|
Problem mit getwindowinfo getwindoinfo öffnet sich von selbst. hier der scan. und danke für informationen zur beseitigung. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 23-10-2013 Ran by User (administrator) on MIKEPC on 23-10-2013 16:04:58 Running from C:\Users\User\Downloads Windows Vista (TM) Home Premium Service Pack 2 (X64) OS Language: German Standard Internet Explorer Version 9 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (Microsoft Corporation) C:\Windows\system32\SLsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Infowatch) C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe () C:\Windows\SysWOW64\PnkBstrA.exe () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe () C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe () C:\Program Files\Updater By Sweetpacks\ExtensionUpdaterService.exe () C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe (AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe (Wajam) C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Gainward Co.) C:\Program Files (x86)\EXPERTool\TBPANEL.exe (ICQ) C:\Users\User\AppData\Roaming\ICQM\icq.exe (Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe () C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe (Windows Net) C:\Users\User\AppData\Roaming\Windows Net Data\net.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe (Ask) C:\Program Files (x86)\Ask.com\Updater\Updater.exe (SweetIM Technologies Ltd.) C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe () C:\Program Files (x86)\AVG Secure Search\vprot.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe (RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe () C:\Program Files (x86)\Razer\Diamondback 3G\razertra.exe (Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe (Razer Inc.) C:\Program Files (x86)\Razer\Diamondback 3G\razerofa.exe () C:\Program Files (x86)\Speed Analysis 2\BackgroundHost.exe () C:\Program Files (x86)\Zula Games\BackgroundHost.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\klwtblfs.exe () C:\Program Files (x86)\Amazon Browser Bar\AmazonBrowserBarSSB.3.0.dll (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\ComUpdatus.exe (Plus HD) C:\program files (x86)\plus-hd-2.3\plus-hd-2.3-bg.exe (Feven) C:\program files (x86)\feven\feven-bg.exe (Plus HD) C:\program files (x86)\plus-hd-1.8\plus-hd-1.8-bg.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Windows Defender] - C:\Program Files\Windows Defender\MSASCui.exe [1584184 2008-01-21] (Microsoft Corporation) HKLM\...\Run: [XboxStat] - C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation) HKLM\...\Run: [Nvtmru] - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028896 2013-08-27] (NVIDIA Corporation) HKCU\...\Run: [GAINWARD] - C:\Program Files (x86)\EXPERTool\TBPanel.exe [2265416 2011-04-08] (Gainward Co.) HKCU\...\Run: [icq] - C:\Users\User\AppData\Roaming\ICQM\icq.exe [27598184 2013-04-12] (ICQ) HKCU\...\Run: [Snoozer] - C:\Users\User\AppData\Roaming\Snz\Snz.exe [1137764 2013-08-28] () HKCU\...\Run: [OMESupervisor] - C:\Users\User\AppData\Local\omesuperv.exe [2218359 2013-08-28] () HKCU\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-15] (Samsung) MountPoints2: D - D:\Bin\ASSETUP.exe MountPoints2: {8890b55c-e86f-11e1-af2e-806e6f6e6963} - E:\EasySuite.exe HKLM-x32\...\Run: [P17RunE] - C:\Windows\\SysWOW64\P17RunE.dll [14848 2008-03-28] (Creative Technology Ltd.) HKLM-x32\...\Run: [Diamondback] - C:\Program Files (x86)\Razer\Diamondback 3G\razerhid.exe [147456 2007-08-01] () HKLM-x32\...\Run: [VolPanel] - C:\Program Files (x86)\Creative\USB Headsets\Volume Panel\VolPanlu.exe [221300 2008-05-05] (Creative Technology Ltd) HKLM-x32\...\Run: [KiesTrayAgent] - C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-07-15] (Samsung Electronics Co., Ltd.) HKLM-x32\...\Run: [] - [x] HKLM-x32\...\Run: [ApnUpdater] - C:\Program Files (x86)\Ask.com\Updater\Updater.exe [1564872 2012-06-06] (Ask) HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.) HKLM-x32\...\Run: [SweetIM] - C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe [115032 2012-05-29] (SweetIM Technologies Ltd.) HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated) HKLM-x32\...\Run: [DivXMediaServer] - C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-08-21] (DivX, LLC) HKLM-x32\...\Run: [AVP] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-10-17] (Kaspersky Lab ZAO) HKLM-x32\...\Run: [vProt] - C:\Program Files (x86)\AVG Secure Search\vprot.exe [2404376 2013-10-02] () HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-05-31] (Apple Inc.) HKLM-x32\...\Run: [DivXUpdate] - C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-08-29] () HKLM-x32\...\Run: [TkBellExe] - c:\program files (x86)\real\realplayer\Update\realsched.exe [295512 2013-09-24] (RealNetworks, Inc.) HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKU\Default\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\Default User\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\Gast\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\Gast\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [18678376 2013-04-19] (Skype Technologies S.A.) HKU\Gast\...\Run: [ehTray.exe] - C:\Windows\ehome\ehTray.exe [138240 2008-01-21] (Microsoft Corporation) HKU\Gast\...\Run: [soyys] - "c:\users\user\appdata\local\soyys.exe" soyys HKU\Gast\...\Run: [Creative MediaSource Go] - C:\Program Files (x86)\Creative\MediaSource5\Go\CTCMSGoU.exe [204800 2006-11-09] (Creative Technology Ltd) HKU\Gast\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" HKU\Gast\...\Run: [GAINWARD] - C:\Program Files (x86)\EXPERTool\TBPanel.exe [2265416 2011-04-08] (Gainward Co.) HKU\Gast\...\Run: [icq] - C:\Users\Gast\AppData\Roaming\ICQM\icq.exe -CU HKU\Gast\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-15] (Samsung) HKU\Gast\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016 2013-07-15] (Samsung) HKU\Gast\...\Run: [SCheck] - C:\Users\User\AppData\Roaming\SCheck\SCheck.exe [36864 2013-04-10] () HKU\Gast\...\Run: [SSync] - C:\Users\User\AppData\Roaming\SSync\SSync.exe [36864 2013-04-10] () HKU\Gast\...\Run: [DataMgr] - C:\Users\User\AppData\Roaming\DataMgr\DataMgr.exe [168824 2013-07-21] (HTTO Group, Ltd.) HKU\Gast\...\Run: [Intermediate] - C:\Users\User\AppData\Roaming\Intermediate\Intermediate.exe [36864 2013-04-10] () HKU\Gast\...\RunOnce: [StartMSu] - C:\Program Files (x86)\Creative\MediaSource5\Startmsu.exe [81920 2008-10-30] (Creative Technology Ltd) HKU\Gast\...\RunOnce: [InetReg] - "C:\Program Files (x86)\Creative\Produktregistrierung\German\InetReg.exe" /PreProcess=RegFlash.exe /Delay=6 HKU\Gast\...\RunOnce: [CTAutoUpdate] - C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe [430968 2009-01-15] (Creative Technology Ltd) HKU\User_2\...\Run: [WindowsWelcomeCenter] - rundll32.exe oobefldr.dll,ShowWelcomeCenter HKU\User_2\...\Run: [NTRedirect] - C:\Windows\SysWOW64\rundll32.exe "C:\Users\User_2\AppData\Roaming\BabSolution\Shared\NTRedirect.dll",Run <===== ATTENTION HKU\User_2\...\Run: [Optimizer Pro] - C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe HKU\User_2\...\Run: [swg] - "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" HKU\User_2\...\Run: [GAINWARD] - C:\Program Files (x86)\EXPERTool\TBPanel.exe [2265416 2011-04-08] (Gainward Co.) HKU\User_2\...\Run: [icq] - C:\Users\User_2\AppData\Roaming\ICQM\icq.exe -CU HKU\User_2\...\Run: [] - C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [844656 2013-07-15] (Samsung) HKU\User_2\...\Run: [KiesPreload] - C:\Program Files (x86)\Samsung\Kies\Kies.exe [1564016 2013-07-15] (Samsung) HKU\User_2\...\Run: [SCheck] - C:\Users\User\AppData\Roaming\SCheck\SCheck.exe [36864 2013-04-10] () HKU\User_2\...\Run: [SSync] - C:\Users\User\AppData\Roaming\SSync\SSync.exe [36864 2013-04-10] () HKU\User_2\...\Run: [DataMgr] - C:\Users\User\AppData\Roaming\DataMgr\DataMgr.exe [168824 2013-07-21] (HTTO Group, Ltd.) HKU\User_2\...\Run: [Intermediate] - C:\Users\User\AppData\Roaming\Intermediate\Intermediate.exe [36864 2013-04-10] () HKU\User_2\...\RunOnce: [CTAutoUpdate] - C:\Program Files (x86)\Creative\Shared Files\Software Update\AutoUpdate.exe [430968 2009-01-15] (Creative Technology Ltd) Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk ShortcutTarget: net.lnk -> C:\Users\User\AppData\Roaming\Windows Net Data\net.exe (Windows Net) ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=99&tid=0&st=bs&q= HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.msn.com/?rd=1&ucc=DE&dcc=DE&opt=0&ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=99&tid=0&st=bs&q= HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=9441001FC68CF6E7&affID=119392&tt=070813_wc2&tsp=4972 HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=99&tid=0&st=bs&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:newtab HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://search.certified-toolbar.com?si=99&tid=0&st=bs&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.certified-toolbar.com?si=99&tid=0&st=bs&q= HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,SearchAssistant = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,CustomizeSearch = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Bar = hxxp://search.certified-toolbar.com?si=99&tid=0&st=bs&q= StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM-x32 - DefaultScope {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://search.certified-toolbar.com?si=99&st=bs&tid=0&q={searchTerms} SearchScopes: HKLM-x32 - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://search.certified-toolbar.com?si=99&st=bs&tid=0&q={searchTerms} SearchScopes: HKLM-x32 - {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm049YYde&ptnrS=XPxdm049YYde&si=2271&ptb=13BDF01F-C9F4-46AB-B26C-79A9260924CF&psa=&ind=2012082502&st=sb&n=77edf146&searchfor={searchTerms} SearchScopes: HKLM-x32 - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=99&st=bs&tid=0&q={searchTerms} SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://search.certified-toolbar.com?si=62606&st=bs&tid=6533&ver=4.3&ts=1376294794506&tguid=62606-6533-1376294794506-B3B2E5069E1C8CEB5A6C7CB8C3699AF2&q={searchTerms} SearchScopes: HKCU - DefaultScope {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p13_serp_ie_de_display?ie=UTF8&tagbase=bds-p13&tbrId=v1_abb-channel-13_adeece99ba0b4d33bffcefd967f54842_30_39_20130312_DE_ie_ds_&tag=bds-p13-serp-de-ie-21&query={searchTerms} SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www1.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=9441001FC68CF6E7&affID=119649&tsp=4949 SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=100000027&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=YYYYYYYYDE&apn_uid=1377442A-3CD2-44A0-857A-FC8B3B849F17&apn_sauid=99A68A09-6521-4C32-BF85-E0BF4E7CEE8A SearchScopes: HKCU - {47695818-E252-44F9-81C8-40BCF7702D52} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2801937 SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = SearchScopes: HKCU - {721061fb-eb79-4568-a03c-3ce26d68dae9} URL = hxxp://search.certified-toolbar.com?si=99&st=bs&tid=0&q={searchTerms} SearchScopes: HKCU - {7AD2AA02-5AC2-4ABA-9B31-F09558641CE6} URL = hxxp://search.softonic.com/MOY00009/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=9441a9b700000000000000ff231a40f6&r=680 SearchScopes: HKCU - {a5b9c0f5-5616-47cd-a95f-e43b488faccf} URL = hxxp://search.mywebsearch.com/mywebsearch/GGmain.jhtml?id=XPxdm049YYde&ptnrS=XPxdm049YYde&si=2271&ptb=13BDF01F-C9F4-46AB-B26C-79A9260924CF&psa=&ind=2012082502&st=sb&n=77edf146&searchfor={searchTerms} SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.certified-toolbar.com?si=99&st=bs&tid=0&q={searchTerms} SearchScopes: HKCU - {B3B3A6AC-74EC-BD56-BCDB-EFA4799FB9DF} URL = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p13_serp_ie_de_display?ie=UTF8&tagbase=bds-p13&tbrId=v1_abb-channel-13_adeece99ba0b4d33bffcefd967f54842_30_39_20130312_DE_ie_ds_&tag=bds-p13-serp-de-ie-21&query={searchTerms} SearchScopes: HKCU - {C04B7D22-5AEC-4561-8F49-27F6269208F6} URL = hxxp://toolbar.inbox.com/search/dispatcher.aspx?tp=bs&qkw={searchTerms}&tbid=80772&lng=de SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = hxxp://mysearch.sweetpacks.com/?src=6&q={searchTerms}&st=12&crg=3.5000006.10053&barid={E561791D-8D4D-4B2F-9DC8-1F70101A0A08} BHO: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\User\AppData\Roaming\Complitly\64\Complitly64.dll (SimplyGen) BHO: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\System32\mscoree.dll (Microsoft Corporation) BHO: Expat Shield Class - {3706EE7C-3CAD-445D-8A43-03EBC3B75908} - C:\Program Files (x86)\Expat Shield\HssIE\ExpatIE_64.dll No File BHO: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO: Updater By Sweetpacks - {DEDAF650-12B8-48f5-A843-BBA100716106} - C:\Program Files\Updater By Sweetpacks\Extension64.dll () BHO: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: Complitly - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Users\User\AppData\Roaming\Complitly\Complitly.dll (SimplyGen) BHO-x32: Plus-HD-1.3 - {11111111-1111-1111-1111-110311121157} - C:\Program Files (x86)\Plus-HD-1.3\Plus-HD-1.3-bho.dll (Plus HD) BHO-x32: Feven - {11111111-1111-1111-1111-110311151154} - C:\Program Files (x86)\Feven\Feven-bho.dll (Feven) BHO-x32: Plus-HD-1.8 - {11111111-1111-1111-1111-110311251140} - C:\Program Files (x86)\Plus-HD-1.8\Plus-HD-1.8-bho.dll (Plus HD) BHO-x32: Plus-HD-2.3 - {11111111-1111-1111-1111-110311341126} - C:\Program Files (x86)\Plus-HD-2.3\Plus-HD-2.3-bho.dll (Plus HD) BHO-x32: Plus-HD-3.8 - {11111111-1111-1111-1111-110311901130} - C:\Program Files (x86)\Plus-HD-3.8\Plus-HD-3.8-bho.dll (Plus HD) BHO-x32: Shopping Assistant Plugin - {1631550F-191D-4826-B069-D9439253D926} - C:\Program Files (x86)\PriceGong\2.6.7\PriceGongIE.dll (PriceGong) BHO-x32: Speed Analysis 2 - {18DBB6CE-3148-4FEC-B481-103CB3290427} - C:\Program Files (x86)\Speed Analysis 2\ScriptHost.dll (SpeedAnalysis.com) BHO-x32: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab) BHO-x32: Babylon toolbar helper - {2EECD738-5844-4a99-B4B6-146BF802613B} - No File BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader) BHO-x32: QuickShare WidgetEngine - {31ad400d-1b06-4e33-a59a-90c2c140cba0} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation) BHO-x32: Lyrics Finder - {398C01F1-E584-46AD-A649-4F78B435DCFE} - C:\Program Files (x86)\LyricsFinder\lfind.dll (Nijad Software) BHO-x32: DealPly Shopping - {4B6ACEA2-308A-4876-AD36-57CEC5B4FCC7} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly) BHO-x32: mixidj Helper Object - {4D6A9BBF-402C-4301-B1EF-28D04F71D761} - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\bh\mixidj.dll (MixiDJ) BHO-x32: IEiRobinHoodAddon Class - {54E67346-EE5A-45B6-82AA-4F0BB28C79C2} - C:\Program Files (x86)\iRobinHood\iRobinHood Addon\iRobinHood.dll (iRobinHood) BHO-x32: PiccShare BHO - {553318DA-D010-469E-84B1-496563CAE1C0} - C:\Users\User\AppData\Local\ext_piccshare\ext_piccshare.dll (HTTO Group, Ltd) BHO-x32: Content Blocker Plugin - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Simppull Toolbar - {627af46b-2076-42ae-a2fd-8428734d3e74} - C:\Program Files (x86)\simppulltoolbar\simppulldx.dll () BHO-x32: Sing Along - {6492E171-2427-4932-B414-33574A089F5E} - C:\Program Files (x86)\SingAlong\singalng.dll (Xenophesoft) BHO-x32: Virtual Keyboard Plugin - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll (Kaspersky Lab ZAO) BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File BHO-x32: DNS Error Helper - {9B6B03F1-16CF-4491-BBBB-E872802DD717} - C:\ProgramData\DNSErrorHelper\bho.dll () BHO-x32: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll (Kaspersky Lab ZAO) BHO-x32: HomeTab - {9fdfb66c-713b-4201-83a6-5b78ae227b41} - C:\Users\User_2\AppData\Roaming\HomeTab\HomeTab.dll (Simply Tech Ltd.) BHO-x32: MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\prxtbMyA2.dll (Conduit Ltd.) BHO-x32: HomeTab - {a25e7121-3dd8-41b3-855b-756c5bc45449} - C:\Users\User\AppData\Roaming\HomeTab\HomeTab.dll (Simply Tech Ltd.) BHO-x32: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll (DealPly) BHO-x32: Wajam - {A7A6995D-6EE1-4FD1-A258-49395D5BF99C} - C:\Program Files (x86)\Wajam\IE\priam_bho.dll (Wajam) BHO-x32: Zula Games - {A9337080-7CBF-4E3E-80C1-3867BEDD88E0} - C:\Program Files (x86)\Zula Games\ScriptHost.dll (ZulaGames.com) BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO-x32: NCH DE Toolbar - {b106b661-3e1b-4015-af5c-195e909f35c6} - C:\Program Files (x86)\NCH_DE\prxtbNCH_.dll (Conduit Ltd.) BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.22.0\bh\delta.dll (Delta-search.com) BHO-x32: Updater For Simppull Toolbar - {C4B8BAB4-1667-11DF-A242-BA9455D89593} - C:\Program Files (x86)\simppulltoolbar\auxi\simppulltoolbAu.dll (Visicom Media) BHO-x32: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Updater By Sweetpacks - {DEDAF650-12B8-48f5-A843-BBA100716106} - C:\Program Files\Updater By Sweetpacks\Extension32.dll () BHO-x32: holasearch Helper Object - {DFF9B2DA-EF99-4B26-83CB-7058299999D8} - C:\Program Files (x86)\holasearch\holasearch\1.8.16.16\bh\holasearch.dll (holasearch.com) BHO-x32: URL Advisor Plugin - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll (Kaspersky Lab ZAO) BHO-x32: No Name - {E4E6BF2A-1667-11DF-A01F-1F9655D89593} - No File BHO-x32: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files (x86)\Softonic\Softonic\1.8.19.3\bh\Softonic.dll (Softonic.com) BHO-x32: AlxHelper Class - {F443A627-5009-4323-9C1D-7FD598D0D712} - C:\Program Files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com) BHO-x32: PricePeep - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files (x86)\PricePeep\pricepeep.dll (PricePeep) BHO-x32: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC) Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\System32\mscoree.dll (Microsoft Corporation) Toolbar: HKLM-x32 - MyAshampoo Toolbar - {a1e75a0e-4397-4ba8-bb50-e19fb66890f4} - C:\Program Files (x86)\MyAshampoo\prxtbMyA2.dll (Conduit Ltd.) Toolbar: HKLM-x32 - Simppull Toolbar - {627af46b-2076-42ae-a2fd-8428734d3e74} - C:\Program Files (x86)\simppulltoolbar\simppulldx.dll () Toolbar: HKLM-x32 - Babylon Toolbar - {98889811-442D-49dd-99D7-DC866BE87DBC} - No File Toolbar: HKLM-x32 - Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll (Ask) Toolbar: HKLM-x32 - NCH DE Toolbar - {b106b661-3e1b-4015-af5c-195e909f35c6} - C:\Program Files (x86)\NCH_DE\prxtbNCH_.dll (Conduit Ltd.) Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.22.0\deltaTlbr.dll (Delta-search.com) Toolbar: HKLM-x32 - Amazon Browser Bar - {EA582743-9076-4178-9AA6-7393FDF4D5CE} - C:\Program Files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll (Amazon.com) Toolbar: HKLM-x32 - Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll (Kaspersky Lab) Toolbar: HKLM-x32 - Holasearch Toolbar - {C510DFFB-0AFE-484C-BA40-CED5B74C4EEF} - C:\Program Files (x86)\holasearch\holasearch\1.8.16.16\holasearchTlbr.dll (holasearch.com) Toolbar: HKLM-x32 - MixiDJ Toolbar - {CA9B9C89-4662-4ADC-9C23-A452BECD5D19} - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\mixidjTlbr.dll (MixiDJ) Toolbar: HKLM-x32 - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\\SysWOW64\mscoree.dll (Microsoft Corporation) Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} - No File Toolbar: HKLM-x32 - HomeTab - {9fdfb66c-713b-4201-83a6-5b78ae227b41} - C:\Users\User_2\AppData\Roaming\HomeTab\HomeTab.dll (Simply Tech Ltd.) Toolbar: HKLM-x32 - HomeTab - {a25e7121-3dd8-41b3-855b-756c5bc45449} - C:\Users\User\AppData\Roaming\HomeTab\HomeTab.dll (Simply Tech Ltd.) Toolbar: HKLM-x32 - Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files (x86)\Softonic\Softonic\1.8.19.3\SoftonicTlbr.dll (Softonic.com) Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKCU - No Name - {A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - No File Toolbar: HKCU - No Name - {EEE6C35B-6118-11DC-9C72-001320C79847} - No File Toolbar: HKCU - No Name - {D7E97865-918F-41E4-9CD0-25AB1C574CE8} - No File Toolbar: HKCU - No Name - {B106B661-3E1B-4015-AF5C-195E909F35C6} - No File Toolbar: HKCU - No Name - {977AE9CC-AF83-45E8-9E03-E2798216E2D5} - No File DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262E} hxxp://www.srtest.com/srl_bin/sysreqlab_srl.cab DPF: HKLM-x32 {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} hxxp://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.9.113.cab DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} hxxp://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/15108/CTPID.cab Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - No File Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll (AVG Secure Search) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default FF user.js: detected! => C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\user.js FF NewTab: about:home FF SearchEngineOrder.1: Web Search FF Homepage: about:home FF Keyword.URL: hxxp://search.certified-toolbar.com?si=99&tid=0&st=bs&q= FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll () FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll () FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.) FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.0.12\\npsitesafety.dll (AVG Technologies) FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.) FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 - C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC) FF Plugin-x32: @gametap.com/npdd,version=1.0 - C:\Program Files (x86)\Downloader\npdd.dll (Metaboli) FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google) FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @real.com/nppl3260;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.3 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.) FF Plugin-x32: @real.com/nprpplugin;version=16.0.3.51 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer) FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader) FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.0.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS) FF Plugin HKCU: electronicarts.com/GameFacePlugin - C:\Users\User\AppData\Roaming\Electronic Arts\Game Face\npGameFacePlugin.dll (Electronic Arts) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\searchplugins\softonic.xml FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\searchplugins\Web Search.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\babylon.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\searchplugins\Web Search.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml FF Extension: Battlefield Play4Free - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\battlefieldplay4free@ea.com FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com FF Extension: Default Manager - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\DefaultManager@Microsoft FF Extension: pricealarm - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM FF Extension: FireJump - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\firejump@firejump.net FF Extension: HomeTab - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\{ad7ef860-f366-4be1-8d12-4363b9356947} FF Extension: FoxyDeal - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\{F58A62EB-38DC-43C4-A539-DC52E135208D} FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\complitly_0.sqlite FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\complitly_0.sqlite-journal FF Extension: om - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\om@offermosquito.com.xpi FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\WTB_GLOBAL.sqlite FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} FF HKLM\...\Firefox\Extensions: [{DEDAF650-12B8-48f5-A843-BBA100716106}] - C:\Program Files\Updater By Sweetpacks\Firefox FF Extension: Updater By Sweetpacks - C:\Program Files\Updater By Sweetpacks\Firefox FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF HKLM-x32\...\Firefox\Extensions: - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\url_advisor@kaspersky.com FF HKLM-x32\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com FF Extension: Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\virtual_keyboard@kaspersky.com FF HKLM-x32\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com FF Extension: Content Blocker - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\content_blocker@kaspersky.com FF HKLM-x32\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com FF HKLM-x32\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com FF Extension: Safe Money - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com FF HKLM-x32\...\Firefox\Extensions: [speedanalysis02@SpeedAnalysis.com] - C:\Users\User\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com FF Extension: Speed Analysis 2 - C:\Users\User\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com FF HKLM-x32\...\Firefox\Extensions: [zulagames@ZulaGames.com] - C:\Users\User\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com FF Extension: Zula Games - C:\Users\User\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com FF HKLM-x32\...\Firefox\Extensions: [pluswinks@PlusWinks] - C:\Users\User\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks FF Extension: Cool Smiley Bar for Facebook - C:\Users\User\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\17.0.1.12 FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\17.0.1.12 FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF Extension: No Name - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext FF HKLM-x32\...\Firefox\Extensions: [{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ FF HKCU\...\Firefox\Extensions: [vinceturk@gmail.com] - C:\Program Files (x86)\KwiClick LLC\KwiClick\ FF Extension: KwiClick - C:\Program Files (x86)\KwiClick LLC\KwiClick\ FF HKCU\...\Firefox\Extensions: [{b64982b1-d112-42b5-b1e4-d3867c4533f8}] - C:\ProgramData\Browser Manager\2.3.762.17\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension FF HKCU\...\Firefox\Extensions: [lfind@nijadsoft.net] - C:\Program Files (x86)\LyricsFinder\FF\ FF Extension: No Name - C:\Program Files (x86)\LyricsFinder\FF\ FF HKCU\...\Firefox\Extensions: [singalong@xenophesoft.com] - C:\Program Files (x86)\SingAlong\FF\ FF Extension: No Name - C:\Program Files (x86)\SingAlong\FF\ FF HKCU\...\Firefox\Extensions: [coollrcs@coolzone.co] - C:\Program Files (x86)\CoolLyrics\FF\ FF Extension: No Name - C:\Program Files (x86)\CoolLyrics\FF\ FF HKCU\...\Firefox\Extensions: [speedanalysis02@SpeedAnalysis.com] - C:\Users\User\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com FF Extension: Speed Analysis 2 - C:\Users\User\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com FF HKCU\...\Firefox\Extensions: [zulagames@ZulaGames.com] - C:\Users\User\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com FF Extension: Zula Games - C:\Users\User\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com FF HKCU\...\Firefox\Extensions: [pluswinks@PlusWinks] - C:\Users\User\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks FF Extension: Cool Smiley Bar for Facebook - C:\Users\User\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks FF HKCU\...\Firefox\Extensions: [firejump@firejump.net] - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\extensions\firejump@firejump.net FF Extension: FireJump - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\extensions\firejump@firejump.net Chrome: ======= CHR HomePage: hxxp://www.google.com/ CHR RestoreOnStartup: "urls_to_restore_on_startup": [ CHR Extension: (Sing Along) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\abepbblpkilpjohncjbccmdjhdhbnhdj\1.114_0 CHR Extension: (FoxyDeal) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiennapmieppnpfhhogglccgepbdajan\6.2.0_0 CHR Extension: (QuickShare Widget) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl\1.4_0 CHR Extension: (PriceGong) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok\5.6.7_0 CHR Extension: (MixiDJ Toolbar) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\boipimhfjpakfgckhbljjengakjhkcbp\1.1_0 CHR Extension: (Cool Lyrics) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\clffglkbddffcdnehidjiimmoiphomid\1.114_0 CHR Extension: (Kaspersky URL Advisor) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj\13.0.2.558_1 CHR Extension: () - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjkhjdcljddbedokogakmmdjgnbeanf\1.0.0.3 CHR Extension: (Babylon Toolbar) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb\1.11_0 CHR Extension: (Complitly plugin for chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlfienamagdnkekbbbocojppncdambda\1.1_0 CHR Extension: (PiccShare) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\docfnddcclkgokdfpnmngpiliiachclb\2.0_0 CHR Extension: (Softonic Chrome Toolbar) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf\1.0_0 CHR Extension: (hola Toolbar) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fagpjgjmoaccgkkpjeoinehnoaimnbla\1.0_0 CHR Extension: (Feven) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0 CHR Extension: () - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab\background.html CHR Extension: (DealPly) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje\3.5.3.0_0 CHR Extension: (OfferMosquito) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk\0.6.1_0 CHR Extension: () - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gflandjopdloblmlcoiidmncpinmmacn\1.0.0.5 CHR Extension: (Lyrics Finder) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnbcopcndefcccgdofjadnafjljgofam\1.110_0 CHR Extension: (Safe Money) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh\13.0.2.558_0 CHR Extension: (Plus-HD-1.3) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0 CHR Extension: (RealDownloader) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.1_0 CHR Extension: (Virtual Keyboard) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh\13.0.2.558_1 CHR Extension: (SweetIM for Facebook) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn\1.0.0.0_0 CHR Extension: (Wajam) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpmbfleldcgkldadpdinhjjopdfpjfjp\1.24_0 CHR Extension: (PricePeep) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb\2.2.0.2_0 CHR Extension: (Skype Click to Call) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0 CHR Extension: () - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mocblcnaofikinigmceddfghppkkjbog\1.0.0.5 CHR Extension: (Yontoo) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.3_1 CHR Extension: (Delta Toolbar) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkgfcicgjhneabbbfhddfcgifljdhhpl\1.4_0 CHR Extension: (Plus-HD-3.8) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0 CHR Extension: (SweetPacks Chrome Extension) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj\1.4.0.3_0 CHR Extension: (DealPly Shopping ) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojcgaoafcmbadjkfdippkdddgkeaipbn\3.5.0.0_0 CHR Extension: (Plus-HD-2.3) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0 CHR Extension: (NCH DE) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ommhmgednjnodcljhlljkaiidghdmikk\2.3.19.11_0 CHR Extension: (Amazon 1Button App for Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbjikboenpfhbbejgkoklgkhjpfogcam\3.2013.715.0_0 CHR Extension: (Anti-Banner) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman\13.0.2.558_0 CHR HKLM-x32\...\Chrome\Extension: [abepbblpkilpjohncjbccmdjhdhbnhdj] - C:\Program Files (x86)\SingAlong\Chrome.crx CHR HKLM-x32\...\Chrome\Extension: [bddpogknpjlgfpbboediomaiiaecfajn] - C:\Program Files (x86)\HomeTab\chrome\HomeTab.crx CHR HKLM-x32\...\Chrome\Extension: [bkomkajifikmkfnjgphkjcfeepbnojok] - C:\Program Files (x86)\PriceGong\2.6.7\pricegong.crx CHR HKLM-x32\...\Chrome\Extension: [boipimhfjpakfgckhbljjengakjhkcbp] - C:\Users\User\AppData\Roaming\BabSolution\CR\mixiDj.crx CHR HKLM-x32\...\Chrome\Extension: [clffglkbddffcdnehidjiimmoiphomid] - C:\Program Files (x86)\CoolLyrics\Chrome.crx CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx CHR HKLM-x32\...\Chrome\Extension: [dgjkhjdcljddbedokogakmmdjgnbeanf] - C:\Users\User\AppData\Roaming\SpeedAnalysis2\SpeedAnalysis.crx CHR HKLM-x32\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Users\User\AppData\Roaming\BabylonToolbar\CR\BabylonChrome1.crx CHR HKLM-x32\...\Chrome\Extension: [dlfienamagdnkekbbbocojppncdambda] - C:\Program Files (x86)\Complitly\chrome\ComplitlyChrome.crx CHR HKLM-x32\...\Chrome\Extension: [elchiiiejkobdbblfejjkbphbddgmljf] - C:\Program Files (x86)\Softonic\Softonic\1.8.19.3\Softonic.crx CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\User_2\AppData\Roaming\BabSolution\CR\Delta.crx CHR HKLM-x32\...\Chrome\Extension: [fagpjgjmoaccgkkpjeoinehnoaimnbla] - C:\Users\User\AppData\Roaming\BabSolution\CR\hola.crx CHR HKLM-x32\...\Chrome\Extension: [gaiilaahiahdejapggenmdmafpmbipje] - C:\Program Files (x86)\DealPly\DealPly.crx CHR HKLM-x32\...\Chrome\Extension: [gflandjopdloblmlcoiidmncpinmmacn] - C:\Users\User\AppData\Roaming\zulagames\zulagames.crx CHR HKLM-x32\...\Chrome\Extension: [gnbcopcndefcccgdofjadnafjljgofam] - C:\Program Files (x86)\LyricsFinder\Chrome.crx CHR HKLM-x32\...\Chrome\Extension: [hakdifolhalapjijoafobooafbilfakh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\online_banking_chrome.crx CHR HKLM-x32\...\Chrome\Extension: [hghkgaeecgjhjkannahfamoehjmkjail] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\content_blocker_chrome.crx CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx CHR HKLM-x32\...\Chrome\Extension: [iidmoehhpbghchkaogkhmcckhlhebekn] - C:\Program Files (x86)\iRobinHood\iRobinHood Addon\iRobinHoodPartnersVExtension1_42.crx CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\virtkbd.crx CHR HKLM-x32\...\Chrome\Extension: [jcdgjdiieiljkfkdcloehkohchhpekkn] - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx CHR HKLM-x32\...\Chrome\Extension: [jpmbfleldcgkldadpdinhjjopdfpjfjp] - C:\Users\User\AppData\Local\Wajam\Chrome\wajam.crx CHR HKLM-x32\...\Chrome\Extension: [kpepfkjapeclaafmhoelccknpfedainn] - C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\mixidj.crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx CHR HKLM-x32\...\Chrome\Extension: [mocblcnaofikinigmceddfghppkkjbog] - C:\Users\User\AppData\Roaming\PlusWinks\PlusWinks.crx CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files (x86)\Yontoo\YontooLayers.crx CHR HKLM-x32\...\Chrome\Extension: [nkgfcicgjhneabbbfhddfcgifljdhhpl] - C:\Users\User\AppData\Roaming\BabSolution\CR\Delta.crx CHR HKLM-x32\...\Chrome\Extension: [ogccgbmabaphcakpiclgcnmcnimhokcj] - C:\Windows\SysWOW64\jmdp\SweetNT.crx CHR HKLM-x32\...