Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Delta search toolbar und andere Ads by browser+ Apps (https://www.trojaner-board.de/167101-delta-search-toolbar-andere-ads-by-browser-apps.html)

Firegirl 20.05.2015 17:17
Delta search toolbar und andere Ads by browser+ Apps
 
hallöchen....
ich benörtige dringend hilfe! bei öffnen meiner Browsers (Opera) kommt immer als startseite delta home search.mein pc ist total verlangsamt! Bei der suche im internet mit google öffnet mir is immer als erstes anzeigen von ads by browser+ apps.

Bitte helft mir!

schrauber 20.05.2015 18:29
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


Firegirl 22.05.2015 15:00
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-05-2015
Ran by Vivien Förster (administrator) on VIVIENFÖRSTER on 22-05-2015 15:47:37
Running from C:\Users\Vivien Förster\Downloads
Loaded Profiles: Vivien Förster (Available profiles: Vivien Förster)
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
(XTab system) C:\Program Files (x86)\XTab\ProtectService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Acer) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(FileProperties_CompanyName) C:\Program Files (x86)\fun4u\fun4u_notification_service.exe
(browser) C:\Program Files (x86)\Browser+ Apps+\c8db5b52-1d3c-47ad-83a8-1fa7c93c4d74.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(SearchProtect) C:\Program Files (x86)\XTab\CmdShell.exe
(XTab system) C:\Program Files (x86)\XTab\HPNotify.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
(Chicony) C:\Program Files (x86)\Video Web Camera\traybar.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Chicony) C:\Program Files (x86)\Video Web Camera\CEC_MAIN.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
() C:\Program Files (x86)\Opera\29.0.1795.60\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM-x32\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [503864 2009-07-21] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-19] (Synaptics Incorporated)
HKLM-x32\...\Run: [Acer ePower Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [828960 2009-08-05] (Acer Incorporated)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe [262912 2009-08-21] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Camera Assistant Software] => C:\Program Files (x86)\Video Web Camera\traybar.exe [630784 2008-12-10] (Chicony)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1194504 2009-08-27] (Dritek System Inc.)
HKLM-x32\...\Run: [DXM6Patch_981116] => C:\Windows\p_981116.exe [497376 1998-11-30] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [348664 2012-07-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2015-02-20] (RealNetworks, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\Run: [Global Registration] => C:\Program Files (x86)\Packard Bell\Registration\GREG.exe [2844704 2009-07-31] (Acer Incorporated)
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: E - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: F - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {43251c25-5c40-11df-bb9f-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {43251c29-5c40-11df-bb9f-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {4ce31a24-53a1-11df-b11b-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {4ce31ac2-53a1-11df-b11b-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {4ce31ac4-53a1-11df-b11b-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {527cbcd6-7888-11df-ae27-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {6ca1a154-d8df-11e1-bba2-d10e42d81abb} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\Start.hta
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {9fb638dd-381b-11df-86ee-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {9fb638e4-381b-11df-86ee-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {9ffd5b3d-6799-11e1-bd23-acd1b65a66b9} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\DVR/AutoRun.exe start.exe
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {b920d96d-5504-11df-b689-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {cfee75c0-788f-11df-b779-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2009-07-14] (Microsoft Corporation)
AppInit_DLLs-x32: c:\progra~3\browse~1\261339~1.144\{16cdf~1\browse~1.dll => "c:\progra~3\browse~1\261339~1.144\{16cdf~1\browse~1.dll" File not found
Startup: C:\Users\Vivien Förster\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktopnotes.lnk [2015-03-09]
ShortcutTarget: Desktopnotes.lnk -> C:\Users\Vivien Förster\Downloads\desknote\desktopnotes.exe (No File)
Startup: C:\Users\Vivien Förster\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk [2010-07-13]
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = delta-homes
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = delta-homes
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = delta-homes
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = delta-homes
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\Software\Microsoft\Internet Explorer\Main,Start Page = delta-homes
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = delta-homes
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\Software\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = Babylon Search
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}
URLSearchHook: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 - (No Name) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - No File
URLSearchHook: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 - (No Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No File
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_dsites_14_41_ie&cd=2XzuyEtN2Y1L1QzuyBtDtC0AtDyEtDyByD0CtAtDzy0DyEyBtN0D0Tzu0StCtDtCtBtN1L2XzutAtFyDtFtCtFtBtN1L1 CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCtAzyzyzy0F0D0CtG0FyC0AtBtGtAyD0F0BtG0A0F0CtCtGyCyC0B0DtC0D0AtCtCyE0C0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0EyD0D0Cy EyE0FtGzz0FyB0CtGyE0Dzy0EtGzyzyzy0AtG0BzzyDyEtC0FyE0EtCyE0C0C2Q&cr=203866892&ir=
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_dsites_14_41_ie&cd=2XzuyEtN2Y1L1QzuyBtDtC0AtDyEtDyByD0CtAtDzy0DyEyBtN0D0Tzu0StCtDtCtBtN1L2XzutAtFyDtFtCtFtBtN1L1 CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCtAzyzyzy0F0D0CtG0FyC0AtBtGtAyD0F0BtG0A0F0CtCtGyCyC0B0DtC0D0AtCtCyE0C0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0EyD0D0Cy EyE0FtGzz0FyB0CtGyE0Dzy0EtGzyzyzy0AtG0BzzyDyEtC0FyE0EtCyE0C0C2Q&cr=203866892&ir=
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=1&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=1&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=812862174&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {1} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
BHO: Browser+ Apps+ -> {11111111-1111-1111-1111-110611441149} -> C:\Program Files (x86)\Browser+ Apps+\Browser+ Apps+-bho64.dll [2014-09-16] (browser)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04] (Oracle Corporation)
BHO-x32: Browser+ Apps+ -> {11111111-1111-1111-1111-110611441149} -> C:\Program Files (x86)\Browser+ Apps+\Browser+ Apps+-bho.dll [2014-09-16] (browser)
BHO-x32: No Name -> {2EECD738-5844-4a99-B4B6-146BF802613B} -> No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-08-12] (RealDownloader)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\XTab\SupTab.dll [2015-04-20] (Thinknice Co. Limited)
BHO-x32: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll [2009-08-16] (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\IPSBHO.DLL [2009-08-16] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04] (Oracle Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll [2009-08-16] (Symantec Corporation)
Toolbar: HKLM-x32 - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} - No File
Toolbar: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler-x32: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll [2009-08-16] (Symantec Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-02-23] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-02-23] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-02-23] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-02-23] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default
FF NewTab: hxxp://www.delta-homes.com/newtab/?type=nt&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA
FF DefaultSearchEngine: delta-homes
FF SelectedSearchEngine: delta-homes
FF Homepage: hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-27] ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll [2012-10-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-04] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-27] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8064.0206 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-02-06] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.4.19 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2015-02-20] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.4 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-08-12] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.4.19 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2015-02-20] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2014-08-12] (RealDownloader)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2014-09-16] (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2014-09-16] (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-22] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2015-02-20] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2015-02-20] (RealPlayer)
FF SearchPlugin: C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\searchplugins\delta.xml [2013-06-04]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\delta-homes.xml [2015-04-29]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\istartsurf.xml [2014-09-16]
FF Extension: Browser+ Apps - C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\Extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com [2015-02-20]
FF Extension: fun4u - C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\Extensions\o698XPPx@gmail.com [2015-04-19]
FF Extension: xpath_finderxpath_findercom - C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\Extensions\xpath_finder@xpath_finder.com [2015-04-19]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-09-25]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2015-02-20]
FF HKLM-x32\...\Firefox\Extensions: [{1B12EF76-2B5E-4DA1-B587-4762D49BFE03}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKU\.DEFAULT\...\Firefox\Extensions: [{b64982b1-d112-42b5-b1e4-d3867c4533f8}] - C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension
FF Extension: No Name - C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com [not found]
StartMenuInternet: FIREFOX.EXE - firefox.exe
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\my-prefs.js [2015-03-25] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\my.cfg [2015-03-25] <==== ATTENTION

