSecurePluginLayer.dll [2014-02-19] (RocketLife, LLP)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-07] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-07] (Google Inc.)
FF Plugin: @viewpoint.com/VMP -> C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll [2004-02-20] ()
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\PROGRA~1\Yahoo!\Common\npyaxmpb.dll [2006-08-16] (Yahoo! Inc.)
FF Plugin HKU\.DEFAULT: @tools.google.com/Google Update;version=3 -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2015-07-19] (Google Inc.)
FF Plugin HKU\.DEFAULT: @tools.google.com/Google Update;version=9 -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2015-07-19] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2007-05-11] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-21] [not signed]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2012-02-17] [not signed]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-03-02] [not signed]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 APNMCP; C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe [166352 2014-02-13] (APN LLC.)
S2 avgfws; C:\Program Files\AVG\AVG2014\avgfws.exe [1358944 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3782672 2014-02-24] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 CFSvcs; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2005-01-18] (TOSHIBA CORPORATION) [File not signed]
R2 DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [110592 2004-08-28] (Matsushita Electric Industrial Co., Ltd.) [File not signed]
R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [114753 2005-11-28] (Intel Corporation) [File not signed]
R2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S2 gupdate1c9b07f485552ba; C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-07] (Google Inc.)
R2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2012-02-17] (Sun Microsystems, Inc.)
S2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [270336 2001-02-23] (Microsoft Corporation) [File not signed]
S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]
R2 MMIndexer; C:\Program Files\Common Files\Microsoft Shared\Media Manager\airsvcu.exe [137216 1997-07-29] (Microsoft Corporation) [File not signed]
S4 OutfoxTvService; C:\Program Files\OutfoxTV\OutfoxTvService.exe [310672 2013-12-21] (Outfox Tv Productions Pty Ltd)
S4 PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
S4 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
R2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [217164 2005-11-28] (Intel Corporation) [File not signed]
R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [540745 2005-11-28] (Intel Corporation ) [File not signed]
R2 Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
R2 Swupdtmr; c:\TOSHIBA\IVP\swupdate\swupdtmr.exe [40960 2005-07-13] () [File not signed]
R2 TAPPSRV; C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe [35328 2005-12-20] (TOSHIBA Corp.) [File not signed]
R2 UFDSVC; C:\WINDOWS\system32\ufdsvc.exe [69632 2006-02-15] (Generic) [File not signed]
R2 vToolbarUpdater18.8.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.8.0\ToolbarUpdater.exe [1861520 2015-09-07] (AVG Secure Search)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-04] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21275 2006-12-23] (Meetinghouse Data Communications) [File not signed]
R3 AgereSoftModem; C:\WINDOWS\System32\DRIVERS\AGRSM.sys [1122656 2005-11-15] (Agere Systems) [File not signed]
R3 ASAPIW2k; C:\WINDOWS\System32\drivers\ASAPIW2k.sys [11264 2004-03-10] (Pinnacle Systems GmbH) [File not signed]
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [120600 2013-11-26] (AVG Technologies CZ, s.r.o.)
R3 Avgfwdx; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-13] (AVG Technologies CZ, s.r.o.)
S3 Avgfwfd; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [210712 2013-11-26] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [149272 2013-11-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [22808 2014-01-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [176952 2013-11-01] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [222520 2013-11-01] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [102712 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27448 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
S2 Ca50xav; C:\WINDOWS\System32\Drivers\Ca50xav.sys [515803 2002-10-21] (Digital Camera)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R3 Iviaspi; C:\WINDOWS\System32\drivers\iviaspi.sys [21060 2003-09-11] (InterVideo, Inc.) [File not signed]
R3 MarvinBus; C:\WINDOWS\System32\DRIVERS\MarvinBus.sys [171008 2005-01-28] (Pinnacle Systems GmbH) [File not signed]
R1 meiudf; C:\WINDOWS\System32\Drivers\meiudf.sys [102384 2005-06-02] (Matsushita Electric Industrial Co.,Ltd.) [File not signed]
S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
S3 MR97310_USB_DUAL_CAMERA; C:\WINDOWS\System32\DRIVERS\mr97310c.sys [129875 2002-12-13] (Mars Semiconductor Corp.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R2 Netdevio; C:\WINDOWS\System32\DRIVERS\netdevio.sys [12032 2003-01-30] (TOSHIBA Corporation.) [File not signed]
R1 PCLEPCI; C:\WINDOWS\system32\drivers\pclepci.sys [14165 2002-03-19] (Pinnacle Systems GmbH) [File not signed]
R3 Pfc; C:\WINDOWS\System32\drivers\pfc.sys [10368 2003-09-19] (Padus, Inc.) [File not signed]
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [13568 2005-11-28] (Intel Corporation) [File not signed]
S3 slabbus; C:\WINDOWS\System32\DRIVERS\slabbus.sys [52384 2004-03-26] (MCCI)
S3 slabser; C:\WINDOWS\System32\DRIVERS\slabser.sys [84512 2004-03-26] (MCCI)
R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [28520 2013-04-11] (Avira GmbH)
R3 SynTP; C:\WINDOWS\System32\DRIVERS\SynTP.sys [191936 2005-12-16] (Synaptics, Inc.) [File not signed]
R3 tbiosdrv; C:\WINDOWS\System32\DRIVERS\tbiosdrv.sys [9472 2005-08-25] ()
R3 tifm21; C:\WINDOWS\System32\drivers\tifm21.sys [162560 2005-11-30] (Texas Instruments) [File not signed]
S3 tosrfec; C:\WINDOWS\System32\DRIVERS\tosrfec.sys [9344 2005-09-10] (TOSHIBA Corporation) [File not signed]
R3 TVALD; C:\WINDOWS\System32\DRIVERS\NBSMI.sys [6144 2005-10-21] (Toshiba Corporation) [File not signed]
R3 Tvs; C:\WINDOWS\System32\DRIVERS\Tvs.sys [43392 2005-11-30] (TOSHIBA Corporation) [File not signed]
S3 USB28xxBGA; C:\WINDOWS\System32\DRIVERS\emBDA.sys [565248 2009-02-27] (eMPIA Technology, Inc.)
S3 USB28xxOEM; C:\WINDOWS\System32\DRIVERS\emOEM.sys [522880 2009-02-27] (eMPIA Technology, Inc.)
S3 USBCamera; C:\WINDOWS\System32\Drivers\Bulk50x.sys [10986 2002-07-25] (USB BULK)
R3 w39n51; C:\WINDOWS\System32\DRIVERS\w39n51.sys [1428096 2005-12-04] (Intel® Corporation)
S3 wanatw; C:\WINDOWS\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)
S3 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [28672 2006-11-07] (Microsoft Corporation)
S3 ASFWHide; no ImagePath
S4 IntelIde; no ImagePath
S3 IO_Memory; no ImagePath
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S2 StarOpen; no ImagePath
S3 SVRPEDRV; no ImagePath
U5 Tosrfcom; C:\Windows\System32\Drivers\Tosrfcom.sys [64896 2005-08-02] (TOSHIBA Corporation) [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-20 14:06 - 2015-10-20 14:07 - 00000000 ____D C:\FRST
2015-10-18 17:41 - 2015-10-18 17:41 - 00001919 _____ C:\WINDOWS\epplauncher.mif
2015-10-04 16:14 - 2015-10-04 16:14 - 00000000 ____D C:\Documents and Settings\Mang\Local Settings\Application Data\AvgSetupLog
2015-10-04 16:14 - 2015-10-04 16:14 - 00000000 ____D C:\Documents and Settings\Mang\Local Settings\Application Data\Avg
2015-10-04 14:45 - 2015-10-04 14:46 - 00000000 ____D C:\KVRT_Data

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-20 14:08 - 2006-12-23 03:12 - 00000000 ____D C:\Documents and Settings\Mang\Local Settings\Temp
2015-10-20 14:03 - 2014-02-27 23:01 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData
2015-10-20 14:02 - 2014-02-01 16:06 - 00240559 _____ C:\WINDOWS\setupapi.log
2015-10-20 14:02 - 2008-08-06 18:27 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Babylon
2015-10-20 14:02 - 2006-02-15 17:37 - 01302842 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-20 14:01 - 2013-12-06 01:01 - 00000456 _____ C:\WINDOWS\Tasks\At4.job
2015-10-20 14:01 - 2006-02-15 16:04 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl
2015-10-20 13:58 - 2014-03-02 18:55 - 00000276 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2802971340-371014867-2627472942-1005.job
2015-10-20 13:58 - 2014-02-01 16:00 - 00000157 _____ C:\WINDOWS\wiadebug.log
2015-10-20 13:58 - 2014-02-01 16:00 - 00000050 _____ C:\WINDOWS\wiaservc.log
2015-10-20 13:58 - 2011-01-07 20:08 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-20 13:58 - 2010-03-08 02:09 - 00000276 _____ C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-2802971340-371014867-2627472942-1005.job
2015-10-20 13:58 - 2006-02-15 17:42 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-19 10:49 - 2006-12-23 03:12 - 00000278 ___SH C:\Documents and Settings\Mang\ntuser.ini
2015-10-19 10:49 - 2006-02-15 17:42 - 00032412 _____ C:\WINDOWS\SchedLgU.Txt
2015-10-19 10:48 - 2012-08-21 18:09 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-10-19 10:43 - 2009-08-29 23:47 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-19 10:34 - 2014-02-08 01:44 - 00000998 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job
2015-10-19 10:19 - 2007-01-20 19:13 - 00000014 ____H C:\cmsstorage.lst
2015-10-19 10:19 - 2007-01-20 19:13 - 00000000 ____H C:\WINDOWS\cmsstorage.lst
2015-10-19 10:10 - 2013-12-06 01:01 - 00000456 _____ C:\WINDOWS\Tasks\At1.job
2015-10-18 18:40 - 2006-12-23 03:12 - 00000000 ____D C:\Documents and Settings\Mang
2015-10-18 18:01 - 2013-12-06 01:01 - 00000456 _____ C:\WINDOWS\Tasks\At3.job
2015-10-18 17:50 - 2014-01-21 16:35 - 00000488 _____ C:\WINDOWS\Tasks\HP Photo Creations Communicator.job
2015-10-04 14:25 - 2006-02-15 09:30 - 00617682 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-04 11:22 - 2010-03-08 02:09 - 00000284 _____ C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-2802971340-371014867-2627472942-1005.job
2015-10-03 22:38 - 2009-07-23 22:25 - 00000000 ____D C:\Documents and Settings\Mang\Application Data\Skype
2015-10-03 20:40 - 2013-12-06 01:01 - 00000456 _____ C:\WINDOWS\Tasks\At2.job

==================== Files in the root of some directories =======

2008-03-14 19:44 - 2008-03-14 19:44 - 0002528 ____C () C:\Documents and Settings\Mang\Application Data\$_hpcst$.hpc
2014-04-25 04:34 - 2014-04-25 04:34 - 0000288 _____ () C:\Documents and Settings\Mang\Application Data\.backup.dm
2006-12-28 16:44 - 2006-12-28 16:47 - 0000158 ____C () C:\Documents and Settings\Mang\Application Data\wklnhst.dat
2006-12-23 21:05 - 2014-07-02 21:27 - 0055808 ____C () C:\Documents and Settings\Mang\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2006-12-23 03:12 - 2006-12-30 05:23 - 0000127 ____C () C:\Documents and Settings\Mang\Local Settings\Application Data\fusioncache.dat

Files to move or delete:
====================
C:\Windows\Tasks\At1.job
C:\Windows\Tasks\At2.job
C:\Windows\Tasks\At3.job
C:\Windows\Tasks\At4.job


Some files in TEMP:
====================
C:\Documents and Settings\Administrator\Local Settings\Temp\uninst.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\ymdc.exe
C:\Documents and Settings\Default User\Local Settings\Temp\uninst.dll
C:\Documents and Settings\Default User\Local Settings\Temp\ymdc.exe
C:\Documents and Settings\Mang\Local Settings\Temp\3kjgerj_.dll
C:\Documents and Settings\Mang\Local Settings\Temp\avgnt.exe
C:\Documents and Settings\Mang\Local Settings\Temp\lowproc.exe
C:\Documents and Settings\Mang\Local Settings\Temp\MotoCast_Installer_1.2.7.exe
C:\Documents and Settings\Mang\Local Settings\Temp\nsj1C5.exe
C:\Documents and Settings\Mang\Local Settings\Temp\nsu1C2.exe
C:\Documents and Settings\Mang\Local Settings\Temp\nsv1BF.exe
C:\Documents and Settings\Mang\Local Settings\Temp\nsy1C8.exe
C:\Documents and Settings\Mang\Local Settings\Temp\Offercast_AVIRAV7_.exe
C:\Documents and Settings\Mang\Local Settings\Temp\rnsetup0.exe
C:\Documents and Settings\Mang\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\Mang\Local Settings\Temp\SPSetup.exe
C:\Documents and Settings\Mang\Local Settings\Temp\stubhelper.dll
C:\Documents and Settings\Mang\Local Settings\Temp\vlc-2.1.3-win32.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================
         
--- --- ---

--- --- ---

--- --- ---

WOOOW , ich habe es DOCH geschafft anscheinend!!!!!!