\Chrome\Extension: [ommhmgednjnodcljhlljkaiidghdmikk] - C:\Users\User\AppData\Local\CRE\ommhmgednjnodcljhlljkaiidghdmikk.crx CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx ==================== Services (Whitelisted) ================= S4 AddonsHelper; C:\Users\User\AppData\Local\Temp\OCS\Downloads\e176f0d38725557d997a73fca0b80043\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe [896512 2013-09-25] () R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe [356128 2013-10-17] (Kaspersky Lab ZAO) S3 COMSysApp; C:\Windows\SysWow64\dllhost.exe [7168 2006-11-02] (Microsoft Corporation) S3 Creative HOAL Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTHOALLicensing.exe [79360 2009-03-12] (Creative Labs) R2 CSObjectsSrv; C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe [819040 2012-12-21] (Infowatch) S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo WinOptimizer 2013\DfsdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) S2 IBUpdaterService; C:\Windows\SysWow64\dmwu.exe [675232 2013-07-20] () S3 lxce_device; C:\Windows\system32\lxcecoms.exe [414720 2005-07-06] (Lexmark International, Inc.) S3 npggsvc; C:\Windows\SysWow64\GameMon.des [4032992 2010-09-29] (INCA Internet Co., Ltd.) R2 PnkBstrA; C:\Windows\SysWow64\PnkBstrA.exe [76888 2013-09-03] () R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-08-14] () R2 SrvUpdater; C:\Program Files (x86)\SoftwareUpdater\UpdaterService.exe [31744 2013-04-12] () S2 SystemStoreService; C:\Program Files (x86)\SelfUpdater\SystemStore.exe [1948160 2013-03-12] () R2 Updater By Sweetpacks; C:\Program Files\Updater By Sweetpacks\ExtensionUpdaterService.exe [188760 2013-05-29] () R2 Updater Service for AMZN; C:\Program Files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe [222368 2012-05-22] () R2 vToolbarUpdater17.0.12; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe [1734680 2013-10-02] (AVG Secure Search) R2 WajamUpdater; C:\Program Files (x86)\Wajam\Updater\WajamUpdater.exe [109064 2012-10-05] (Wajam) R2 WSearch; C:\Windows\SysWow64\SearchIndexer.exe [441344 2009-04-11] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-10-02] (AVG Technologies) R0 CSCrySec; C:\Windows\System32\DRIVERS\CSCrySec.sys [84536 2011-06-02] (Infowatch) R1 CSVirtualDiskDrv; C:\Windows\System32\DRIVERS\CSVirtualDiskDrv.sys [66616 2011-06-02] (Infowatch) S3 dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys [20568 2010-05-25] (Devguru Co., Ltd) S3 dgderdrv; C:\Windows\SysWow64\drivers\dgderdrv.sys [20032 2011-10-31] (Devguru Co., Ltd) S3 FsUsbExDisk; C:\Windows\SysWOW64\FsUsbExDisk.SYS [37344 2013-02-05] () R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [7717984 2013-10-17] (Kaspersky Lab ZAO) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [626272 2013-10-17] (Kaspersky Lab ZAO) R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [28504 2012-08-02] (Kaspersky Lab ZAO) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [29280 2013-10-17] (Kaspersky Lab ZAO) R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [54368 2013-07-15] (Kaspersky Lab ZAO) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [178448 2013-07-15] (Kaspersky Lab ZAO) S3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15680 2006-10-31] () S3 NPPTNT2; C:\Windows\SysWow64\npptNT2.sys [4682 2004-12-30] (INCA Internet Co., Ltd.) S3 nv; C:\Windows\System32\DRIVERS\nv4_mini.sys [10068352 2009-06-10] (NVIDIA Corporation) S3 Ph3xIB64; C:\Windows\System32\DRIVERS\Ph3xIB64.sys [1368960 2006-09-30] (Philips Semiconductors GmbH) R3 Razerlow; C:\Windows\System32\drivers\DB3G.sys [21120 2005-11-07] (Razer (Asia-Pacific) Pte Ltd) S3 skfiltv; C:\Windows\System32\drivers\skfiltv.sys [24064 2008-08-14] (Creative Technology Ltd.) S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [203672 2013-06-21] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 TBPanel; No ImagePath S3 dump_wmimmc; \??\C:\Program Files (x86)\ShotOnline\GameGuard\dump_wmimmc.sys [x] S3 IpInIp; system32\DRIVERS\ipinip.sys [x] U5 klflt; C:\Windows\System32\Drivers\klflt.sys [90208 2013-10-17] (Kaspersky Lab ZAO) S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [x] S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [x] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2013-10-23 16:04 - 2013-10-23 16:04 - 01955374 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe 2013-10-23 16:04 - 2013-10-23 16:04 - 00000000 ____D C:\FRST 2013-10-22 17:20 - 2013-10-16 02:48 - 30344992 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2013-10-22 17:20 - 2013-10-16 02:48 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2013-10-22 17:20 - 2013-10-16 02:48 - 22933280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2013-10-22 17:20 - 2013-10-16 02:48 - 18290536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2013-10-22 17:20 - 2013-10-16 02:48 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2013-10-22 17:20 - 2013-10-16 02:48 - 12537632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2013-10-22 17:20 - 2013-10-16 02:48 - 11415232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2013-10-22 17:20 - 2013-10-16 02:48 - 11362672 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2013-10-22 17:20 - 2013-10-16 02:48 - 09516872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2013-10-22 17:20 - 2013-10-16 02:48 - 09472600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2013-10-22 17:20 - 2013-10-16 02:48 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2013-10-22 17:20 - 2013-10-16 02:48 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2013-10-22 17:20 - 2013-10-16 02:48 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2013-10-22 17:20 - 2013-10-16 02:48 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2013-10-22 17:20 - 2013-10-16 02:48 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll 2013-10-22 17:20 - 2013-10-16 02:48 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll 2013-10-22 09:41 - 2013-10-22 09:41 - 00000000 ____D C:\Users\User\AppData\Local\{D5E7B1F8-BB83-4166-9AE5-07DB752732EA} 2013-10-20 14:12 - 2013-10-20 14:12 - 00000000 ____D C:\Users\User\AppData\Local\{6EEAA5A0-25F5-41F5-84E7-511B12215B09} 2013-10-19 11:36 - 2013-10-19 11:36 - 00000000 ____D C:\Users\User\AppData\Local\{60E21CC1-DE5F-4E1C-B784-CAFC20EEB4ED} 2013-10-19 11:36 - 2013-10-19 11:36 - 00000000 ____D C:\Users\User\AppData\Local\{55E8C11A-29F3-4036-ABD4-CB97F2158E9A} 2013-10-17 15:50 - 2013-10-17 15:50 - 00000000 ____D C:\Users\Public\Documents\CrashDump 2013-10-17 15:49 - 2013-10-17 15:50 - 00000810 _____ C:\Windows\setupact.log 2013-10-17 15:49 - 2013-10-17 15:49 - 00000000 _____ C:\Windows\setuperr.log 2013-10-16 12:35 - 2013-10-16 12:35 - 00000000 ____D C:\ProgramData\Oracle 2013-10-16 12:35 - 2013-10-08 07:46 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-10-16 12:34 - 2013-10-08 07:50 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-10-16 12:34 - 2013-10-08 07:46 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-10-16 12:34 - 2013-10-08 07:46 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-10-16 12:33 - 2013-10-16 12:34 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log 2013-10-09 12:16 - 2013-09-22 17:43 - 17833984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2013-10-09 12:16 - 2013-09-22 17:01 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2013-10-09 12:16 - 2013-09-22 16:42 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2013-10-09 12:16 - 2013-09-22 16:36 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2013-10-09 12:16 - 2013-09-22 16:33 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2013-10-09 12:16 - 2013-09-22 16:33 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2013-10-09 12:16 - 2013-09-22 16:30 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2013-10-09 12:16 - 2013-09-22 16:27 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2013-10-09 12:16 - 2013-09-22 16:23 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2013-10-09 12:16 - 2013-09-22 16:22 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2013-10-09 12:16 - 2013-09-22 16:21 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2013-10-09 12:16 - 2013-09-22 16:19 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2013-10-09 12:16 - 2013-09-22 16:19 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2013-10-09 12:16 - 2013-09-22 16:16 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2013-10-09 12:16 - 2013-09-22 16:15 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2013-10-09 12:16 - 2013-09-22 16:07 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2013-10-09 12:16 - 2013-09-22 12:29 - 12336128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2013-10-09 12:16 - 2013-09-22 12:22 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2013-10-09 12:16 - 2013-09-22 12:22 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2013-10-09 12:16 - 2013-09-22 12:14 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2013-10-09 12:16 - 2013-09-22 12:13 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2013-10-09 12:16 - 2013-09-22 12:13 - 01104896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2013-10-09 12:16 - 2013-09-22 12:12 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2013-10-09 12:16 - 2013-09-22 12:09 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2013-10-09 12:16 - 2013-09-22 12:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2013-10-09 12:16 - 2013-09-22 12:07 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll 2013-10-09 12:16 - 2013-09-22 12:06 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2013-10-09 12:16 - 2013-09-22 12:05 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2013-10-09 12:16 - 2013-09-22 12:03 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2013-10-09 12:16 - 2013-09-22 12:03 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2013-10-09 12:16 - 2013-09-22 12:03 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2013-10-09 12:16 - 2013-09-22 11:59 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2013-10-09 08:08 - 2013-08-29 09:48 - 02775552 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2013-10-09 08:08 - 2013-08-27 05:39 - 01268224 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2013-10-09 08:08 - 2013-08-27 05:39 - 00327680 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2013-10-09 08:08 - 2013-08-27 05:39 - 00287232 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll 2013-10-09 08:08 - 2013-08-27 05:39 - 00196096 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2013-10-09 08:08 - 2013-08-27 04:47 - 01029120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll 2013-10-09 08:08 - 2013-08-27 04:47 - 00219648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll 2013-10-09 08:08 - 2013-08-27 04:47 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll 2013-10-09 08:08 - 2013-08-27 04:47 - 00160768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll 2013-10-09 08:08 - 2013-08-27 04:32 - 02002944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2013-10-09 08:08 - 2013-08-27 04:30 - 00566272 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2013-10-09 08:08 - 2013-08-27 04:06 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2013-10-09 08:08 - 2013-08-27 04:00 - 01556480 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2013-10-09 08:08 - 2013-08-27 04:00 - 01149952 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2013-10-09 08:08 - 2013-08-27 03:52 - 01172480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2013-10-09 08:08 - 2013-08-27 03:50 - 00486400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2013-10-09 08:08 - 2013-08-27 03:32 - 00683008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2013-10-09 08:08 - 2013-08-27 03:28 - 01069056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2013-10-09 08:08 - 2013-08-01 06:10 - 00901568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys 2013-10-09 08:08 - 2013-08-01 05:37 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll 2013-10-09 08:08 - 2013-07-20 12:45 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2013-10-09 08:08 - 2013-07-20 12:44 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2013-10-09 08:08 - 2013-07-12 11:19 - 00099200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBAUDIO.sys 2013-10-09 08:08 - 2013-07-04 06:21 - 00532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll 2013-10-09 08:08 - 2013-07-04 06:13 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll 2013-10-09 08:08 - 2013-07-03 06:24 - 00107008 _____ (Microsoft Corporation) C:\Windows\system32\wiafbdrv.dll 2013-10-09 08:08 - 2013-07-03 04:55 - 00040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys 2013-10-09 08:08 - 2013-07-03 04:22 - 00031616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys 2013-10-09 08:08 - 2013-06-29 04:25 - 00274944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys 2013-10-09 08:08 - 2013-06-29 04:25 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys 2013-10-09 08:08 - 2013-06-29 04:25 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys 2013-10-09 08:08 - 2013-06-29 04:25 - 00007552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys 2013-10-09 08:08 - 2013-06-27 01:00 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys 2013-10-09 08:08 - 2013-06-04 06:16 - 00048128 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll 2013-10-09 08:08 - 2013-06-04 06:16 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll 2013-10-09 08:08 - 2013-06-04 04:01 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll 2013-10-09 08:08 - 2013-06-04 03:49 - 00293376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll 2013-10-09 08:08 - 2011-05-05 16:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys 2013-10-09 08:08 - 2011-05-05 16:17 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys 2013-10-05 15:07 - 2012-04-24 21:35 - 00693648 _____ (MindSpark) C:\Program Files (x86)\64Uninstall TelevisionFanatic.dll 2013-10-05 15:07 - 2012-04-24 21:35 - 00174024 _____ () C:\Program Files (x86)\64res.dll 2013-10-04 13:35 - 2013-10-04 13:35 - 00000000 ___SD C:\Users\User\Documents\Passwords Database 2013-10-02 07:35 - 2013-10-02 07:35 - 00000127 _____ C:\Windows\wininit.ini 2013-10-02 07:23 - 2013-10-17 06:18 - 00010698 _____ C:\Windows\PFRO.log 2013-10-01 13:47 - 2013-10-01 13:47 - 00001423 _____ C:\Users\User\Desktop\Fixlist.txt 2013-09-28 14:59 - 2013-10-02 07:24 - 00003728 _____ C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml 2013-09-28 08:51 - 2013-09-28 08:51 - 00000000 ____D C:\Windows\system32\IO 2013-09-26 12:39 - 2013-09-26 12:39 - 00000000 ____D C:\Users\User\AppData\Roaming\Softonic 2013-09-26 12:39 - 2013-09-26 12:39 - 00000000 ____D C:\Program Files (x86)\Softonic 2013-09-26 12:38 - 2013-09-26 12:38 - 00400728 _____ (Softonic ) C:\Users\User\Downloads\SoftonicDownloader_fuer_expat-shield.exe 2013-09-26 12:22 - 2013-09-26 12:22 - 00001842 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_lsntpqko.1xe.pbk 2013-09-26 12:04 - 2013-09-26 12:04 - 00001288 _____ C:\Windows\Tasks\Plus-HD-3.8-updater.job 2013-09-26 12:04 - 2013-09-26 12:04 - 00001194 _____ C:\Windows\Tasks\Plus-HD-3.8-codedownloader.job 2013-09-26 12:04 - 2013-09-26 12:04 - 00001092 _____ C:\Windows\Tasks\Plus-HD-3.8-enabler.job 2013-09-26 12:04 - 2009-11-20 15:26 - 00031232 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tap0901.sys 2013-09-26 12:03 - 2013-09-26 13:34 - 00000000 ____D C:\Users\User\AppData\Roaming\Windows Net Data 2013-09-26 12:03 - 2013-09-26 12:04 - 00000000 ____D C:\Program Files (x86)\Plus-HD-3.8 2013-09-26 12:03 - 2013-09-26 12:03 - 00001902 _____ C:\Windows\Tasks\Plus-HD-3.8-chromeinstaller.job 2013-09-26 12:03 - 2013-09-26 12:03 - 00001826 _____ C:\Windows\Tasks\Plus-HD-3.8-firefoxinstaller.job 2013-09-26 12:03 - 2013-09-26 12:03 - 00000000 ____D C:\Program Files (x86)\foxydeal 2013-09-26 12:02 - 2013-09-26 12:02 - 00000000 ____D C:\Users\User\AppData\Roaming\SimplyTech 2013-09-26 12:02 - 2013-09-26 12:02 - 00000000 ____D C:\Users\User\AppData\Roaming\HomeTab 2013-09-26 12:00 - 2013-09-26 12:06 - 00000000 ____D C:\Users\User\AppData\Local\DownloadGuide 2013-09-26 12:00 - 2013-09-26 12:00 - 00478528 _____ C:\Users\User\Downloads\ifreevpn-Downloader.exe 2013-09-26 11:56 - 2013-09-26 11:56 - 00001877 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_vzainmdm.p3e.pbk 2013-09-26 11:56 - 2013-09-26 11:56 - 00001877 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_v5jnzrhf.itx.pbk 2013-09-26 11:56 - 2013-09-26 11:56 - 00001877 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_phptnij0.gqi.pbk 2013-09-26 09:38 - 2013-09-26 09:38 - 00001842 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_qgd2lfzc.4cf.pbk 2013-09-26 09:37 - 2013-10-23 14:54 - 00000000 ____D C:\Users\User\Documents\FIFA 14 2013-09-25 09:29 - 2013-09-25 09:30 - 00001841 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_hlvw0cfy.5hv.pbk 2013-09-25 09:25 - 2013-09-25 09:26 - 00001842 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_eqklbxhr.dqz.pbk 2013-09-25 09:20 - 2013-09-25 09:20 - 00001843 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_3v20slrp.jmw.pbk 2013-09-25 09:17 - 2013-09-25 09:17 - 00001842 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_jfwazffk.z4r.pbk 2013-09-25 09:14 - 2013-09-25 09:14 - 00001842 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN.pbk 2013-09-25 09:12 - 2013-09-25 09:12 - 00000000 ____D C:\Users\User\AppData\Roaming\Opera 2013-09-25 09:11 - 2013-09-25 09:11 - 00613216 _____ C:\Users\User\Downloads\free-vpn Installer.exe 2013-09-25 09:11 - 2013-09-25 09:11 - 00000000 ____D C:\Users\User\AppData\Roaming\OCS 2013-09-25 09:11 - 2013-09-25 09:11 - 00000000 ____D C:\Users\User\AppData\Roaming\DesktopIconForAmazon 2013-09-25 09:11 - 2013-09-25 09:11 - 00000000 ____D C:\ProgramData\DNSErrorHelper 2013-09-25 09:11 - 2011-05-13 14:16 - 00493056 _____ ( datenhaus GmbH) C:\Windows\SysWOW64\dhRichClient3.dll 2013-09-25 09:11 - 2011-03-25 22:42 - 00338432 _____ C:\Windows\SysWOW64\sqlite36_engine.dll 2013-09-24 08:30 - 2013-09-24 08:30 - 00000000 ____D C:\Users\User\AppData\Roaming\RealNetworks 2013-09-24 08:29 - 2013-09-24 08:29 - 00000000 ____D C:\ProgramData\RealNetworks 2013-09-24 08:29 - 2013-09-24 08:29 - 00000000 ____D C:\Program Files (x86)\RealNetworks ==================== One Month Modified Files and Folders ======= 2013-10-23 16:04 - 2013-10-23 16:04 - 01955374 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe 2013-10-23 16:04 - 2013-10-23 16:04 - 00000000 ____D C:\FRST 2013-10-23 15:49 - 2009-12-28 14:19 - 00000000 ____D C:\Program Files (x86)\Steam 2013-10-23 14:55 - 2013-03-17 00:09 - 00000000 ____D C:\ProgramData\Kaspersky Lab 2013-10-23 14:54 - 2013-09-26 09:37 - 00000000 ____D C:\Users\User\Documents\FIFA 14 2013-10-23 14:45 - 2006-11-02 17:22 - 00003840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 2013-10-23 14:45 - 2006-11-02 17:22 - 00003840 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 2013-10-23 10:51 - 2008-01-21 03:53 - 01216014 _____ C:\Windows\WindowsUpdate.log 2013-10-23 10:49 - 2011-09-30 15:51 - 00000000 ____D C:\Program Files (x86)\Origin 2013-10-23 10:45 - 2008-08-08 18:16 - 00065536 _____ C:\Windows\system32\Ikeext.etl 2013-10-23 08:58 - 2006-11-02 15:34 - 00000000 ____D C:\Windows\tracing 2013-10-22 17:23 - 2011-08-30 17:07 - 00000000 ____D C:\ProgramData\NVIDIA 2013-10-22 10:30 - 2013-06-12 16:30 - 00000000 ____D C:\Program