Chrome:
=======
CHR HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bhphemoobgnikcoofkgackkaimpfmenm] - C:\Users\Vivien Förster\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx [2012-08-01]
CHR HKLM-x32\...\Chrome\Extension: [bhphemoobgnikcoofkgackkaimpfmenm] - C:\Users\Vivien Förster\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx [2012-08-01]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Vivien Förster\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [Not Found]

Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\Vivien Förster\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-02-21]
OPR Extension: (Browser+ Apps+) - C:\Users\Vivien Förster\AppData\Roaming\Opera Software\Opera Stable\Extensions\okhbpnfiofnpilolnjeebnidmkopeeda [2014-10-09]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86224 2012-07-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110032 2012-07-18] (Avira Operations GmbH & Co. KG)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [844320 2009-08-05] (Acer Incorporated)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2009-09-26] (Macrovision Europe Ltd.) []
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-09-16] (globalUpdate) [] <==== ATTENTION
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-09-16] (globalUpdate) [] <==== ATTENTION
R2 Greg_Service; C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [1150496 2009-06-04] (Acer Incorporated)
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158816 2015-04-20] (XTab system)
R2 Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe [117640 2009-08-16] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [62720 2009-08-21] (NewTech Infosystems, Inc.)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2014-08-12] ()
R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [240160 2009-07-04] (Acer)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-07-18] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-07-18] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2012-07-18] (Avira GmbH)
R1 BHDrvx64; C:\Windows\system32\drivers\NISx64\1007000.01E\BHDrvx64.sys [334384 2009-08-16] (Symantec Corporation)
R1 ccHP; C:\Windows\system32\drivers\NISx64\1007000.01E\ccHPx64.sys [583296 2009-08-16] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [475696 2009-08-07] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090712.001\IDSVia64.sys [397360 2009-08-16] (Symantec Corporation)
S3 SRTSP; C:\Windows\system32\drivers\NISx64\1007000.01E\SRTSP64.SYS [476720 2009-08-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1007000.01E\SRTSPX64.SYS [32304 2009-08-16] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1007000.01E\SYMEFA64.SYS [402992 2009-08-16] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [172592 2009-12-24] (Symantec Corporation)
R3 SYMFW; C:\Windows\system32\drivers\NISx64\1007000.01E\SYMFW.SYS [120880 2009-08-16] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [31280 2009-08-16] (Symantec Corporation)
R3 SYMNDISV; C:\Windows\system32\drivers\NISx64\1007000.01E\SYMNDISV.SYS [56880 2009-08-16] (Symantec Corporation)
R1 SYMTDI; C:\Windows\system32\drivers\NISx64\1007000.01E\SYMTDI.SYS [278576 2009-08-16] (Symantec Corporation)
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090807.007\ENG64.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090807.007\EX64.SYS [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-22 15:47 - 2015-05-22 15:48 - 00032281 _____ () C:\Users\Vivien Förster\Downloads\FRST.txt
2015-05-22 15:47 - 2015-05-22 15:47 - 00000000 ____D () C:\FRST
2015-05-22 15:46 - 2015-05-22 15:46 - 02108416 _____ (Farbar) C:\Users\Vivien Förster\Downloads\FRST64.exe
2015-05-17 17:41 - 2015-05-17 17:43 - 00000000 ____D () C:\Users\Vivien Förster\Downloads\Desy
2015-05-11 19:02 - 2015-05-22 15:26 - 00000000 ____D () C:\Users\Vivien Förster\Documents\Bewerbungsunterlagen
2015-05-01 17:29 - 2015-05-01 17:29 - 00000000 ____D () C:\Users\Vivien Förster\Downloads\GG
2015-05-01 17:20 - 2015-05-01 18:17 - 46707722 _____ () C:\Users\Vivien Förster\Desktop\Kriegsdenkmäler erzählen.odp
2015-04-29 16:29 - 2015-04-29 16:29 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2015-04-29 16:29 - 2015-04-29 16:29 - 00000000 ____D () C:\Program Files (x86)\XTab
2015-04-28 19:07 - 2015-04-29 20:50 - 00017725 _____ () C:\Users\Vivien Förster\Documents\quelle gg london.odt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-22 15:46 - 2010-05-01 09:05 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-22 15:46 - 2010-05-01 09:05 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-22 15:41 - 2010-05-01 09:05 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-22 15:41 - 2010-05-01 09:05 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-22 15:28 - 2009-07-14 06:45 - 00017376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-22 15:28 - 2009-07-14 06:45 - 00017376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-22 15:26 - 2014-09-16 17:49 - 00003474 _____ () C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-6.job
2015-05-22 15:24 - 2009-09-26 16:02 - 01252334 _____ () C:\Windows\WindowsUpdate.log
2015-05-22 15:21 - 2015-04-19 16:54 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-05-22 15:21 - 2015-04-19 16:50 - 00001302 _____ () C:\Windows\Tasks\fun4u_notification_service.job
2015-05-22 15:21 - 2015-04-19 16:50 - 00000664 _____ () C:\Windows\Tasks\fun4u_updating_service.job
2015-05-22 15:21 - 2014-09-16 17:50 - 00002776 _____ () C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-1.job
2015-05-22 15:21 - 2014-09-16 17:50 - 00002450 _____ () C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-5.job
2015-05-22 15:21 - 2014-09-16 17:50 - 00002114 _____ () C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-2.job
2015-05-22 15:21 - 2014-09-16 17:50 - 00001406 _____ () C:\Windows\Tasks\c8db5b52-1d3c-47ad-83a8-1fa7c93c4d74.job
2015-05-22 15:21 - 2014-09-16 17:49 - 00004500 _____ () C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-11.job
2015-05-22 15:21 - 2014-09-16 17:49 - 00003818 _____ () C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-4.job
2015-05-22 15:21 - 2014-09-16 17:49 - 00003818 _____ () C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-3.job
2015-05-22 15:21 - 2014-09-16 17:49 - 00003474 _____ () C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-7.job
2015-05-22 15:21 - 2014-09-16 17:49 - 00000928 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-05-22 15:21 - 2010-05-14 15:20 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-05-22 15:21 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-22 15:21 - 2009-07-14 06:51 - 00181882 _____ () C:\Windows\setupact.log
2015-05-22 15:21 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2015-05-21 22:05 - 2009-12-25 11:32 - 00003986 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0D1B1EDE-B618-4E07-A365-64A854AC9435}
2015-05-20 17:54 - 2014-09-16 17:49 - 00000932 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-05-20 17:50 - 2015-02-20 12:41 - 00003862 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1424428891
2015-05-20 17:50 - 2014-10-08 18:09 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-05-18 19:20 - 2015-02-20 12:20 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-18 18:03 - 2015-03-09 19:03 - 00003368 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-664774285-3076153036-1514180132-1000
2015-05-18 18:03 - 2014-09-08 16:32 - 00003252 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-664774285-3076153036-1514180132-1000
2015-05-18 17:28 - 2013-11-18 18:36 - 00000000 ____D () C:\Users\Vivien Förster\Documents\Feuerwehr [Ausbildung]
2015-05-17 17:28 - 2015-03-07 14:49 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-11 19:11 - 2014-11-20 17:27 - 00000000 ____D () C:\Users\Vivien Förster\Documents\JFW
2015-05-11 19:09 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-05-11 19:07 - 2014-12-17 16:42 - 00000000 ____D () C:\Users\Vivien Förster\Documents\Jugendfeuerwehr
2015-05-01 17:52 - 2010-06-27 17:52 - 00020480 _____ () C:\Users\Vivien Förster\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-01 17:29 - 2013-07-28 17:15 - 00000000 ____D () C:\Users\Vivien Förster\Downloads\Autoversicherung
2015-05-01 17:28 - 2014-02-25 18:36 - 00000000 ____D () C:\Users\Vivien Förster\Documents\GN 13 B
2015-04-30 18:22 - 2015-04-11 16:42 - 46767872 _____ () C:\Users\Vivien Förster\Documents\Kriegsdenkmäler erzählen.odp
2015-04-29 16:29 - 2015-02-20 12:41 - 00001339 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-04-29 16:29 - 2015-02-20 12:12 - 00001655 _____ () C:\Users\Vivien Förster\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-29 16:29 - 2015-02-20 12:12 - 00001633 _____ () C:\Users\Vivien Förster\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-04-29 16:29 - 2014-09-16 17:49 - 00000000 ____D () C:\ProgramData\IePluginServices
2015-04-28 15:59 - 2015-04-19 17:30 - 00000000 ____D () C:\Users\Vivien Förster\Downloads\Literatur
2015-04-27 17:20 - 2015-02-20 12:20 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-27 17:20 - 2015-02-20 12:20 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-27 17:20 - 2015-02-20 12:20 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-27 17:08 - 2010-05-11 16:52 - 00000000 ____D () C:\Users\Vivien Förster\AppData\Roaming\Real
2015-04-27 16:29 - 2012-08-08 19:16 - 66085672 _____ (DVDVideoSoft Ltd. ) C:\Users\Vivien

