Vielen Dank. Hier die
mbam.txt Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 18.04.2014
Suchlauf-Zeit: 19:51:19
Logdatei: mbam.txt
Administrator: Ja
Version: 2.00.1.1004
Malware Datenbank: v2014.04.18.07
Rootkit Datenbank: v2014.03.27.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Chameleon: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Margarita
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 282361
Verstrichene Zeit: 19 Min, 54 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 3
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\PluginService.exe, 1484, Löschen bei Neustart, [35cb2dd3a060ae5261d47fd2c43d0ff1]
PUP.Optional.ReMarkit.A, C:\Program Files (x86)\Re-markit Corp\Re-markit158.exe, 2080, Löschen bei Neustart, [f60a29d7bb4522de1886343e1ee4847c]
PUP.Optional.ReMarkIt.A, C:\Program Files (x86)\Re-markit Corp\Re-markit_wd.exe, 3664, Löschen bei Neustart, [4bb57789d52b9c64579a0a5aa85a15eb]
Module: 1
PUP.Optional.ReMarkIt.A, C:\Program Files (x86)\Re-markit Corp\Re-markit158.dll, Löschen bei Neustart, [4bb57789d52b9c64579a0a5aa85a15eb],
Registrierungsschlüssel: 54
PUP.Optional.IePluginService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IePluginService, In Quarantäne, [35cb2dd3a060ae5261d47fd2c43d0ff1],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [5da336ca17e97789d4e563b38d75817f],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [5da336ca17e97789d4e563b38d75817f],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, In Quarantäne, [5da336ca17e97789d4e563b38d75817f],
PUP.Optional.Bandoo.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0}, In Quarantäne, [58a8ea167d83c53b379417347989f20e],
PUP.Optional.Bandoo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{9D717F81-9148-4F12-8568-69135F087DB0}, In Quarantäne, [58a8ea167d83c53b379417347989f20e],
PUP.Optional.SearchQu, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{99079a25-328f-4bd4-be04-00955acaa0a7}, In Quarantäne, [9967cf3120e0dd2316f2fa1fa260768a],
PUP.Optional.SearchQu, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{99079A25-328F-4BD4-BE04-00955ACAA0A7}, In Quarantäne, [9967cf3120e0dd2316f2fa1fa260768a],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\SearchQUIEHelper.DNSGuard, In Quarantäne, [fb0535cb2bd5728e8cfcbc9059a9738d],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\SearchQUIEHelper.DNSGuard.1, In Quarantäne, [0bf51ae6718f639d295fb498778b2cd4],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SearchQUIEHelper.DNSGuard, In Quarantäne, [0bf51ae6718f639d295fb498778b2cd4],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SearchQUIEHelper.DNSGuard.1, In Quarantäne, [0bf51ae6718f639d295fb498778b2cd4],
PUP.Optional.MediaPlayerplus.A, HKLM\SOFTWARE\CLASSES\CLSID\{22222222-2222-2222-2222-220522422246}, In Quarantäne, [39c7956b9d632cd424a6a3cd08fa9b65],
PUP.Optional.MediaPlayerplus.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0054246.Sandbox.1, In Quarantäne, [39c7956b9d632cd424a6a3cd08fa9b65],
PUP.Optional.MediaPlayerplus.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0054246.Sandbox, In Quarantäne, [39c7956b9d632cd424a6a3cd08fa9b65],
PUP.Optional.MediaPlayerplus.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0054246.Sandbox, In Quarantäne, [39c7956b9d632cd424a6a3cd08fa9b65],
PUP.Optional.MediaPlayerplus.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0054246.Sandbox.1, In Quarantäne, [39c7956b9d632cd424a6a3cd08fa9b65],
PUP.Optional.MediaPlayerplus.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{22222222-2222-2222-2222-220522422246}, In Quarantäne, [39c7956b9d632cd424a6a3cd08fa9b65],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0053172.BHO, In Quarantäne, [d52b5aa6c040d927b913fa9b8c7744bc],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0053172.Sandbox, In Quarantäne, [13edf8084db3718faa225b3ae3201fe1],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0053172.Sandbox.1, In Quarantäne, [b050d7298a7638c86666811422e1eb15],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\CLASSES\CrossriderApp0054246.BHO, In Quarantäne, [966a649cd22e936dad1f167f24df926e],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21636, In Quarantäne, [29d7a65a0df3ce32744ffe739a689f61],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\27058, In Quarantäne, [0af6758b26dae61a3f84353cd13129d7],
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [15eb1ee2c33d29d7931ba7f9c93a9d63],
PUP.Optional.HQVid.A, HKLM\SOFTWARE\WOW6432NODE\HQVid8.1v4, In Quarantäne, [90702bd5bc447d83440cde8e1be73ac6],
PUP.Optional.MediaPlayerplus.A, HKLM\SOFTWARE\WOW6432NODE\MediaPlayerplus, In Quarantäne, [ad539e627b8559a74f7ddd93aa5834cc],
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\webssearchesSoftware, In Quarantäne, [cc3402fe0ff1e31d198b99d816ec639d],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0053172.BHO, In Quarantäne, [9967d729689867992d9f0293eb18ea16],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0053172.Sandbox, In Quarantäne, [dd238b751ce4bf414e7e7d1846bded13],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0053172.Sandbox.1, In Quarantäne, [c838da2616ea6c9405c7c7ceca394cb4],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CrossriderApp0054246.BHO, In Quarantäne, [32ce3ac606fa0cf4e2ea474ef40fe11f],
PUP.Optional.Searchqu.A, HKLM\SOFTWARE\WOW6432NODE\DATAMNGR, In Quarantäne, [8f71c838748c3ec2f0602b6ab74c926e],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\21636, In Quarantäne, [847cb947ea1600009033c2afd72b6997],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\27058, In Quarantäne, [6c94c13f43bd7987bc078ee362a09f61],
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [de22c04079876799624cfaa650b39d63],
PUP.Optional.ReMarkit.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Re-markit, In Quarantäne, [f60a29d7bb4522de1886343e1ee4847c],
PUP.Optional.HQVid.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\HQVid8.1v4, Löschen bei Neustart, [4eb2976915eb03fd84ceb6b6758de917],
PUP.Optional.MediaPlayerplus.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\MediaPlayerplus, Löschen bei Neustart, [a55b2ed253adde22c905c9a7df230000],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-2040242611-701346398-569565758-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar, Löschen bei Neustart, [4bb53fc131cf5da342784f457d86966a],
PUP.Optional.HQVid.A, HKU\S-1-5-21-2040242611-701346398-569565758-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\HQVid8.1v4, Löschen bei Neustart, [2cd44eb290706d93361cb6b659a96a96],
PUP.Optional.MediaPlayerplus.A, HKU\S-1-5-21-2040242611-701346398-569565758-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\MediaPlayerplus, Löschen bei Neustart, [e9173fc17987a25ee6e8e28eaa5858a8],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2040242611-701346398-569565758-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21636, Löschen bei Neustart, [aa5652aeca365ca47b49a3ce53af0000],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2040242611-701346398-569565758-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\27058, Löschen bei Neustart, [10f033cda95702fe2f950d6415edc13f],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2040242611-701346398-569565758-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\Freeven, Löschen bei Neustart, [6a9638c804fcc63ad754dc990cf6b14f],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-2040242611-701346398-569565758-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\High-QualityV7, Löschen bei Neustart, [0af67e82d52b1fe1bbc41b52d52d9e62],
PUP.Optional.Qone8, HKU\S-1-5-21-2040242611-701346398-569565758-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Löschen bei Neustart, [d52b4db318e88e72d8d54b5555aee818],
PUP.Optional.Softonic.A, HKU\S-1-5-21-2040242611-701346398-569565758-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SOFTONIC\Universal Downloader, Löschen bei Neustart, [6b95f60aa95701ff597d6309a85ad030],
PUP.Optional.HQVid.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{11111111-1111-1111-1111-110511311172}, In Quarantäne, [39c7da26ca36af51c9828fdadb2748b8],
PUP.Optional.HQVid.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110511311172}, In Quarantäne, [39c7da26ca36af51c9828fdadb2748b8],
PUP.Optional.HQVid.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{22222222-2222-2222-2222-220522312272}, In Quarantäne, [39c7da26ca36af51c9828fdadb2748b8],
PUP.Optional.HQVid.A, HKLM\SOFTWARE\CLASSES\CLSID\{22222222-2222-2222-2222-220522312272}, In Quarantäne, [39c7da26ca36af51c9828fdadb2748b8],
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{11111111-1111-1111-1111-110511421146}, In Quarantäne, [0af64fb1ff01a8584fe26fbcfc084eb2],
PUP.Optional.CrossRider.M, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{11111111-1111-1111-1111-110511421146}, In Quarantäne, [0af64fb1ff01a8584fe26fbcfc084eb2],
Registrierungswerte: 5
PUP.Optional.SearchQu, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{99079A25-328F-4BD4-BE04-00955ACAA0A7}, Searchqu Toolbar, In Quarantäne, [9967cf3120e0dd2316f2fa1fa260768a]