Files\Lx_cats 2013-10-22 09:48 - 2013-02-08 23:21 - 00000000 ____D C:\Users\User\Desktop\Bilder 2013-10-22 09:43 - 2011-07-08 16:12 - 00000000 ____D C:\Users\User\AppData\Local\Windows Live 2013-10-22 09:41 - 2013-10-22 09:41 - 00000000 ____D C:\Users\User\AppData\Local\{D5E7B1F8-BB83-4166-9AE5-07DB752732EA} 2013-10-20 14:12 - 2013-10-20 14:12 - 00000000 ____D C:\Users\User\AppData\Local\{6EEAA5A0-25F5-41F5-84E7-511B12215B09} 2013-10-19 11:36 - 2013-10-19 11:36 - 00000000 ____D C:\Users\User\AppData\Local\{60E21CC1-DE5F-4E1C-B784-CAFC20EEB4ED} 2013-10-19 11:36 - 2013-10-19 11:36 - 00000000 ____D C:\Users\User\AppData\Local\{55E8C11A-29F3-4036-ABD4-CB97F2158E9A} 2013-10-18 13:03 - 2013-07-22 12:29 - 00000000 ____D C:\Program Files (x86)\Plus-HD-2.3 2013-10-18 13:03 - 2013-07-08 08:59 - 00000000 ____D C:\Program Files (x86)\Plus-HD-1.3 2013-10-18 13:02 - 2013-06-21 23:23 - 00000000 ____D C:\Program Files (x86)\CoolLyrics 2013-10-18 13:02 - 2013-06-04 15:51 - 00000000 ____D C:\Program Files (x86)\LyricsFinder 2013-10-18 07:25 - 2008-01-21 13:10 - 01683002 _____ C:\Windows\system32\PerfStringBackup.INI 2013-10-18 07:25 - 2008-01-21 13:09 - 00717264 _____ C:\Windows\system32\perfh007.dat 2013-10-18 07:25 - 2008-01-21 13:09 - 00164448 _____ C:\Windows\system32\perfc007.dat 2013-10-17 15:50 - 2013-10-17 15:50 - 00000000 ____D C:\Users\Public\Documents\CrashDump 2013-10-17 15:50 - 2013-10-17 15:49 - 00000810 _____ C:\Windows\setupact.log 2013-10-17 15:49 - 2013-10-17 15:49 - 00000000 _____ C:\Windows\setuperr.log 2013-10-17 06:51 - 2013-03-17 00:08 - 00626272 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klif.sys 2013-10-17 06:51 - 2013-03-17 00:08 - 00090208 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klflt.sys 2013-10-17 06:51 - 2012-09-03 19:23 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klmouflt.sys 2013-10-17 06:51 - 2012-09-03 18:57 - 00029280 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\klkbdflt.sys 2013-10-17 06:51 - 2012-06-19 18:28 - 07717984 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\kl1.sys 2013-10-17 06:18 - 2013-10-02 07:23 - 00010698 _____ C:\Windows\PFRO.log 2013-10-16 12:35 - 2013-10-16 12:35 - 00000000 ____D C:\ProgramData\Oracle 2013-10-16 12:34 - 2013-10-16 12:33 - 00004886 _____ C:\Windows\SysWOW64\jupdate-1.7.0_45-b18.log 2013-10-16 12:34 - 2012-07-05 22:08 - 00000000 ____D C:\Program Files (x86)\Java 2013-10-16 12:25 - 2012-08-19 11:10 - 00000000 _____ C:\END 2013-10-16 07:49 - 2013-09-09 11:45 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2013-10-16 07:49 - 2012-04-24 19:33 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2013-10-16 07:49 - 2011-05-18 16:00 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2013-10-16 02:48 - 2013-10-22 17:20 - 30344992 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll 2013-10-16 02:48 - 2013-10-22 17:20 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll 2013-10-16 02:48 - 2013-10-22 17:20 - 22933280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll 2013-10-16 02:48 - 2013-10-22 17:20 - 18290536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll 2013-10-16 02:48 - 2013-10-22 17:20 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll 2013-10-16 02:48 - 2013-10-22 17:20 - 12537632 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys 2013-10-16 02:48 - 2013-10-22 17:20 - 11415232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll 2013-10-16 02:48 - 2013-10-22 17:20 - 11362672 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll 2013-10-16 02:48 - 2013-10-22 17:20 - 09516872 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll 2013-10-16 02:48 - 2013-10-22 17:20 - 09472600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll 2013-10-16 02:48 - 2013-10-22 17:20 - 03131680 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll 2013-10-16 02:48 - 2013-10-22 17:20 - 03124512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll 2013-10-16 02:48 - 2013-10-22 17:20 - 02946848 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll 2013-10-16 02:48 - 2013-10-22 17:20 - 02747168 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll 2013-10-16 02:48 - 2013-10-22 17:20 - 01884448 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433158.dll 2013-10-16 02:48 - 2013-10-22 17:20 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433158.dll 2013-10-16 02:48 - 2013-09-20 15:21 - 15858664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll 2013-10-16 02:48 - 2013-09-20 15:21 - 00023287 _____ C:\Windows\system32\nvinfo.pb 2013-10-16 02:48 - 2013-09-06 20:02 - 15244272 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll 2013-10-16 02:48 - 2013-02-26 00:32 - 18243632 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll 2013-10-16 02:48 - 2013-02-26 00:32 - 03067560 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll 2013-10-16 02:48 - 2013-02-26 00:32 - 02694664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll 2013-10-15 23:47 - 2011-04-07 23:19 - 06665504 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll 2013-10-15 23:47 - 2011-04-07 23:19 - 02559776 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll 2013-10-15 23:47 - 2011-04-07 23:19 - 00922912 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe 2013-10-15 23:47 - 2011-04-07 23:19 - 00219424 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll 2013-10-15 23:47 - 2011-04-07 23:19 - 00063776 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll 2013-10-15 23:47 - 2011-04-07 23:18 - 03489568 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll 2013-10-09 12:38 - 2006-11-02 17:21 - 00280936 _____ C:\Windows\system32\FNTCACHE.DAT 2013-10-09 12:32 - 2010-10-06 11:02 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight 2013-10-09 12:27 - 2009-04-22 16:54 - 00000000 ____D C:\ProgramData\Microsoft Help 2013-10-09 12:23 - 2008-11-14 14:52 - 01662072 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2013-10-09 12:20 - 2013-07-31 13:25 - 00000000 ____D C:\Windows\system32\MRT 2013-10-09 12:17 - 2006-11-02 14:35 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\mrt.exe 2013-10-08 07:50 - 2013-10-16 12:34 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2013-10-08 07:46 - 2013-10-16 12:35 - 00264616 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2013-10-08 07:46 - 2013-10-16 12:34 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2013-10-08 07:46 - 2013-10-16 12:34 - 00174504 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2013-10-05 00:01 - 2010-06-18 17:57 - 00000000 ____D C:\Users\User\AppData\Roaming\TS3Client 2013-10-04 15:27 - 2011-09-14 17:19 - 00000000 ____D C:\Program Files\TeamSpeak 3 Client 2013-10-04 13:35 - 2013-10-04 13:35 - 00000000 ___SD C:\Users\User\Documents\Passwords Database 2013-10-02 07:35 - 2013-10-02 07:35 - 00000127 _____ C:\Windows\wininit.ini 2013-10-02 07:24 - 2013-09-28 14:59 - 00003728 _____ C:\Program Files (x86)\Mozilla Firefoxavg-secure-search.xml 2013-10-02 07:24 - 2013-07-20 15:36 - 00046368 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys 2013-10-02 07:24 - 2013-07-20 15:36 - 00000000 ____D C:\Program Files (x86)\AVG Secure Search 2013-10-02 07:23 - 2009-11-30 21:05 - 00000000 ____D C:\Program Files\Google 2013-10-02 07:23 - 2008-08-06 22:02 - 00000000 ____D C:\Program Files (x86)\Google 2013-10-01 13:47 - 2013-10-01 13:47 - 00001423 _____ C:\Users\User\Desktop\Fixlist.txt 2013-10-01 12:53 - 2009-11-30 21:05 - 00000000 ____D C:\ProgramData\Google 2013-10-01 12:53 - 2008-08-06 22:03 - 00000000 ____D C:\Users\User\AppData\Local\Google 2013-10-01 12:22 - 2012-04-24 22:04 - 00000000 ____D C:\Program Files (x86)\SweetIM 2013-09-28 14:59 - 2013-02-06 14:19 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2013-09-28 08:51 - 2013-09-28 08:51 - 00000000 ____D C:\Windows\system32\IO 2013-09-28 08:48 - 2012-09-16 09:59 - 00000000 ___RD C:\Users\User\Desktop\Programme 2013-09-27 06:42 - 2013-04-23 21:20 - 00003455 _____ C:\Windows\SysWOW64\InstallUtil.InstallLog 2013-09-26 13:34 - 2013-09-26 12:03 - 00000000 ____D C:\Users\User\AppData\Roaming\Windows Net Data 2013-09-26 12:39 - 2013-09-26 12:39 - 00000000 ____D C:\Users\User\AppData\Roaming\Softonic 2013-09-26 12:39 - 2013-09-26 12:39 - 00000000 ____D C:\Program Files (x86)\Softonic 2013-09-26 12:38 - 2013-09-26 12:38 - 00400728 _____ (Softonic ) C:\Users\User\Downloads\SoftonicDownloader_fuer_expat-shield.exe 2013-09-26 12:24 - 2013-08-12 10:52 - 00000000 ____D C:\SoloApp 2013-09-26 12:22 - 2013-09-26 12:22 - 00001842 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_lsntpqko.1xe.pbk 2013-09-26 12:06 - 2013-09-26 12:00 - 00000000 ____D C:\Users\User\AppData\Local\DownloadGuide 2013-09-26 12:04 - 2013-09-26 12:04 - 00001288 _____ C:\Windows\Tasks\Plus-HD-3.8-updater.job 2013-09-26 12:04 - 2013-09-26 12:04 - 00001194 _____ C:\Windows\Tasks\Plus-HD-3.8-codedownloader.job 2013-09-26 12:04 - 2013-09-26 12:04 - 00001092 _____ C:\Windows\Tasks\Plus-HD-3.8-enabler.job 2013-09-26 12:04 - 2013-09-26 12:03 - 00000000 ____D C:\Program Files (x86)\Plus-HD-3.8 2013-09-26 12:03 - 2013-09-26 12:03 - 00001902 _____ C:\Windows\Tasks\Plus-HD-3.8-chromeinstaller.job 2013-09-26 12:03 - 2013-09-26 12:03 - 00001826 _____ C:\Windows\Tasks\Plus-HD-3.8-firefoxinstaller.job 2013-09-26 12:03 - 2013-09-26 12:03 - 00000000 ____D C:\Program Files (x86)\foxydeal 2013-09-26 12:03 - 2008-08-05 14:55 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2013-09-26 12:02 - 2013-09-26 12:02 - 00000000 ____D C:\Users\User\AppData\Roaming\SimplyTech 2013-09-26 12:02 - 2013-09-26 12:02 - 00000000 ____D C:\Users\User\AppData\Roaming\HomeTab 2013-09-26 12:02 - 2013-08-12 10:08 - 00000000 ____D C:\Program Files (x86)\HomeTab 2013-09-26 12:00 - 2013-09-26 12:00 - 00478528 _____ C:\Users\User\Downloads\ifreevpn-Downloader.exe 2013-09-26 11:56 - 2013-09-26 11:56 - 00001877 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_vzainmdm.p3e.pbk 2013-09-26 11:56 - 2013-09-26 11:56 - 00001877 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_v5jnzrhf.itx.pbk 2013-09-26 11:56 - 2013-09-26 11:56 - 00001877 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_phptnij0.gqi.pbk 2013-09-26 10:44 - 2013-03-12 13:10 - 00000000 ____D C:\Users\User\Documents\FIFA 13 2013-09-26 09:38 - 2013-09-26 09:38 - 00001842 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_qgd2lfzc.4cf.pbk 2013-09-25 09:30 - 2013-09-25 09:29 - 00001841 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_hlvw0cfy.5hv.pbk 2013-09-25 09:26 - 2013-09-25 09:25 - 00001842 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_eqklbxhr.dqz.pbk 2013-09-25 09:20 - 2013-09-25 09:20 - 00001843 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_3v20slrp.jmw.pbk 2013-09-25 09:17 - 2013-09-25 09:17 - 00001842 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN_jfwazffk.z4r.pbk 2013-09-25 09:14 - 2013-09-25 09:14 - 00001842 _____ C:\Users\User\AppData\Roaming\VPNMasterFreeVPN.pbk 2013-09-25 09:12 - 2013-09-25 09:12 - 00000000 ____D C:\Users\User\AppData\Roaming\Opera 2013-09-25 09:11 - 2013-09-25 09:11 - 00613216 _____ C:\Users\User\Downloads\free-vpn Installer.exe 2013-09-25 09:11 - 2013-09-25 09:11 - 00000000 ____D C:\Users\User\AppData\Roaming\OCS 2013-09-25 09:11 - 2013-09-25 09:11 - 00000000 ____D C:\Users\User\AppData\Roaming\DesktopIconForAmazon 2013-09-25 09:11 - 2013-09-25 09:11 - 00000000 ____D C:\ProgramData\DNSErrorHelper 2013-09-25 09:11 - 2008-08-05 15:28 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2013-09-24 08:59 - 2013-04-21 09:55 - 00000296 _____ C:\Windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2622127104-3349807106-840860686-1000.job 2013-09-24 08:30 - 2013-09-24 08:30 - 00000000 ____D C:\Users\User\AppData\Roaming\RealNetworks 2013-09-24 08:29 - 2013-09-24 08:29 - 00000000 ____D C:\ProgramData\RealNetworks 2013-09-24 08:29 - 2013-09-24 08:29 - 00000000 ____D C:\Program Files (x86)\RealNetworks 2013-09-24 08:28 - 2013-04-21 09:54 - 00201872 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\rmoc3260.dll 2013-09-24 08:28 - 2010-06-11 17:53 - 00000000 ____D C:\ProgramData\Real 2013-09-24 08:28 - 2010-06-11 17:53 - 00000000 ____D C:\Program Files (x86)\Real 2013-09-24 08:27 - 2013-04-21 09:54 - 00272896 _____ (Progressive Networks) C:\Windows\SysWOW64\pncrt.dll 2013-09-24 08:27 - 2013-04-21 09:54 - 00006656 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5016.dll 2013-09-24 08:27 - 2013-04-21 09:54 - 00005632 _____ (RealNetworks, Inc.) C:\Windows\SysWOW64\pndx5032.dll 2013-09-24 08:26 - 2013-04-21 09:54 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll 2013-09-24 08:26 - 2013-04-21 09:54 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll 2013-09-23 16:34 - 2009-09-15 18:53 - 00000000 ____D C:\Users\User\AppData\Roaming\BitTorrent Files to move or delete: ==================== C:\Users\Public\AlexaNSISPlugin.4596.dll C:\Users\User\AdbeRdr90_de_DE.exe C:\Users\User\antivir_workstation_winu_de_h.exe C:\Users\User\ashampoo_winoptimizer505_sm.exe C:\Users\User\d3dx9_30.dll C:\Users\User\dotnetfx.exe C:\Users\User\dotnetfx2.exe C:\Users\User\Firefox Setup 3.0.1.exe C:\Users\User\GameSpyInstaller263002REG.EXE C:\Users\User\googleearthwin.exe C:\Users\User\IE8-WindowsVista-x86-DEU.exe C:\Users\User\SkypeSetup.exe C:\Users\User\ts2_client_rc2_2032.exe C:\Users\User\Windows6.0-KB936330-X86-wave0.exe C:\Windows\Tasks\{03BA6005-F911-4FEC-9178-9913456B6B8C}.job C:\Windows\Tasks\{25949BD3-CB5B-4423-A287-FAD1A14D3031}.job C:\Windows\Tasks\{7C356296-2E00-4D66-A725-228473CE8776}.job C:\Windows\Tasks\{86CED08D-A7AA-4BAE-A649-FF86FF6AB7BD}.job C:\Windows\Tasks\{A8B90A61-A301-4DEE-A4C4-14469632EB60}.job C:\Windows\Tasks\{D8F637E3-D0D9-43B5-871F-FCAEE0775CAD}.job C:\Windows\Tasks\{DD7517F0-DB25-475B-82EE-99F36813E40C}.job Some content of TEMP: ==================== C:\Users\User\AppData\Local\Temp\ABP_InstallChecker.exe C:\Users\User\AppData\Local\Temp\ABP_TB0001.exe C:\Users\User\AppData\Local\Temp\instloffer.exe C:\Users\User\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe C:\Users\User\AppData\Local\Temp\Offer100.exe C:\Users\User\AppData\Local\Temp\rootsupd.exe C:\Users\User\AppData\Local\Temp\_is60A9.exe C:\Users\User_2\AppData\Local\Temp\80615-82786-flv-media-player.exe C:\Users\User_2\AppData\Local\Temp\apptorun.exe C:\Users\User_2\AppData\Local\Temp\AskSLib.dll C:\Users\User_2\AppData\Local\Temp\Gw2.exe C:\Users\User_2\AppData\Local\Temp\instloffer.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => MD5 is legit C:\Windows\System32\wininit.exe => MD5 is legit C:\Windows\SysWOW64\wininit.exe => MD5 is legit C:\Windows\explorer.exe => MD5 is legit C:\Windows\SysWOW64\explorer.exe => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\SysWOW64\svchost.exe => MD5 is legit C:\Windows\System32\services.exe => MD5 is legit C:\Windows\System32\User32.dll => MD5 is legit C:\Windows\SysWOW64\User32.dll => MD5 is legit C:\Windows\System32\userinit.exe => MD5 is legit C:\Windows\SysWOW64\userinit.exe => MD5 is legit C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit LastRegBack: 2013-10-23 10:53 ==================== End Of Log ============================ |
hi,  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Scan mit Combofix
|
bekomme die combofix.txt hier nicht rein. ComboFix 13-10-24.01 - User 25.10.2013 7:22.1.4 - x64 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.49.1031.18.8144.6005 [GMT 2:00] ausgeführt von:: c:\users\User\Downloads\ComboFix.exe AV: Kaspersky PURE 3.0 *Disabled/Updated* {C3113FBF-4BCB-4461-D78D-6EDFEC9593E5} FW: Kaspersky PURE 3.0 *Disabled* {FB2ABE9A-01A4-4539-FCD2-C7EA1246D49E} SP: Kaspersky PURE 3.0 *Disabled/Updated* {7870DE5B-6DF1-4BEF-ED3D-55AD9712D958} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . (((((((((((((((((((((((((((((((((((( Weitere Löschungen )))))))))))))))))))))))))))))))))))))))))))))))) . . C:\END C:\Install.exe c:\program files (x86)\Complitly c:\program files (x86)\Complitly\chrome\ComplitlyChrome.crx c:\program files (x86)\Complitly\FireFoxExtensionWithFF8Fix.exe c:\program files (x86)\Complitly\FireFoxUninstaller.exe c:\program files (x86)\Complitly\InstTracker.exe c:\program files (x86)\Complitly\support@Complitly.com\chrome.manifest c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\appIcon.png c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\browserOverlay.xul c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\options.js c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\options.xul c:\program files (x86)\Complitly\support@Complitly.com\chrome\content\utils.js c:\program files (x86)\Complitly\support@Complitly.com\defaults\preferences\predictad.js c:\program files (x86)\Complitly\support@Complitly.com\install.rdf c:\program files (x86)\Complitly\System.Data.SQLite.dll c:\program files (x86)\Complitly\unins000.dat c:\program files (x86)\Complitly\unins000.exe c:\program files (x86)\CoolLyrics c:\program files (x86)\CoolLyrics\CoolLyricsUpdater.exe c:\program files (x86)\CoolLyrics\FF\chrome.manifest c:\program files (x86)\CoolLyrics\FF\chrome\content\icon.png c:\program files (x86)\CoolLyrics\FF\chrome\content\main.js c:\program files (x86)\CoolLyrics\FF\chrome\content\overlay.xul c:\program files (x86)\CoolLyrics\FF\install.rdf c:\program files (x86)\CoolLyrics\Uninstall.exe c:\program files (x86)\DealPly c:\program files (x86)\DealPly\DealPly.crx c:\program files (x86)\DealPly\DealPly.xpi c:\program files (x86)\DealPly\DealPlyIE.dll c:\program files (x86)\DealPly\DealPlyIE64.dll c:\program files (x86)\DealPly\DealPlyUpdate.exe c:\program files (x86)\DealPly\DealPlyUpdateRun.exe c:\program files (x86)\DealPly\DealPlyUpdateVer.exe c:\program files (x86)\DealPly\icon.ico c:\program files (x86)\DealPly\uninst.exe c:\program files (x86)\LyricsFinder c:\program files (x86)\LyricsFinder\FF\chrome.manifest c:\program files (x86)\LyricsFinder\FF\chrome\content\icon.png c:\program files (x86)\LyricsFinder\FF\chrome\content\main.js c:\program files (x86)\LyricsFinder\FF\chrome\content\overlay.xul c:\program files (x86)\LyricsFinder\FF\install.rdf