Alt 21.10.2015, 19:09   #6
schrauber
/// the machine
/// TB-Ausbilder
 

InstallBrain5BA in C:\Windows\System\32\   = gesichert, MalSign.OpenCandy.7AF...  C:\Documentsand Settin....  = gesichert, Trojaner : Crypt - Standard

InstallBrain5BA in C:\Windows\System\32\ = gesichert, MalSign.OpenCandy.7AF... C:\Documentsand Settin.... = gesichert, Trojaner : Crypt



Ja hast Du

aber jetzt mal ernsthaft:
Windows XP? Willst Du da echt noch Arbeit rein stecken? Das Gerät darf so eh nie wieder online.
__________________
--> InstallBrain5BA in C:\Windows\System\32\ = gesichert, MalSign.OpenCandy.7AF... C:\Documentsand Settin.... = gesichert, Trojaner : Crypt

Alt 21.10.2015, 22:59   #7
Golfplayer85
 
InstallBrain5BA in C:\Windows\System\32\   = gesichert, MalSign.OpenCandy.7AF...  C:\Documentsand Settin....  = gesichert, Trojaner : Crypt - Standard

InstallBrain5BA in C:\Windows\System\32\ = gesichert, MalSign.OpenCandy.7AF... C:\Documentsand Settin.... = gesichert, Trojaner : Crypt



Hallo, Danke . Du hast ja Recht und ich habe ja eh noch 2 andere Lapi -
einen mit W 7 und einen " mini " mit 8.1 aber auf dem XP habe ich so viele Sachen und Programme drauf außerdem hat der noch so viele andere Sachen/ Anschlüsse drauf die es heute nicht mehr gibt auf den NEUEN und außerdem kann ich eben auf den am besten meine Video´s reinspielen und mit Pinnacle schneiden. Dieses Pinnacle läuft nämlich nicht auf den neuen und daher müßte ich mir da ein neues Pinnacle kaufen und das lohnt sich nicht mehr da ich nicht mehr soviele Filme schneide da in Pension schon - bin ja schon 86 Jahre "Jung " aber noch sehr agil ; habe mit 82 erst zum Golf spielen angefangen und bin in den 4 Jahren v. HDC 45 auf schon 19 !! sofern Dir das was sagt. Ich sitze aber eh meistens auf dem W 7 6 Monate über den Sommer und dann auf dem Mini 8.1 die anderen 6 Monate in Florida überwintern. Das nur zu Deiner INFO.
Gruß
Otto. 21.10.15 um 23.59 Uhr erstellt und gesendet

Alt 22.10.2015, 18:03   #8
schrauber
/// the machine
/// TB-Ausbilder
 

InstallBrain5BA in C:\Windows\System\32\   = gesichert, MalSign.OpenCandy.7AF...  C:\Documentsand Settin....  = gesichert, Trojaner : Crypt - Standard

InstallBrain5BA in C:\Windows\System\32\ = gesichert, MalSign.OpenCandy.7AF... C:\Documentsand Settin.... = gesichert, Trojaner : Crypt



Für all das gibt es eine einfache Lösung:

XP als virtuelle Maschine installieren, auf einem der beiden anderen Geräte.
Problem ist, XP darf nicht mehr online. Wenn Du da Geldgeschäfte irgend einer Art machst oder Mails oder Passwörter nutzt ist das schon fast lebensmüde.

XP ist tot.

Aber was mich intressiert:
Welche Anschlüsse werden gebraucht, die an den neueren Geräten fehlen?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 22.10.2015, 22:34   #9
Golfplayer85
 
InstallBrain5BA in C:\Windows\System\32\   = gesichert, MalSign.OpenCandy.7AF...  C:\Documentsand Settin....  = gesichert, Trojaner : Crypt - Standard

InstallBrain5BA in C:\Windows\System\32\ = gesichert, MalSign.OpenCandy.7AF... C:\Documentsand Settin.... = gesichert, Trojaner : Crypt



Hallo, 1. es geht mir nicht ums XP, ich kann mir ja das Wichtigste ( Bilder uam. auf eien Stick oder externe geben und in einen meiner Anderen aufspielen aber das ist es nicht alleine ; am XP Lapi ist auch noch das gute alte PCMCA vorhanden wo ich alles dazu habe um Filme von meiner " Alten Kamera " reinspielen kann was mit dieser Kamera bei den NEUEN eben nicht geht.
2.Ich kann mit dem XP gar nicht mehr ins Internet , der Grund ?? ich hatte es kurz versucht aber nach DER Meldung NICHT auf OK gedrückt sondern rausgegangen und den Schalter am Lapi abgedreht !
Hier die Info abgeschrieben , es kommen insgesamt 5 Wirelessanschlüsse sichtbar plus
meiner A1-.....und DAS war die Meldung warum ich abgedreht hatte weil es beim Versuch immer auf eine oder andere Vorschlug aber nicht MEINE , die nahm es nicht an - 1x Versucht dann abgedreht .
Internet:
The selected network „ A1 –….. ist meines is a Computer to Computer network ( your wireless connection is currently configured to not connect Computer to Computer networks
( ich habe zwar mehrere Computer in Betrieb abwechselnd aber sicher NICHT comp to comp.! )
To allow your wireless connection to connect – to – connect –to-comp.-to-comp.networks
Follow this stepps.

1.) Click ok to dismiss this dialog and then click change the order of prefered networks,
2.) On the wireless connection properties that appears , click the advanced Button
3.) On the Advanced option page change witch networks your wireless can connected to
4.) Click close on the advanced dialog an OK on the wireless connection properties to apply this change OK
ALSO HIER KANN WAS NICHT STIMMEN !!!

1. Hatte ich vorgestern das probiert und meines A 1- … eingegeben und er sprang aber nicht auf MEINES sondern wieder auf ein anderes das auch in meiner Liste ist – habe da 5 + meinem !!! die 5 sind alle hier in meiner nähe und per WPS geschützt !!

Zur Info nebenbei --- ich hatte einen Trojaner in meinem PC u. kleinere Virus da ich seit Mai kein updat gemacht hatte weil nicht in Betrieb war seit Mai und im Mai ging aber mein richtiges Internet anstandslos AUTOMATISCH rein und jetzt eben nicht mehr !!
Ich habe den PC mit einer Avira CD ( die ich am anderen PC runtergeladen hatte.) gestartet und gescannt und alles entfernt mit AVIRA, jetzt sauber anscheinend aber DAS Internet geht trotzdem nicht sondern so wie oben beschrieben passiert !!
Heute nochmals AVIRA drübergelaufen und nichts mehr drinnen - nur das Internet ist eben komisch denn früher im Mai ging er noch automatisch rein ! - übrigens unsere anderen 4 PC sind nicht untereinander verbunden , jeder geht selbst allein rein.
Gruß
otto

Geldgeschäfte mache ich NIEMALS am PC , PW. speichere ich prinzipiell nicht ab.auch Mails hole ich schon lange nicht mehr am XP ab.

Alt 23.10.2015, 19:28   #10
schrauber
/// the machine
/// TB-Ausbilder
 

InstallBrain5BA in C:\Windows\System\32\   = gesichert, MalSign.OpenCandy.7AF...  C:\Documentsand Settin....  = gesichert, Trojaner : Crypt - Standard

InstallBrain5BA in C:\Windows\System\32\ = gesichert, MalSign.OpenCandy.7AF... C:\Documentsand Settin.... = gesichert, Trojaner : Crypt



Dann bereinigen wir mal:

Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    myBabylon Toolbar



  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 





Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 24.10.2015, 21:50   #11
Golfplayer85
 
InstallBrain5BA in C:\Windows\System\32\   = gesichert, MalSign.OpenCandy.7AF...  C:\Documentsand Settin....  = gesichert, Trojaner : Crypt - Standard

InstallBrain5BA in C:\Windows\System\32\ = gesichert, MalSign.OpenCandy.7AF... C:\Documentsand Settin.... = gesichert, Trojaner : Crypt



Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 10/24/2015
Suchlaufzeit: 5:55:41 PM
Protokolldatei: Desktop.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.09.22.05
Rootkit-Datenbank: v2015.09.18.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows XP Service Pack 3
CPU: x86
Dateisystem: NTFS
Benutzer: Mang

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 387576
Abgelaufene Zeit: 42 Min., 27 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 25
PUP.Optional.SearchToolbar, HKLM\SOFTWARE\CLASSES\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}, In Quarantäne, [5c91102267244fe77239f1ef689ac937],
PUP.Optional.SearchToolbar, HKLM\SOFTWARE\CLASSES\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}\INPROCSERVER32, In Quarantäne, [5c91102267244fe77239f1ef689ac937],
PUP.Optional.SearchToolbar, HKLM\SOFTWARE\CLASSES\SearchToolbarLib.CSearchToolbarImpl.1, In Quarantäne, [5c91102267244fe77239f1ef689ac937],
PUP.Optional.SearchToolbar, HKLM\SOFTWARE\CLASSES\SearchToolbarLib.CSearchToolbarImpl, In Quarantäne, [5c91102267244fe77239f1ef689ac937],
PUP.Optional.SearchToolbar, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{9D425283-D487-4337-BAB6-AB8354A81457}, In Quarantäne, [5c91102267244fe77239f1ef689ac937],
PUP.Optional.SearchToolbar, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{9D425283-D487-4337-BAB6-AB8354A81457}, In Quarantäne, [5c91102267244fe77239f1ef689ac937],
PUP.Optional.SearchToolbar, HKU\S-1-5-21-2802971340-371014867-2627472942-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{9D425283-D487-4337-BAB6-AB8354A81457}, In Quarantäne, [5c91102267244fe77239f1ef689ac937],
PUP.Optional.SearchToolbar, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{9D425283-D487-4337-BAB6-AB8354A81457}, In Quarantäne, [5c91102267244fe77239f1ef689ac937],
PUP.Optional.SearchToolbar, HKU\S-1-5-21-2802971340-371014867-2627472942-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{9D425283-D487-4337-BAB6-AB8354A81457}, In Quarantäne, [5c91102267244fe77239f1ef689ac937],
PUP.Optional.Babylon, HKU\S-1-5-21-2802971340-371014867-2627472942-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, In Quarantäne, [40adcf638ffcbb7b4b4a895bc1419868],
PUP.Optional.SpeedTest, HKU\S-1-5-21-2802971340-371014867-2627472942-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}, In Quarantäne, [a04d0f23503b9c9a0c1137b546bc718f],
PUP.Optional.SpeedTest, HKU\S-1-5-21-2802971340-371014867-2627472942-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}, In Quarantäne, [a04d0f23503b9c9a0c1137b546bc718f],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\AskPartnerNetwork, In Quarantäne, [c924f141dab12f07dbb18fa463a015eb],
Rogue.ErrorFix, HKLM\SOFTWARE\ErrorFix, In Quarantäne, [a845240ea5e6270f555a10b6ce35f20e],
PUP.Optional.MyFreeze, HKLM\SOFTWARE\Freeze.com, In Quarantäne, [c924d062bdce15215849ad007391ed13],
PUP.Optional.ASK.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{41564952-412D-5637-4300-A758B70C0A03}, In Quarantäne, [ac4157db4c3fce68a400e5ea5ea6bb45],
PUP.Optional.APNToolBar.Gen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\APNMCP, In Quarantäne, [ad401121f398fe38741a3ef540c337c9],
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-2802971340-371014867-2627472942-1005\SOFTWARE\AskPartnerNetwork, In Quarantäne, [ba33d9596724ad895c2f91a2f0137c84],
Rogue.ErrorFix, HKU\S-1-5-21-2802971340-371014867-2627472942-1005\SOFTWARE\ErrorFix, In Quarantäne, [a84535fd6c1f51e5dadd1f9ab44fe51b],
PUP.Optional.InstallIQ, HKU\S-1-5-21-2802971340-371014867-2627472942-1005\SOFTWARE\W3I\InstallIQUpdater, In Quarantäne, [44a92f03fd8ef244efd944ff0ef5fe02],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\TYPELIB\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\INTERFACE\{80703783-E415-4EE3-AB60-D36981C5A6F1}, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\CLSID\{41564952-412D-5637-4300-7A786E7484D7}, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],

Registrierungswerte: 6
PUP.Optional.SearchToolbar, HKU\S-1-5-21-2802971340-371014867-2627472942-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{9D425283-D487-4337-BAB6-AB8354A81457}, ƒRB‡Ô7Cº¶«ƒT¨ W, In Quarantäne, [5c91102267244fe77239f1ef689ac937]
PUP.Optional.SearchToolbar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{9D425283-D487-4337-BAB6-AB8354A81457}, Search Toolbar, In Quarantäne, [5c91102267244fe77239f1ef689ac937]
PUP.Optional.SearchToolbar, HKU\S-1-5-21-2802971340-371014867-2627472942-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{9D425283-D487-4337-BAB6-AB8354A81457}, In Quarantäne, [effe79b9414ade58595201df8f737789],
PUP.Optional.SearchToolbar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{9D425283-D487-4337-BAB6-AB8354A81457}, In Quarantäne, [a44953dfb6d582b42784934de121c937],
PUP.Optional.ASK.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{41564952-412D-5637-4300-A758B70C0A03}|InstallSource, C:\Documents and Settings\All Users\Application Data\APN\APN-Stub\AVIRA-V7C\, In Quarantäne, [ac4157db4c3fce68a400e5ea5ea6bb45]
PUP.Optional.Babylon, HKU\S-1-5-21-2802971340-371014867-2627472942-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|URL, hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch, In Quarantäne, [39b4aa88d4b7cd6965d17a0ea85c58a8]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 79
PUP.Optional.ConduitTB.Gen, C:\Program Files\Conduit\Community Alerts, In Quarantäne, [65884ee48a012d099bed3858f70d2cd4],
PUP.Optional.ConduitTB.Gen, C:\Program Files\Conduit, In Quarantäne, [65884ee48a012d099bed3858f70d2cd4],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\Main, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\Main\bin, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\Main\rep, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2), In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2), In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\bubble(2), In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2), In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\libs(2), In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\protection(2), In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\protectionDS(2), In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\settings(2), In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\uninstall(2), In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
Rogue.ErrorFix, C:\Documents and Settings\Mang\Application Data\ErrorFix, In Quarantäne, [d51843eff29960d6607636b80af836ca],
Rogue.ErrorFix, C:\Documents and Settings\Mang\Application Data\ErrorFix\Logs, In Quarantäne, [d51843eff29960d6607636b80af836ca],
Rogue.ErrorFix, C:\Documents and Settings\Mang\Application Data\ErrorFix\QuarantineW, In Quarantäne, [d51843eff29960d6607636b80af836ca],
Rogue.ErrorFix, C:\Documents and Settings\Mang\Application Data\ErrorFix\QuarantineW\2009-04-03 12-30-340, In Quarantäne, [d51843eff29960d6607636b80af836ca],
Rogue.ErrorFix, C:\Documents and Settings\Mang\Application Data\ErrorFix\Results, In Quarantäne, [d51843eff29960d6607636b80af836ca],
Rogue.Spyware.Remover, C:\Documents and Settings\Mang\Application Data\SpywareRemover, In Quarantäne, [b835230f088357df1a7521ce53af50b0],
Rogue.Spyware.Remover, C:\Documents and Settings\Mang\Application Data\SpywareRemover\Log, In Quarantäne, [b835230f088357df1a7521ce53af50b0],
Rogue.Spyware.Remover, C:\Documents and Settings\Mang\Application Data\SpywareRemover\Quarantine, In Quarantäne, [b835230f088357df1a7521ce53af50b0],
Rogue.Spyware.Remover, C:\Documents and Settings\Mang\Application Data\SpywareRemover\Registry Backups, In Quarantäne, [b835230f088357df1a7521ce53af50b0],
Rogue.Spyware.Remover, C:\Documents and Settings\Mang\Application Data\SpywareRemover\Settings, In Quarantäne, [b835230f088357df1a7521ce53af50b0],
PUP.Optional.OpenCandy, C:\Documents and Settings\Mang\Application Data\OpenCandy, In Quarantäne, [638a2e04b3d8f83ee6d25f9d8979639d],
PUP.Optional.OpenCandy, C:\Documents and Settings\Mang\Application Data\OpenCandy\CFB74D92A14D4AE5B7B354FA8AD79E46, In Quarantäne, [638a2e04b3d8f83ee6d25f9d8979639d],
PUP.Optional.APNToolBar.Gen, C:\Documents and Settings\All Users\Application Data\APN\APN-Stub, In Quarantäne, [09e471c10e7d3cfa9311788ce3207b85],
PUP.Optional.APNToolBar.Gen, C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork, In Quarantäne, [a548e64c3c4fd561386dba4aa2618779],
PUP.Optional.APNToolBar.Gen, C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork\Toolbar, In Quarantäne, [a548e64c3c4fd561386dba4aa2618779],
PUP.Optional.APNToolBar.Gen, C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork\Toolbar\AVIRA-V7C, In Quarantäne, [a548e64c3c4fd561386dba4aa2618779],
PUP.Optional.APNToolBar.Gen, C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX, In Quarantäne, [a548e64c3c4fd561386dba4aa2618779],
PUP.Optional.APNToolBar.Gen, C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\32.5, In Quarantäne, [a548e64c3c4fd561386dba4aa2618779],
PUP.Optional.APNToolBar.Gen, C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork\Toolbar\AVIRA-V7C\Updater, In Quarantäne, [a548e64c3c4fd561386dba4aa2618779],
PUP.Optional.APNToolBar.Gen, C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork\Toolbar\AVIRA-V7C\Updater\Config, In Quarantäne, [a548e64c3c4fd561386dba4aa2618779],
PUP.Optional.APNToolBar.Gen, C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork\Toolbar\AVIRA-V7C\Updater\Response, In Quarantäne, [a548e64c3c4fd561386dba4aa2618779],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\appdata, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\appdata\Mozilla, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\appdata\Mozilla\Firefox, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\appdata\Mozilla\Firefox\Profiles, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\common appdata, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\common appdata\AskPartnerNetwork, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\common appdata\AskPartnerNetwork\Toolbar, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\{Crx_Version}, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\Updater, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\Updater\{PartnerID}, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\VNT, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\Updater, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\Updater\AVIRA-V7C, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.InternetUpdater, C:\Documents and Settings\All Users\Application Data\InternetUpdater, In Quarantäne, [13dab280d1ba7cbaeb7932e99271c040],
PUP.Optional.SearchProtect, C:\Documents and Settings\Mang\Local Settings\Application Data\SearchProtect, In Quarantäne, [6f7e171b385305314c719492d231b14f],
PUP.Optional.SearchProtect, C:\Documents and Settings\Mang\Local Settings\Application Data\SearchProtect\SearchProtect, In Quarantäne, [6f7e171b385305314c719492d231b14f],
PUP.Optional.SearchProtect, C:\Documents and Settings\Mang\Local Settings\Application Data\SearchProtect\SearchProtect\rep, In Quarantäne, [6f7e171b385305314c719492d231b14f],
PUP.Optional.SearchProtect, C:\Documents and Settings\Mang\Local Settings\Application Data\SearchProtect\UI, In Quarantäne, [6f7e171b385305314c719492d231b14f],
PUP.Optional.SearchProtect, C:\Documents and Settings\Mang\Local Settings\Application Data\SearchProtect\UI\rep, In Quarantäne, [6f7e171b385305314c719492d231b14f],
PUP.Optional.Spigot, C:\Program Files\Common Files\Spigot, In Quarantäne, [23ca43efe9a245f1376d3cedaa59a35d],
PUP.Optional.Spigot, C:\Program Files\Common Files\Spigot\GC, In Quarantäne, [23ca43efe9a245f1376d3cedaa59a35d],
PUP.Optional.Spigot, C:\Program Files\Common Files\Spigot\Search Settings, In Quarantäne, [23ca43efe9a245f1376d3cedaa59a35d],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Chrome, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Chrome\unzip, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Firefox, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Firefox\chrome, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Firefox\chrome\content, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.Spigot, C:\Documents and Settings\Mang\Local Settings\Application Data\Slick Savings, In Quarantäne, [39b4320038532d09701ca18ecc3710f0],
PUP.Optional.Spigot, C:\Documents and Settings\Mang\Application Data\Slick Savings, In Quarantäne, [6b8244eed1baa096b0de61ce04ff0bf5],