==================== Files in the root of some directories =======

2009-08-22 08:07 - 2008-06-11 17:12 - 0776614 _____ () C:\Program Files (x86)\Common Files\packardbell.ico
2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\Vivien Förster\AppData\Roaming\BgX88AZdj0WaZJQg6qiCpWGLZ
2015-04-03 15:49 - 2015-04-03 15:49 - 1224704 _____ () C:\Users\Vivien Förster\AppData\Roaming\BgX88AZdj0WaZJQg6qiCpWGLZ.exe
2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\Vivien Förster\AppData\Roaming\CGLTJAG
2014-09-16 17:49 - 2014-09-16 17:49 - 1524128 _____ (browser) C:\Users\Vivien Förster\AppData\Roaming\CGLTJAG.exe
2014-05-26 14:49 - 2014-05-26 14:49 - 0000065 _____ () C:\Users\Vivien Förster\AppData\Roaming\gnuplot_history
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\Vivien Förster\AppData\Roaming\NQOVIKVG
2014-09-16 17:49 - 2014-09-16 17:49 - 1972640 _____ (browser) C:\Users\Vivien Förster\AppData\Roaming\NQOVIKVG.exe
2009-12-31 21:47 - 2009-12-31 21:47 - 0033134 _____ () C:\Users\Vivien Förster\AppData\Roaming\UserTile.png
2009-12-28 17:03 - 2015-02-19 13:36 - 0004234 _____ () C:\Users\Vivien Förster\AppData\Roaming\wklnhst.dat
2010-06-27 17:52 - 2015-05-01 17:52 - 0020480 _____ () C:\Users\Vivien Förster\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-06-24 19:22 - 2012-12-20 14:53 - 0007648 _____ () C:\Users\Vivien Förster\AppData\Local\Resmon.ResmonCfg
2009-08-22 08:08 - 2009-07-18 03:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe

Some files in TEMP:
====================
C:\Users\Vivien Förster\AppData\Local\Temp\AskSLib.dll
C:\Users\Vivien Förster\AppData\Local\Temp\BackupSetup.exe
C:\Users\Vivien Förster\AppData\Local\Temp\bitool.dll
C:\Users\Vivien Förster\AppData\Local\Temp\bootstrapper.exe
C:\Users\Vivien Förster\AppData\Local\Temp\chatzum_softonic_yahoo_62_v5.exe
C:\Users\Vivien Förster\AppData\Local\Temp\dotNetFx40_Client_setup.exe
C:\Users\Vivien Förster\AppData\Local\Temp\ffunzip.exe
C:\Users\Vivien Förster\AppData\Local\Temp\FileFormatConverters.exe
C:\Users\Vivien Förster\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Vivien Förster\AppData\Local\Temp\FreeStudio.exe
C:\Users\Vivien Förster\AppData\Local\Temp\ICReinstall_FreeYouTubeToMP3Converter.exe
C:\Users\Vivien Förster\AppData\Local\Temp\iMesh_setup.exe
C:\Users\Vivien Förster\AppData\Local\Temp\Installhelper.dll
C:\Users\Vivien Förster\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Vivien Förster\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Vivien Förster\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Vivien Förster\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Vivien Förster\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Vivien Förster\AppData\Local\Temp\jre-8u40-windows-au.exe
C:\Users\Vivien Förster\AppData\Local\Temp\post1.exe
C:\Users\Vivien Förster\AppData\Local\Temp\post2.dll
C:\Users\Vivien Förster\AppData\Local\Temp\post2.exe
C:\Users\Vivien Förster\AppData\Local\Temp\SetupDataMngr_iMesh.exe
C:\Users\Vivien Förster\AppData\Local\Temp\SHSetup.exe
C:\Users\Vivien Förster\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\Vivien Förster\AppData\Local\Temp\stubhelper.dll
C:\Users\Vivien Förster\AppData\Local\Temp\tbDVDV.dll
C:\Users\Vivien Förster\AppData\Local\Temp\TOBITCLT.DLL
C:\Users\Vivien Förster\AppData\Local\Temp\TsuE5B78F95.dll
C:\Users\Vivien Förster\AppData\Local\Temp\uninst.exe
C:\Users\Vivien Förster\AppData\Local\Temp\uninst1.exe
C:\Users\Vivien Förster\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Vivien Förster\AppData\Local\Temp\{00748123-85B0-4138-88F6-6A30FBFAD5A6}-GoogleUpdateSetup.exe
C:\Users\Vivien Förster\AppData\Local\Temp\{33BA9D65-8150-4FFF-A219-6204BBE0BAB1}-GoogleEarth-Win-Bundle-6.1.0.5001.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-14 18:15

==================== End of log ============================











Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-05-2015
Ran by Vivien Förster at 2015-05-22 15:48:49
Running from C:\Users\Vivien Förster\Downloads
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-664774285-3076153036-1514180132-500 - Administrator - Disabled)
Gast (S-1-5-21-664774285-3076153036-1514180132-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-664774285-3076153036-1514180132-1005 - Limited - Enabled)
Vivien Förster (S-1-5-21-664774285-3076153036-1514180132-1000 - Administrator - Enabled) => C:\Users\Vivien Förster