c:\program files (x86)\LyricsFinder\lfind.dll c:\program files (x86)\LyricsFinder\LyricsFinderUpdater.exe c:\program files (x86)\LyricsFinder\Uninstall.exe c:\program files (x86)\Mozilla Firefox\components\AskHPRFF.js c:\program files (x86)\PriceGong c:\program files (x86)\PriceGong\2.6.7\PriceGong.crx c:\program files (x86)\PriceGong\2.6.7\PriceGongIE.dll c:\program files (x86)\PriceGong\uninst.exe c:\program files (x86)\PricePeep c:\program files (x86)\PricePeep\installer.ico c:\program files (x86)\PricePeep\pricepeep.dll c:\program files (x86)\PricePeep\uninstall.exe c:\program files (x86)\PricePeep\unutil.exe c:\program files (x86)\SingAlong c:\program files (x86)\SingAlong\chrome.crx c:\program files (x86)\SingAlong\chrome.manifest c:\program files (x86)\SingAlong\FF\chrome.manifest c:\program files (x86)\SingAlong\FF\chrome\content\icon.png c:\program files (x86)\SingAlong\FF\chrome\content\main.js c:\program files (x86)\SingAlong\FF\chrome\content\overlay.xul c:\program files (x86)\SingAlong\FF\install.rdf c:\program files (x86)\SingAlong\singalng.dll c:\program files (x86)\SingAlong\SingalngUpdater.exe c:\program files (x86)\SingAlong\Uninstall.exe c:\program files (x86)\SoftwareUpdater\KeyGen.dll c:\program files (x86)\TelevisionFanaticEI c:\program files (x86)\TelevisionFanaticEI\Installr\1.bin\64EIPlug.dll c:\program files (x86)\TelevisionFanaticEI\Installr\1.bin\64EZSETP.dll c:\program files (x86)\webmediaplayer c:\program files (x86)\webmediaplayer\resources\wmp_translation_file.xml c:\program files (x86)\webmediaplayer\skins\classic.skn c:\program files (x86)\webmediaplayer\sqlite3.dll c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Datenschutzrichtlinien.url c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Deinstallieren.lnk c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Geschäftsbedingungen.url c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\WebMediaPlayer.lnk c:\programdata\Microsoft\Windows\Start Menu\Programs\WebMediaPlayer\Website.url c:\users\User\antivir_workstation_winu_de_h.exe c:\users\User\AppData\Local\assembly\tmp c:\users\User\AppData\Local\ext_piccshare_uninst.exe c:\users\User\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data c:\users\User\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences c:\users\User\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_fglhnbihmeinbfgalpnaiembmdhfijli_0 c:\users\User\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_fglhnbihmeinbfgalpnaiembmdhfijli_0\5 c:\users\User\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_fglhnbihmeinbfgalpnaiembmdhfijli_0\6 c:\users\User\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_hhlmghjmomaoodfgjeikphfdljhpcpkl_0 c:\users\User\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_hhlmghjmomaoodfgjeikphfdljhpcpkl_0\7 c:\users\User\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_hhlmghjmomaoodfgjeikphfdljhpcpkl_0\8 c:\users\User\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_omfoidjpeklpjhlhabhcomekbkclkbec_0 c:\users\User\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_omfoidjpeklpjhlhabhcomekbkclkbec_0\10 c:\users\User\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_omfoidjpeklpjhlhabhcomekbkclkbec_0\9 c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0\background.html c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0\crossriderManifest.json c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0\icons\actions\1.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0\icons\icon128.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0\icons\icon16.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0\icons\icon48.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0\js\api\chrome.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0\js\api\cookie.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0\js\api\message.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0\js\app\background.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0\js\app\extension.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0\js\background.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0\manifest.json c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fglhnbihmeinbfgalpnaiembmdhfijli\1.23.23_0\popup.html c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\background.html c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\crossriderManifest.json c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\icons\actions\1.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\icons\icon128.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\icons\icon16.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\icons\icon48.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\api\chrome.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\api\cookie.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\api\message.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\app\background.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\app\extension.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\background.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\app_api.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\async_api.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\bg_app_api.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\cookie_store.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\crossriderAPI.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\data_store.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\delegate.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\events.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\installer.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\logging.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\onBGDocumentLoad.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\popupResource\newPopup.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\popupResource\popup.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\reports.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\util.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\js\lib\xhr.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\manifest.json c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhlmghjmomaoodfgjeikphfdljhpcpkl\1.23.33_0\popup.html c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\background.html c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\crossriderManifest.json c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\manifest.xml c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins.json c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\1_base.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\101_cortica_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\102_dealply_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\103_intext_5_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\104_jollywallet_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\105_corticas_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\107_coupish_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\108_icm_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\116_ads_only_5_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\117_coupons_intext_ads_5_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\119_similar_web_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\120_luck_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\123_intext_adv_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\124_superfish_no_search_no_coupons_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\125_arcadi2_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\126_revizer_ws_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\127_revizer_p_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\128_superfish_pricora_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\129_widdit_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\13_CrossriderAppUtils.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\135_arcadi3_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\138_getdeal_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\14_CrossriderUtils.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\141_corticas_ru_m.js.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\142_intext_fa_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\155_ibario_pops_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\17_jQuery.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\19_CHAppAPIWrapper.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\21_debug.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\22_resources.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\28_initializer.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\4_jquery_1_7_1.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\47_resources_background.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\64_appApiMessage.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\72_appApiValidation.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\78_CrossriderInfo.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\80_CHPopupAppAPI.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\87_ginyas_wrapper.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\91_monetizationLoader.js.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\92_superfish_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\93_superfish_no_coupons_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\plugins\97_resourceApiWrapper.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\userCode\background.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\extensionData\userCode\extension.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\icons\actions\1.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\icons\icon128.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\icons\icon16.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\icons\icon48.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\api\chrome.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\api\cookie.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\api\message.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\api\pageAction.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\api\pageActionBG.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\background.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\app_api.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\bg_app_api.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\consts.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\cookie_store.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\crossriderAPI.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\delegate.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\events.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\extensionDataStore.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\installer.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\logFile.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\logging.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\onBGDocumentLoad.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\popupResource\newPopup.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\popupResource\popup.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\reports.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\storageWrapper.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\updateManager.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\util.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\lib\xhr.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\js\main.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\manifest.json c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ofjgnhihlklpobkaloamkankaaoclfjh\1.23.19_0\popup.html c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\background.html c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\crossriderManifest.json c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\manifest.xml c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins.json c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\1_base.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\101_cortica_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\102_dealply_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\103_intext_5_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\104_jollywallet_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\105_corticas_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\107_coupish_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\108_icm_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\116_ads_only_5_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\117_coupons_intext_ads_5_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\119_similar_web_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\120_luck_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\123_intext_adv_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\124_superfish_no_search_no_coupons_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\125_arcadi2_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\126_revizer_ws_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\127_revizer_p_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\128_superfish_pricora_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\129_widdit_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\13_CrossriderAppUtils.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\132_arcadi_coupons_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\133_arcadi_intext_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\134_arcadi_serp_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\135_arcadi3_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\138_getdeal_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\14_CrossriderUtils.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\141_corticas_ru_m.js.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\142_intext_fa_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\17_jQuery.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\19_CHAppAPIWrapper.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\21_debug.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\22_resources.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\28_initializer.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\4_jquery_1_7_1.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\47_resources_background.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\64_appApiMessage.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\72_appApiValidation.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\78_CrossriderInfo.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\80_CHPopupAppAPI.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\87_ginyas_wrapper.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\91_monetizationLoader.js.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\92_superfish_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\93_superfish_no_coupons_m.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\plugins\97_resourceApiWrapper.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\userCode\background.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\extensionData\userCode\extension.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\icons\actions\1.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\icons\icon128.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\icons\icon16.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\icons\icon48.png c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\api\chrome.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\api\cookie.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\api\message.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\api\pageAction.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\api\pageActionBG.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\background.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\app_api.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\bg_app_api.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\consts.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\cookie_store.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\crossriderAPI.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\delegate.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\events.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\extensionDataStore.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\installer.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\logFile.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\logging.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\onBGDocumentLoad.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\popupResource\newPopup.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\popupResource\popup.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\reports.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\storageWrapper.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\updateManager.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\util.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\lib\xhr.