PUP.Optional.SearchQu, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{99079a25-328f-4bd4-be04-00955acaa0a7}, In Quarantäne, [41bf38c8c53b21df3bcda3768d75eb15],
PUP.Optional.Searchqu.A, HKLM\SOFTWARE\WOW6432NODE\DATAMNGR|Folder, C:\Program Files (x86)\Searchqu Toolbar, In Quarantäne, [8f71c838748c3ec2f0602b6ab74c926e]
PUP.Optional.QuickStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|quick_start@gmail.com, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\quick_start@gmail.com, In Quarantäne, [0bf57789ac54669a0f52afc3b05238c8]
PUM.Bad.Proxy, HKU\S-1-5-21-2040242611-701346398-569565758-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|ProxyServer, http=127.0.0.1:13828, Löschen bei Neustart, [4fb1778952ae837d19b9e4c95aa9fa06]
Registrierungsdaten: 10
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://istart.webssearches.com/?type=hp&ts=1397146086&from=tugs&uid=395049983_1052515_7C08BE98, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1397146086&from=tugs&uid=395049983_1052515_7C08BE98),Ersetzt,[28d8986815eb5da39b91d8464bb9bd43]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[20e0de22649c0bf5b5a9e345aa5af808]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://istart.webssearches.com/web/?type=ds&ts=1397146086&from=tugs&uid=395049983_1052515_7C08BE98&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/web/?type=ds&ts=1397146086&from=tugs&uid=395049983_1052515_7C08BE98&q={searchTerms}),Ersetzt,[f80809f729d7fd03ed3d58c68e766d93]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://istart.webssearches.com/?type=hp&ts=1397146086&from=tugs&uid=395049983_1052515_7C08BE98, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1397146086&from=tugs&uid=395049983_1052515_7C08BE98),Ersetzt,[d92717e938c8c9372ff9a27c1de711ef]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://istart.webssearches.com/?type=hp&ts=1397146086&from=tugs&uid=395049983_1052515_7C08BE98, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1397146086&from=tugs&uid=395049983_1052515_7C08BE98),Ersetzt,[43bdc838c43c728e9c9069b57e86c739]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCH|CustomizeSearch, hxxp://istart.webssearches.com/web/?type=ds&ts=1397146086&from=tugs&uid=395049983_1052515_7C08BE98&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/web/?type=ds&ts=1397146086&from=tugs&uid=395049983_1052515_7C08BE98&q={searchTerms}),Ersetzt,[d22e3ec20000956b49e53be30ff511ef]
PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://istart.webssearches.com/web/?type=ds&ts=1397146086&from=tugs&uid=395049983_1052515_7C08BE98&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/web/?type=ds&ts=1397146086&from=tugs&uid=395049983_1052515_7C08BE98&q={searchTerms}),Ersetzt,[b14fc937af513fc174bce03ee81cd828]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[aa56bb45fb058c743f1f23050afa8f71]
PUP.Optional.WebsSearches.A, HKU\S-1-5-21-2040242611-701346398-569565758-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://istart.webssearches.com/?type=hp&ts=1397146086&from=tugs&uid=395049983_1052515_7C08BE98, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/?type=hp&ts=1397146086&from=tugs&uid=395049983_1052515_7C08BE98),Löschen bei Neustart,[5fa1a65acf31ca36dc510b13877d6a96]
PUP.Optional.WebsSearches.A, HKU\S-1-5-21-2040242611-701346398-569565758-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://istart.webssearches.com/web/?type=ds&ts=1397146086&from=tugs&uid=395049983_1052515_7C08BE98&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://istart.webssearches.com/web/?type=ds&ts=1397146086&from=tugs&uid=395049983_1052515_7C08BE98&q={searchTerms}),Löschen bei Neustart,[7b85808005fbbb4586a51608e81c659b]
Ordner: 51
PUP.Optional.MediaPlayerplus.A, C:\Program Files (x86)\MediaPlayerplus, In Quarantäne, [39c7956b9d632cd424a6a3cd08fa9b65],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.Searchqu, C:\Program Files (x86)\Searchqu Toolbar, In Quarantäne, [cf3199679e6241bf3e52b1adfc069070],
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService, Löschen bei Neustart, [3bc5b44c1ee2ca3693bbcb96669c3bc5],
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\update, In Quarantäne, [3bc5b44c1ee2ca3693bbcb96669c3bc5],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\defaults, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\defaults\preferences, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\userCode, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\locale, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\locale\en-US, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm, In Quarantäne, [ef11f0100bf5da268866362eb64cb64a],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.37_0, In Quarantäne, [ef11f0100bf5da268866362eb64cb64a],
PUP.Optional.ReMarkIt.A, C:\Program Files (x86)\Re-markit Corp, Löschen bei Neustart, [4bb57789d52b9c64579a0a5aa85a15eb],
PUP.Optional.WebsSearches.A, C:\Users\Margarita\AppData\Roaming\webssearches, In Quarantäne, [837d79878d731ae66122bfa64fb3946c],
PUP.Optional.WebsSearches.A, C:\Users\Margarita\AppData\Roaming\webssearches\images, In Quarantäne, [837d79878d731ae66122bfa64fb3946c],
PUP.Optional.WebsSearches.A, C:\Users\Margarita\AppData\Roaming\webssearches\log, In Quarantäne, [837d79878d731ae66122bfa64fb3946c],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd, In Quarantäne, [b050619f926ee41c6c67382d5ba744bc],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.20_0, In Quarantäne, [b050619f926ee41c6c67382d5ba744bc],
PUP.Optional.HQVid.A, C:\Program Files (x86)\HQVid8.1v4, In Quarantäne, [39c7da26ca36af51c9828fdadb2748b8],
Dateien: 212
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\PluginService.exe, Löschen bei Neustart, [35cb2dd3a060ae5261d47fd2c43d0ff1],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SupTab.dll, In Quarantäne, [5da336ca17e97789d4e563b38d75817f],
Trojan.Bitcoin, C:\Users\Margarita\AppData\Roaming\brah\chp.exe, In Quarantäne, [20e034cc1be55ca4372953c46997c040],
PUP.Optional.SupTab.A, C:\Users\Margarita\AppData\Roaming\SupTab\SupTab.dll, In Quarantäne, [e51b4cb453ad41bf98b1d95c3bc543bd],
PUP.OfferBundler.ST, C:\Users\Margarita\Downloads\SoftonicDownloader_fuer_photoscape.exe, In Quarantäne, [ca36ba46877958a8f18398edf20efe02],
PUP.Optional.CrossRider.A, C:\Windows\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-1.job, In Quarantäne, [da267e829769ec1487b5bbb5d92915eb],
PUP.Optional.CrossRider.A, C:\Windows\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-2.job, In Quarantäne, [7a86e41cf20ec23e42fad19fcf333cc4],
PUP.Optional.CrossRider.A, C:\Windows\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-3.job, In Quarantäne, [20e0a8588a76c838a99372fea75bbf41],
PUP.Optional.CrossRider.A, C:\Windows\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-4.job, In Quarantäne, [af51d42c6c9457a959e38ae6da28a35d],
PUP.Optional.CrossRider.A, C:\Windows\Tasks\6f4fbe62-8c8b-4036-a9fe-561497b1f445-5.job, In Quarantäne, [6a9604fcfe02c33dd963b5bbc73b42be],
PUP.Optional.MediaPlayerplus.A, C:\Program Files (x86)\MediaPlayerplus\background.html, In Quarantäne, [39c7956b9d632cd424a6a3cd08fa9b65],
PUP.Optional.MediaPlayerplus.A, C:\Program Files (x86)\MediaPlayerplus\54246.crx, In Quarantäne, [39c7956b9d632cd424a6a3cd08fa9b65],
PUP.Optional.MediaPlayerplus.A, C:\Program Files (x86)\MediaPlayerplus\54246.xpi, In Quarantäne, [39c7956b9d632cd424a6a3cd08fa9b65],
PUP.Optional.MediaPlayerplus.A, C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bg.exe, In Quarantäne, [39c7956b9d632cd424a6a3cd08fa9b65],
PUP.Optional.MediaPlayerplus.A, C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bho64.dll, In Quarantäne, [39c7956b9d632cd424a6a3cd08fa9b65],
PUP.Optional.MediaPlayerplus.A, C:\Program Files (x86)\MediaPlayerplus\MediaPlayerplus.ico, In Quarantäne, [39c7956b9d632cd424a6a3cd08fa9b65],
PUP.Optional.MediaPlayerplus.A, C:\Program Files (x86)\MediaPlayerplus\Uninstall.exe, In Quarantäne, [39c7956b9d632cd424a6a3cd08fa9b65],
PUP.Optional.MediaPlayerplus.A, C:\Program Files (x86)\MediaPlayerplus\utils.exe, In Quarantäne, [39c7956b9d632cd424a6a3cd08fa9b65],
PUP.Optional.ReMarkIt.A, C:\Windows\Tasks\Re-markit Update.job, In Quarantäne, [1ee2ca3617e9bf41039c9ad804fe748c],