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton Internet Security (Disabled - Out of date) {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855}
AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Internet Security (Disabled - Up to date) {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8}
FW: Norton Internet Security (Disabled) {B0F2DB13-C654-2E74-30D4-99C9310F0F2E}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe ConnectNow Add-in (HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\Adobe ConnectNow Add-in) (Version: - )
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (HKLM-x32\...\Adobe Photoshop Elements 7) (Version: 7.0.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.2 - Nero AG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 12.1.9.1236 - Avira)
Backup Manager Basic (x32 Version: 2.0.0.22 - NewTech Infosystems) Hidden
Broadcom Gigabit NetLink Controller (HKLM\...\{96F70DF8-160F-4F9C-9B9E-2A9B439B4EB9}) (Version: 12.26.02 - Broadcom Corporation)
Choice Guard (x32 Version: 1.2.87.0 - Microsoft Corporation) Hidden
ClassPad Manager v3 Professional (90 Day Trial) (HKLM-x32\...\{E8D33536-6ACE-4D34-A51E-08AA48B88305}) (Version: 3.06.1010.2110 - CASIO COMPUTER CO., LTD.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.98.9.0 - Conexant)
Free Studio version 6.5.0.219 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.0.219 - DVDVideoSoft Ltd.)
GIMP 2.8.8 (HKLM\...\GIMP-2_is1) (Version: 2.8.8 - The GIMP Team)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3001 - Packard Bell)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Java 8 Update 40 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418040F0}) (Version: 8.0.400 - Oracle Corporation)
Java 8 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218040F0}) (Version: 8.0.400 - Oracle Corporation)
Launch Manager (HKLM-x32\...\LManager) (Version: 3.0.03 - Packard Bell)
Microsoft Works (HKLM-x32\...\{62F7DA7E-CCCB-439C-A760-00C3926E761F}) (Version: 9.7.0621 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Nero 9 Essentials (HKLM-x32\...\{8ed5c8a6-2aee-40dd-8df4-26cd57921222}) (Version: - Nero AG)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 16.7.0.30 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 1.2.0.36 - Symantec)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.5 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)
OpenOffice.org 3.2 (HKLM-x32\...\{DFFC0648-BC4B-47D1-93D2-6CA6B9457641}) (Version: 3.2.9502 - OpenOffice.org)
Opera Stable 29.0.1795.60 (HKLM-x32\...\Opera 29.0.1795.60) (Version: 29.0.1795.60 - Opera Software ASA)
Packard Bell InfoCentre (HKLM-x32\...\Packard Bell InfoCentre) (Version: 3.02.3000 - Packard Bell)
Packard Bell MyBackup (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.22 - NewTech Infosystems)
Packard Bell Power Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 4.05.3002 - Packard Bell)
Packard Bell Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3003 - Packard Bell)
Packard Bell Registration (HKLM-x32\...\Packard Bell Registration) (Version: 1.02.3004 - Packard Bell)
Packard Bell Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.01.3014 - Packard Bell)
PackardBell ScreenSaver (HKLM-x32\...\PackardBell Screensaver) (Version: 1.0.1.0302 - PackardBell)
RealDownloader (x32 Version: 1.3.4 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.4 - RealNetworks)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7100.30093 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
SAMSUNG Mobile Composite Device Software (HKLM\...\SAMSUNG Mobile Composite Device) (Version: - )
Samsung Mobile Modem Device Software (HKLM\...\Samsung Mobile Modem Device) (Version: - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
SAMSUNG USB Mobile Device Software (HKLM\...\SAMSUNG USB Mobile Device) (Version: - )
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.2.0 - Synaptics Incorporated)
Tinypic 3.18 (HKLM-x32\...\{E3723A04-A894-4036-A78E-282E18F43C0A}_is1) (Version: Tinypic 3.18 - E. Fiedler)
Video Web Camera (HKLM-x32\...\{12A1B519-5934-4508-ADBD-335347B0DC87}) (Version: 1.7.10.1210 - Chicony Electronics Co.,Ltd.)
VLC media player 2.0.3 (HKLM-x32\...\VLC media player) (Version: 2.0.3 - VideoLAN)
Welcome Center (HKLM-x32\...\Packard Bell Welcome Center) (Version: 1.00.3005 - Packard Bell)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8064.0206 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{ED636101-1959-4360-8BF7-209436E7DEE4}) (Version: 14.0.8064.206 - Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

07-03-2015 14:47:28 Installed Adobe Reader XI - Deutsch.
09-03-2015 19:12:30 Windows-Sicherung
16-03-2015 16:38:41 Windows-Sicherung
31-03-2015 17:20:42 Windows-Sicherung
08-04-2015 09:18:36 Windows-Sicherung
14-04-2015 16:23:03 Windows-Sicherung
20-04-2015 09:12:24 Windows-Sicherung
27-04-2015 16:13:27 Windows-Sicherung
10-05-2015 17:52:28 Windows-Sicherung
18-05-2015 16:32:17 Windows-Sicherung