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\js\main.js c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\manifest.json c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\omfoidjpeklpjhlhabhcomekbkclkbec\1.23.38_0\popup.html c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omfoidjpeklpjhlhabhcomekbkclkbec c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omfoidjpeklpjhlhabhcomekbkclkbec\000112.sst c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omfoidjpeklpjhlhabhcomekbkclkbec\000118.sst c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omfoidjpeklpjhlhabhcomekbkclkbec\000119.log c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omfoidjpeklpjhlhabhcomekbkclkbec\CURRENT c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omfoidjpeklpjhlhabhcomekbkclkbec\LOCK c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omfoidjpeklpjhlhabhcomekbkclkbec\LOG c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omfoidjpeklpjhlhabhcomekbkclkbec\LOG.old c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\omfoidjpeklpjhlhabhcomekbkclkbec\MANIFEST-000117 c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fglhnbihmeinbfgalpnaiembmdhfijli_0.localstorage-journal c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fglhnbihmeinbfgalpnaiembmdhfijli_0.localstorage c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hhlmghjmomaoodfgjeikphfdljhpcpkl_0.localstorage-journal c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hhlmghjmomaoodfgjeikphfdljhpcpkl_0.localstorage c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_omfoidjpeklpjhlhabhcomekbkclkbec_0.localstorage-journal c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_omfoidjpeklpjhlhabhcomekbkclkbec_0.localstorage c:\users\User\AppData\Local\Google\Chrome\User Data\Default\Preferences c:\users\User\AppData\Local\lollipop c:\users\User\AppData\Local\omesuperv.exe c:\users\User\AppData\Local\soyys.dat c:\users\User\AppData\Local\soyys_nav.dat c:\users\User\AppData\Local\soyys_navps.dat c:\users\User\AppData\Local\timzfm.dat c:\users\User\AppData\Local\timzfm_nav.dat c:\users\User\AppData\Local\timzfm_navps.dat c:\users\User\AppData\Roaming\.# c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome.manifest c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\asyncDB.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\background.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\browserAction.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\contextMenu.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\dbManager.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\dom_bg.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\fileManager.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\firefox.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\firefoxNotifications.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\firefoxOmnibox.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\message.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\pageAction.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\request.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\tabs.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\webRequest.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\background.html c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\baseObject.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\browser.xul c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\console.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\consts.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\delegate.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\extensionDataStore.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\folderIOWrapper.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\httpObserver.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\IDBWrapper.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\installer.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\logFile.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\prefs.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\progressListenerObserver.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\registry.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\reloadObserver.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\reports.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\requestObject.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\searchSettings.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\uninstallObserver.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\updateManager.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\utils.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\xhr.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\dialog.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\main.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\options.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\options.xul c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\search_dialog.xul c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\defaults\preferences\prefs.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\manifest.xml c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins.json c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\1_base.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\101_cortica_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\102_dealply_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\103_intext_5_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\104_jollywallet_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\105_corticas_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\107_coupish_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\108_icm_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\116_ads_only_5_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\117_coupons_intext_ads_5_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\119_similar_web_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\120_luck_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\123_intext_adv_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\124_superfish_no_search_no_coupons_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\125_arcadi2_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\126_revizer_ws_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\127_revizer_p_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\128_superfish_pricora_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\129_widdit_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\13_CrossriderAppUtils.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\135_arcadi3_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\138_getdeal_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\14_CrossriderUtils.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\141_corticas_ru_m.js.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\142_intext_fa_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\155_ibario_pops_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\158_50onred_ads_only_no_fb_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\159_cortica_rollover_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\16_FFAppAPIWrapper.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\17_jQuery.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\170_icm1_5_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\171_arcadi2_sourceID_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\175_coolmirage_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\21_debug.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\22_resources.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\28_initializer.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\4_jquery_1_7_1.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\47_resources_background.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\64_appApiMessage.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\7_hooks.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\72_appApiValidation.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\78_CrossriderInfo.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\87_ginyas_wrapper.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\9_search_engine_hook.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\91_monetizationLoader.js.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\92_superfish_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\93_superfish_no_coupons_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\98_omniCommands.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\userCode\background.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\userCode\extension.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\install.rdf c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\locale\en-US\translations.dtd c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\button1.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\button2.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\button3.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\button4.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\button5.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\crossrider_statusbar.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\icon128.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\icon16.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\icon24.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\icon48.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\panelarrow-up.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\popup.html c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\skin.css c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\update.css c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome.manifest c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\asyncDB.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\background.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\browserAction.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\contextMenu.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\dbManager.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\dom_bg.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\fileManager.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\firefox.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\firefoxNotifications.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\firefoxOmnibox.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\message.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\pageAction.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\request.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\tabs.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\api\webRequest.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\background.html c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\baseObject.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\browser.xul c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\console.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\consts.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\delegate.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\extensionDataStore.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\folderIOWrapper.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\httpObserver.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\IDBWrapper.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\installer.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\logFile.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\prefs.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\progressListenerObserver.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\registry.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\reloadObserver.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\reports.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\requestObject.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\searchSettings.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\uninstallObserver.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\updateManager.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\utils.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\core\xhr.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\dialog.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\main.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\options.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\options.xul c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\chrome\content\search_dialog.xul c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\defaults\preferences\prefs.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\manifest.xml c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins.json c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\1_base.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\101_cortica_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\102_dealply_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\103_intext_5_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\104_jollywallet_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\105_corticas_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\107_coupish_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\108_icm_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\116_ads_only_5_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\117_coupons_intext_ads_5_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\119_similar_web_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\120_luck_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\123_intext_adv_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\124_superfish_no_search_no_coupons_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\125_arcadi2_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\126_revizer_ws_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\127_revizer_p_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\128_superfish_pricora_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\129_widdit_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\13_CrossriderAppUtils.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\135_arcadi3_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\138_getdeal_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\14_CrossriderUtils.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\141_corticas_ru_m.js.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\142_intext_fa_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\155_ibario_pops_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\158_50onred_ads_only_no_fb_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\159_cortica_rollover_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\16_FFAppAPIWrapper.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\17_jQuery.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\170_icm1_5_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\171_arcadi2_sourceID_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\174_arcadi_serp_dynamic_id_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\175_coolmirage_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\21_debug.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\22_resources.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\28_initializer.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\4_jquery_1_7_1.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\47_resources_background.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\64_appApiMessage.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\7_hooks.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\72_appApiValidation.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\78_CrossriderInfo.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\87_ginyas_wrapper.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\9_search_engine_hook.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\91_monetizationLoader.js.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\92_superfish_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\93_superfish_no_coupons_m.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\plugins\98_omniCommands.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\userCode\background.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\extensionData\userCode\extension.js c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\install.rdf c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\locale\en-US\translations.dtd c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\button1.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\button2.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\button3.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\button4.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\button5.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\crossrider_statusbar.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\icon128.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\icon16.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\icon24.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\icon48.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\panelarrow-up.png c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\popup.html c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\skin.css c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\Solo_847545\Extensions\c17236e8-fd66-44bc-aeef-1e00981cbb64@0a4ee0fe-5356-4fd3-b37c-5cd5671a315c.com\skin\update.css c:\users\User\ts2_client_rc2_2032.exe c:\users\User_2\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data c:\users\User_2\AppData\Local\Google\Chrome\User Data\Default\bProtectorPreferences c:\windows\SysWow64\ccrpTmr6.dll c:\windows\SysWow64\System32\MASetupCleaner.exe c:\windows\SysWow64\System32\muzapp.exe c:\windows\SysWow64\tmp222.tmp c:\windows\SysWow64\tmp252.tmp c:\windows\SysWow64\tmp93F5.tmp c:\windows\SysWow64\tmp9425.tmp c:\windows\wininit.ini . |