PUP.Optional.ReMarkIt.A, C:\Windows\Tasks\Re-markit_wd.job, In Quarantäne, [728e8e7219e7be42a3fc7ef431d10ff1],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\install.data, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\uninstall.exe, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WebDataJs, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\data.html, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE.html, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE8.html, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\main.css, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\ver.txt, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\arrow.png, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_add_logo.png, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_add_logo_hover.png, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\default_logo.png, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\googlelogo.png, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\googlelogo2.png, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\google_trends.png, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon128.png, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon16.png, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon48.png, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\loading.gif, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\logo32.ico, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\search.png, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\sliders.png, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\weather\0.png, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\common.js, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ga.js, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ie8.js, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery-1.11.0.min.js, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\js.js, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\library.js, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\xagainit.js, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt\messages.json, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json, In Quarantäne, [d9279868af5141bfa0c36c0f0ef43ac6],
PUP.Optional.Searchqu.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}, In Quarantäne, [e8185da3b34ddf212d225144d62d8e72],
PUP.Optional.ReMarkit.A, C:\Program Files (x86)\Re-markit Corp\Re-markit158.exe, Löschen bei Neustart, [f60a29d7bb4522de1886343e1ee4847c],
PUP.Optional.Searchqu, C:\Program Files (x86)\Searchqu Toolbar\sysid.ini, In Quarantäne, [cf3199679e6241bf3e52b1adfc069070],
PUP.Optional.Searchqu, C:\Program Files (x86)\Searchqu Toolbar\uninstall.exe, In Quarantäne, [cf3199679e6241bf3e52b1adfc069070],
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\update\conf, In Quarantäne, [3bc5b44c1ee2ca3693bbcb96669c3bc5],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome.manifest, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\install.rdf, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\background.html, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\baseObject.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\browser.xul, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\dialog.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\ffCoreFilesIndex.txt, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\main.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\options.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\options.xul, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\platformVersion.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\search_dialog.xul, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\asyncDB.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\background.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\browserAction.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\contextMenu.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\dbManager.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\dom_bg.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\fileManager.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\firefox.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\firefoxNotifications.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\firefoxOmnibox.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\message.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\pageAction.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\request.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\tabs.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\webRequest.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\api\windowsMessagingHandler.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\addressBarChangeObserver.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\console.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\consts.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\delegate.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\extensionDataStore.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\folderIOWrapper.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\httpObserver.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\IDBWrapper.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\installer.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\logFile.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\prefs.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\progressListenerObserver.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\registry.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\reloadObserver.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\reports.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\requestObject.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\searchSettings.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\uninstallObserver.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\updateManager.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\utils.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\chrome\content\core\xhr.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\defaults\preferences\prefs.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\manifest.xml, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins.json, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\1.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\102.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\103.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\104.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\119.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\123.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\13.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\14.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\16.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\17.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\177.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\178.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\179.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\180.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\182.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\183.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\184.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\191.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\195.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\207.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\21.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\22.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\220.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\221.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\223.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\231.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\232.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\242.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\246.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\28.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\4.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\47.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\64.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\7.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\72.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\78.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\9.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\91.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\93.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\plugins\98.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\userCode\background.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\extensionData\userCode\extension.js, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\locale\en-US\translations.dtd, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\button1.png, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\button2.png, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\button3.png, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\button4.png, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\button5.png, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\crossrider_statusbar.png, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\icon128.png, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\icon16.png, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\icon24.png, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\icon48.png, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\panelarrow-up.png, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\popup.html, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\skin.css, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\extensions\ee5ad154-f909-4cc0-aa51-d7e94e3fb0af@36204afd-f43e-4917-9c71-8384e2e4d3ad.com\skin\update.css, In Quarantäne, [f40cc53b3ac69a66a2b19dc7e81a0ef2],