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B5E9078-00D6-46E7-A132-492014BF2594} - System32\Tasks\{7C10F13F-AC89-4A0D-B563-F461D0BF8A64} => pcalua.exe -a E:\Symantec\Setup.exe -d E:\Symantec
Task: {0B773F42-CF5C-40BC-9169-0AAEEAC80253} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Packard Bell\Packard Bell Recovery Management\NotificationCenter\Notification.exe [2009-07-09] (Acer)
Task: {247412CF-3314-4DC7-B725-F8315CE0F838} - System32\Tasks\{63E463B4-1E85-4237-A939-1E2BD522F9F3} => pcalua.exe -a C:\Users\VIVIEN~1\AppData\Local\Temp\flash45\install_flash_player_10_ie.exe -d C:\Users\VIVIEN~1\AppData\Local\Temp\flash45
Task: {2D6805A1-50E8-428A-95C7-C0071C2B4B20} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-664774285-3076153036-1514180132-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe [2014-08-12] (RealNetworks, Inc.)
Task: {393768D5-AEA6-40F5-94F9-E7AE1044E0EC} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-664774285-3076153036-1514180132-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.)
Task: {3CDB1D50-4B7B-49E8-82FD-BE0CDC18617C} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-09-16] (globalUpdate) <==== ATTENTION
Task: {41D46187-B393-46B7-A110-DFA8B18020E3} - System32\Tasks\{D3D78B6A-DD96-4D37-83DB-762684D0DA81} => pcalua.exe -a D:\Setup.exe -d D:\
Task: {4EE7AA78-4070-4CE1-93AF-C2EE6081A636} - System32\Tasks\{E2581C57-E1EC-4B99-84F5-B63FCE9143F4} => pcalua.exe -a "C:\Users\Vivien Förster\Downloads\Programme\picturevizII.exe" -d "C:\Users\Vivien Förster\Downloads\Programme"
Task: {4FE85442-D3B7-461E-974A-9AE38564E1BA} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {502D97B7-032A-49F5-A0E4-6B928A59CE7C} - System32\Tasks\c8db5b52-1d3c-47ad-83a8-1fa7c93c4d74 => C:\Program Files (x86)\Browser+ Apps+\c8db5b52-1d3c-47ad-83a8-1fa7c93c4d74.exe [2014-09-16] (browser) <==== ATTENTION
Task: {5DA1F1C1-25AF-4549-B8D6-94EFEFB6E093} - System32\Tasks\fun4u_notification_service => C:\Program Files (x86)\fun4u\fun4u_notification_service.exe [2015-04-19] (FileProperties_CompanyName) <==== ATTENTION
Task: {5F228F6C-1127-4D2A-973B-E159BF2726A3} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-664774285-3076153036-1514180132-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.)
Task: {60E3E83C-F457-438B-A695-139578CDD4E1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-31] (Google Inc.)
Task: {6622ED7E-75EB-4519-8CA5-736BB0A7873B} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-09-16] (globalUpdate) <==== ATTENTION
Task: {6844056B-D9F6-438A-B6B6-49889BB49B54} - System32\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-7 => C:\Program Files (x86)\Browser+ Apps+\58bdf064-05ee-4829-b90e-14cee42c2e5c-7.exe [2014-09-16] (browser) <==== ATTENTION
Task: {690355E9-6E19-4CC5-A04A-2388B0FA1F82} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-31] (Google Inc.)
Task: {6E29FA3E-E1DC-4F83-A5CE-C9603D902083} - System32\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-4 => C:\Program Files (x86)\Browser+ Apps+\58bdf064-05ee-4829-b90e-14cee42c2e5c-4.exe [2014-09-16] (browser) <==== ATTENTION
Task: {77436646-3819-498A-91CB-8392AF2A832B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-27] (Adobe Systems Incorporated)
Task: {831FA999-5AEA-4396-9A9C-576E8018FB79} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-664774285-3076153036-1514180132-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-08-12] (RealNetworks, Inc.)
Task: {8585CC85-3E10-4AE9-823D-163DAFCE7C76} - System32\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-6 => C:\Program Files (x86)\Browser+ Apps+\58bdf064-05ee-4829-b90e-14cee42c2e5c-6.exe [2014-09-16] (browser) <==== ATTENTION
Task: {8A7B1808-5828-466D-AABB-48EFB9588328} - System32\Tasks\fun4u_updating_service => C:\Program Files (x86)\fun4u\fun4u_updating_service.exe [2015-04-19] () <==== ATTENTION
Task: {8C409447-1252-4D91-BB8A-B17574C31FA6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {9284E44A-E874-44B1-9AB3-7040FEFA943B} - System32\Tasks\Opera scheduled Autoupdate 1424428891 => C:\Program Files (x86)\Opera\launcher.exe [2015-05-18] (Opera Software)
Task: {980CB0BA-7111-4171-A58A-41648C82E17A} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-664774285-3076153036-1514180132-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.)
Task: {9E812BC7-BD66-4A71-941A-9EED9CE9A890} - System32\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-1 => C:\Program Files (x86)\Browser+ Apps+\Browser+ Apps+-codedownloader.exe [2014-09-16] (browser) <==== ATTENTION
Task: {A479DE3F-13C0-4676-9B7D-2188F33E7E19} - System32\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-3 => C:\Program Files (x86)\Browser+ Apps+\58bdf064-05ee-4829-b90e-14cee42c2e5c-3.exe [2014-09-16] (browser) <==== ATTENTION
Task: {D87A0998-1B1E-42FB-9915-A8A04C25EA83} - System32\Tasks\{76A1236A-482E-4275-B8FF-CE866AC6AF3A} => pcalua.exe -a C:\WINDOWS\st6unst.exe -c -n "C:\Program Files (x86)\klimastation\ST6UNST.000"