. ((((((((((((((((((((((((((((((((((((((( Treiber/Dienste ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Service_SrvUpdater . . ((((((((((((((((((((((( Dateien erstellt von 2013-09-25 bis 2013-10-25 )))))))))))))))))))))))))))))) . . 2013-10-25 05:32 . 2013-10-25 05:35 -------- d-----w- c:\users\User\AppData\Local\temp 2013-10-25 05:32 . 2013-10-25 05:32 -------- d-----w- c:\users\User_2\AppData\Local\temp 2013-10-25 05:32 . 2013-10-25 05:32 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp 2013-10-24 06:52 . 2013-10-24 06:52 -------- d-----w- c:\program files (x86)\7-Zip 2013-10-23 14:04 . 2013-10-23 14:04 -------- d-----w- C:\FRST 2013-10-16 10:35 . 2013-10-16 10:35 -------- d-----w- c:\programdata\Oracle 2013-10-16 10:35 . 2013-10-16 10:35 -------- d-----w- c:\program files (x86)\Common Files\Java 2013-10-16 10:34 . 2013-10-08 05:50 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2013-10-09 06:08 . 2013-08-29 07:48 2775552 ----a-w- c:\windows\system32\win32k.sys 2013-10-05 13:07 . 2012-04-24 19:35 693648 ----a-w- c:\program files (x86)\64Uninstall TelevisionFanatic.dll 2013-10-05 13:07 . 2012-04-24 19:35 174024 ----a-w- c:\program files (x86)\64res.dll 2013-09-28 06:51 . 2013-09-28 06:51 -------- d-----w- c:\windows\system32\IO 2013-09-26 10:39 . 2013-09-26 10:39 -------- d-----w- c:\program files (x86)\Softonic 2013-09-26 10:39 . 2013-09-26 10:39 -------- d-----w- c:\users\User\AppData\Roaming\Softonic 2013-09-26 10:04 . 2009-11-20 13:26 31232 ----a-w- c:\windows\system32\drivers\tap0901.sys 2013-09-26 10:03 . 2013-09-26 10:04 -------- d-----w- c:\program files (x86)\Plus-HD-3.8 2013-09-26 10:03 . 2013-09-26 11:34 -------- d-----w- c:\users\User\AppData\Roaming\Windows Net Data 2013-09-26 10:03 . 2013-09-26 10:03 -------- d-----w- c:\program files (x86)\foxydeal 2013-09-26 10:02 . 2013-09-26 10:02 -------- d-----w- c:\users\User\AppData\Roaming\SimplyTech 2013-09-26 10:02 . 2013-09-26 10:02 -------- d-----w- c:\users\User\AppData\Roaming\HomeTab 2013-09-26 10:00 . 2013-09-26 10:06 -------- d-----w- c:\users\User\AppData\Local\DownloadGuide 2013-09-25 07:11 . 2013-09-25 07:11 -------- d-----w- c:\programdata\DNSErrorHelper 2013-09-25 07:11 . 2011-05-13 12:16 493056 ----a-w- c:\windows\SysWow64\dhRichClient3.dll 2013-09-25 07:11 . 2011-03-25 20:42 338432 ----a-w- c:\windows\SysWow64\sqlite36_engine.dll 2013-09-25 07:11 . 2013-09-25 07:11 -------- d-----w- c:\users\User\AppData\Roaming\DesktopIconForAmazon 2013-09-25 07:11 . 2013-09-25 07:11 -------- d-----w- c:\users\User\AppData\Roaming\OCS . . . (((((((((((((((((((((((((((((((((((( Find3M Bericht )))))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-10-17 04:51 . 2013-03-16 22:08 90208 ----a-w- c:\windows\system32\drivers\klflt.sys 2013-10-17 04:51 . 2013-03-16 22:08 626272 ----a-w- c:\windows\system32\drivers\klif.sys 2013-10-17 04:51 . 2012-09-03 17:23 29280 ----a-w- c:\windows\system32\drivers\klmouflt.sys 2013-10-17 04:51 . 2012-09-03 16:57 29280 ----a-w- c:\windows\system32\drivers\klkbdflt.sys 2013-10-17 04:51 . 2012-06-19 16:28 7717984 ----a-w- c:\windows\system32\drivers\kl1.sys 2013-10-16 05:49 . 2012-04-24 17:33 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2013-10-16 05:49 . 2011-05-18 14:00 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-10-16 00:48 . 2013-09-20 13:21 15858664 ----a-w- c:\windows\SysWow64\nvwgf2um.dll 2013-10-16 00:48 . 2013-09-06 18:02 15244272 ----a-w- c:\windows\SysWow64\nvd3dum.dll 2013-10-16 00:48 . 2013-02-25 22:32 2694664 ----a-w- c:\windows\SysWow64\nvapi.dll 2013-10-16 00:48 . 2013-02-25 22:32 3067560 ----a-w- c:\windows\system32\nvapi64.dll 2013-10-16 00:48 . 2013-02-25 22:32 18243632 ----a-w- c:\windows\system32\nvd3dumx.dll 2013-10-15 21:47 . 2011-04-07 21:19 6665504 ----a-w- c:\windows\system32\nvcpl.dll 2013-10-15 21:47 . 2011-04-07 21:18 3489568 ----a-w- c:\windows\system32\nvsvc64.dll 2013-10-15 21:47 . 2011-04-07 21:19 922912 ----a-w- c:\windows\system32\nvvsvc.exe 2013-10-15 21:47 . 2011-04-07 21:19 63776 ----a-w- c:\windows\system32\nvshext.dll 2013-10-15 21:47 . 2011-04-07 21:19 2559776 ----a-w- c:\windows\system32\nvsvcr.dll 2013-10-15 21:47 . 2011-04-07 21:19 219424 ----a-w- c:\windows\system32\nvmctray.dll 2013-10-14 07:12 . 2013-10-23 06:12 10280728 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9394697B-16BD-4D15-8CEF-6AAD81673A4D}\mpengine.dll 2013-10-09 10:17 . 2006-11-02 12:35 80541720 ----a-w- c:\windows\system32\mrt.exe 2013-10-02 05:24 . 2013-07-20 13:36 46368 ----a-w- c:\windows\system32\drivers\avgtpx64.sys 2013-09-24 06:26 . 2013-04-21 07:54 499712 ----a-w- c:\windows\SysWow64\msvcp71.dll 2013-09-24 06:26 . 2013-04-21 07:54 348160 ----a-w- c:\windows\SysWow64\msvcr71.dll 2013-09-18 20:08 . 2013-09-18 20:08 94208 ----a-w- c:\windows\SysWow64\dpl100.dll 2013-09-12 08:58 . 2013-09-20 13:21 1884448 ----a-w- c:\windows\system32\nvdispco6432723.dll 2013-09-12 08:58 . 2013-09-20 13:21 1511712 ----a-w- c:\windows\system32\nvdispgenco6432723.dll 2013-09-03 14:54 . 2013-09-03 14:47 76888 ----a-w- c:\windows\SysWow64\PnkBstrA.exe 2013-09-03 14:54 . 2013-09-03 14:50 282104 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr 2013-09-03 14:54 . 2013-09-03 14:48 282104 ----a-w- c:\windows\SysWow64\PnkBstrB.exe 2013-09-03 12:35 . 2009-10-03 10:48 278800 ------w- c:\windows\system32\MpSigStub.exe 2013-08-26 09:13 . 2013-08-26 09:13 354656 ----a-w- c:\windows\SysWow64\DivXControlPanelApplet.cpl 2013-08-19 10:10 . 2009-02-15 17:23 419840 ----a-w- c:\windows\system32\wrap_oal.dll 2013-08-19 10:10 . 2009-02-15 17:23 413696 ----a-w- c:\windows\SysWow64\wrap_oal.dll 2013-08-19 10:10 . 2009-02-15 17:23 133632 ----a-w- c:\windows\system32\OpenAL32.dll 2013-08-19 10:10 . 2009-02-15 17:23 110592 ----a-w- c:\windows\SysWow64\OpenAL32.dll 2013-08-18 21:02 . 2013-09-06 18:02 1511712 ----a-w- c:\windows\system32\nvdispgenco6432680.dll 2013-08-18 21:02 . 2013-09-06 18:02 1884448 ----a-w- c:\windows\system32\nvdispco6432680.dll 2013-08-13 06:38 . 2013-08-12 08:08 32328 ----a-w- c:\windows\Launcher.exe 2013-08-02 14:06 . 2013-08-28 12:39 1706496 ----a-w- c:\windows\system32\WMVDECOD.DLL 2013-08-02 04:09 . 2013-08-28 12:39 1548288 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL 2013-07-27 13:02 . 2013-07-27 12:36 111616 ----a-w- c:\windows\SysWow64\ActualEarth.scr . . (((((((((((((((((((((((((((( Autostartpunkte der Registrierung )))))))))))))))))))))))))))))))))))))))) . . *Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110311121157}] 2013-07-08 07:00 752488 ----a-w- c:\program files (x86)\Plus-HD-1.3\Plus-HD-1.3-bho.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110311151154}] 2013-07-06 05:31 750952 ----a-w- c:\program files (x86)\Feven\Feven-bho.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110311251140}] 2013-05-19 15:15 743272 ----a-w- c:\program files (x86)\Plus-HD-1.8\Plus-HD-1.8-bho.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110311341126}] 2013-07-22 10:29 752488 ----a-w- c:\program files (x86)\Plus-HD-2.3\Plus-HD-2.3-bho.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{11111111-1111-1111-1111-110311901130}] 2013-09-26 10:04 752488 ----a-w- c:\program files (x86)\Plus-HD-3.8\Plus-HD-3.8-bho.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{18DBB6CE-3148-4FEC-B481-103CB3290427}] 2013-05-30 08:47 382272 ----a-w- c:\program files (x86)\Speed Analysis 2\ScriptHost.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}] 2009-11-08 08:55 297808 ----a-w- c:\windows\System32\mscoree.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{4D6A9BBF-402C-4301-B1EF-28D04F71D761}] 2013-04-26 02:57 307608 ----a-w- c:\program files (x86)\mixidj\mixidj\1.8.18.8\bh\mixidj.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{54E67346-EE5A-45B6-82AA-4F0BB28C79C2}] 2013-08-02 01:46 769320 ----a-w- c:\program files (x86)\iRobinHood\iRobinHood Addon\iRobinHood.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{553318DA-D010-469E-84B1-496563CAE1C0}] 2013-07-21 13:24 119160 ----a-w- c:\users\User\AppData\Local\ext_piccshare\ext_piccshare.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{627af46b-2076-42ae-a2fd-8428734d3e74}] 2010-02-10 16:36 86016 ----a-w- c:\program files (x86)\simppulltoolbar\simppulldx.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{9B6B03F1-16CF-4491-BBBB-E872802DD717}] 2013-09-25 07:11 138752 ----a-w- c:\programdata\DNSErrorHelper\bho.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{9fdfb66c-713b-4201-83a6-5b78ae227b41}] 2013-08-01 06:48 1071176 ----a-w- c:\users\User_2\AppData\Roaming\HomeTab\HomeTab.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}] 2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\MyAshampoo\prxtbMyA2.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{a25e7121-3dd8-41b3-855b-756c5bc45449}] 2013-08-15 02:23 1072200 ----a-w- c:\users\User\AppData\Roaming\HomeTab\HomeTab.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{A9337080-7CBF-4E3E-80C1-3867BEDD88E0}] 2013-07-01 13:58 382272 ----a-w- c:\program files (x86)\Zula Games\ScriptHost.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{b106b661-3e1b-4015-af5c-195e909f35c6}] 2011-05-09 09:49 176936 ----a-w- c:\program files (x86)\NCH_DE\prxtbNCH_.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}] 2013-07-23 02:50 311536 ----a-w- c:\program files (x86)\Delta\delta\1.8.22.0\bh\delta.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{C4B8BAB4-1667-11DF-A242-BA9455D89593}] 2009-10-20 15:50 258008 ----a-w- c:\program files (x86)\simppulltoolbar\auxi\simppulltoolbAu.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2012-06-06 19:33 1519304 ----a-w- c:\program files (x86)\Ask.com\GenericAskToolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{DEDAF650-12B8-48f5-A843-BBA100716106}] 2013-05-29 08:24 169304 ----a-w- c:\program files\Updater By Sweetpacks\Extension32.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{E87806B5-E908-45FD-AF5E-957D83E58E68}] 2013-05-06 15:36 301464 ----a-w- c:\program files (x86)\Softonic\Softonic\1.8.19.3\bh\Softonic.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{F443A627-5009-4323-9C1D-7FD598D0D712}] 2012-08-15 19:35 2162272 ----a-w- c:\program files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}] 2013-03-06 20:52 197920 ----a-w- c:\program files (x86)\Yontoo\YontooIEClient.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar] "{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}"= "c:\program files (x86)\MyAshampoo\prxtbMyA2.dll" [2011-05-09 176936] "{627af46b-2076-42ae-a2fd-8428734d3e74}"= "c:\program files (x86)\simppulltoolbar\simppulldx.dll" [2010-02-10 86016] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files (x86)\Ask.com\GenericAskToolbar.dll" [2012-06-06 1519304] "{b106b661-3e1b-4015-af5c-195e909f35c6}"= "c:\program files (x86)\NCH_DE\prxtbNCH_.dll" [2011-05-09 176936] "{82E1477C-B154-48D3-9891-33D83C26BCD3}"= "c:\program files (x86)\Delta\delta\1.8.22.0\deltaTlbr.dll" [2013-07-23 300952] "{EA582743-9076-4178-9AA6-7393FDF4D5CE}"= "c:\program files (x86)\Amazon Browser Bar\AmazonBrowserBar.3.0.dll" [2012-08-15 2162272] "{CA9B9C89-4662-4ADC-9C23-A452BECD5D19}"= "c:\program files (x86)\mixidj\mixidj\1.8.18.8\mixidjTlbr.dll" [2013-04-26 300952] "{9fdfb66c-713b-4201-83a6-5b78ae227b41}"= "c:\users\User_2\AppData\Roaming\HomeTab\HomeTab.dll" [2013-08-01 1071176] "{a25e7121-3dd8-41b3-855b-756c5bc45449}"= "c:\users\User\AppData\Roaming\HomeTab\HomeTab.dll" [2013-08-15 1072200] "{5018CFD2-804D-4C99-9F81-25EAEA2769DE}"= "c:\program files (x86)\Softonic\Softonic\1.8.19.3\SoftonicTlbr.dll" [2013-05-06 288664] . [HKEY_CLASSES_ROOT\clsid\{a1e75a0e-4397-4ba8-bb50-e19fb66890f4}] . [HKEY_CLASSES_ROOT\clsid\{627af46b-2076-42ae-a2fd-8428734d3e74}] . [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] . [HKEY_CLASSES_ROOT\clsid\{b106b661-3e1b-4015-af5c-195e909f35c6}] . [HKEY_CLASSES_ROOT\clsid\{82e1477c-b154-48d3-9891-33d83c26bcd3}] [HKEY_CLASSES_ROOT\delta.deltadskBnd.1] [HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] [HKEY_CLASSES_ROOT\delta.deltadskBnd] . [HKEY_CLASSES_ROOT\clsid\{ea582743-9076-4178-9aa6-7393fdf4d5ce}] [HKEY_CLASSES_ROOT\TypeLib\{33D0AD98-3347-4A54-8929-5163EBEB9F72}] . [HKEY_CLASSES_ROOT\clsid\{ca9b9c89-4662-4adc-9c23-a452becd5d19}] [HKEY_CLASSES_ROOT\mixidj.mixidjdskBnd.1] [HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] [HKEY_CLASSES_ROOT\mixidj.mixidjdskBnd] . [HKEY_CLASSES_ROOT\clsid\{9fdfb66c-713b-4201-83a6-5b78ae227b41}] [HKEY_CLASSES_ROOT\wtb.Band.1] [HKEY_CLASSES_ROOT\TypeLib\{cc60fe81-0b1d-4dd6-a479-8d1f3ae81c99}] [HKEY_CLASSES_ROOT\wtb.Band] . [HKEY_CLASSES_ROOT\clsid\{a25e7121-3dd8-41b3-855b-756c5bc45449}] [HKEY_CLASSES_ROOT\wtb.Band.1] [HKEY_CLASSES_ROOT\TypeLib\{2690da64-4be2-4afa-b159-af0e41f23b6e}] [HKEY_CLASSES_ROOT\wtb.Band] . [HKEY_CLASSES_ROOT\clsid\{5018cfd2-804d-4c99-9f81-25eaea2769de}] [HKEY_CLASSES_ROOT\Softonic.dskBnd.1] [HKEY_CLASSES_ROOT\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}] [HKEY_CLASSES_ROOT\Softonic.dskBnd] . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon] @="{dd230880-495a-11d1-b064-008048ec2fc5}" [HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}] 2012-12-20 17:20 459784 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\shellex.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1555968] "GAINWARD"="c:\program files (x86)\EXPERTool\TBPanel.exe" [2011-04-08 2265416] "icq"="c:\users\User\AppData\Roaming\ICQM\icq.exe" [2013-04-12 27598184] "Snoozer"="c:\users\User\AppData\Roaming\Snz\Snz.exe" [2013-08-28 1137764] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "P17RunE"="P17RunE.dll" [2008-03-28 14848] "Diamondback"="c:\program files (x86)\Razer\Diamondback 3G\razerhid.exe" [2007-08-01 147456] "VolPanel"="c:\program files (x86)\Creative\USB Headsets\Volume Panel\VolPanlu.exe" [2008-05-05 221300] "KiesTrayAgent"="c:\program files (x86)\Samsung\Kies\KiesTrayAgent.exe" [2013-07-15 311152] "ApnUpdater"="c:\program files (x86)\Ask.com\Updater\Updater.exe" [2012-06-06 1564872] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720] "SweetIM"="c:\program files (x86)\SweetIM\Messenger\SweetIM.exe" [2012-05-29 115032] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576] "DivXMediaServer"="c:\program files (x86)\DivX\DivX Media Server\DivXMediaServer.exe" [2013-08-21 450560] "AVP"="c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe" [2013-10-17 356128] "vProt"="c:\program files (x86)\AVG Secure Search\vprot.exe" [2013-10-02 2404376] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-05-31 152392] "DivXUpdate"="c:\program files (x86)\DivX\DivX Update\DivXUpdate.exe" [2013-08-29 1861968] "TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe" [2013-09-24 295512] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336] . c:\users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ net.lnk - c:\users\User\AppData\Roaming\Windows Net Data\net.exe [2013-9-26 709120] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon] "Userinit"="userinit.exe" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus] "DisableMonitoring"=dword:00000001 . R4 AddonsHelper;AddonsHelper;c:\users\User\AppData\Local\Temp\OCS\Downloads\e176f0d38725557d997a73fca0b80043\8a2438a7aa1e858526caff1f4deab159\AddonsHelpe r.exe;c:\users\User\AppData\Local\Temp\OCS\Downloads\e176f0d38725557d997a73fca0b80043\8a2438a7aa1e858526caff1f4deab159\AddonsHelper.exe [x] . . --- Andere Dienste/Treiber im Speicher --- . *NewlyCreated* - WS2IFSL . HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs Themes . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-09-21 07:18 1177552 ----a-w- c:\program files (x86)\Google\Chrome\Application\29.0.1547.76\Installer\chrmstp.exe . Inhalt des "geplante Tasks" Ordners . 2013-10-16 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-12 05:49] . 2013-07-06 c:\windows\Tasks\Feven-chromeinstaller.job - c:\program files (x86)\Feven\Feven-chromeinstaller.exe [2013-07-06 05:30] . 2013-07-06 c:\windows\Tasks\Feven-codedownloader.job - c:\program files (x86)\Feven\Feven-codedownloader.exe [2013-07-06 05:31] . 2013-07-06 c:\windows\Tasks\Feven-enabler.job - c:\program files (x86)\Feven\Feven-enabler.exe [2013-07-06 05:31] . 2013-07-06 c:\windows\Tasks\Feven-firefoxinstaller.job - c:\program files (x86)\Feven\Feven-firefoxinstaller.exe [2013-07-06 05:31] . 2013-07-06 c:\windows\Tasks\Feven-updater.job - c:\program files (x86)\Feven\Feven-updater.exe [2013-07-06 05:31] . 2013-07-16 c:\windows\Tasks\GoogleUpdateTaskMachineCore1ce822718b863c0.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-20 09:06] . 2013-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-05-20 09:06] . 2013-07-08 c:\windows\Tasks\Plus-HD-1.3-chromeinstaller.job - c:\program files (x86)\Plus-HD-1.3\Plus-HD-1.3-chromeinstaller.exe [2013-07-08 06:59] . 2013-07-08 c:\windows\Tasks\Plus-HD-1.3-codedownloader.job - c:\program files (x86)\Plus-HD-1.3\Plus-HD-1.3-codedownloader.exe [2013-07-08 06:59] . 2013-07-08 c:\windows\Tasks\Plus-HD-1.3-enabler.job - c:\program files (x86)\Plus-HD-1.3\Plus-HD-1.3-enabler.exe [2013-07-08 07:00] . 2013-07-08 c:\windows\Tasks\Plus-HD-1.3-firefoxinstaller.job - c:\program files (x86)\Plus-HD-1.3\Plus-HD-1.3-firefoxinstaller.exe [2013-07-08 06:59] . 2013-07-08 c:\windows\Tasks\Plus-HD-1.3-updater.job - c:\program files (x86)\Plus-HD-1.3\Plus-HD-1.3-updater.exe [2013-07-08 07:00] . 2013-05-19 c:\windows\Tasks\Plus-HD-1.8-chromeinstaller.job - c:\program files (x86)\Plus-HD-1.8\Plus-HD-1.8-chromeinstaller.exe [2013-05-19 15:15] . 2013-05-19 c:\windows\Tasks\Plus-HD-1.8-codedownloader.job - c:\program files (x86)\Plus-HD-1.8\Plus-HD-1.8-codedownloader.exe [2013-05-19 15:15] . 2013-05-19 c:\windows\Tasks\Plus-HD-1.8-enabler.job - c:\program files (x86)\Plus-HD-1.8\Plus-HD-1.8-enabler.exe [2013-05-19 15:15] . 2013-05-19 c:\windows\Tasks\Plus-HD-1.8-firefoxinstaller.job - c:\program files (x86)\Plus-HD-1.8\Plus-HD-1.8-firefoxinstaller.exe [2013-05-19 15:15] . 2013-05-19 c:\windows\Tasks\Plus-HD-1.8-updater.job - c:\program files (x86)\Plus-HD-1.8\Plus-HD-1.8-updater.exe [2013-05-19 15:15] . 2013-07-22 c:\windows\Tasks\Plus-HD-2.3-chromeinstaller.job - c:\program files (x86)\Plus-HD-2.3\Plus-HD-2.3-chromeinstaller.exe [2013-07-22 10:29] . 2013-07-22 c:\windows\Tasks\Plus-HD-2.3-codedownloader.job - c:\program files (x86)\Plus-HD-2.3\Plus-HD-2.3-codedownloader.exe [2013-07-22 10:29] . 2013-07-22 c:\windows\Tasks\Plus-HD-2.3-enabler.job - c:\program files (x86)\Plus-HD-2.3\Plus-HD-2.3-enabler.exe [2013-07-22 10:29] . 2013-07-22 c:\windows\Tasks\Plus-HD-2.3-firefoxinstaller.job - c:\program files (x86)\Plus-HD-2.3\Plus-HD-2.3-firefoxinstaller.exe [2013-07-22 10:29] . 