Dateien: 162
PUP.Optional.SearchToolbar, C:\Program Files\Search Toolbar\SearchToolbar.dll, In Quarantäne, [5c91102267244fe77239f1ef689ac937],
PUP.Optional.Spigot, C:\Program Files\Application Updater\ApplicationUpdater(2).exe, In Quarantäne, [35b883af1477bd793af85e6246bb23dd],
Adware.NetPumper, C:\Program Files\WeFi\WeFiToolBarInstaller.exe, In Quarantäne, [5499da58187345f1d38c5dba59a935cb],
PUP.Optional.SearchProtect, C:\Documents and Settings\Mang\Local Settings\Temp\nsj1C5.exe, In Quarantäne, [d31ac2703358ee487c38c2fd61a054ac],
PUP.Optional.SearchProtect, C:\Documents and Settings\Mang\Local Settings\Temp\nsu1C2.exe, In Quarantäne, [8b623002fd8e8bab70449c2342bffd03],
PUP.Optional.SearchProtect, C:\Documents and Settings\Mang\Local Settings\Temp\nsv1BF.exe, In Quarantäne, [46a71e1436553bfbb9fb3689d52c05fb],
PUP.Optional.SearchProtect, C:\Documents and Settings\Mang\Local Settings\Temp\nsy1C8.exe, In Quarantäne, [7578f53d553605318d272e9199681de3],
PUP.Optional.APNToolBar, C:\Documents and Settings\Mang\Local Settings\Temp\Offercast_AVIRAV7_.exe, In Quarantäne, [17d61022afdcbf772bb2cced649d22de],
PUP.Optional.Conduit, C:\Documents and Settings\Mang\Local Settings\Temp\spsetup.exe.vir, In Quarantäne, [6a83ef43e7a414222ead00ba02ff11ef],
PUP.Optional.Conduit, C:\Documents and Settings\Mang\Local Settings\Temp\nsn1BA\spsetup.exe.vir, In Quarantäne, [bc31a88a6e1d0e28c01b3b7f2dd46799],
PUP.Optional.OpenCandy, C:\Documents and Settings\Mang\Local Settings\Temp\rninst~0\ui_data\stubinst_pkg_en-us.cab, In Quarantäne, [9e4ff240513abd79b596a5f630d5cf31],
PUP.Optional.SearchProtect, C:\WINDOWS\Temp\nsb28.exe, In Quarantäne, [4da07db5a1ea66d08e26f0cf59a8b749],
PUP.Optional.SearchProtect, C:\WINDOWS\Temp\nsg2B.exe, In Quarantäne, [e90449e91e6d6fc7efc5704ff110c53b],
PUP.Optional.SearchProtect, C:\WINDOWS\Temp\nsi23.exe, In Quarantäne, [29c4b87a9af1f541ae06853a09f8a65a],
PUP.Optional.SearchProtect, C:\WINDOWS\Temp\nss22.exe, In Quarantäne, [46a73ef49af1989ebdf766598f720af6],
PUP.Optional.ConduitTB.Gen, C:\Program Files\Conduit\Community Alerts\Alert.dll, In Quarantäne, [65884ee48a012d099bed3858f70d2cd4],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\EULA.txt, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\Main\rep\SystemRepository.dat, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\settings.html, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\style.css, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\bubble(2)\bubble.css, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\bubble(2)\bubble.html, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\bubble(2)\bubble.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\bubble(2)\defaults.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\Apply-default.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\Apply-onclick.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\Apply-Rollover.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\bg-with-logo.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\bg.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\bgNotif.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\bgSettings.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\bgUninstall.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\btnBlue.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\btnClose.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\btnSilver.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\checkbox.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\checkbox_checked.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\checkbox_def.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\close-win-def.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\close-win-over-click.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\gray-bg.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\hez-def.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\hez-selected.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\hez.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\icon-win.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\info-icon.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\menu-rollover.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\menu-selected.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\radio-button-def.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\radio-button-selected.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\radio-button.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\radio-button2.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\Settings-icon.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\text-field.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\v.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\x.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\libs(2)\defaults.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\libs(2)\dialogUtils.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\libs(2)\jquery.1.7.1.min.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\libs(2)\json2.min.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\libs(2)\main.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\libs(2)\SPDialogAPI.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\protection(2)\defaults.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\protection(2)\protection.css, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\protection(2)\protection.html, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\protection(2)\protection.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\protectionDS(2)\defaults.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\protectionDS(2)\protectionDS.css, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\protectionDS(2)\protectionDS.html, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\protectionDS(2)\protectionDS.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\settings(2)\defaults.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\settings(2)\settings.css, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\settings(2)\settings.html, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\settings(2)\settings.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\uninstall(2)\defaults.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\uninstall(2)\uninstall.css, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\uninstall(2)\uninstall.html, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\uninstall(2)\uninstall.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe, In Quarantäne, [ad401121f398fe38741a3ef540c337c9],
PUP.Optional.OpenCandy, C:\Documents and Settings\Mang\Application Data\OpenCandy\CFB74D92A14D4AE5B7B354FA8AD79E46\OutfoxTV_bg_silent_180.exe, In Quarantäne, [638a2e04b3d8f83ee6d25f9d8979639d],
PUP.Optional.APNToolBar.Gen, C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\32.5\Toolbar.crx, In Quarantäne, [a548e64c3c4fd561386dba4aa2618779],
PUP.Optional.APNToolBar.Gen, C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork\Toolbar\AVIRA-V7C\Updater\Config\Config.31.6.3.0-4.xml, In Quarantäne, [a548e64c3c4fd561386dba4aa2618779],
PUP.Optional.APNToolBar.Gen, C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork\Toolbar\AVIRA-V7C\Updater\Response\Response.31.6.3.0-0.xml, In Quarantäne, [a548e64c3c4fd561386dba4aa2618779],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\APNSetup.exe, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\searchhook.dll, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\ServiceLocator.exe, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\SO.dll, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\toolbar.dll, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\Toolbar.exe, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\ToolbarPS.dll, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\UpdateManager.exe, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\1031.mst, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\1033.mst, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\1034.mst, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\1036.mst, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\1040.mst, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\1041.mst, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\1043.mst, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\1045.mst, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\1049.mst, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\2070.mst, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\AskToolbarInstaller-12.10.3_AVIRA-V7C.msi, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions\toolbar_AVIRA-V7C@apn.ask.com.xpi, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\ToolbarCR.crx, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\Update.xml, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\{Crx_Version}\Toolbar.crx, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\apnmcp.exe, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\searchhook.dll, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\ServiceLocator.exe, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\SO.dll, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\toolbar.dll, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\Toolbar.exe, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\ToolbarPS.dll, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\toolbar_x64.dll, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\UpdateManager.exe, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\Updater\ask-search.xml, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\Updater\{PartnerID}\config.xml, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport.dll, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport_x64.dll, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\VNT\content.zip, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\VNT\vntldr.exe, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\VNT\vntsrv.dll, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\Updater\ask-search.xml, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\Updater\AVIRA-V7C\config.xml, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.InternetUpdater, C:\Documents and Settings\All Users\Application Data\InternetUpdater\app.dat, In Quarantäne, [13dab280d1ba7cbaeb7932e99271c040],
PUP.Optional.InternetUpdater, C:\Documents and Settings\All Users\Application Data\InternetUpdater\data.dat, In Quarantäne, [13dab280d1ba7cbaeb7932e99271c040],
PUP.Optional.SearchProtect, C:\Documents and Settings\Mang\Local Settings\Application Data\SearchProtect\SearchProtect\rep\UserRepository.dat, In Quarantäne, [6f7e171b385305314c719492d231b14f],
PUP.Optional.SearchProtect, C:\Documents and Settings\Mang\Local Settings\Application Data\SearchProtect\SearchProtect\rep\UserSettings.dat, In Quarantäne, [6f7e171b385305314c719492d231b14f],
PUP.Optional.SearchProtect, C:\Documents and Settings\Mang\Local Settings\Application Data\SearchProtect\UI\rep\UIRepository.dat, In Quarantäne, [6f7e171b385305314c719492d231b14f],
PUP.Optional.Spigot, C:\Program Files\Common Files\Spigot\GC\ErrorAssistant_1.3.crx, In Quarantäne, [23ca43efe9a245f1376d3cedaa59a35d],
PUP.Optional.Spigot, C:\Program Files\Common Files\Spigot\GC\saamazon_1.0.crx, In Quarantäne, [23ca43efe9a245f1376d3cedaa59a35d],
PUP.Optional.Spigot, C:\Program Files\Common Files\Spigot\GC\saebay_1.1.crx.vir, In Quarantäne, [23ca43efe9a245f1376d3cedaa59a35d],
PUP.Optional.Spigot, C:\Program Files\Common Files\Spigot\Search Settings\baidu_ff.xml, In Quarantäne, [23ca43efe9a245f1376d3cedaa59a35d],
PUP.Optional.Spigot, C:\Program Files\Common Files\Spigot\Search Settings\baidu_ie.xml, In Quarantäne, [23ca43efe9a245f1376d3cedaa59a35d],
PUP.Optional.Spigot, C:\Program Files\Common Files\Spigot\Search Settings\searchcom_ff.xml, In Quarantäne, [23ca43efe9a245f1376d3cedaa59a35d],
PUP.Optional.Spigot, C:\Program Files\Common Files\Spigot\Search Settings\searchcom_ie.xml, In Quarantäne, [23ca43efe9a245f1376d3cedaa59a35d],
PUP.Optional.Spigot, C:\Program Files\Common Files\Spigot\Search Settings\yahoo_ff.xml, In Quarantäne, [23ca43efe9a245f1376d3cedaa59a35d],
PUP.Optional.Spigot, C:\Program Files\Common Files\Spigot\Search Settings\yahoo_ie.xml, In Quarantäne, [23ca43efe9a245f1376d3cedaa59a35d],
PUP.Optional.Spigot, C:\Program Files\Common Files\Spigot\Search Settings\yandex_ff.xml, In Quarantäne, [23ca43efe9a245f1376d3cedaa59a35d],
PUP.Optional.Spigot, C:\Program Files\Common Files\Spigot\Search Settings\yandex_ie.xml, In Quarantäne, [23ca43efe9a245f1376d3cedaa59a35d],
PUP.Optional.Spigot, C:\Program Files\Common Files\Spigot\Search Settings\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi.vir, In Quarantäne, [23ca43efe9a245f1376d3cedaa59a35d],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\app.dat, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Chrome\common.crx.vir, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Chrome\unzip\announce.js, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Chrome\unzip\background.html, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Chrome\unzip\common.js.vir, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Chrome\unzip\contentscript.js, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Chrome\unzip\icon.png, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Chrome\unzip\icon128.png, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Chrome\unzip\icon16.png, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Chrome\unzip\icon48.png, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Chrome\unzip\iframecontentscript.js, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Chrome\unzip\manifest.json, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Firefox\install.rdf, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Firefox\chrome\content\main.js, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Firefox\chrome\content\overlay.xul, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.Spigot, C:\Documents and Settings\Mang\Local Settings\Application Data\Slick Savings\coupons.crx.vir, In Quarantäne, [39b4320038532d09701ca18ecc3710f0],
PUP.Optional.Spigot, C:\Documents and Settings\Mang\Application Data\Slick Savings\coupons_2.4.crx.vir, In Quarantäne, [6b8244eed1baa096b0de61ce04ff0bf5],
PUP.Optional.Spigot, C:\Documents and Settings\Mang\Application Data\Slick Savings\coupons_2.9.xpi.vir, In Quarantäne, [6b8244eed1baa096b0de61ce04ff0bf5],