PUP.Optional.ReMarkIt.A, C:\Program Files (x86)\Re-markit Corp\158.crx, In Quarantäne, [4bb57789d52b9c64579a0a5aa85a15eb],
PUP.Optional.ReMarkIt.A, C:\Program Files (x86)\Re-markit Corp\158.dat, In Quarantäne, [4bb57789d52b9c64579a0a5aa85a15eb],
PUP.Optional.ReMarkIt.A, C:\Program Files (x86)\Re-markit Corp\158.xpi, In Quarantäne, [4bb57789d52b9c64579a0a5aa85a15eb],
PUP.Optional.ReMarkIt.A, C:\Program Files (x86)\Re-markit Corp\a.db, In Quarantäne, [4bb57789d52b9c64579a0a5aa85a15eb],
PUP.Optional.ReMarkIt.A, C:\Program Files (x86)\Re-markit Corp\b.db, In Quarantäne, [4bb57789d52b9c64579a0a5aa85a15eb],
PUP.Optional.ReMarkIt.A, C:\Program Files (x86)\Re-markit Corp\Re-markit158.bin, In Quarantäne, [4bb57789d52b9c64579a0a5aa85a15eb],
PUP.Optional.ReMarkIt.A, C:\Program Files (x86)\Re-markit Corp\Re-markit158.dll, Löschen bei Neustart, [4bb57789d52b9c64579a0a5aa85a15eb],
PUP.Optional.ReMarkIt.A, C:\Program Files (x86)\Re-markit Corp\Re-markit158.ini, In Quarantäne, [4bb57789d52b9c64579a0a5aa85a15eb],
PUP.Optional.ReMarkIt.A, C:\Program Files (x86)\Re-markit Corp\Re-markit_wd.exe, Löschen bei Neustart, [4bb57789d52b9c64579a0a5aa85a15eb],
PUP.Optional.ReMarkIt.A, C:\Program Files (x86)\Re-markit Corp\ReMar.exe, In Quarantäne, [4bb57789d52b9c64579a0a5aa85a15eb],
PUP.Optional.ReMarkIt.A, C:\Program Files (x86)\Re-markit Corp\Sqlite3.dll, In Quarantäne, [4bb57789d52b9c64579a0a5aa85a15eb],
PUP.Optional.ReMarkIt.A, C:\Program Files (x86)\Re-markit Corp\Uninstall.exe, In Quarantäne, [4bb57789d52b9c64579a0a5aa85a15eb],
PUP.Optional.HQVid.A, C:\Program Files (x86)\HQVid8.1v4\53172.crx, In Quarantäne, [39c7da26ca36af51c9828fdadb2748b8],
PUP.Optional.HQVid.A, C:\Program Files (x86)\HQVid8.1v4\53172.xpi, In Quarantäne, [39c7da26ca36af51c9828fdadb2748b8],
PUP.Optional.HQVid.A, C:\Program Files (x86)\HQVid8.1v4\6f4fbe62-8c8b-4036-a9fe-561497b1f445-2.exe, In Quarantäne, [39c7da26ca36af51c9828fdadb2748b8],
PUP.Optional.HQVid.A, C:\Program Files (x86)\HQVid8.1v4\6f4fbe62-8c8b-4036-a9fe-561497b1f445-3.exe, In Quarantäne, [39c7da26ca36af51c9828fdadb2748b8],
PUP.Optional.HQVid.A, C:\Program Files (x86)\HQVid8.1v4\6f4fbe62-8c8b-4036-a9fe-561497b1f445-4.exe, In Quarantäne, [39c7da26ca36af51c9828fdadb2748b8],
PUP.Optional.HQVid.A, C:\Program Files (x86)\HQVid8.1v4\6f4fbe62-8c8b-4036-a9fe-561497b1f445-5.exe, In Quarantäne, [39c7da26ca36af51c9828fdadb2748b8],
PUP.Optional.HQVid.A, C:\Program Files (x86)\HQVid8.1v4\background.html, In Quarantäne, [39c7da26ca36af51c9828fdadb2748b8],
PUP.Optional.HQVid.A, C:\Program Files (x86)\HQVid8.1v4\HQVid8.1v4-bg.exe, In Quarantäne, [39c7da26ca36af51c9828fdadb2748b8],
PUP.Optional.HQVid.A, C:\Program Files (x86)\HQVid8.1v4\HQVid8.1v4-bho.dll, In Quarantäne, [39c7da26ca36af51c9828fdadb2748b8],
PUP.Optional.HQVid.A, C:\Program Files (x86)\HQVid8.1v4\HQVid8.1v4-bho64.dll, In Quarantäne, [39c7da26ca36af51c9828fdadb2748b8],
PUP.Optional.HQVid.A, C:\Program Files (x86)\HQVid8.1v4\HQVid8.1v4-codedownloader.exe, In Quarantäne, [39c7da26ca36af51c9828fdadb2748b8],
PUP.Optional.HQVid.A, C:\Program Files (x86)\HQVid8.1v4\HQVid8.1v4.ico, In Quarantäne, [39c7da26ca36af51c9828fdadb2748b8],
PUP.Optional.HQVid.A, C:\Program Files (x86)\HQVid8.1v4\Uninstall.exe, In Quarantäne, [39c7da26ca36af51c9828fdadb2748b8],
PUP.Optional.HQVid.A, C:\Program Files (x86)\HQVid8.1v4\utils.exe, In Quarantäne, [39c7da26ca36af51c9828fdadb2748b8],
PUP.Optional.CrossRider.A, C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.crossrider.bic", "1454c662ba30028512aa5ed0d940c7bb");), Ersetzt,[9d63ae5260a0b14f5b0482d1758f837d]
Physische Sektoren: 0
(No malicious items detected)
(end)
AdwCleaner[S0].txt Code:
# AdwCleaner v3.023 - Bericht erstellt am 18/04/2014 um 20:01:50
# Aktualisiert 01/04/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Margarita - MARGARITA-PC
# Gestartet von : C:\Users\Margarita\Desktop\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\boost_interprocess
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\Program Files (x86)\ICQ6Toolbar
Ordner Gelöscht : C:\Program Files (x86)\iLivid
Ordner Gelöscht : C:\Program Files (x86)\Mail.Ru
Ordner Gelöscht : C:\Users\Margarita\AppData\Local\Ilivid Player
Ordner Gelöscht : C:\Users\Margarita\AppData\Local\Mail.Ru
Ordner Gelöscht : C:\Users\Margarita\AppData\LocalLow\searchquband
Ordner Gelöscht : C:\Users\Margarita\AppData\LocalLow\Searchqutoolbar
Ordner Gelöscht : C:\Users\Margarita\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\ICQToolbarData
Ordner Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\Searchqutoolbar
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
Datei Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\.autoreg
Datei Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\searchplugins\icqplugin.gif
Datei Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\searchplugins\icqplugin.src
Datei Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\searchplugins\icqplugin.xml
Datei Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\searchplugins\icqplugin-1.xml
Datei Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\searchplugins\icqplugin-10.xml
Datei Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\searchplugins\icqplugin-11.xml
Datei Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\searchplugins\icqplugin-12.xml
Datei Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\searchplugins\icqplugin-13.xml
Datei Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\searchplugins\icqplugin-14.xml
Datei Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\searchplugins\icqplugin-15.xml
Datei Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\searchplugins\icqplugin-16.xml
Datei Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\searchplugins\icqplugin-17.xml
Datei Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\searchplugins\icqplugin-18.xml
Datei Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\searchplugins\icqplugin-19.xml
Datei Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\searchplugins\icqplugin-2.xml
Datei Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\searchplugins\icqplugin-20.xml
Datei Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\searchplugins\icqplugin-21.xml
Datei Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\searchplugins\icqplugin-22.xml
Datei Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\searchplugins\icqplugin-23.xml
Datei Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\searchplugins\icqplugin-24.xml
Datei Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\searchplugins\icqplugin-25.xml
Datei Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\searchplugins\icqplugin-3.xml
Datei Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\searchplugins\icqplugin-4.xml
Datei Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\searchplugins\icqplugin-5.xml
Datei Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\searchplugins\icqplugin-6.xml
Datei Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\searchplugins\icqplugin-7.xml
Datei Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\searchplugins\icqplugin-8.xml
Datei Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\searchplugins\icqplugin-9.xml
Datei Gelöscht : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\searchplugins\Search_Results.xml
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\DNSBHO.dll
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\ilivid
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_photoscape_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_photoscape_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{AC662AF2-4601-4A68-84DF-A3FE83F1A5F9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FEFD3AF5-A346-4451-AA23-A3AD54915515}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555315572}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555425546}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566316672}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566426646}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{44B619BC-3D2B-4990-AA4F-9AA366921792}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555315572}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550555425546}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566316672}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660566426646}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Schlüssel Gelöscht : HKCU\Software\ilivid
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\Optimizer Pro
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\searchqutoolbar
Schlüssel Gelöscht : HKLM\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\Software\IePlugin
Schlüssel Gelöscht : HKLM\Software\ilivid
Schlüssel Gelöscht : HKLM\Software\installedbrowserextensions