Task: {DF01132C-DEDB-4B11-9448-2A6BCC6B9CCA} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-664774285-3076153036-1514180132-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-08-29] (RealNetworks, Inc.)
Task: {F12F6994-FF28-41E3-8939-BB63964F9119} - System32\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-2 => C:\Program Files (x86)\Browser+ Apps+\58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe [2014-09-16] (browser) <==== ATTENTION
Task: {F3FFA104-D1E4-4D99-AE62-DEBB539D39F8} - System32\Tasks\{FCAB26D8-4A18-4D2D-BD4C-027DF20EFF7F} => pcalua.exe -a "C:\Program Files (x86)\Common Files\DVDVideoSoft\Uninstall.exe"
Task: {F6EAF365-2867-428E-8DBD-8F011373F3AC} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-664774285-3076153036-1514180132-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-08-12] (RealNetworks, Inc.)
Task: {F9089BA6-A82D-423E-BB2D-AAC37EE25E9C} - System32\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-5 => C:\Program Files (x86)\Browser+ Apps+\58bdf064-05ee-4829-b90e-14cee42c2e5c-5.exe [2014-09-16] (browser) <==== ATTENTION
Task: {F9651EC9-590E-4210-B759-8F1D1377E4B8} - System32\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-11 => C:\Program Files (x86)\Browser+ Apps+\58bdf064-05ee-4829-b90e-14cee42c2e5c-11.exe [2014-09-16] (browser) <==== ATTENTION
Task: C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-1.job => C:\Program Files (x86)\Browser+ Apps+\Browser+ Apps+-codedownloader.exe <==== ATTENTION
Task: C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-11.job => C:\Program Files (x86)\Browser+ Apps+\58bdf064-05ee-4829-b90e-14cee42c2e5c-11.exe <==== ATTENTION
Task: C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-2.job => C:\Program Files (x86)\Browser+ Apps+\58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe <==== ATTENTION
Task: C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-3.job => C:\Program Files (x86)\Browser+ Apps+\58bdf064-05ee-4829-b90e-14cee42c2e5c-3.exe <==== ATTENTION
Task: C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-4.job => C:\Program Files (x86)\Browser+ Apps+\58bdf064-05ee-4829-b90e-14cee42c2e5c-4.exe <==== ATTENTION
Task: C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-5.job => C:\Program Files (x86)\Browser+ Apps+\58bdf064-05ee-4829-b90e-14cee42c2e5c-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-5_user.job => C:\Program Files (x86)\Browser+ Apps+\58bdf064-05ee-4829-b90e-14cee42c2e5c-5.exe <==== ATTENTION
Task: C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-6.job => C:\Program Files (x86)\Browser+ Apps+\58bdf064-05ee-4829-b90e-14cee42c2e5c-6.exe <==== ATTENTION
Task: C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-7.job => C:\Program Files (x86)\Browser+ Apps+\58bdf064-05ee-4829-b90e-14cee42c2e5c-7.exe <==== ATTENTION
Task: C:\Windows\Tasks\a3557447-7d25-4247-9e1e-82f951ca4503.job => C:\Program Files (x86)\Browser+ Apps+\a3557447-7d25-4247-9e1e-82f951ca4503.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\BgX88AZdj0WaZJQg6qiCpWGLZ.job => C:\Users\Vivien Fýÿrster\AppData\Roaming\BgX88AZdj0WaZJQg6qiCpWGLZ.exe <==== ATTENTION
Task: C:\Windows\Tasks\c8db5b52-1d3c-47ad-83a8-1fa7c93c4d74.job => C:\Program Files (x86)\Browser+ Apps+\c8db5b52-1d3c-47ad-83a8-1fa7c93c4d74.exe/agentregpath='Browser+ Apps+' /appid=64449 /srcid='002142' /subid='0' /zdata='0' /bic=4BE8F0A212EB4063BE450E573E89C989IE /verifier=ebe7a61988f1a539f5cfda5156a95198 /installerversion=1_35_09_16 /installationtime=1410882543 /statsdomain=http:/stats.newclientonlinestorage.com /errorsdomain=http:/errors.newclientonlinestorage.com /extensionname='Information' /torpedoiesleeps=1000 /torpedoieplugins=93-0,102-0,104-0,184-0 /monetizationdomain=http:/logs.newclientonlinestorage.com <==== ATTENTION
Task: C:\Windows\Tasks\CGLTJAG.job => C:\Users\Vivien Fýÿrster\AppData\Roaming\CGLTJAG.exe <==== ATTENTION
Task: C:\Windows\Tasks\fun4u_notification_service.job => C:\Program Files (x86)\fun4u\fun4u_notification_service.exeá/url='http:/cdn.selectbestopt.com/notf_sys/index.html' /crregname='fun4u' /appid='73143' /srcid='2913' /bic='8bfb33d088b8dd6ade9424134b4fd0e7' /verifier='3344b45c1c7fc68a883011b4cf18243d' /installerversion='1.50.3.10' /statsdomain='http:/stats.buildomserv.com/data.gif?' /errorsdomain='http:/stats.buildomserv.com/data.gif?' /monetizationdomain='http:/logs.buildomserv.com/monetization.gif <==== ATTENTION
Task: C:\Windows\Tasks\fun4u_updating_service.job => C:\Program Files (x86)\fun4u\fun4u_updating_service.exe¦ /campid=2913 /verid=1 /url=http:/cdn.buildomserv.com/txt/@CAMPID@/@VER@/file.txt /appid=73143 /taskname=fun4u_updating_service /funurl=http:/stats.buildomserv.com <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\NQOVIKVG.job => C:\Users\Vivien Fýÿrster\AppData\Roaming\NQOVIKVG.exe <==== ATTENTION