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 10/24/2015
Suchlaufzeit: 5:55:41 PM
Protokolldatei: Desktop.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.09.22.05
Rootkit-Datenbank: v2015.09.18.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows XP Service Pack 3
CPU: x86
Dateisystem: NTFS
Benutzer: Mang

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 387576
Abgelaufene Zeit: 42 Min., 27 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 25
PUP.Optional.SearchToolbar, HKLM\SOFTWARE\CLASSES\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}, In Quarantäne, [5c91102267244fe77239f1ef689ac937],
PUP.Optional.SearchToolbar, HKLM\SOFTWARE\CLASSES\CLSID\{9D425283-D487-4337-BAB6-AB8354A81457}\INPROCSERVER32, In Quarantäne, [5c91102267244fe77239f1ef689ac937],
PUP.Optional.SearchToolbar, HKLM\SOFTWARE\CLASSES\SearchToolbarLib.CSearchToolbarImpl.1, In Quarantäne, [5c91102267244fe77239f1ef689ac937],
PUP.Optional.SearchToolbar, HKLM\SOFTWARE\CLASSES\SearchToolbarLib.CSearchToolbarImpl, In Quarantäne, [5c91102267244fe77239f1ef689ac937],
PUP.Optional.SearchToolbar, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{9D425283-D487-4337-BAB6-AB8354A81457}, In Quarantäne, [5c91102267244fe77239f1ef689ac937],
PUP.Optional.SearchToolbar, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{9D425283-D487-4337-BAB6-AB8354A81457}, In Quarantäne, [5c91102267244fe77239f1ef689ac937],
PUP.Optional.SearchToolbar, HKU\S-1-5-21-2802971340-371014867-2627472942-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{9D425283-D487-4337-BAB6-AB8354A81457}, In Quarantäne, [5c91102267244fe77239f1ef689ac937],
PUP.Optional.SearchToolbar, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{9D425283-D487-4337-BAB6-AB8354A81457}, In Quarantäne, [5c91102267244fe77239f1ef689ac937],
PUP.Optional.SearchToolbar, HKU\S-1-5-21-2802971340-371014867-2627472942-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{9D425283-D487-4337-BAB6-AB8354A81457}, In Quarantäne, [5c91102267244fe77239f1ef689ac937],
PUP.Optional.Babylon, HKU\S-1-5-21-2802971340-371014867-2627472942-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, In Quarantäne, [40adcf638ffcbb7b4b4a895bc1419868],
PUP.Optional.SpeedTest, HKU\S-1-5-21-2802971340-371014867-2627472942-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}, In Quarantäne, [a04d0f23503b9c9a0c1137b546bc718f],
PUP.Optional.SpeedTest, HKU\S-1-5-21-2802971340-371014867-2627472942-1005\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{11C8C9C0-D918-44C0-8B5E-D297DA42F2C7}, In Quarantäne, [a04d0f23503b9c9a0c1137b546bc718f],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\AskPartnerNetwork, In Quarantäne, [c924f141dab12f07dbb18fa463a015eb],
Rogue.ErrorFix, HKLM\SOFTWARE\ErrorFix, In Quarantäne, [a845240ea5e6270f555a10b6ce35f20e],
PUP.Optional.MyFreeze, HKLM\SOFTWARE\Freeze.com, In Quarantäne, [c924d062bdce15215849ad007391ed13],
PUP.Optional.ASK.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{41564952-412D-5637-4300-A758B70C0A03}, In Quarantäne, [ac4157db4c3fce68a400e5ea5ea6bb45],
PUP.Optional.APNToolBar.Gen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\APNMCP, In Quarantäne, [ad401121f398fe38741a3ef540c337c9],
PUP.Optional.APNToolBar.Gen, HKU\S-1-5-21-2802971340-371014867-2627472942-1005\SOFTWARE\AskPartnerNetwork, In Quarantäne, [ba33d9596724ad895c2f91a2f0137c84],
Rogue.ErrorFix, HKU\S-1-5-21-2802971340-371014867-2627472942-1005\SOFTWARE\ErrorFix, In Quarantäne, [a84535fd6c1f51e5dadd1f9ab44fe51b],
PUP.Optional.InstallIQ, HKU\S-1-5-21-2802971340-371014867-2627472942-1005\SOFTWARE\W3I\InstallIQUpdater, In Quarantäne, [44a92f03fd8ef244efd944ff0ef5fe02],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\CLSID\{D8278076-BC68-4484-9233-6E7F1628B56C}, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\TYPELIB\{EEA63863-87BC-4DCA-A5B5-EB97E3B04806}, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\INTERFACE\{80703783-E415-4EE3-AB60-D36981C5A6F1}, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\CLSID\{80703783-E415-4EE3-AB60-D36981C5A6F1}, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, HKLM\SOFTWARE\CLASSES\CLSID\{41564952-412D-5637-4300-7A786E7484D7}, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],

Registrierungswerte: 6
PUP.Optional.SearchToolbar, HKU\S-1-5-21-2802971340-371014867-2627472942-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{9D425283-D487-4337-BAB6-AB8354A81457}, ƒRB‡Ô7Cº¶«ƒT¨ W, In Quarantäne, [5c91102267244fe77239f1ef689ac937]
PUP.Optional.SearchToolbar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{9D425283-D487-4337-BAB6-AB8354A81457}, Search Toolbar, In Quarantäne, [5c91102267244fe77239f1ef689ac937]
PUP.Optional.SearchToolbar, HKU\S-1-5-21-2802971340-371014867-2627472942-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{9D425283-D487-4337-BAB6-AB8354A81457}, In Quarantäne, [effe79b9414ade58595201df8f737789],
PUP.Optional.SearchToolbar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{9D425283-D487-4337-BAB6-AB8354A81457}, In Quarantäne, [a44953dfb6d582b42784934de121c937],
PUP.Optional.ASK.Gen, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{41564952-412D-5637-4300-A758B70C0A03}|InstallSource, C:\Documents and Settings\All Users\Application Data\APN\APN-Stub\AVIRA-V7C\, In Quarantäne, [ac4157db4c3fce68a400e5ea5ea6bb45]
PUP.Optional.Babylon, HKU\S-1-5-21-2802971340-371014867-2627472942-1005\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|URL, hxxp://search.babylon.com/web/{searchTerms}?babsrc=browsersearch, In Quarantäne, [39b4aa88d4b7cd6965d17a0ea85c58a8]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 79
PUP.Optional.ConduitTB.Gen, C:\Program Files\Conduit\Community Alerts, In Quarantäne, [65884ee48a012d099bed3858f70d2cd4],
PUP.Optional.ConduitTB.Gen, C:\Program Files\Conduit, In Quarantäne, [65884ee48a012d099bed3858f70d2cd4],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\Main, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\Main\bin, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\Main\rep, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2), In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2), In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\bubble(2), In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2), In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\libs(2), In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\protection(2), In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\protectionDS(2), In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\settings(2), In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\uninstall(2), In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
Rogue.ErrorFix, C:\Documents and Settings\Mang\Application Data\ErrorFix, In Quarantäne, [d51843eff29960d6607636b80af836ca],
Rogue.ErrorFix, C:\Documents and Settings\Mang\Application Data\ErrorFix\Logs, In Quarantäne, [d51843eff29960d6607636b80af836ca],
Rogue.ErrorFix, C:\Documents and Settings\Mang\Application Data\ErrorFix\QuarantineW, In Quarantäne, [d51843eff29960d6607636b80af836ca],
Rogue.ErrorFix, C:\Documents and Settings\Mang\Application Data\ErrorFix\QuarantineW\2009-04-03 12-30-340, In Quarantäne, [d51843eff29960d6607636b80af836ca],
Rogue.ErrorFix, C:\Documents and Settings\Mang\Application Data\ErrorFix\Results, In Quarantäne, [d51843eff29960d6607636b80af836ca],
Rogue.Spyware.Remover, C:\Documents and Settings\Mang\Application Data\SpywareRemover, In Quarantäne, [b835230f088357df1a7521ce53af50b0],
Rogue.Spyware.Remover, C:\Documents and Settings\Mang\Application Data\SpywareRemover\Log, In Quarantäne, [b835230f088357df1a7521ce53af50b0],
Rogue.Spyware.Remover, C:\Documents and Settings\Mang\Application Data\SpywareRemover\Quarantine, In Quarantäne, [b835230f088357df1a7521ce53af50b0],
Rogue.Spyware.Remover, C:\Documents and Settings\Mang\Application Data\SpywareRemover\Registry Backups, In Quarantäne, [b835230f088357df1a7521ce53af50b0],
Rogue.Spyware.Remover, C:\Documents and Settings\Mang\Application Data\SpywareRemover\Settings, In Quarantäne, [b835230f088357df1a7521ce53af50b0],
PUP.Optional.OpenCandy, C:\Documents and Settings\Mang\Application Data\OpenCandy, In Quarantäne, [638a2e04b3d8f83ee6d25f9d8979639d],
PUP.Optional.OpenCandy, C:\Documents and Settings\Mang\Application Data\OpenCandy\CFB74D92A14D4AE5B7B354FA8AD79E46, In Quarantäne, [638a2e04b3d8f83ee6d25f9d8979639d],
PUP.Optional.APNToolBar.Gen, C:\Documents and Settings\All Users\Application Data\APN\APN-Stub, In Quarantäne, [09e471c10e7d3cfa9311788ce3207b85],
PUP.Optional.APNToolBar.Gen, C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork, In Quarantäne, [a548e64c3c4fd561386dba4aa2618779],
PUP.Optional.APNToolBar.Gen, C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork\Toolbar, In Quarantäne, [a548e64c3c4fd561386dba4aa2618779],
PUP.Optional.APNToolBar.Gen, C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork\Toolbar\AVIRA-V7C, In Quarantäne, [a548e64c3c4fd561386dba4aa2618779],
PUP.Optional.APNToolBar.Gen, C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX, In Quarantäne, [a548e64c3c4fd561386dba4aa2618779],
PUP.Optional.APNToolBar.Gen, C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\32.5, In Quarantäne, [a548e64c3c4fd561386dba4aa2618779],
PUP.Optional.APNToolBar.Gen, C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork\Toolbar\AVIRA-V7C\Updater, In Quarantäne, [a548e64c3c4fd561386dba4aa2618779],
PUP.Optional.APNToolBar.Gen, C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork\Toolbar\AVIRA-V7C\Updater\Config, In Quarantäne, [a548e64c3c4fd561386dba4aa2618779],
PUP.Optional.APNToolBar.Gen, C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork\Toolbar\AVIRA-V7C\Updater\Response, In Quarantäne, [a548e64c3c4fd561386dba4aa2618779],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\appdata, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\appdata\Mozilla, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\appdata\Mozilla\Firefox, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\appdata\Mozilla\Firefox\Profiles, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\common appdata, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\common appdata\AskPartnerNetwork, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\common appdata\AskPartnerNetwork\Toolbar, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\{Crx_Version}, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\Updater, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\Updater\{PartnerID}, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\VNT, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\Updater, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\Updater\AVIRA-V7C, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.InternetUpdater, C:\Documents and Settings\All Users\Application Data\InternetUpdater, In Quarantäne, [13dab280d1ba7cbaeb7932e99271c040],
PUP.Optional.SearchProtect, C:\Documents and Settings\Mang\Local Settings\Application Data\SearchProtect, In Quarantäne, [6f7e171b385305314c719492d231b14f],
PUP.Optional.SearchProtect, C:\Documents and Settings\Mang\Local Settings\Application Data\SearchProtect\SearchProtect, In Quarantäne, [6f7e171b385305314c719492d231b14f],
PUP.Optional.SearchProtect, C:\Documents and Settings\Mang\Local Settings\Application Data\SearchProtect\SearchProtect\rep, In Quarantäne, [6f7e171b385305314c719492d231b14f],
PUP.Optional.SearchProtect, C:\Documents and Settings\Mang\Local Settings\Application Data\SearchProtect\UI, In Quarantäne, [6f7e171b385305314c719492d231b14f],
PUP.Optional.SearchProtect, C:\Documents and Settings\Mang\Local Settings\Application Data\SearchProtect\UI\rep, In Quarantäne, [6f7e171b385305314c719492d231b14f],
PUP.Optional.Spigot, C:\Program Files\Common Files\Spigot, In Quarantäne, [23ca43efe9a245f1376d3cedaa59a35d],
PUP.Optional.Spigot, C:\Program Files\Common Files\Spigot\GC, In Quarantäne, [23ca43efe9a245f1376d3cedaa59a35d],
PUP.Optional.Spigot, C:\Program Files\Common Files\Spigot\Search Settings, In Quarantäne, [23ca43efe9a245f1376d3cedaa59a35d],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Chrome, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Chrome\unzip, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Firefox, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Firefox\chrome, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Firefox\chrome\content, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.Spigot, C:\Documents and Settings\Mang\Local Settings\Application Data\Slick Savings, In Quarantäne, [39b4320038532d09701ca18ecc3710f0],
PUP.Optional.Spigot, C:\Documents and Settings\Mang\Application Data\Slick Savings, In Quarantäne, [6b8244eed1baa096b0de61ce04ff0bf5],