Schlüssel Gelöscht : HKLM\Software\SearchquMediabarTb
Schlüssel Gelöscht : HKLM\Software\supTab
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\installedbrowserextensions
***** [ Browser ] *****
-\\ Internet Explorer v9.0.8112.16533
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v28.0 (de)
[ Datei : C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\prefs.js ]
Zeile gelöscht : user_pref("browser.search.order.1", "Search Results");
Zeile gelöscht : user_pref("extensions.crossrider.bic", "1454c662ba30028512aa5ed0d940c7bb");
Zeile gelöscht : user_pref("icqtoolbar.allowSendURL", false);
Zeile gelöscht : user_pref("icqtoolbar.defSearchChange", false);
Zeile gelöscht : user_pref("icqtoolbar.engineVerified", false);
Zeile gelöscht : user_pref("icqtoolbar.facebookSmilesAddonShowedPopup", true);
Zeile gelöscht : user_pref("icqtoolbar.firstTbRun", false);
Zeile gelöscht : user_pref("icqtoolbar.geolastmodified", 1397146136);
Zeile gelöscht : user_pref("icqtoolbar.history", "leeroy%20jenkins||yoo%20hee%20yeol||one%20of%20a%20kind||googlede||stellenangebote%20modedesign||kilometer%20messer||bodensee%20fischbach||neurologie||albstadt||h%26m%[...]
Zeile gelöscht : user_pref("icqtoolbar.hpChange", true);
Zeile gelöscht : user_pref("icqtoolbar.icqgeo", 49);
Zeile gelöscht : user_pref("icqtoolbar.installTime", "1343291735");
Zeile gelöscht : user_pref("icqtoolbar.installsource", "1");
Zeile gelöscht : user_pref("icqtoolbar.newtab_most_visited_state", "0");
Zeile gelöscht : user_pref("icqtoolbar.newtab_recently_closed_state", "1");
Zeile gelöscht : user_pref("icqtoolbar.newtab_state", "1");
Zeile gelöscht : user_pref("icqtoolbar.numberOfSearches", 0);
Zeile gelöscht : user_pref("icqtoolbar.previousFFVersion", "28.0");
Zeile gelöscht : user_pref("icqtoolbar.skip_default_search", "no");
Zeile gelöscht : user_pref("icqtoolbar.suggestions", false);
Zeile gelöscht : user_pref("icqtoolbar.uniqueID", "131763248313176431471317675139710");
Zeile gelöscht : user_pref("icqtoolbar.usageStatstTimestamp", 1397319389);
Zeile gelöscht : user_pref("icqtoolbar.userEngineApproved", false);
Zeile gelöscht : user_pref("icqtoolbar.version", "1.5.3");
Zeile gelöscht : user_pref("icqtoolbar.voucherHideClicks", 0);
Zeile gelöscht : user_pref("icqtoolbar.voucherMoreLinkClicks", 0);
Zeile gelöscht : user_pref("icqtoolbar.voucherRedeemClicks", 0);
Zeile gelöscht : user_pref("icqtoolbar.voucherWasShown", 0);
Zeile gelöscht : user_pref("icqtoolbar.xmlEnableHomePageDsGuard", false);
Zeile gelöscht : user_pref("icqtoolbar.xmlEnableSuggestions", false);
Zeile gelöscht : user_pref("icqtoolbar.xmlLanguage", "de");
*************************
AdwCleaner[R0].txt - [13640 octets] - [18/04/2014 20:00:02]
AdwCleaner[S0].txt - [12674 octets] - [18/04/2014 20:01:50]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [12735 octets] ##########
JRT.txt Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Professional x64
Ran by Margarita on 18.04.2014 at 20:07:28,91
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\Users\Margarita\appdata\locallow\datamngr"
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{05107104-EFE0-4E64-A312-09028591F8C7}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{16182C26-2E7D-4C1C-BFAC-5DE5178AC00E}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{1624E29D-5ED1-4E38-944F-7AE275B2096E}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{1C1F6DD9-D540-46C3-AD47-4F9B98480410}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{2A0931F2-D823-4EB7-99CD-D169C82909BC}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{2B30D1BC-9246-4B1D-9303-82F7791702F7}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{31D6B1EF-CFD6-420D-AD6F-1B8A83B96327}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{33D20D75-6A5A-4BB5-9874-1515F971000A}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{378E6E51-21C7-41D5-80B4-77C86615F1A6}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{3858284F-B1C1-457C-BDB8-9EA8F7B7DB43}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{3B4AD923-6C10-4264-971D-3B30506D6294}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{42D386E6-1FCF-4AB9-87DE-A5CACB59882E}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{618003F6-F57F-4E36-8467-4923C790BFB8}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{6303D444-CE73-4380-BE81-28B99C6A08FA}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{63E33DF9-D1AC-4081-8B3D-867AF96FEF97}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{6BA728FB-0291-4682-AF2C-69CD35F4D385}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{7188F1A7-7AC9-4FC7-9012-2B2FA750A4F8}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{80D383B1-03D9-40D5-B8D3-78E412012CB8}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{8C260476-D61D-4205-AD84-69B54F225E5E}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{937D854B-AA03-4C0B-B9C5-7CBEFF681794}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{9667B335-F50C-401F-A630-54B57909222D}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{989116B1-9AA9-4680-A7D5-80F889D733FF}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{9BCA7AF9-A2EA-4843-8ED6-E86C92F05352}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{9D0E6BDF-599A-4AB5-95DF-8E5E1A5B5F09}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{A0AC7B1A-DCA7-4F85-84B6-566C0E75582A}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{AC1E5BB5-C109-4EA3-A500-F50A102A586F}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{B1ECE04C-750B-4D00-9037-A0D3518BC414}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{C4C9D74B-8318-4200-8614-AB55FF658D6B}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{C9E5110E-E7A3-4E8A-85B0-37BD17473554}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{CB736DC3-A643-4F49-8DAD-D7D5BB791B21}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{D35E9B97-EBFB-4ED4-86E4-C18684C406B6}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{D3D2414C-1681-4ABD-98A9-DDC1EAC53EBF}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{D5B2FF46-1AC2-4557-8579-D299FF5A56E0}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{D80E85D1-FF23-4475-B119-67FC5E70C072}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{DB85C306-C6EB-4078-A94F-DF2DFB308703}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{DDFBC521-9230-41A1-814F-22136A42312C}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{E1A37DA6-0DCF-4178-AAFA-8423FE0EDCAD}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{E217C429-72CB-42BE-8581-9708E765BA5E}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{EC792DE8-7D18-41B2-9B99-8000889DF044}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{F4802772-850B-4233-A32C-1ACFD3D6E7BF}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{FB03F9D9-FEB5-40D3-8AF7-D15FC631E04B}
Successfully deleted: [Empty Folder] C:\Users\Margarita\appdata\local\{FE7CD6D4-C094-4556-BA48-3697D81E20FB}
~~~ FireFox
Emptied folder: C:\Users\Margarita\AppData\Roaming\mozilla\firefox\profiles\u1t6s3bt.default\minidumps [228 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.04.2014 at 20:13:36,45
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST.txt
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-04-2014 02
Ran by Margarita (administrator) on MARGARITA-PC on 18-04-2014 20:14:49
Running from C:\Users\Margarita\Desktop
Windows 7 Professional Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Wacom Technology, Corp.) C:\Program Files\WTouch\WTouchService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaRegistry64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
(Wacom Technology, Corp.) C:\Program Files\WTouch\WTouchUser.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Wacom Technology, Corp.) C:\Windows\system32\Pen_Tablet.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
(Wacom Technology, Corp.) C:\Windows\system32\WTablet\Pen_TabletUser.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesApp64.exe
(Wacom Technology, Corp.) C:\Windows\system32\Pen_Tablet.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\Ralink\Common\RaUI.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM-x32\...\Run: [Arc] => C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcLauncher.exe [129360 2014-03-26] (Perfect World Entertainment)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [689744 2014-04-12] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2040242611-701346398-569565758-1000\...\Run: [Spotify Web Helper] => C:\Users\Margarita\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-07-08] (Spotify Ltd)
HKU\S-1-5-21-2040242611-701346398-569565758-1000\...\Run: [brah] => C:\Users\Margarita\AppData\Roaming\brah\sit.bat [193 2013-06-02] ()
HKU\S-1-5-21-2040242611-701346398-569565758-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Margarita\AppData\Local\Akamai\netsession_win.exe [4480768 2013-01-26] (Akamai Technologies, Inc.)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
ProxyEnable: Internet Explorer proxy is enabled.