2013-07-22 c:\windows\Tasks\Plus-HD-2.3-updater.job - c:\program files (x86)\Plus-HD-2.3\Plus-HD-2.3-updater.exe [2013-07-22 10:29] . 2013-09-26 c:\windows\Tasks\Plus-HD-3.8-chromeinstaller.job - c:\program files (x86)\Plus-HD-3.8\Plus-HD-3.8-chromeinstaller.exe [2013-09-26 10:03] . 2013-09-26 c:\windows\Tasks\Plus-HD-3.8-codedownloader.job - c:\program files (x86)\Plus-HD-3.8\Plus-HD-3.8-codedownloader.exe [2013-09-26 10:03] . 2013-09-26 c:\windows\Tasks\Plus-HD-3.8-enabler.job - c:\program files (x86)\Plus-HD-3.8\Plus-HD-3.8-enabler.exe [2013-09-26 10:04] . 2013-09-26 c:\windows\Tasks\Plus-HD-3.8-firefoxinstaller.job - c:\program files (x86)\Plus-HD-3.8\Plus-HD-3.8-firefoxinstaller.exe [2013-09-26 10:03] . 2013-09-26 c:\windows\Tasks\Plus-HD-3.8-updater.job - c:\program files (x86)\Plus-HD-3.8\Plus-HD-3.8-updater.exe [2013-09-26 10:04] . 2013-09-24 c:\windows\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2622127104-3349807106-840860686-1000.job - c:\program files (x86)\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13] . 2012-03-25 c:\windows\Tasks\RealUpgradeScheduledTaskS-1-5-21-2622127104-3349807106-840860686-1000.job - c:\program files (x86)\Real\RealUpgrade\realupgrade.exe [2013-08-14 15:13] . 2013-09-11 c:\windows\Tasks\ReclaimerResumeInstall_User.job - c:\users\User\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\10.60\agent\rnupgagent.exe [2013-09-11 05:31] . 2013-07-06 c:\windows\Tasks\Software Updater.job - c:\program files (x86)\SelfUpdater\SoftwareUpdater.Bootstrapper.exe [2013-03-12 05:21] . 2012-03-25 c:\windows\Tasks\SystweakAdvancedDriverUpdaterRunAtStartup.job - c:\program files (x86)\Advanced Driver Updater\adu.exe [2011-08-02 16:16] . 2013-07-24 c:\windows\Tasks\User_Feed_Synchronization-{7D800EA4-AEB3-4E16-AA3B-A96CCE4DD79D}.job - c:\windows\system32\msfeedssync.exe [2011-05-26 16:46] . 2010-10-09 c:\windows\Tasks\{03BA6005-F911-4FEC-9178-9913456B6B8C}.job - c:\program files (x86)\Skype\Phone\Skype.exe [2013-04-19 13:19] . 2011-08-18 c:\windows\Tasks\{25949BD3-CB5B-4423-A287-FAD1A14D3031}.job - c:\program files (x86)\Skype\Phone\Skype.exe [2013-04-19 13:19] . 2011-06-17 c:\windows\Tasks\{7C356296-2E00-4D66-A725-228473CE8776}.job - c:\program files (x86)\Skype\Phone\Skype.exe [2013-04-19 13:19] . 2011-10-21 c:\windows\Tasks\{86CED08D-A7AA-4BAE-A649-FF86FF6AB7BD}.job - c:\program files (x86)\Skype\Phone\Skype.exe [2013-04-19 13:19] . 2011-02-21 c:\windows\Tasks\{A8B90A61-A301-4DEE-A4C4-14469632EB60}.job - c:\program files (x86)\Skype\Phone\Skype.exe [2013-04-19 13:19] . 2010-09-26 c:\windows\Tasks\{D8F637E3-D0D9-43B5-871F-FCAEE0775CAD}.job - c:\program files (x86)\Skype\Phone\Skype.exe [2013-04-19 13:19] . 2011-05-21 c:\windows\Tasks\{DD7517F0-DB25-475B-82EE-99F36813E40C}.job - c:\program files (x86)\Skype\Phone\Skype.exe [2013-04-19 13:19] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\KAVOverlayIcon] @="{dd230880-495a-11d1-b064-008048ec2fc5}" [HKEY_CLASSES_ROOT\CLSID\{dd230880-495a-11d1-b064-008048ec2fc5}] 2012-12-20 17:22 492040 ----a-w- c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\x64\shellex.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-09-30 825184] "Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-08-27 1028896] . ------- Zusätzlicher Suchlauf ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p13_serp_ie_de_display?ie=UTF8&tagbase=bds-p13&tbrId=v1_abb-channel-13_adeece99ba0b4d33bffcefd967f54842_30_39_20130312_DE_ie_sp_ uDefault_Search_URL = hxxp://search.certified-toolbar.com?si=99&tid=0&st=bs&q= mStart Page = about:newtab mDefault_Search_URL = hxxp://search.certified-toolbar.com?si=99&tid=0&st=bs&q= mSearch Page = hxxp://search.certified-toolbar.com?si=99&tid=0&st=bs&q= mLocal Page = c:\windows\SysWOW64\blank.htm mSearch Bar = hxxp://search.certified-toolbar.com?si=99&tid=0&st=bs&q= uInternet Settings,ProxyOverride = *.local mSearchAssistant = IE: Hinzufügen zu Anti-Banner - c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm IE: Kaspersky PURE - c:\progra~2\Kaspersky Lab\Kaspersky PURE 3.0\Kaspersky Password Manager\spIEBho.dll/616 IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 IE: Web-Suche - c:\program files (x86)\SweetIM\Toolbars\Internet Explorer\resources\menuext.html IE: {{54E67346-EE5A-45B6-82AA-4F0BB28C79C2} - {54E67346-EE5A-45B6-82AA-4F0BB28C79C2} - c:\program files (x86)\iRobinHood\iRobinHood Addon\iRobinHood.dll TCP: DhcpNameServer = 192.168.2.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.0.12\ViProtocol.dll FF - ProfilePath - c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\ FF - prefs.js: browser.startup.homepage - about:home FF - prefs.js: keyword.URL - hxxp://search.certified-toolbar.com?si=99&tid=0&st=bs&q= FF - ExtSQL: 2013-09-03 16:41; battlefieldplay4free@ea.com; c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\extensions\battlefieldplay4free@ea.com FF - ExtSQL: 2013-09-24 08:29; {DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}; c:\programdata\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext FF - ExtSQL: 2013-09-26 12:03; {F58A62EB-38DC-43C4-A539-DC52E135208D}; c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\extensions\{F58A62EB-38DC-43C4-A539-DC52E135208D} FF - ExtSQL: 2013-09-26 12:24; EFGLQA@78ETGYN-0W7FN789T87.COM; c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\extensions\EFGLQA@78ETGYN-0W7FN789T87.COM FF - ExtSQL: 2013-09-26 14:03; {ad7ef860-f366-4be1-8d12-4363b9356947}; c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\extensions\{ad7ef860-f366-4be1-8d12-4363b9356947} FF - ExtSQL: 2013-10-19 11:36; DefaultManager@Microsoft; c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\extensions\DefaultManager@Microsoft FF - ExtSQL: !HIDDEN! 2013-07-20 15:07; pluswinks@PlusWinks; c:\users\User\AppData\Roaming\Mozilla\Extensions\pluswinks@PlusWinks FF - ExtSQL: !HIDDEN! 2013-07-20 15:35; speedanalysis02@SpeedAnalysis.com; c:\users\User\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com FF - ExtSQL: !HIDDEN! 2013-07-20 15:35; zulagames@ZulaGames.com; c:\users\User\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com FF - ExtSQL: !HIDDEN! 2013-09-25 09:12; firejump@firejump.net; c:\users\User\AppData\Roaming\Mozilla\Firefox\Profiles\lcrz3lot.default\extensions\firejump@firejump.net FF - user.js: extensions.Softonic.hpOld0 - about:home FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=1&cc=&mi=9441a9b700000000000000ff231a40f6&q= FF - user.js: extensions.Softonic.id - 9441a9b700000000000000ff231a40f6 FF - user.js: extensions.Softonic.appId - {7ABBFE1C-E485-44AA-8F36-353751B4124D} FF - user.js: extensions.Softonic.instlDay - 15974 FF - user.js: extensions.Softonic.vrsn - 1.8.19.3 FF - user.js: extensions.Softonic.vrsni - 1.8.19.3 FF - user.js: extensions.Softonic.vrsnTs - 1.8.19.312:40 FF - user.js: extensions.Softonic.prtnrId - softonic FF - user.js: extensions.Softonic.prdct - Softonic FF - user.js: extensions.Softonic.aflt - SD FF - user.js: extensions.Softonic.smplGrp - none FF - user.js: extensions.Softonic.tlbrId - 2013desingbrand FF - user.js: extensions.Softonic.instlRef - MOY00009 FF - user.js: extensions.Softonic.dfltLng - de FF - user.js: extensions.Softonic.excTlbr - false FF - user.js: extensions.Softonic.ffxUnstlRst - false FF - user.js: extensions.Softonic.admin - false FF - user.js: extensions.Softonic.autoRvrt - false FF - user.js: extensions.Softonic.rvrt - false FF - user.js: extensions.Softonic.hmpg - true FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=13&cc=&mi=9441a9b700000000000000ff231a40f6 FF - user.js: extensions.Softonic.dfltSrch - true FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic) FF - user.js: extensions.Softonic.kw_url - hxxp://search.softonic.com/MOY00009/tb_v1?SearchSource=2&cc=&mi=9441a9b700000000000000ff231a40f6&q= FF - user.js: extensions.Softonic.dnsErr - true FF - user.js: extensions.Softonic.newTab - true FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/MOY00009/tb_v1/?SearchSource=15&cc=&mi=9441a9b700000000000000ff231a40f6 . - - - - Entfernte verwaiste Registrierungseinträge - - - - . BHO-{1631550F-191D-4826-B069-D9439253D926} - c:\program files (x86)\PriceGong\2.6.7\PriceGongIE.dll BHO-{398C01F1-E584-46AD-A649-4F78B435DCFE} - c:\program files (x86)\LyricsFinder\lfind.dll BHO-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file) BHO-{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - c:\program files (x86)\DealPly\DealPlyIE.dll BHO-{E4E6BF2A-1667-11DF-A01F-1F9655D89593} - (no file) BHO-{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - c:\program files (x86)\PricePeep\pricepeep.dll Toolbar-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file) Wow6432Node-HKCU-Run-OMESupervisor - c:\users\User\AppData\Local\omesuperv.exe Wow6432Node-HKLM-Run-<NO NAME> - (no file) SafeBoot-WudfPf SafeBoot-WudfRd BHO-{3706EE7C-3CAD-445D-8A43-03EBC3B75908} - c:\program files (x86)\Expat Shield\HssIE\ExpatIE_64.dll WebBrowser-{A1E75A0E-4397-4BA8-BB50-E19FB66890F4} - (no file) WebBrowser-{B106B661-3E1B-4015-AF5C-195E909F35C6} - (no file) AddRemove-BabylonToolbar - c:\program files (x86)\BabylonToolbar\BabylonToolbar\1.8.0.7\uninstall.exe AddRemove-bi_uninstaller - c:\users\User\Local Settings\Application Data\Bundled software uninstaller\biclient.exe AddRemove-coollrcs@coolzone.co - c:\program files (x86)\CoolLyrics\uninstall.exe AddRemove-DealPly - c:\program files (x86)\DealPly\uninst.exe AddRemove-lfind@nijadsoft.net - c:\program files (x86)\LyricsFinder\uninstall.exe AddRemove-PlusWinks - c:\program files (x86)\Cool Smiley Bar for Facebook\uninst.exe AddRemove-PriceGong - c:\program files (x86)\PriceGong\uninst.exe AddRemove-PricePeep - c:\program files (x86)\PricePeep\uninstall.exe AddRemove-singalong@xenophesoft.com - c:\program files (x86)\SingAlong\uninstall.exe AddRemove-Updater Service - c:\windows\system32\dmwu.exe AddRemove-Vodafone WCDMA Composite Device Drive - c:\windows\system32\Samsung_USB_Drivers\4\SSVDUninstall.exe AddRemove-WebMediaPlayer - c:\program files (x86)\WebMediaPlayer\uninst.exe AddRemove-{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693} - c:\programdata\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe AddRemove-{4FFBB818-B13C-11E0-931D-B2664824019B}_is1 - c:\program files (x86)\Complitly\unins000.exe AddRemove-3367472892.portal.qtrax.com - c:\program files (x86)\Microsoft Silverlight\5.1.20513.0\Silverlight.Configuration.exe AddRemove-DSite - c:\users\User\AppData\Roaming\DSite\UpdateProc\UpdateTask.exe AddRemove-FoxTab Media Player - c:\program files (x86)\FoxTabFLVPlayer\Uninstall\Uninstall.exe AddRemove-PiccShare - c:\users\User\AppData\Local\ext_piccshare_uninst.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- Gesperrte Registrierungsschluessel --------------------- . [HKEY_USERS\S-1-5-21-2622127104-3349807106-840860686-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{a25e7121-3dd8-41b3-855b-756c5bc45449}] @Denied: (A 2) (Administrators) @Denied: (A 2) (S-1-5-21-2622127104-3349807106-840860686-1000) @Allowed: (Read) (RestrictedCode) "Flags"=dword:00000400 . [HKEY_USERS\S-1-5-21-2622127104-3349807106-840860686-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*] @Allowed: (Read) (RestrictedCode) "??"=hex:38,6d,90,74,34,a2,d1,d7,f3,66,e1,a9,b6,9e,35,5f,ba,6b,93,14,80,a7,79, 86,e7,35,cd,c6,12,1b,c6,76,ae,cb,32,d1,53,40,65,b3,fa,fa,0d,e4,85,89,c6,fc,\ "??"=hex:60,6d,eb,71,0e,20,dc,bd,0c,b9,91,5e,2b,9c,6f,76 . [HKEY_USERS\S-1-5-21-2622127104-3349807106-840860686-1000\Software\SecuROM\License information*] "datasecu"=hex:60,0c,00,52,f5,3d,e5,15,b2,b7,19,ff,c8,4a,4c,98,13,df,b1,f2,d6, ce,fe,63,7d,6f,89,e0,32,ea,0f,28,f7,1d,2f,95,35,66,ee,2d,5c,21,da,ba,a0,0c,\ "rkeysecu"=hex:52,26,9b,1b,f0,a5,58,79,5a,1c,17,16,39,a2,60,e9 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_117_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_117_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.11" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_117.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}] @Denied: (A 2) (Everyone) . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{D27CDB6B-AE6D-11CF-96B8-444553540000}\1.0] @="Shockwave Flash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}] @Denied: (A 2) (Everyone) @="" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{FAB3E735-69C7-453B-A446-B6823C6DF1C9}\1.0] @="FlashBroker" . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows CE Services] "SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes] "SymbolicLinkValue"=hex(6):5c,00,52,00,45,00,47,00,49,00,53,00,54,00,52,00,59, 00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . ------------------------ Weitere laufende Prozesse ------------------------ . c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe c:\windows\SysWOW64\PnkBstrA.exe c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe c:\program files\Updater By Sweetpacks\ExtensionUpdaterService.exe c:\program files (x86)\Amazon Browser Bar\ToolbarUpdaterService.exe c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\ToolbarUpdater.exe c:\program files (x86)\Wajam\Updater\WajamUpdater.exe c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.0.12\loggingserver.exe c:\windows\SysWOW64\rundll32.exe c:\program files (x86)\Razer\Diamondback 3G\razertra.exe c:\program files (x86)\Razer\Diamondback 3G\razerofa.exe c:\program files (x86)\Internet Explorer\iexplore.exe c:\program files (x86)\Internet Explorer\iexplore.exe c:\program files (x86)\plus-hd-1.3\plus-hd-1.3-bg.exe c:\program files (x86)\feven\feven-bg.exe c:\program files (x86)\plus-hd-1.8\plus-hd-1.8-bg.exe c:\program files (x86)\plus-hd-2.3\plus-hd-2.3-bg.exe c:\program files (x86)\Speed Analysis 2\BackgroundHost.exe c:\program files (x86)\Zula Games\BackgroundHost.exe c:\program files (x86)\Amazon Browser Bar\AmazonBrowserBarSSB.3.0.dll c:\program files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\klwtblfs.exe c:\windows\SysWOW64\conime.exe . ************************************************************************** . Zeit der Fertigstellung: 2013-10-25 07:43:12 - PC wurde neu gestartet ComboFix-quarantined-files.txt 2013-10-25 05:43 . Vor Suchlauf: 20 Verzeichnis(se), 213.786.955.776 Bytes frei Nach Suchlauf: 25 Verzeichnis(se), 216.877.199.360 Bytes frei . - - End Of File - - D2F38B9F599D31BD128854736662AA01 5C616939100B85E558DA92B899A0FC36 war leider nur so möglich. |
Bitte in Codetags posten, das geht. Bitte lade den Suspicious File Packer von hier runter: http://www.safer-networking.org/files/sfp.zip
Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte. |
Code: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
Code: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
Bitte in der angegebenen Reihenfolge abarbeiten, als erstes das ZIP :) |
das hat leider nicht funktioniert: (Lasse SFP die Dateien komprimieren/packen. Dies wird ein CAB Archiv auf Deinem Desktop erstellen. Nun sende das Archiv an folgende eMail-Adresse: schrauberATtrojaner-board.de (das AT durch @ ersetzen) Als Betreff bitte angeben: pricealarm) mit malwarebytes konnten leider nicht alle objekte entfernt werden. Malwarebytes Anti-Malware (Test) 1.75.0.1300 Malwarebytes : Free anti-malware download Datenbank Version: v2013.10.26.04 Windows Vista Service Pack 2 x64 NTFS Internet Explorer 9.0.8112.16421 User :: MIKEPC [Administrator] Schutz: Aktiviert 26.10.2013 10:35:41 MBAM-log-2013-10-26 (10-40-14).txt Art des Suchlaufs: Quick-Scan Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM Deaktivierte Suchlaufeinstellungen: P2P Durchsuchte Objekte: 291967 Laufzeit: 1 Minute(n), 35 Sekunde(n) Infizierte Speicherprozesse: 0 (Keine bösartigen Objekte gefunden) Infizierte Speichermodule: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungsschlüssel: 0 (Keine bösartigen Objekte gefunden) Infizierte Registrierungswerte: 0 (Keine bösartigen Objekte gefunden) Infizierte Dateiobjekte der Registrierung: 0 (Keine bösartigen Objekte gefunden) Infizierte Verzeichnisse: 12 C:\Users\User\AppData\Local\Smartbar (PUP.Optional.SmartBar.A) -> Keine Aktion durchgeführt. C:\Users\User\AppData\Local\Smartbar\Application (PUP.Optional.SmartBar.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\mixidj\mixidj\1.8.18.8 (PUP.Optional.MixiDJToolbar.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\mixidj\mixidj\1.8.18.8\bh (PUP.Optional.MixiDJToolbar.A) -> Keine Aktion durchgeführt. C:\ProgramData\BitGuard\2.6.1673.238 (PUP.Optional.BitGuard.A) -> Keine Aktion durchgeführt. C:\ProgramData\BitGuard\2.6.1673.238\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8} (PUP.Optional.BitGuard.A) -> Keine Aktion durchgeführt. C:\ProgramData\BitGuard\2.6.1673.238\{C16C1CCB-7046-4E5C-A2F3-533AD2FEC8E8}\FirefoxExtension (PUP.Optional.BitGuard.A) -> Keine Aktion durchgeführt. C:\ProgramData\BitGuard\2.6.1673.238\{C16C1CCB-7046-4E5C-A2F3-533AD2FEC8E8}\traking_settings (PUP.Optional.BitGuard.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\PLUS-HD-1.3 (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\PLUS-HD-1.8 (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\PLUS-HD-2.3 (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. C:\Program Files (x86)\PLUS-HD-3.8 (PUP.Optional.PlusHD.A) -> Keine Aktion durchgeführt. Infizierte Dateien: 0 (Keine bösartigen Objekte gefunden) (Ende) |
Zitat:
|
Nein. Die restlichen Objekte werden leider bei dem Vorgang nicht gelöscht. Habe die Objekte in Gruppen und am Schluss einzeln gelöscht. Nur so hat es funktioniert. Leider öffnet sich das getwindowinfo Fenster immernoch :( |
Poste bitte nochmal ein frisches FRST log. |
FRST Logfile: Code: Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-10-2013 |
Das ist schon fast unmöglich. Bitte alle 3 Tools von oben nochmal laufen lassen, bei MBAM auch löschen lassen. |
ok jetzt ist es weg :) vielen dank und eine spende ist unterwegs ;) |
Bitte ein frisches FRST log, wir sind noch nit fertig :) |
| Alle Zeitangaben in WEZ +1. Es ist jetzt 22:32 Uhr. |
Copyright ©2000-2025, Trojaner-Board