Dateien: 162
PUP.Optional.SearchToolbar, C:\Program Files\Search Toolbar\SearchToolbar.dll, In Quarantäne, [5c91102267244fe77239f1ef689ac937],
PUP.Optional.Spigot, C:\Program Files\Application Updater\ApplicationUpdater(2).exe, In Quarantäne, [35b883af1477bd793af85e6246bb23dd],
Adware.NetPumper, C:\Program Files\WeFi\WeFiToolBarInstaller.exe, In Quarantäne, [5499da58187345f1d38c5dba59a935cb],
PUP.Optional.SearchProtect, C:\Documents and Settings\Mang\Local Settings\Temp\nsj1C5.exe, In Quarantäne, [d31ac2703358ee487c38c2fd61a054ac],
PUP.Optional.SearchProtect, C:\Documents and Settings\Mang\Local Settings\Temp\nsu1C2.exe, In Quarantäne, [8b623002fd8e8bab70449c2342bffd03],
PUP.Optional.SearchProtect, C:\Documents and Settings\Mang\Local Settings\Temp\nsv1BF.exe, In Quarantäne, [46a71e1436553bfbb9fb3689d52c05fb],
PUP.Optional.SearchProtect, C:\Documents and Settings\Mang\Local Settings\Temp\nsy1C8.exe, In Quarantäne, [7578f53d553605318d272e9199681de3],
PUP.Optional.APNToolBar, C:\Documents and Settings\Mang\Local Settings\Temp\Offercast_AVIRAV7_.exe, In Quarantäne, [17d61022afdcbf772bb2cced649d22de],
PUP.Optional.Conduit, C:\Documents and Settings\Mang\Local Settings\Temp\spsetup.exe.vir, In Quarantäne, [6a83ef43e7a414222ead00ba02ff11ef],
PUP.Optional.Conduit, C:\Documents and Settings\Mang\Local Settings\Temp\nsn1BA\spsetup.exe.vir, In Quarantäne, [bc31a88a6e1d0e28c01b3b7f2dd46799],
PUP.Optional.OpenCandy, C:\Documents and Settings\Mang\Local Settings\Temp\rninst~0\ui_data\stubinst_pkg_en-us.cab, In Quarantäne, [9e4ff240513abd79b596a5f630d5cf31],
PUP.Optional.SearchProtect, C:\WINDOWS\Temp\nsb28.exe, In Quarantäne, [4da07db5a1ea66d08e26f0cf59a8b749],
PUP.Optional.SearchProtect, C:\WINDOWS\Temp\nsg2B.exe, In Quarantäne, [e90449e91e6d6fc7efc5704ff110c53b],
PUP.Optional.SearchProtect, C:\WINDOWS\Temp\nsi23.exe, In Quarantäne, [29c4b87a9af1f541ae06853a09f8a65a],
PUP.Optional.SearchProtect, C:\WINDOWS\Temp\nss22.exe, In Quarantäne, [46a73ef49af1989ebdf766598f720af6],
PUP.Optional.ConduitTB.Gen, C:\Program Files\Conduit\Community Alerts\Alert.dll, In Quarantäne, [65884ee48a012d099bed3858f70d2cd4],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\EULA.txt, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\Main\rep\SystemRepository.dat, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\settings.html, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\style.css, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\bubble(2)\bubble.css, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\bubble(2)\bubble.html, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\bubble(2)\bubble.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\bubble(2)\defaults.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\Apply-default.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\Apply-onclick.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\Apply-Rollover.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\bg-with-logo.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\bg.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\bgNotif.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\bgSettings.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\bgUninstall.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\btnBlue.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\btnClose.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\btnSilver.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\checkbox.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\checkbox_checked.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\checkbox_def.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\close-win-def.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\close-win-over-click.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\gray-bg.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\hez-def.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\hez-selected.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\hez.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\icon-win.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\info-icon.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\menu-rollover.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\menu-selected.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\radio-button-def.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\radio-button-selected.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\radio-button.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\radio-button2.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\Settings-icon.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\text-field.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\v.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\Images(2)\x.png, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\libs(2)\defaults.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\libs(2)\dialogUtils.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\libs(2)\jquery.1.7.1.min.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\libs(2)\json2.min.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\libs(2)\main.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\libs(2)\SPDialogAPI.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\protection(2)\defaults.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\protection(2)\protection.css, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\protection(2)\protection.html, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\protection(2)\protection.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\protectionDS(2)\defaults.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\protectionDS(2)\protectionDS.css, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\protectionDS(2)\protectionDS.html, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\protectionDS(2)\protectionDS.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\settings(2)\defaults.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\settings(2)\settings.css, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\settings(2)\settings.html, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\settings(2)\settings.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\uninstall(2)\defaults.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\uninstall(2)\uninstall.css, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\uninstall(2)\uninstall.html, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.SearchProtect, C:\Program Files\SearchProtect\UI(2)\dialogs(2)\uninstall(2)\uninstall.js, In Quarantäne, [21cc6ec4fb90181e3df47b3e7292738d],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe, In Quarantäne, [ad401121f398fe38741a3ef540c337c9],
PUP.Optional.OpenCandy, C:\Documents and Settings\Mang\Application Data\OpenCandy\CFB74D92A14D4AE5B7B354FA8AD79E46\OutfoxTV_bg_silent_180.exe, In Quarantäne, [638a2e04b3d8f83ee6d25f9d8979639d],
PUP.Optional.APNToolBar.Gen, C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork\Toolbar\AVIRA-V7C\CRX\32.5\Toolbar.crx, In Quarantäne, [a548e64c3c4fd561386dba4aa2618779],
PUP.Optional.APNToolBar.Gen, C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork\Toolbar\AVIRA-V7C\Updater\Config\Config.31.6.3.0-4.xml, In Quarantäne, [a548e64c3c4fd561386dba4aa2618779],
PUP.Optional.APNToolBar.Gen, C:\Documents and Settings\All Users\Application Data\AskPartnerNetwork\Toolbar\AVIRA-V7C\Updater\Response\Response.31.6.3.0-0.xml, In Quarantäne, [a548e64c3c4fd561386dba4aa2618779],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\APNSetup.exe, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\searchhook.dll, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\ServiceLocator.exe, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\SO.dll, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\toolbar.dll, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\Toolbar.exe, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\ToolbarPS.dll, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\UpdateManager.exe, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Passport.dll, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\1031.mst, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\1033.mst, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\1034.mst, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\1036.mst, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\1040.mst, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\1041.mst, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\1043.mst, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\1045.mst, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\1049.mst, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\2070.mst, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\AskToolbarInstaller-12.10.3_AVIRA-V7C.msi, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\appdata\Mozilla\Firefox\Profiles\{DefaultProfilesFolder}\extensions\toolbar_AVIRA-V7C@apn.ask.com.xpi, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\ToolbarCR.crx, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\Update.xml, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\common appdata\AskPartnerNetwork\Toolbar\{PartnerID}\CRX\{Crx_Version}\Toolbar.crx, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\apnmcp.exe, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\searchhook.dll, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\ServiceLocator.exe, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\SO.dll, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\toolbar.dll, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\Toolbar.exe, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\ToolbarPS.dll, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\toolbar_x64.dll, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\UpdateManager.exe, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\Updater\ask-search.xml, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\Updater\{PartnerID}\config.xml, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport.dll, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\AskPartnerNetwork\Toolbar\{PartnerID}\Passport_x64.dll, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\VNT\content.zip, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\VNT\vntldr.exe, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\AVIRA-V7C\Source\program files\VNT\vntsrv.dll, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\Updater\ask-search.xml, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.APNToolBar.Gen, C:\Program Files\AskPartnerNetwork\Toolbar\Updater\AVIRA-V7C\config.xml, In Quarantäne, [d51863cf22691422c0e73ec69c67669a],
PUP.Optional.InternetUpdater, C:\Documents and Settings\All Users\Application Data\InternetUpdater\app.dat, In Quarantäne, [13dab280d1ba7cbaeb7932e99271c040],
PUP.Optional.InternetUpdater, C:\Documents and Settings\All Users\Application Data\InternetUpdater\data.dat, In Quarantäne, [13dab280d1ba7cbaeb7932e99271c040],
PUP.Optional.SearchProtect, C:\Documents and Settings\Mang\Local Settings\Application Data\SearchProtect\SearchProtect\rep\UserRepository.dat, In Quarantäne, [6f7e171b385305314c719492d231b14f],
PUP.Optional.SearchProtect, C:\Documents and Settings\Mang\Local Settings\Application Data\SearchProtect\SearchProtect\rep\UserSettings.dat, In Quarantäne, [6f7e171b385305314c719492d231b14f],
PUP.Optional.SearchProtect, C:\Documents and Settings\Mang\Local Settings\Application Data\SearchProtect\UI\rep\UIRepository.dat, In Quarantäne, [6f7e171b385305314c719492d231b14f],
PUP.Optional.Spigot, C:\Program Files\Common Files\Spigot\GC\ErrorAssistant_1.3.crx, In Quarantäne, [23ca43efe9a245f1376d3cedaa59a35d],
PUP.Optional.Spigot, C:\Program Files\Common Files\Spigot\GC\saamazon_1.0.crx, In Quarantäne, [23ca43efe9a245f1376d3cedaa59a35d],
PUP.Optional.Spigot, C:\Program Files\Common Files\Spigot\GC\saebay_1.1.crx.vir, In Quarantäne, [23ca43efe9a245f1376d3cedaa59a35d],
PUP.Optional.Spigot, C:\Program Files\Common Files\Spigot\Search Settings\baidu_ff.xml, In Quarantäne, [23ca43efe9a245f1376d3cedaa59a35d],
PUP.Optional.Spigot, C:\Program Files\Common Files\Spigot\Search Settings\baidu_ie.xml, In Quarantäne, [23ca43efe9a245f1376d3cedaa59a35d],
PUP.Optional.Spigot, C:\Program Files\Common Files\Spigot\Search Settings\searchcom_ff.xml, In Quarantäne, [23ca43efe9a245f1376d3cedaa59a35d],
PUP.Optional.Spigot, C:\Program Files\Common Files\Spigot\Search Settings\searchcom_ie.xml, In Quarantäne, [23ca43efe9a245f1376d3cedaa59a35d],
PUP.Optional.Spigot, C:\Program Files\Common Files\Spigot\Search Settings\yahoo_ff.xml, In Quarantäne, [23ca43efe9a245f1376d3cedaa59a35d],
PUP.Optional.Spigot, C:\Program Files\Common Files\Spigot\Search Settings\yahoo_ie.xml, In Quarantäne, [23ca43efe9a245f1376d3cedaa59a35d],
PUP.Optional.Spigot, C:\Program Files\Common Files\Spigot\Search Settings\yandex_ff.xml, In Quarantäne, [23ca43efe9a245f1376d3cedaa59a35d],
PUP.Optional.Spigot, C:\Program Files\Common Files\Spigot\Search Settings\yandex_ie.xml, In Quarantäne, [23ca43efe9a245f1376d3cedaa59a35d],
PUP.Optional.Spigot, C:\Program Files\Common Files\Spigot\Search Settings\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi.vir, In Quarantäne, [23ca43efe9a245f1376d3cedaa59a35d],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\app.dat, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Chrome\common.crx.vir, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Chrome\unzip\announce.js, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Chrome\unzip\background.html, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Chrome\unzip\common.js.vir, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Chrome\unzip\contentscript.js, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Chrome\unzip\icon.png, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Chrome\unzip\icon128.png, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Chrome\unzip\icon16.png, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Chrome\unzip\icon48.png, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Chrome\unzip\iframecontentscript.js, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Chrome\unzip\manifest.json, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Firefox\install.rdf, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Firefox\chrome\content\main.js, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.WebSteroids, C:\Documents and Settings\All Users\Application Data\Websteroids\Firefox\chrome\content\overlay.xul, In Quarantäne, [8b62ed4556351d19437bbb72de2552ae],
PUP.Optional.Spigot, C:\Documents and Settings\Mang\Local Settings\Application Data\Slick Savings\coupons.crx.vir, In Quarantäne, [39b4320038532d09701ca18ecc3710f0],
PUP.Optional.Spigot, C:\Documents and Settings\Mang\Application Data\Slick Savings\coupons_2.4.crx.vir, In Quarantäne, [6b8244eed1baa096b0de61ce04ff0bf5],
PUP.Optional.Spigot, C:\Documents and Settings\Mang\Application Data\Slick Savings\coupons_2.9.xpi.vir, In Quarantäne, [6b8244eed1baa096b0de61ce04ff0bf5],

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

Alt 25.10.2015, 11:15   #12
Golfplayer85
 
InstallBrain5BA in C:\Windows\System\32\   = gesichert, MalSign.OpenCandy.7AF...  C:\Documentsand Settin....  = gesichert, Trojaner : Crypt - Standard

InstallBrain5BA in C:\Windows\System\32\ = gesichert, MalSign.OpenCandy.7AF... C:\Documentsand Settin.... = gesichert, Trojaner : Crypt



AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v5.014 - Logfile created 25/10/2015 at 10:46:45
# Updated 18/10/2015 by Xplode
# Database : 2015-10-18.5 [Local]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Mang - OTTO
# Running from : E:\AdwCleaner_5.014.exe
# Option : Cleaning
# Support : Forum - ToolsLib

***** [ Services ] *****

[-] Service Deleted : vToolbarUpdater18.8.0

***** [ Folders ] *****

[-] Folder Deleted : C:\DOCUME~1\Mang\LOCALS~1\Temp\apn
[-] Folder Deleted : C:\DOCUME~1\Mang\LOCALS~1\Temp\PC Performer
[-] Folder Deleted : C:\DOCUME~1\Mang\LOCALS~1\Temp\FileViewPro
[-] Folder Deleted : C:\Documents and Settings\All Users\Application Data\apn
[-] Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[-] Folder Deleted : C:\Documents and Settings\All Users\Application Data\Babylon
[-] Folder Deleted : C:\Documents and Settings\All Users\Application Data\SecTaskMan
[-] Folder Deleted : C:\Documents and Settings\All Users\Application Data\simplitec
[-] Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
[-] Folder Deleted : C:\Documents and Settings\All Users\Application Data\w3i
[-] Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\FileViewPro
[-] Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\myfree codec
[-] Folder Deleted : C:\Documents and Settings\Mang\Application Data\AVG Secure Search
[-] Folder Deleted : C:\Documents and Settings\Mang\Application Data\Babylon
[-] Folder Deleted : C:\Documents and Settings\Mang\Application Data\PerformerSoft
[-] Folder Deleted : C:\Documents and Settings\Mang\Application Data\simplitec
[-] Folder Deleted : C:\Documents and Settings\Mang\Application Data\Systweak
[-] Folder Deleted : C:\Documents and Settings\Mang\Application Data\Uniblue
[-] Folder Deleted : C:\Documents and Settings\Mang\Local Settings\Application Data\AVG Secure Search
[-] Folder Deleted : C:\Documents and Settings\Mang\Local Settings\Application Data\Babylon
[-] Folder Deleted : C:\Documents and Settings\Mang\Local Settings\Application Data\Conduit
[-] Folder Deleted : C:\Program Files\Application Updater
[-] Folder Deleted : C:\Program Files\AskBarDis
[-] Folder Deleted : C:\Program Files\AVG Secure Search
[-] Folder Deleted : C:\Program Files\Babylon
[-] Folder Deleted : C:\Program Files\IObit Apps Toolbar
[-] Folder Deleted : C:\Program Files\Search Toolbar
[-] Folder Deleted : C:\Program Files\Viewpoint
[-] Folder Deleted : C:\Program Files\w3i
[-] Folder Deleted : C:\Program Files\FileViewPro
[-] Folder Deleted : C:\Program Files\Ascentive
[-] Folder Deleted : C:\Program Files\Yahoo!\Companion
[-] Folder Deleted : C:\Program Files\myfree codec
[-] Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
[-] Folder Deleted : C:\Program Files\Common Files\download Manager