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
URLSearchHook: HKLM-x32 - Default Value = {855F3B16-6D32-4fe6-8A56-BBB695989046}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\googletoolbar1.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\googletoolbar1.dll (Google Inc.)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {09900DE8-1DCA-443F-9243-26FF581438AF} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 192.168.0.2
FireFox:
========
FF ProfilePath: C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: ICQ Search
FF SelectedSearchEngine: ICQ Search
FF Homepage: hxxp://
FF Keyword.URL: hxxp://go.mail.ru/search?utf8in=1&fr=fftbUFix&q=
FF NetworkProxy: "http", "65.51.181.123"
FF NetworkProxy: "http_port", 8080
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_182.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.17.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.17.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @real.com/nppl3260;version=6.0.11.2571 - C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.12.1739 - C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.3 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Computer, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF SearchPlugin: C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\searchplugins\icqplugin-26.xml
FF SearchPlugin: C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\searchplugins\searchplugins-backup
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Margarita\AppData\Roaming\Mozilla\Firefox\Profiles\u1t6s3bt.default\Extensions\ich@maltegoetz.de [2014-04-11]
FF HKCU\...\Firefox\Extensions: [{8c46fde2-8f22-4b77-9d6b-47daa604b639}] - C:\Program Files (x86)\Re-markit Corp\158.xpi
Chrome:
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2013-08-18] (Adobe Systems)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-04-12] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-04-12] (Avira Operations GmbH & Co. KG)
S4 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-03-26] (Perfect World Entertainment Inc)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [289256 2014-01-16] (McAfee, Inc.)
S2 RaMediaServer; C:\Program Files (x86)\Ralink\Common\RaMediaServer.exe [625728 2011-08-18] ()
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe [2412344 2014-01-28] (TuneUp Software)
R2 WTouchService; C:\Program Files\WTouch\WTouchService.exe [127784 2009-11-24] (Wacom Technology, Corp.)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-04-12] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-04-12] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-04-12] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-04-03] (Malwarebytes Corporation)
R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [119512 2014-04-18] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63192 2014-04-03] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesDriver64.sys [11880 2012-11-16] (TuneUp Software)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-18 20:13 - 2014-04-18 20:13 - 00005467 _____ () C:\Users\Margarita\Desktop\JRT.txt
2014-04-18 20:09 - 2014-04-18 20:09 - 00012848 _____ () C:\Users\Margarita\Desktop\AdwCleaner[S0].txt
2014-04-18 20:06 - 2014-04-18 20:06 - 01016261 _____ (Thisisu) C:\Users\Margarita\Desktop\JRT.exe
2014-04-18 20:06 - 2014-04-18 20:06 - 00000000 ____D () C:\Windows\ERUNT
2014-04-18 19:59 - 2014-04-18 20:01 - 00000000 ____D () C:\AdwCleaner
2014-04-18 19:59 - 2014-04-18 19:59 - 01426178 _____ () C:\Users\Margarita\Desktop\adwcleaner.exe
2014-04-18 19:58 - 2014-04-18 19:58 - 00067737 _____ () C:\Users\Margarita\Desktop\mbam.txt
2014-04-18 19:29 - 2014-04-18 20:04 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-18 19:29 - 2014-04-18 19:29 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-18 19:29 - 2014-04-18 19:29 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-18 19:29 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-18 19:29 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-18 19:29 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-18 19:28 - 2014-04-18 19:28 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Margarita\Desktop\mbam-setup-2.0.1.1004.exe
2014-04-18 08:50 - 2014-04-18 08:50 - 00000000 ____D () C:\Users\Margarita\AppData\Roaming\WTouch
2014-04-17 16:02 - 2014-04-17 16:02 - 00131426 _____ () C:\ComboFix.txt
2014-04-17 15:29 - 2014-04-17 16:02 - 00000000 ____D () C:\Qoobox
2014-04-17 15:29 - 2014-04-17 15:29 - 00000000 ___RD () C:\Users\Margarita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-17 15:29 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-17 15:29 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-17 15:29 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-17 15:29 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-17 15:29 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-17 15:29 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-17 15:29 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-17 15:29 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-17 15:28 - 2014-04-17 15:28 - 05194807 ____R (Swearware) C:\Users\Margarita\Desktop\ComboFix.exe
2014-04-16 21:32 - 2014-04-16 21:32 - 00022245 _____ () C:\Users\Margarita\Desktop\Addition.txt
2014-04-16 21:31 - 2014-04-18 20:14 - 00014084 _____ () C:\Users\Margarita\Desktop\FRST.txt
2014-04-16 21:31 - 2014-04-18 20:14 - 00000000 ____D () C:\FRST
2014-04-16 21:30 - 2014-04-16 21:30 - 02158592 _____ (Farbar) C:\Users\Margarita\Desktop\FRST64.exe
2014-04-15 10:24 - 2014-04-15 11:12 - 00000000 ____D () C:\Users\Margarita\Desktop\chrissy
2014-04-14 17:26 - 2014-04-14 17:50 - 00000000 ____D () C:\Users\Margarita\Desktop\beareitet
2014-04-14 17:12 - 2014-04-14 17:14 - 00000000 ____D () C:\Users\Margarita\Desktop\xxxxx
2014-04-14 17:08 - 2014-04-14 17:09 - 00000000 ____D () C:\Users\Margarita\Desktop\bk album
2014-04-13 11:03 - 2014-04-13 11:02 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-04-12 19:36 - 2014-04-12 19:36 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-04-12 19:29 - 2014-04-12 19:36 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-04-12 19:29 - 2014-04-12 19:29 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-04-12 17:50 - 2014-04-12 17:50 - 00002066 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-04-12 17:50 - 2014-04-12 17:50 - 00000000 ____D () C:\Users\Margarita\AppData\Roaming\Avira