==================== Loaded Modules (Whitelisted) ==============

2014-08-12 12:34 - 2014-08-12 12:34 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2015-05-20 17:50 - 2015-05-20 17:50 - 00479352 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\opera_crashreporter.exe
2012-08-10 15:15 - 2012-07-18 18:04 - 00398288 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2009-02-03 02:33 - 2009-02-03 02:33 - 00460199 _____ () C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\sqlite3.dll
2008-09-29 02:55 - 2008-09-29 02:55 - 01076224 _____ () C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\ACE.dll
2010-05-04 15:36 - 2010-05-04 15:36 - 00970752 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2010-03-24 21:51 - 2010-07-13 14:46 - 00166400 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll
2009-09-27 01:47 - 2009-04-03 01:03 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2015-05-20 17:50 - 2015-05-20 17:49 - 01576568 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\libglesv2.dll
2015-05-20 17:50 - 2015-05-20 17:49 - 00081016 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:0B9176C0
AlternateDataStreams: C:\ProgramData\Temp:1D32EC29
AlternateDataStreams: C:\ProgramData\Temp:4CF61E54
AlternateDataStreams: C:\ProgramData\Temp:4D066AD2
AlternateDataStreams: C:\ProgramData\Temp:5D7E5A8F
AlternateDataStreams: C:\ProgramData\Temp:93DE1838
AlternateDataStreams: C:\ProgramData\Temp:AB689DEA
AlternateDataStreams: C:\ProgramData\Temp:ABE89FFE
AlternateDataStreams: C:\ProgramData\Temp:E1F04E8D
AlternateDataStreams: C:\ProgramData\Temp:E3C56885

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SymEFA.sys => ""="FSFilter Activity Monitor"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SymEFA.sys => ""="FSFilter Activity Monitor"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-664774285-3076153036-1514180132-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Vivien Förster\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1