***** [ Files ] *****

[-] File Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\Babylon.lnk
[-] File Deleted : C:\Documents and Settings\Mang\Application Data\Microsoft\Internet Explorer\Quick Launch\Babylon.lnk
[-] File Deleted : C:\Documents and Settings\Mang\Desktop\Babylon.lnk

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Microsoft\Office\Powerpoint\Addins\babylonofficeaddin.officeaddin
[-] Key Deleted : HKCU\Software\Microsoft\Office\Word\Addins\babylonofficeaddin.officeaddin
[-] Key Deleted : HKLM\SOFTWARE\Classes\.bdc
[-] Key Deleted : HKLM\SOFTWARE\Classes\.bgl
[-] Key Deleted : HKLM\SOFTWARE\Classes\.bof
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonIEPI.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
[-] Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
[-] Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\BabyDict
[-] Key Deleted : HKLM\SOFTWARE\Classes\BabyGloss
[-] Key Deleted : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin
[-] Key Deleted : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\BabyOptFile
[-] Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
[-] Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
[-] Key Deleted : HKLM\SOFTWARE\Classes\S
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.fh_hookeventsink
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.fh_hookeventsink.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.pm_dialogeventshandler
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.pm_dialogeventshandler.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.pm_launcher
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.pm_launcher.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.pm_printmanager
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.pm_printmanager.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.pr_printdialogcallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.pr_printdialogcallback.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.tbtoolband
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.tbtoolband.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.useroptions
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.useroptions.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
[-] Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Babylon.exe
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Babylon Client]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ask.com
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{327C2873-E90D-4C37-AA9D-10AC9BABA46C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6AC0BB10-C922-45E2-857D-2A368FE749E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B7EA2226-F876-4BE4-B478-76EBAE2A668A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD125908-5F10-409F-9C01-F2207CA18887}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A1489C85-4F6F-48C4-AC9E-18B63AF4703E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F310F027-15CB-4A7F-B10D-3A4AFB5013A5}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{327C2873-E90D-4C37-AA9D-10AC9BABA46C}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{327C2873-E90D-4C37-AA9D-10AC9BABA46C}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{327C2873-E90D-4C37-AA9D-10AC9BABA46C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CB65201-89C4-402C-BA80-02D8C59F9B1D}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CB65206-89C4-402C-BA80-02D8C59F9B1D}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063DB1-4EC0-403E-8DD8-394C54984B2C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063DB9-4EC0-403E-8DD8-394C54984B2C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{327C2873-E90D-4C37-AA9D-10AC9BABA46C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{327C2873-E90D-4C37-AA9D-10AC9BABA46C}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
[-] Value Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
[-] Key Deleted : HKU\.DEFAULT\Software\AVG Secure Search
[-] Key Deleted : HKCU\Software\AVG Secure Search
[-] Key Deleted : HKCU\Software\Babylon
[-] Key Deleted : HKCU\Software\IM
[-] Key Deleted : HKCU\Software\ImInstaller
[-] Key Deleted : HKCU\Software\Myfree Codec
[-] Key Deleted : HKCU\Software\YahooPartnerToolbar
[-] Key Deleted : HKCU\Software\Zugo
[-] Key Deleted : HKCU\Software\W3I
[-] Key Deleted : HKCU\Software\Yahoo\Companion
[-] Key Deleted : HKCU\Software\Yahoo\YFriendsBar
[-] Key Deleted : HKLM\SOFTWARE\AVG Secure Search
[-] Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Babylon
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\ImInstaller
[-] Key Deleted : HKLM\SOFTWARE\MetaStream
[-] Key Deleted : HKLM\SOFTWARE\Myfree Codec
[-] Key Deleted : HKLM\SOFTWARE\systweak
[-] Key Deleted : HKLM\SOFTWARE\Viewpoint
[-] Key Deleted : HKLM\SOFTWARE\W3I
[-] Key Deleted : HKLM\SOFTWARE\Yahoo\Companion
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{739126B3-1B80-4F9F-8D59-312A19633E1A}_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Babylon
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyFreeCodec
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{739126B3-1B80-4F9F-8D59-312A19633E1A}_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Babylon
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : HKU\S-1-5-21-2802971340-371014867-2627472942-1005\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[!] Key Not Deleted : HKU\S-1-5-21-2802971340-371014867-2627472942-1005\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}

***** [ Web browsers ] *****


*************************

:: Proxy settings cleared
:: Winsock settings cleared
:: Chrome policies deleted

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [21554 bytes] ##########
         
--- --- ---


AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v5.014 - Logfile created 25/10/2015 at 10:46:45
# Updated 18/10/2015 by Xplode
# Database : 2015-10-18.5 [Local]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : Mang - OTTO
# Running from : E:\AdwCleaner_5.014.exe
# Option : Cleaning
# Support : Forum - ToolsLib

***** [ Services ] *****

[-] Service Deleted : vToolbarUpdater18.8.0

***** [ Folders ] *****

[-] Folder Deleted : C:\DOCUME~1\Mang\LOCALS~1\Temp\apn
[-] Folder Deleted : C:\DOCUME~1\Mang\LOCALS~1\Temp\PC Performer
[-] Folder Deleted : C:\DOCUME~1\Mang\LOCALS~1\Temp\FileViewPro
[-] Folder Deleted : C:\Documents and Settings\All Users\Application Data\apn
[-] Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Secure Search
[-] Folder Deleted : C:\Documents and Settings\All Users\Application Data\Babylon
[-] Folder Deleted : C:\Documents and Settings\All Users\Application Data\SecTaskMan
[-] Folder Deleted : C:\Documents and Settings\All Users\Application Data\simplitec
[-] Folder Deleted : C:\Documents and Settings\All Users\Application Data\Viewpoint
[-] Folder Deleted : C:\Documents and Settings\All Users\Application Data\w3i
[-] Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\FileViewPro
[-] Folder Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\myfree codec
[-] Folder Deleted : C:\Documents and Settings\Mang\Application Data\AVG Secure Search
[-] Folder Deleted : C:\Documents and Settings\Mang\Application Data\Babylon
[-] Folder Deleted : C:\Documents and Settings\Mang\Application Data\PerformerSoft
[-] Folder Deleted : C:\Documents and Settings\Mang\Application Data\simplitec
[-] Folder Deleted : C:\Documents and Settings\Mang\Application Data\Systweak
[-] Folder Deleted : C:\Documents and Settings\Mang\Application Data\Uniblue
[-] Folder Deleted : C:\Documents and Settings\Mang\Local Settings\Application Data\AVG Secure Search
[-] Folder Deleted : C:\Documents and Settings\Mang\Local Settings\Application Data\Babylon
[-] Folder Deleted : C:\Documents and Settings\Mang\Local Settings\Application Data\Conduit
[-] Folder Deleted : C:\Program Files\Application Updater
[-] Folder Deleted : C:\Program Files\AskBarDis
[-] Folder Deleted : C:\Program Files\AVG Secure Search
[-] Folder Deleted : C:\Program Files\Babylon
[-] Folder Deleted : C:\Program Files\IObit Apps Toolbar
[-] Folder Deleted : C:\Program Files\Search Toolbar
[-] Folder Deleted : C:\Program Files\Viewpoint
[-] Folder Deleted : C:\Program Files\w3i
[-] Folder Deleted : C:\Program Files\FileViewPro
[-] Folder Deleted : C:\Program Files\Ascentive
[-] Folder Deleted : C:\Program Files\Yahoo!\Companion
[-] Folder Deleted : C:\Program Files\myfree codec
[-] Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
[-] Folder Deleted : C:\Program Files\Common Files\download Manager

***** [ Files ] *****

[-] File Deleted : C:\Documents and Settings\All Users\Start Menu\Programs\Babylon.lnk
[-] File Deleted : C:\Documents and Settings\Mang\Application Data\Microsoft\Internet Explorer\Quick Launch\Babylon.lnk
[-] File Deleted : C:\Documents and Settings\Mang\Desktop\Babylon.lnk

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****


***** [ Registry ] *****

[-] Key Deleted : HKCU\Software\Microsoft\Office\Powerpoint\Addins\babylonofficeaddin.officeaddin
[-] Key Deleted : HKCU\Software\Microsoft\Office\Word\Addins\babylonofficeaddin.officeaddin
[-] Key Deleted : HKLM\SOFTWARE\Classes\.bdc
[-] Key Deleted : HKLM\SOFTWARE\Classes\.bgl
[-] Key Deleted : HKLM\SOFTWARE\Classes\.bof
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonIEPI.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
[-] Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl
[-] Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtl.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary
[-] Key Deleted : HKLM\SOFTWARE\Classes\AxMetaStream.MetaStreamCtlSecondary.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\BabyDict
[-] Key Deleted : HKLM\SOFTWARE\Classes\BabyGloss
[-] Key Deleted : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin
[-] Key Deleted : HKLM\SOFTWARE\Classes\BabylonOfficeAddin.OfficeAddin.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\BabyOptFile
[-] Key Deleted : HKLM\SOFTWARE\Classes\IMsiDe1egate.Application.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
[-] Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
[-] Key Deleted : HKLM\SOFTWARE\Classes\S
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
[-] Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.eb_explorerbar.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.fh_hookeventsink
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.fh_hookeventsink.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.ipm_printlistitem.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.pm_dialogeventshandler
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.pm_dialogeventshandler.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.pm_launcher
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.pm_launcher.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.pm_printmanager
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.pm_printmanager.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.pr_bindstatuscallback.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.pr_cancelbuttoneventhandler.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.pr_printdialogcallback
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.pr_printdialogcallback.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.tbtoolband
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.tbtoolband.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.useroptions
[-] Key Deleted : HKLM\SOFTWARE\Classes\toolband.useroptions.1
[-] Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
[-] Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{03F998B2-0E00-11D3-A498-00104B6EB52E}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Babylon.exe
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [Babylon Client]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
[-] Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@viewpoint.com/VMP
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ask.com
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\NativeMessagingHosts\avgsh
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B16632F1-24E0-4D99-A68D-70BFB6447C48}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F998B2-0E00-11D3-A498-00104B6EB52E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1B00725B-C455-4DE6-BFB6-AD540AD427CD}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{327C2873-E90D-4C37-AA9D-10AC9BABA46C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44CBC005-6243-4502-8A02-3A096A282664}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6AC0BB10-C922-45E2-857D-2A368FE749E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9AFB8248-617F-460D-9366-D71CDEDA3179}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F297534D-7B06-459D-BC19-2DD8EF69297B}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0BF91075-F457-4A8B-99EF-140B52D2F22A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{431FB0E5-2CBB-4602-9FE6-F1D64488ADD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5C9A230D-70A5-11D5-AFB0-0050DAC67890}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B7EA2226-F876-4BE4-B478-76EBAE2A668A}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD125908-5F10-409F-9C01-F2207CA18887}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A1489C85-4F6F-48C4-AC9E-18B63AF4703E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F310F027-15CB-4A7F-B10D-3A4AFB5013A5}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{327C2873-E90D-4C37-AA9D-10AC9BABA46C}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{327C2873-E90D-4C37-AA9D-10AC9BABA46C}
[-] Key Deleted : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03F998B2-0E00-11D3-A498-00104B6EB52E}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{327C2873-E90D-4C37-AA9D-10AC9BABA46C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CB65201-89C4-402C-BA80-02D8C59F9B1D}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9CB65206-89C4-402C-BA80-02D8C59F9B1D}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063DB1-4EC0-403E-8DD8-394C54984B2C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FE063DB9-4EC0-403E-8DD8-394C54984B2C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{327C2873-E90D-4C37-AA9D-10AC9BABA46C}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B2BC04DF-EFBD-409A-95CA-36874E5AB92A}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{327C2873-E90D-4C37-AA9D-10AC9BABA46C}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
[-] Value Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
[-] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
[-] Key Deleted : HKU\.DEFAULT\Software\AVG Secure Search
[-] Key Deleted : HKCU\Software\AVG Secure Search
[-] Key Deleted : HKCU\Software\Babylon
[-] Key Deleted : HKCU\Software\IM
[-] Key Deleted : HKCU\Software\ImInstaller
[-] Key Deleted : HKCU\Software\Myfree Codec
[-] Key Deleted : HKCU\Software\YahooPartnerToolbar
[-] Key Deleted : HKCU\Software\Zugo
[-] Key Deleted : HKCU\Software\W3I
[-] Key Deleted : HKCU\Software\Yahoo\Companion
[-] Key Deleted : HKCU\Software\Yahoo\YFriendsBar
[-] Key Deleted : HKLM\SOFTWARE\AVG Secure Search
[-] Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Babylon
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\ImInstaller
[-] Key Deleted : HKLM\SOFTWARE\MetaStream
[-] Key Deleted : HKLM\SOFTWARE\Myfree Codec
[-] Key Deleted : HKLM\SOFTWARE\systweak
[-] Key Deleted : HKLM\SOFTWARE\Viewpoint
[-] Key Deleted : HKLM\SOFTWARE\W3I
[-] Key Deleted : HKLM\SOFTWARE\Yahoo\Companion
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{739126B3-1B80-4F9F-8D59-312A19633E1A}_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Babylon
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ViewpointMediaPlayer
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyFreeCodec
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{739126B3-1B80-4F9F-8D59-312A19633E1A}_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Babylon
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ViewpointMediaPlayer
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]
[!] Key Not Deleted : HKU\S-1-5-21-2802971340-371014867-2627472942-1005\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
[!] Key Not Deleted : HKU\S-1-5-21-2802971340-371014867-2627472942-1005\Software\Microsoft\Internet Explorer\SearchScopes\{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C}