2014-04-12 17:49 - 2014-04-12 17:49 - 00000000 ____D () C:\ProgramData\Avira
2014-04-12 17:49 - 2014-04-12 17:49 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-04-12 17:49 - 2014-04-12 17:48 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-04-12 17:49 - 2014-04-12 17:48 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-04-12 17:49 - 2014-04-12 17:48 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-04-11 21:15 - 2014-04-11 21:15 - 00000000 ___RD () C:\Users\Margarita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-11 10:31 - 2014-04-11 10:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-10 20:10 - 2014-04-18 19:29 - 00000000 ____D () C:\Users\Margarita\Desktop\Fotos
2014-04-10 18:07 - 2014-04-17 15:40 - 00000000 ____D () C:\Users\Margarita\AppData\Local\Genesis
2014-04-10 18:07 - 2014-04-10 18:07 - 00000512 __RSH () C:\ProgramData\ntuser.pol
2014-04-10 10:24 - 2014-04-10 10:32 - 00000000 ____D () C:\Users\Margarita\Desktop\csdfsdf
2014-04-06 14:26 - 2014-04-10 10:38 - 00005632 _____ () C:\Users\Margarita\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-01 20:48 - 2014-04-01 20:48 - 33317104 _____ () C:\Users\Margarita\Desktop\rania_-_just_go.wav
2014-03-30 15:25 - 2014-03-30 15:25 - 00001842 _____ () C:\Users\Public\Desktop\Arc.lnk
2014-03-30 15:25 - 2014-03-30 15:25 - 00000000 ____D () C:\Program Files (x86)\Perfect World Entertainment
2014-03-30 15:24 - 2014-03-30 15:24 - 09005512 _____ (Perfect World Entertainment) C:\Users\Margarita\Downloads\ArcInstall_v20140224a.exe
2014-03-30 13:05 - 2014-04-12 17:54 - 00000000 ____D () C:\Users\Margarita\Desktop\GFS Schlaf und Traum
2014-03-28 08:39 - 2014-03-28 08:40 - 00000000 ____D () C:\Users\Margarita\Downloads\Shiro2_Client_2014
2014-03-28 08:38 - 2014-03-28 08:38 - 974154658 _____ () C:\Users\Margarita\Downloads\Shiro2_Client_12032014.rar
==================== One Month Modified Files and Folders =======
2014-04-18 20:14 - 2014-04-16 21:31 - 00014084 _____ () C:\Users\Margarita\Desktop\FRST.txt
2014-04-18 20:14 - 2014-04-16 21:31 - 00000000 ____D () C:\FRST
2014-04-18 20:13 - 2014-04-18 20:13 - 00005467 _____ () C:\Users\Margarita\Desktop\JRT.txt
2014-04-18 20:11 - 2009-07-14 06:45 - 00014544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-18 20:11 - 2009-07-14 06:45 - 00014544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-18 20:10 - 2009-07-14 12:57 - 00654150 _____ () C:\Windows\system32\perfh007.dat
2014-04-18 20:10 - 2009-07-14 12:57 - 00130022 _____ () C:\Windows\system32\perfc007.dat
2014-04-18 20:10 - 2009-07-14 07:13 - 01498742 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-18 20:09 - 2014-04-18 20:09 - 00012848 _____ () C:\Users\Margarita\Desktop\AdwCleaner[S0].txt
2014-04-18 20:06 - 2014-04-18 20:06 - 01016261 _____ (Thisisu) C:\Users\Margarita\Desktop\JRT.exe
2014-04-18 20:06 - 2014-04-18 20:06 - 00000000 ____D () C:\Windows\ERUNT
2014-04-18 20:04 - 2014-04-18 19:29 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-18 20:03 - 2013-12-22 15:22 - 00001112 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-18 20:03 - 2013-08-22 12:57 - 00000000 ____D () C:\Users\Margarita\AppData\Roaming\WTablet
2014-04-18 20:02 - 2012-05-07 06:25 - 00074637 _____ () C:\Windows\setupact.log
2014-04-18 20:02 - 2011-09-27 21:29 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-18 20:02 - 2011-09-27 21:14 - 01475219 _____ () C:\Windows\WindowsUpdate.log
2014-04-18 20:02 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-18 20:01 - 2014-04-18 19:59 - 00000000 ____D () C:\AdwCleaner
2014-04-18 20:01 - 2013-06-28 20:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-18 19:59 - 2014-04-18 19:59 - 01426178 _____ () C:\Users\Margarita\Desktop\adwcleaner.exe
2014-04-18 19:58 - 2014-04-18 19:58 - 00067737 _____ () C:\Users\Margarita\Desktop\mbam.txt
2014-04-18 19:53 - 2013-01-03 09:33 - 00161830 _____ () C:\Windows\PFRO.log
2014-04-18 19:52 - 2013-06-02 17:12 - 00000000 ____D () C:\Users\Margarita\AppData\Roaming\brah
2014-04-18 19:42 - 2013-12-22 15:22 - 00001116 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-18 19:29 - 2014-04-18 19:29 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-18 19:29 - 2014-04-18 19:29 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-18 19:29 - 2014-04-10 20:10 - 00000000 ____D () C:\Users\Margarita\Desktop\Fotos
2014-04-18 19:29 - 2012-01-09 22:04 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-18 19:28 - 2014-04-18 19:28 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Margarita\Desktop\mbam-setup-2.0.1.1004.exe
2014-04-18 13:56 - 2012-06-18 22:40 - 06133248 ___SH () C:\Users\Margarita\Desktop\Thumbs.db
2014-04-18 08:50 - 2014-04-18 08:50 - 00000000 ____D () C:\Users\Margarita\AppData\Roaming\WTouch
2014-04-17 21:46 - 2013-10-07 20:04 - 00000000 ____D () C:\Users\Margarita\Desktop\Originals
2014-04-17 21:45 - 2011-10-01 14:13 - 00038912 ____H () C:\Users\Margarita\Desktop\photothumb.db
2014-04-17 16:02 - 2014-04-17 16:02 - 00131426 _____ () C:\ComboFix.txt
2014-04-17 16:02 - 2014-04-17 15:29 - 00000000 ____D () C:\Qoobox
2014-04-17 15:53 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-17 15:40 - 2014-04-10 18:07 - 00000000 ____D () C:\Users\Margarita\AppData\Local\Genesis
2014-04-17 15:29 - 2014-04-17 15:29 - 00000000 ___RD () C:\Users\Margarita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-04-17 15:28 - 2014-04-17 15:28 - 05194807 ____R (Swearware) C:\Users\Margarita\Desktop\ComboFix.exe
2014-04-16 21:32 - 2014-04-16 21:32 - 00022245 _____ () C:\Users\Margarita\Desktop\Addition.txt
2014-04-16 21:30 - 2014-04-16 21:30 - 02158592 _____ (Farbar) C:\Users\Margarita\Desktop\FRST64.exe
2014-04-15 11:12 - 2014-04-15 10:24 - 00000000 ____D () C:\Users\Margarita\Desktop\chrissy
2014-04-14 17:50 - 2014-04-14 17:26 - 00000000 ____D () C:\Users\Margarita\Desktop\beareitet
2014-04-14 17:14 - 2014-04-14 17:12 - 00000000 ____D () C:\Users\Margarita\Desktop\xxxxx