***** [ Web browsers ] *****


*************************

:: Proxy settings cleared
:: Winsock settings cleared
:: Chrome policies deleted

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [21554 bytes] ##########
         
--- --- ---

2. FST.v.25.10.15 nach Adware ,
Gruß Otto
FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:18-10-2015
Ran by Mang (administrator) on OTTO (25-10-2015 11:59:18)
Running from E:\
Loaded Profiles: Mang (Available Profiles: Mang & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVG Technologies CZ, s.r.o.) C:\PROGRA~1\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgwdsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgemcx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Microsoft Corporation) C:\WINDOWS\system32\cmd.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [TFncKy] => TFncKy.exe
HKLM\...\Run: [TDispVol] => C:\WINDOWS\system32\TDispVol.exe [73728 2005-03-12] (TOSHIBA Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [761945 2005-12-16] (Synaptics, Inc.)
HKLM\...\Run: [THotkey] => C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe [352256 2006-01-05] (TOSHIBA)
HKLM\...\Run: [SynTPLpr] => C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [82009 2005-12-16] (Synaptics, Inc.)
HKLM\...\Run: [AGRSMMSG] => C:\WINDOWS\AGRSMMSG.exe [88203 2005-10-15] (Agere Systems)
HKLM\...\Run: [TPSMain] => C:\WINDOWS\system32\TPSMain.exe [282624 2005-06-01] (TOSHIBA Corporation)
HKLM\...\Run: [Pinger] => c:\toshiba\ivp\ism\pinger.exe [151552 2005-03-18] (TOSHIBA Corporation)
HKLM\...\Run: [IntelZeroConfig] => C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [667718 2005-12-05] (Intel Corporation)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [602182 2005-11-28] (Intel Corporation)
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [866584 2006-11-04] (Microsoft Corporation)
HKLM\...\Run: [WinPatrol] => C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe [333120 2008-10-09] (BillP Studios)
HKLM\...\Run: [BluetoothAuthenticationAgent] => rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [4971024 2014-03-20] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [TkBellExe] => C:\program files\real\realplayer\update\realsched.exe [295512 2014-03-02] (RealNetworks, Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\...\Run: [H/PC Connection Agent] => C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE [401491 2004-02-03] (Microsoft Corporation)
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\...\Run: [KiesPreload] => C:\Program Files\Samsung\Kies\Kies.exe [1564992 2014-02-14] (Samsung)
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\...\Run: [PC Suite Tray] => C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe [1516632 2012-06-26] (Nokia)
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\...\Run: [TomTomHOME.exe] => C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe [248208 2013-08-27] (TomTom)
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-02-14] (Samsung)
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\...\Run: [IncrediMail] => C:\Program Files\IncrediMail\bin\IncMail.exe [367016 2013-08-13] (IncrediMail, Ltd.)
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [53729824 2015-08-07] (Skype Technologies S.A.)
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\...\MountPoints2: {61ac6e6f-a7fa-11de-8aca-0018de53a3d3} - E:\LaunchU3.exe -a
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\...\MountPoints2: {ae0efffa-6a92-11e5-8e66-0018de53a3d3} - E:\MotoCastSetup.exe -a
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\wpgldfsh.scr [4396544 2004-08-10] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [DWQueuedReporting] => c:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [39264 2007-03-13] (Microsoft Corporation)
HKU\S-1-5-18\...\Run: [Google Update] => C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [116648 2015-07-19] (Google Inc.)
HKU\S-1-5-18\...\Run: [Google+ Auto Backup] => C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3754312 2015-02-13] (Google Inc.)
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll [83224 2006-11-04] (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth Manager.lnk [2012-06-28]
ShortcutTarget: Bluetooth Manager.lnk -> C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\TosBtMng.exe (TOSHIBA CORPORATION.)
Startup: C:\Documents and Settings\Mang\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 2510 series.lnk [2013-12-06]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 2510 series.lnk -> C:\Program Files\HP\HP Deskjet 2510 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Documents and Settings\Mang\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 3520 series.lnk [2013-10-03]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 3520 series.lnk -> C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
BootExecute: autocheck autochk * C:\PROGRA~1\AVG\AVG2014\avgrsx.exe /sync /restart

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-31] (Apple Inc.)

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.toshibadirect.com/dpdstart
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.toshiba.com/search
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.toshibadirect.com/dpdstart
HKU\S-1-5-19\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.toshiba.com/search
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.toshibadirect.com/dpdstart
HKU\S-1-5-20\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.toshiba.com/search
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://orf.at
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://www.google.com/ie
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\Software\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\Software\Microsoft\Internet Explorer\Main,Start Page Restore = hxxp://orf.at/
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
HKU\S-1-5-21-2802971340-371014867-2627472942-1005\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://orf.at
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "hxxp://www.outfox.tv?referid=180" <======= ATTENTION
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKU\.DEFAULT -> DefaultScope {EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C} URL = 
SearchScopes: HKU\S-1-5-21-2802971340-371014867-2627472942-1005 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKU\S-1-5-21-2802971340-371014867-2627472942-1005 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
SearchScopes: HKU\S-1-5-21-2802971340-371014867-2627472942-1005 -> {23758B0B-0D9F-32A3-A476-D9B1033E7A1E} URL = hxxp://www.bing.com/search?q={searchTerms}&pc=ZUGO&form=ZGAIDF
SearchScopes: HKU\S-1-5-21-2802971340-371014867-2627472942-1005 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
BHO: Adobe PDF Reader -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2010-09-22] (Adobe Systems Incorporated)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-09-22] (Adobe Systems Incorporated)
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2008-09-15] (Safer Networking Limited)
BHO: EWPBrowseObject Class -> {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} -> C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-04-19] ()
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll [2012-02-17] (Sun Microsystems, Inc.)
BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-02-17] (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2012-02-17] (Sun Microsystems, Inc.)
DPF: {17492023-C23A-453E-A040-C7C580BBF700} hxxp://download.microsoft.com/download/9/b/d/9bdc68ef-6a9f-4505-8fb8-d0d2d160e512/LegitCheckControl.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\yinsthelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_04-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_10-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation)
Handler: mctp - {d7b95390-b1c5-11d0-b111-0080c712fe82} - C:\Program Files\Microsoft ActiveSync\aatp.dll [2004-02-03] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2001-06-20] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-10-09] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\Mang\Application Data\Mozilla\Firefox\Profiles\dkoeyld7.default
FF Homepage: hxxp://orf.at
hxxp://orf.at
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2014-02-20] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa2,version=2.0.0 -> C:\Program Files\Picasa2\npPicasa2.dll [No File]
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [2012-02-17] (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nppl3260.dll [2014-03-02] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlchromebrowserrecordext;version=1.3.3 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlhtml5videoshim;version=1.3.3 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprndlpepperflashvideoshim;version=1.3.3 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll [2013-08-14] (RealNetworks, Inc.)
FF Plugin: @real.com/nprpplugin;version=16.0.3.51 -> c:\program files\real\realplayer\Netscape6\nprpplugin.dll [2014-03-02] (RealPlayer)
FF Plugin: @realnetworks.com/npdlplugin;version=1 -> C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2013-08-14] (RealDownloader)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Documents and Settings\All Users\Application Data\Visan\plugins\npRLSecurePluginLayer.dll [2014-02-18] (RocketLife, LLP)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-07] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-09-07] (Google Inc.)
FF Plugin: yaxmpb@yahoo.com/YahooActiveXPluginBridge;version=1.0.0.1 -> C:\PROGRA~1\Yahoo!\Common\npyaxmpb.dll [2006-08-16] (Yahoo! Inc.)
FF Plugin HKU\.DEFAULT: @tools.google.com/Google Update;version=3 -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2015-07-19] (Google Inc.)
FF Plugin HKU\.DEFAULT: @tools.google.com/Google Update;version=9 -> C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Google\Update\1.3.22.3\npGoogleUpdate3.dll [2015-07-19] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2007-05-11] (Adobe Systems Inc.)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-21] [not signed]
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2012-02-17] [not signed]
FF HKLM\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-03-02] [not signed]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\Documents and Settings\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-08-14]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-10-09]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 avgfws; C:\Program Files\AVG\AVG2014\avgfws.exe [1358944 2013-09-24] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3782672 2014-02-24] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [348008 2013-09-24] (AVG Technologies CZ, s.r.o.)
S2 CFSvcs; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2005-01-18] (TOSHIBA CORPORATION) [File not signed]
S2 DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [110592 2004-08-28] (Matsushita Electric Industrial Co., Ltd.) [File not signed]
S2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [114753 2005-11-28] (Intel Corporation) [File not signed]
S2 Fabs; C:\Program Files\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S2 gupdate1c9b07f485552ba; C:\Program Files\Google\Update\GoogleUpdate.exe [144200 2015-09-07] (Google Inc.)
S2 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [153376 2012-02-17] (Sun Microsystems, Inc.)
S2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
S2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
S2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [270336 2001-02-23] (Microsoft Corporation) [File not signed]
S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]
S2 MMIndexer; C:\Program Files\Common Files\Microsoft Shared\Media Manager\airsvcu.exe [137216 1997-07-29] (Microsoft Corporation) [File not signed]
S4 PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
S4 RealNetworks Downloader Resolver Service; C:\Program Files\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] ()
S2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [217164 2005-11-28] (Intel Corporation) [File not signed]
S2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [540745 2005-11-28] (Intel Corporation ) [File not signed]
S2 Skype C2C Service; C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3275136 2013-10-09] (Skype Technologies S.A.)
S2 Swupdtmr; c:\TOSHIBA\IVP\swupdate\swupdtmr.exe [40960 2005-07-13] () [File not signed]
S2 TAPPSRV; C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe [35328 2005-12-20] (TOSHIBA Corp.) [File not signed]
S2 UFDSVC; C:\WINDOWS\system32\ufdsvc.exe [69632 2006-02-15] (Generic) [File not signed]
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-04] (Microsoft Corporation)
S4 OutfoxTvService; C:\Program Files\OutfoxTV\OutfoxTvService.exe [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\WINDOWS\System32\DRIVERS\61883.sys [48128 2008-04-13] (Microsoft Corporation)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21275 2006-12-23] (Meetinghouse Data Communications) [File not signed]
R3 AgereSoftModem; C:\WINDOWS\System32\DRIVERS\AGRSM.sys [1122656 2005-11-15] (Agere Systems) [File not signed]
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [120600 2013-11-26] (AVG Technologies CZ, s.r.o.)
R3 Avgfwdx; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-13] (AVG Technologies CZ, s.r.o.)
S3 Avgfwfd; C:\WINDOWS\System32\DRIVERS\avgfwdx.sys [30944 2012-01-13] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [210712 2013-11-26] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [149272 2013-11-26] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\System32\DRIVERS\avgidsshimx.sys [22808 2014-01-20] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [176952 2013-11-01] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [222520 2013-11-01] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [102712 2013-10-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [27448 2013-09-10] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\WINDOWS\System32\DRIVERS\avgtdix.sys [193848 2013-08-01] (AVG Technologies CZ, s.r.o.)
S2 Ca50xav; C:\WINDOWS\System32\Drivers\Ca50xav.sys [515803 2002-10-21] (Digital Camera)
S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
R3 Iviaspi; C:\WINDOWS\System32\drivers\iviaspi.sys [21060 2003-09-11] (InterVideo, Inc.) [File not signed]
R3 MarvinBus; C:\WINDOWS\System32\DRIVERS\MarvinBus.sys [171008 2005-01-28] (Pinnacle Systems GmbH) [File not signed]
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
R1 meiudf; C:\WINDOWS\System32\Drivers\meiudf.sys [102384 2005-06-02] (Matsushita Electric Industrial Co.,Ltd.) [File not signed]
S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]
S3 MPE; C:\WINDOWS\System32\DRIVERS\MPE.sys [15232 2008-04-13] (Microsoft Corporation)
S3 MR97310_USB_DUAL_CAMERA; C:\WINDOWS\System32\DRIVERS\mr97310c.sys [129875 2002-12-13] (Mars Semiconductor Corp.)
S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
R2 Netdevio; C:\WINDOWS\System32\DRIVERS\netdevio.sys [12032 2003-01-29] (TOSHIBA Corporation.) [File not signed]
R3 Pfc; C:\WINDOWS\System32\drivers\pfc.sys [10368 2003-09-19] (Padus, Inc.) [File not signed]
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [13568 2005-11-28] (Intel Corporation) [File not signed]
S3 slabbus; C:\WINDOWS\System32\DRIVERS\slabbus.sys [52384 2004-03-26] (MCCI)
S3 slabser; C:\WINDOWS\System32\DRIVERS\slabser.sys [84512 2004-03-26] (MCCI)
R1 ssmdrv; C:\WINDOWS\System32\DRIVERS\ssmdrv.sys [28520 2013-04-11] (Avira GmbH)
R3 SynTP; C:\WINDOWS\System32\DRIVERS\SynTP.sys [191936 2005-12-16] (Synaptics, Inc.) [File not signed]
R3 tbiosdrv; C:\WINDOWS\System32\DRIVERS\tbiosdrv.sys [9472 2005-08-25] ()
R3 tifm21; C:\WINDOWS\System32\drivers\tifm21.sys [162560 2005-11-30] (Texas Instruments) [File not signed]
S3 tosrfec; C:\WINDOWS\System32\DRIVERS\tosrfec.sys [9344 2005-09-09] (TOSHIBA Corporation) [File not signed]
R3 TVALD; C:\WINDOWS\System32\DRIVERS\NBSMI.sys [6144 2005-10-20] (Toshiba Corporation) [File not signed]
R3 Tvs; C:\WINDOWS\System32\DRIVERS\Tvs.sys [43392 2005-11-30] (TOSHIBA Corporation) [File not signed]
S3 USB28xxBGA; C:\WINDOWS\System32\DRIVERS\emBDA.sys [565248 2009-02-27] (eMPIA Technology, Inc.)
S3 USB28xxOEM; C:\WINDOWS\System32\DRIVERS\emOEM.sys [522880 2009-02-27] (eMPIA Technology, Inc.)
S3 USBCamera; C:\WINDOWS\System32\Drivers\Bulk50x.sys [10986 2002-07-25] (USB BULK)
R3 w39n51; C:\WINDOWS\System32\DRIVERS\w39n51.sys [1428096 2005-12-04] (Intel® Corporation)
S3 wanatw; C:\WINDOWS\System32\DRIVERS\wanatw4.sys [33588 2003-01-10] (America Online, Inc.)
S3 wceusbsh; C:\WINDOWS\System32\DRIVERS\wceusbsh.sys [28672 2006-11-06] (Microsoft Corporation)
S3 ASFWHide; no ImagePath
S4 IntelIde; no ImagePath
S3 IO_Memory; no ImagePath
S1 PCLEPCI; \??\C:\WINDOWS\system32\drivers\pclepci.sys [X]
U5 ScsiPort; C:\WINDOWS\system32\drivers\scsiport.sys [96384 2008-04-13] (Microsoft Corporation)
S2 StarOpen; no ImagePath
S3 SVRPEDRV; no ImagePath
U5 Tosrfcom; C:\Windows\System32\Drivers\Tosrfcom.sys [64896 2005-08-02] (TOSHIBA Corporation) [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: MHN -> C:\Windows\System32\mhn.dll (Microsoft Corporation)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-25 11:52 - 2015-10-25 11:52 - 00002826 _____ C:\Documents and Settings\Mang\Desktop\JRT.txt
2015-10-25 10:40 - 2015-10-25 10:46 - 00000000 ____D C:\AdwCleaner
2015-10-24 18:14 - 2015-10-24 18:14 - 00044716 _____ C:\Documents and Settings\Mang\Desktop\Desktop.txt
2015-10-24 16:55 - 2015-10-24 18:00 - 00170200 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-10-24 16:54 - 2015-10-24 16:54 - 00000795 _____ C:\Documents and Settings\All Users\Desktop\ Malwarebytes Anti-Malware .lnk
2015-10-24 16:54 - 2015-10-24 16:54 - 00000000 ____D C:\Program Files\ Malwarebytes Anti-Malware 
2015-10-24 16:54 - 2015-10-24 16:54 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-10-24 16:54 - 2015-10-24 16:54 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2015-10-24 16:54 - 2015-10-05 08:50 - 00121560 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-10-24 16:54 - 2015-10-05 08:50 - 00023256 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2015-10-24 16:35 - 2015-10-24 16:35 - 00000935 _____ C:\Documents and Settings\Mang\Desktop\Revo Uninstaller.lnk
2015-10-24 16:34 - 2015-10-24 16:34 - 00000000 ____D C:\Program Files\VS Revo Group
2015-10-22 10:16 - 2015-10-22 10:21 - 00000019 _____ C:\WINDOWS\install.log
2015-10-22 10:16 - 2015-10-22 10:18 - 00000019 _____ C:\WINDOWS\PatchInstall1Debug.log
2015-10-21 22:12 - 2015-10-21 22:12 - 00000368 _____ C:\WINDOWS\nsw.log
2015-10-21 16:25 - 2015-10-21 16:25 - 00153084 _____ C:\wubildr
2015-10-21 16:25 - 2015-10-21 16:25 - 00008192 _____ C:\wubildr.mbr
2015-10-21 16:22 - 2015-10-21 16:22 - 00000000 ____D C:\ubuntu
2015-10-20 13:06 - 2015-10-25 11:59 - 00000000 ____D C:\FRST
2015-10-18 16:41 - 2015-10-18 16:41 - 00001919 _____ C:\WINDOWS\epplauncher.mif
2015-10-04 15:14 - 2015-10-04 15:14 - 00000000 ____D C:\Documents and Settings\Mang\Local Settings\Application Data\AvgSetupLog
2015-10-04 15:14 - 2015-10-04 15:14 - 00000000 ____D C:\Documents and Settings\Mang\Local Settings\Application Data\Avg
2015-10-04 13:45 - 2015-10-04 13:46 - 00000000 ____D C:\KVRT_Data