2014-04-14 17:09 - 2014-04-14 17:08 - 00000000 ____D () C:\Users\Margarita\Desktop\bk album
2014-04-14 17:09 - 2013-11-04 22:50 - 00000000 ____D () C:\Users\Margarita\Desktop\KUNST FOTOALBUM
2014-04-13 11:02 - 2014-04-13 11:03 - 00084720 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-04-12 19:36 - 2014-04-12 19:36 - 00000000 ____D () C:\Program Files\McAfee Security Scan
2014-04-12 19:36 - 2014-04-12 19:29 - 00001931 _____ () C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk
2014-04-12 19:31 - 2013-06-28 20:41 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-04-12 19:31 - 2013-03-19 17:03 - 00692400 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-04-12 19:31 - 2012-01-22 18:59 - 00070832 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-12 19:31 - 2011-09-29 22:35 - 00000000 ____D () C:\Users\Margarita\AppData\Local\Adobe
2014-04-12 19:29 - 2014-04-12 19:29 - 00000000 ____D () C:\ProgramData\McAfee Security Scan
2014-04-12 17:54 - 2014-03-30 13:05 - 00000000 ____D () C:\Users\Margarita\Desktop\GFS Schlaf und Traum
2014-04-12 17:50 - 2014-04-12 17:50 - 00002066 _____ () C:\Users\Public\Desktop\Avira Control Center.lnk
2014-04-12 17:50 - 2014-04-12 17:50 - 00000000 ____D () C:\Users\Margarita\AppData\Roaming\Avira
2014-04-12 17:49 - 2014-04-12 17:49 - 00000000 ____D () C:\ProgramData\Avira
2014-04-12 17:49 - 2014-04-12 17:49 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-04-12 17:48 - 2014-04-12 17:49 - 00131576 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-04-12 17:48 - 2014-04-12 17:49 - 00108440 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-04-12 17:48 - 2014-04-12 17:49 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-04-12 15:10 - 2011-09-29 18:13 - 00000000 ____D () C:\Users\Margarita\AppData\Local\Google
2014-04-12 15:10 - 2011-09-27 21:48 - 00000000 ____D () C:\Program Files (x86)\Google
2014-04-12 09:34 - 2012-05-08 15:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-04-11 21:15 - 2014-04-11 21:15 - 00000000 ___RD () C:\Users\Margarita\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-04-11 21:14 - 2011-09-27 21:54 - 00001939 _____ () C:\Users\Margarita\Desktop\Mozilla Firefox.lnk
2014-04-11 10:31 - 2014-04-11 10:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-04-10 18:08 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-04-10 18:07 - 2014-04-10 18:07 - 00000512 __RSH () C:\ProgramData\ntuser.pol
2014-04-10 18:07 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-04-10 18:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
2014-04-10 10:38 - 2014-04-06 14:26 - 00005632 _____ () C:\Users\Margarita\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-04-10 10:32 - 2014-04-10 10:24 - 00000000 ____D () C:\Users\Margarita\Desktop\csdfsdf
2014-04-09 19:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-04-09 15:15 - 2011-10-02 15:02 - 00000000 ____D () C:\Users\Margarita\Desktop\ICQ
2014-04-09 12:04 - 2012-06-16 13:58 - 00000000 ____D () C:\Users\Margarita\AppData\Local\Windows Live
2014-04-03 09:51 - 2014-04-18 19:29 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-18 19:29 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-18 19:29 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 22:02 - 2014-02-18 20:00 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2013
2014-04-01 20:50 - 2012-04-04 20:59 - 00000000 ____D () C:\Users\Margarita\AppData\Roaming\Audacity
2014-04-01 20:48 - 2014-04-01 20:48 - 33317104 _____ () C:\Users\Margarita\Desktop\rania_-_just_go.wav
2014-03-30 15:28 - 2013-06-16 12:59 - 00000000 ____D () C:\Users\Margarita\AppData\Roaming\Arc
2014-03-30 15:25 - 2014-03-30 15:25 - 00001842 _____ () C:\Users\Public\Desktop\Arc.lnk
2014-03-30 15:25 - 2014-03-30 15:25 - 00000000 ____D () C:\Program Files (x86)\Perfect World Entertainment
2014-03-30 15:25 - 2011-10-03 22:52 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-30 15:24 - 2014-03-30 15:24 - 09005512 _____ (Perfect World Entertainment) C:\Users\Margarita\Downloads\ArcInstall_v20140224a.exe
2014-03-28 08:40 - 2014-03-28 08:39 - 00000000 ____D () C:\Users\Margarita\Downloads\Shiro2_Client_2014
2014-03-28 08:38 - 2014-03-28 08:38 - 974154658 _____ () C:\Users\Margarita\Downloads\Shiro2_Client_12032014.rar
2014-03-26 15:37 - 2013-12-22 15:22 - 00004112 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-26 15:37 - 2013-12-22 15:22 - 00003860 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-19 11:24 - 2009-07-14 07:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
Files to move or delete:
====================
C:\Users\Margarita\ACE.dll
C:\Users\Margarita\AdobeUpdater.dll
C:\Users\Margarita\AdobeXMP.dll
C:\Users\Margarita\agldt28l.dll
C:\Users\Margarita\AGM.dll
C:\Users\Margarita\ARE.dll
C:\Users\Margarita\asneu.dll
C:\Users\Margarita\AXE16SharedExpat.dll
C:\Users\Margarita\AXE8SharedExpat.dll
C:\Users\Margarita\Bib.dll
C:\Users\Margarita\BIBUtils.dll
C:\Users\Margarita\CoolType.dll
C:\Users\Margarita\epic_eula.dll
C:\Users\Margarita\epic_pers.dll
C:\Users\Margarita\epic_regs.dll
C:\Users\Margarita\eularesde_DE.dll
C:\Users\Margarita\eularesen_US.dll
C:\Users\Margarita\FileInfo.dll
C:\Users\Margarita\ImageReady.exe
C:\Users\Margarita\ImageReadyRes.dll
C:\Users\Margarita\JP2KLib.dll
C:\Users\Margarita\libagluc28.dll
C:\Users\Margarita\MPS.dll
C:\Users\Margarita\MSVCP60.DLL
C:\Users\Margarita\msvcp71.dll
C:\Users\Margarita\msvcr71.dll
C:\Users\Margarita\Msvcrt.dll
C:\Users\Margarita\PDFL70.dll
C:\Users\Margarita\pdfsettings.dll
C:\Users\Margarita\persresde_DE.dll
C:\Users\Margarita\persresen_US.dll
C:\Users\Margarita\Photoshop.dll
C:\Users\Margarita\Photoshop.exe
C:\Users\Margarita\Plugin.dll
C:\Users\Margarita\PSArt.dll
C:\Users\Margarita\PSViews.dll
C:\Users\Margarita\regsresde_DE.dll
C:\Users\Margarita\regsresen_US.dll
C:\Users\Margarita\Shfolder.dll
C:\Users\Margarita\Tw10122.dat
C:\Users\Margarita\VersionCue.dll
C:\Users\Margarita\VersionCueUI.dll
Some content of TEMP:
====================
C:\Users\Margarita\AppData\Local\Temp\avgnt.exe
C:\Users\Margarita\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-09 08:01
==================== End Of Log ============================ --- --- ---
LG, rita8 |