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-25 11:59 - 2006-12-23 02:12 - 00000000 ____D C:\Documents and Settings\Mang\Local Settings\Temp
2015-10-25 11:50 - 2014-01-21 15:35 - 00000488 _____ C:\WINDOWS\Tasks\HP Photo Creations Communicator.job
2015-10-25 11:49 - 2011-01-07 19:08 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-25 11:49 - 2006-02-15 16:37 - 01417841 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-25 11:48 - 2012-08-21 17:09 - 00000830 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2015-10-25 11:42 - 2009-08-29 22:47 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-25 11:34 - 2014-02-08 00:44 - 00000998 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-18UA.job
2015-10-25 11:22 - 2010-03-08 01:09 - 00000284 _____ C:\WINDOWS\Tasks\RealUpgradeScheduledTaskS-1-5-21-2802971340-371014867-2627472942-1005.job
2015-10-25 11:08 - 2007-01-20 18:13 - 00000014 ____H C:\cmsstorage.lst
2015-10-25 11:08 - 2007-01-20 18:13 - 00000000 ____H C:\WINDOWS\cmsstorage.lst
2015-10-25 11:02 - 2006-02-15 08:30 - 00617682 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-10-25 11:01 - 2014-02-01 15:06 - 00262604 _____ C:\WINDOWS\setupapi.log
2015-10-25 10:59 - 2006-02-15 15:04 - 00001158 _____ C:\WINDOWS\system32\wpa.dbl
2015-10-25 10:57 - 2014-03-02 17:55 - 00000276 _____ C:\WINDOWS\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2802971340-371014867-2627472942-1005.job
2015-10-25 10:57 - 2014-02-01 15:00 - 00000159 _____ C:\WINDOWS\wiadebug.log
2015-10-25 10:57 - 2014-02-01 15:00 - 00000050 _____ C:\WINDOWS\wiaservc.log
2015-10-25 10:57 - 2010-03-08 01:09 - 00000276 _____ C:\WINDOWS\Tasks\RealUpgradeLogonTaskS-1-5-21-2802971340-371014867-2627472942-1005.job
2015-10-25 10:57 - 2006-02-15 16:42 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-25 10:55 - 2006-12-23 02:12 - 00000278 ___SH C:\Documents and Settings\Mang\ntuser.ini
2015-10-25 10:55 - 2006-02-15 16:42 - 00032594 _____ C:\WINDOWS\SchedLgU.Txt
2015-10-25 09:42 - 2014-02-27 22:01 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\MFAData
2015-10-24 17:46 - 2008-08-03 01:57 - 00000000 ____D C:\Program Files\myBabylon
2015-10-24 17:46 - 2006-02-16 15:11 - 00000000 __HDC C:\WINDOWS\$NtUninstallKB894553$
2015-10-24 17:43 - 2008-12-27 16:07 - 00000000 ____D C:\Program Files\WeFi
2015-10-23 19:49 - 2006-02-16 17:59 - 00137200 ____C C:\Documents and Settings\Administrator\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2015-10-23 19:46 - 2006-02-15 08:29 - 00436552 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-10-22 15:00 - 2008-03-16 16:21 - 00000384 ____H C:\WINDOWS\Tasks\{700D1BF3-5389-4C8C-95C2-B0384496ADCF}_OTTO_Mang.job
2015-10-22 14:17 - 2009-07-23 21:25 - 00000000 ____D C:\Documents and Settings\Mang\Application Data\Skype
2015-10-22 12:34 - 2015-07-19 12:29 - 00000946 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-18Core.job
2015-10-22 10:24 - 2006-02-15 17:20 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2015-10-22 10:23 - 2007-01-01 18:13 - 00000000 ____D C:\Program Files\Pinnacle
2015-10-22 10:18 - 2007-02-06 17:59 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
2015-10-22 10:09 - 2014-01-28 22:26 - 00000284 _____ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
2015-10-22 10:07 - 2014-03-21 02:53 - 00000000 ____D C:\Edda Bilder u. MANTEL, 2014-03-20
2015-10-21 16:25 - 2006-02-15 15:05 - 00000236 __RSH C:\boot.ini
2015-10-18 17:40 - 2006-12-23 02:12 - 00000000 ____D C:\Documents and Settings\Mang

==================== Files in the root of some directories =======

2008-03-14 18:44 - 2008-03-14 18:44 - 0002528 ____C () C:\Documents and Settings\Mang\Application Data\$_hpcst$.hpc
2014-04-25 03:34 - 2014-04-25 03:34 - 0000288 _____ () C:\Documents and Settings\Mang\Application Data\.backup.dm
2006-12-28 15:44 - 2006-12-28 15:47 - 0000158 ____C () C:\Documents and Settings\Mang\Application Data\wklnhst.dat
2006-12-23 20:05 - 2014-07-02 20:27 - 0055808 ____C () C:\Documents and Settings\Mang\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2006-12-23 02:12 - 2006-12-30 04:23 - 0000127 ____C () C:\Documents and Settings\Mang\Local Settings\Application Data\fusioncache.dat

Some files in TEMP:
====================
C:\Documents and Settings\Administrator\Local Settings\Temp\uninst.dll
C:\Documents and Settings\Administrator\Local Settings\Temp\ymdc.exe
C:\Documents and Settings\Default User\Local Settings\Temp\uninst.dll
C:\Documents and Settings\Default User\Local Settings\Temp\ymdc.exe
C:\Documents and Settings\Mang\Local Settings\Temp\3kjgerj_.dll
C:\Documents and Settings\Mang\Local Settings\Temp\avgnt.exe
C:\Documents and Settings\Mang\Local Settings\Temp\lowproc.exe
C:\Documents and Settings\Mang\Local Settings\Temp\MotoCast_Installer_1.2.7.exe
C:\Documents and Settings\Mang\Local Settings\Temp\pyl5.tmp.exe
C:\Documents and Settings\Mang\Local Settings\Temp\pyl8.tmp.exe
C:\Documents and Settings\Mang\Local Settings\Temp\pylC.tmp.exe
C:\Documents and Settings\Mang\Local Settings\Temp\rnsetup0.exe
C:\Documents and Settings\Mang\Local Settings\Temp\SkypeSetup.exe
C:\Documents and Settings\Mang\Local Settings\Temp\sqlite3.dll
C:\Documents and Settings\Mang\Local Settings\Temp\stubhelper.dll
C:\Documents and Settings\Mang\Local Settings\Temp\vlc-2.1.3-win32.exe


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================
         
--- --- ---

--- --- ---

Alt 26.10.2015, 07:43   #13
schrauber
/// the machine
/// TB-Ausbilder
 

InstallBrain5BA in C:\Windows\System\32\   = gesichert, MalSign.OpenCandy.7AF...  C:\Documentsand Settin....  = gesichert, Trojaner : Crypt - Standard

InstallBrain5BA in C:\Windows\System\32\ = gesichert, MalSign.OpenCandy.7AF... C:\Documentsand Settin.... = gesichert, Trojaner : Crypt




ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 26.10.2015, 08:40   #14
Golfplayer85
 
InstallBrain5BA in C:\Windows\System\32\   = gesichert, MalSign.OpenCandy.7AF...  C:\Documentsand Settin....  = gesichert, Trojaner : Crypt - Standard

InstallBrain5BA in C:\Windows\System\32\ = gesichert, MalSign.OpenCandy.7AF... C:\Documentsand Settin.... = gesichert, Trojaner : Crypt



Hallo, leider funktioniert eset nicht , verlangt eine Proxyeinstellung .
Gruß Otto

es kommt nicht das fenster wie in der Bebilderung angezeigt

Alt 26.10.2015, 18:09   #15
schrauber
/// the machine
/// TB-Ausbilder
 

InstallBrain5BA in C:\Windows\System\32\   = gesichert, MalSign.OpenCandy.7AF...  C:\Documentsand Settin....  = gesichert, Trojaner : Crypt - Standard

InstallBrain5BA in C:\Windows\System\32\ = gesichert, MalSign.OpenCandy.7AF... C:\Documentsand Settin.... = gesichert, Trojaner : Crypt



Lass ESET weg, mach dafür das:

Lade Dir bitte von hier Emsisoft Emergency Kit Download Emsisoft Emergency Kit herunter.
  • Bitte installiere das Programm in den vorgegebenen Pfad.
  • Starte das Programm durch Doppelklick der Desktopverknüpfung.
  • Das EEK ist nach dem Laden der Malwaresignaturen für den Scan bereit.
  • Folge nun bitte der bebilderten Bildanleitung zu Emergency Kit, entferne alle Funde und poste am Ende des Scans bzw. der Bereinigung das Log.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu InstallBrain5BA in C:\Windows\System\32\ = gesichert, MalSign.OpenCandy.7AF... C:\Documentsand Settin.... = gesichert, Trojaner : Crypt
amerika, anderem, brauche, c:\windows, crypt, datei, ergebnis, filme, installbrain, inter, interne, internet, laden, malware ? usw., nicht mehr, scan, scan`s, schneiden, system, tools, troja, trojaner, versenden, windows



Ähnliche Themen: InstallBrain5BA in C:\Windows\System\32\ = gesichert, MalSign.OpenCandy.7AF... C:\Documentsand Settin.... = gesichert, Trojaner : Crypt


  1. Win 7: Trojaner Downloader.Generic14.LBF wurde mit AVG "gesichert" Befall trotzdem immernoch vorhanden
    Log-Analyse und Auswertung - 15.06.2015 (9)
  2. Apple Watch künftig besser gegen Diebstahl gesichert
    Nachrichten - 09.06.2015 (0)
  3. GVU Trojaner, Farbar Recovery Scan Tool erfolgt, LogFile auf USB Stick gesichert
    Log-Analyse und Auswertung - 06.04.2015 (1)
  4. Meldung , dass mein Rechner nicht mehr gesichert sei
    Plagegeister aller Art und deren Bekämpfung - 28.03.2015 (13)
  5. Apples FaceTime und iMessage künftig per Zwei-Faktor-Authentifizierung gesichert
    Nachrichten - 13.02.2015 (0)
  6. Win 7 Resultate nach Rootscan Spybot, Microsoft safety scan, AVG Meldung Fund 1) MalSign.generic.712 Fund 2) MalSign.OpenCandy. 7AF
    Log-Analyse und Auswertung - 23.01.2015 (21)
  7. Windows 7: Virus nicht wegzubekommen (Malsign.Dailytools.3A7)
    Log-Analyse und Auswertung - 08.10.2014 (16)
  8. Avira meldet Fund: 'TR/Crypt.XPACK.Gen2, Malwarebytes findet PUP.Optional.OpenCandy. Was tun?
    Plagegeister aller Art und deren Bekämpfung - 21.05.2014 (14)
  9. Versorgung mit Virensignaturen für Windows-XP-Rechner vorerst gesichert
    Nachrichten - 13.01.2014 (0)
  10. Viele beliebte Windows-Programme unzureichend gesichert
    Nachrichten - 06.12.2012 (0)
  11. Laptop mit HDGuard gesichert
    Antiviren-, Firewall- und andere Schutzprogramme - 13.09.2012 (1)
  12. Gesichert: Neues in BitLocker bei Windows 8
    Nachrichten - 20.08.2012 (0)
  13. Verschlüsselungs-Trojaner --> Dateien gesichert --> neues System sicher?
    Plagegeister aller Art und deren Bekämpfung - 10.06.2012 (1)
  14. Zugriff auf Ryanairs Buchungssystem schlecht gesichert
    Nachrichten - 01.02.2011 (0)
  15. Geldautomaten schlecht gesichert
    Nachrichten - 29.07.2010 (0)
  16. Trojaner erkannt, Dateien gelöscht und im Backup gesichert, trotzdem Frage
    Plagegeister aller Art und deren Bekämpfung - 30.01.2008 (0)
  17. System gesichert......?
    Log-Analyse und Auswertung - 06.02.2005 (0)

Zum Thema InstallBrain5BA in C:\Windows\System\32\ = gesichert, MalSign.OpenCandy.7AF... C:\Documentsand Settin.... = gesichert, Trojaner : Crypt - Hallo, schreibe on anderem Lapi da der andere NICHT mehr ins Internet geht !! Es ist ein Lapi mit XP Hier das Ergebnis des Scan`s : InstallBrain5BA in C:\Windows\System\32\ = - InstallBrain5BA in C:\Windows\System\32\ = gesichert, MalSign.OpenCandy.7AF... C:\Documentsand Settin.... = gesichert, Trojaner : Crypt...
Archiv
Du betrachtest: InstallBrain5BA in C:\Windows\System\32\ = gesichert, MalSign.OpenCandy.7AF... C:\Documentsand Settin.... = gesichert, Trojaner : Crypt auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.