==================== MSCONFIG/TASK MANAGER Error getting ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{9E2E4DAC-DBA5-4A46-887E-433C61E5B2BC}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD8\PowerDVD8.EXE
FirewallRules: [{1DCAA4C0-AFBC-407A-9597-D899FEE90784}] => (Allow) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{F89096D1-848C-4353-9A7C-7490AE5124B7}] => (Allow) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\AdobePhotoshopElementsMediaServer.exe
FirewallRules: [{008B604B-E06A-40E1-9E9C-7441BDAA1265}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [TCP Query User{4AA2B8C6-5089-4923-8625-11C4014D1E94}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{186C0888-2C21-416A-A528-D22D7538495D}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [TCP Query User{CD90BB8E-A2BA-4CCC-939F-85937E5AE766}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [UDP Query User{F947FC81-538A-441B-B1B3-6091FCFC2612}C:\program files (x86)\google\google earth\client\googleearth.exe] => (Allow) C:\program files (x86)\google\google earth\client\googleearth.exe
FirewallRules: [TCP Query User{C89683FC-ECA4-4FD6-ABD0-77B2DCB1DB86}C:\program files (x86)\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files (x86)\google\google earth\plugin\geplugin.exe
FirewallRules: [UDP Query User{7ED01374-CAA5-43D8-982C-5CEE7F43B3EA}C:\program files (x86)\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files (x86)\google\google earth\plugin\geplugin.exe
FirewallRules: [{F6ABDDC0-91E2-4B8D-B2DE-8A68F8449264}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{CA635094-2441-4E0A-AF73-C54DB510E221}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsasvr.exe
FirewallRules: [{AECB0DB1-85F9-47FC-B993-F5535890F55F}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{7E7CD9A8-3F30-4D07-B037-C91222382AB8}] => (Allow) C:\Program Files (x86)\Samsung\Samsung New PC Studio\npsvsvr.exe
FirewallRules: [{F3231212-0B1B-4B99-B4BD-9EA4C430C107}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{15697BEC-A640-412B-ABC7-304598EBBEC1}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{9AD7DDA4-F3DB-406A-8B4F-77468573AF67}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [{4A5294FB-5F7E-4B61-BEB4-AF4FE70EAD94}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [{CAE09B8D-1649-4EE6-B70F-D7C419228F3A}] => (Allow) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
FirewallRules: [{46A0F119-E937-408B-8A08-26C22E626FAB}] => (Allow) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
FirewallRules: [{D4F26090-AB5B-4275-9D42-2BB01CA91C1F}] => (Allow) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
FirewallRules: [{448D5741-59B9-4E61-9DAF-9790D5E1B5A9}] => (Allow) C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
FirewallRules: [{0187DED7-020D-4DE4-9CF0-A1725BFFE710}] => (Allow) C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe
FirewallRules: [{14A1916C-2EFB-43AA-96B4-ECAF552B81EC}] => (Allow) C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe
FirewallRules: [{8AD0B072-D93B-48D9-8D3F-D43375F63EEF}] => (Allow) C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe
FirewallRules: [{33AEE9F8-554B-4AAB-88CA-FED1FDD8AB6A}] => (Allow) C:\Program Files (x86)\iMesh Applications\iMesh\iMesh.exe
FirewallRules: [{F7C213E0-A571-4877-BFAB-76583F57E668}] => (Allow) C:\Program Files (x86)\Shareaza Applications\Shareaza\Shareaza.exe
FirewallRules: [TCP Query User{CA2BE147-6C5B-4F1C-8222-7AA67EEE6AA6}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{41FE26F8-85A1-497E-9675-819A2B06D072}C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) C:\program files (x86)\myphoneexplorer\myphoneexplorer.exe

==================== Faulty Device Manager Devices =============

Name: Microsoft-Adapter für Miniports virtueller WiFis
Description: Microsoft-Adapter für Miniports virtueller WiFis
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver


==================== Event log errors: =========================

Application errors:
==================
Error: (05/20/2015 05:49:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Die Daten sind unzulässig.
.

Error: (04/28/2015 03:52:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Die Daten sind unzulässig.
.

Error: (04/14/2015 04:51:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: recordingmanager.exe, Version: 1.3.4.3, Zeitstempel: 0x53ea5e97
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x004735a8
ID des fehlerhaften Prozesses: 0x10c8
Startzeit der fehlerhaften Anwendung: 0xrecordingmanager.exe0
Pfad der fehlerhaften Anwendung: recordingmanager.exe1
Pfad des fehlerhaften Moduls: recordingmanager.exe2
Berichtskennung: recordingmanager.exe3

Error: (04/10/2015 03:56:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Die Daten sind unzulässig.
.

Error: (03/30/2015 04:56:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Die Daten sind unzulässig.
.

Error: (03/10/2015 06:19:16 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Die Daten sind unzulässig.
.

Error: (03/09/2015 07:58:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm iexplore.exe, Version 8.0.7600.16385 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 10dc

Startzeit: 01d05a92785086f1

Endzeit: 20

Anwendungspfad: C:\Program Files (x86)\Internet Explorer\iexplore.exe

Berichts-ID: c68244c4-c685-11e4-9b74-de0126e813a8

Error: (03/09/2015 07:04:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm realplay.exe, Version 16.0.4.19 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: cf4

Startzeit: 01d05a8ad2756b3b

Endzeit: 40

Anwendungspfad: C:\Program Files (x86)\Real\RealPlayer\realplay.exe

Berichts-ID: 407726ec-c67e-11e4-9b74-de0126e813a8

Error: (03/04/2015 05:43:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm soffice.bin, Version 3.2.9498.500 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: ef0

Startzeit: 01d05690cd0e1448

Endzeit: 31

Anwendungspfad: C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin

Berichts-ID: 31b9ae0e-c285-11e4-8c4c-bab724b723b2

Error: (02/25/2015 06:37:01 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Fehler beim Extrahieren der Drittanbieterstammliste aus der automatischen Aktualisierungs-CAB-Datei bei <hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Fehler: Die Daten sind unzulässig.
.


System errors:
=============
Error: (05/20/2015 06:17:55 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{B495D123-3E40-4D95-973A-9ACBCFB6281E}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (05/18/2015 07:19:32 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{B495D123-3E40-4D95-973A-9ACBCFB6281E}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (05/17/2015 05:17:15 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{B495D123-3E40-4D95-973A-9ACBCFB6281E}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (05/10/2015 07:37:54 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{B495D123-3E40-4D95-973A-9ACBCFB6281E}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (04/29/2015 05:03:37 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{B495D123-3E40-4D95-973A-9ACBCFB6281E}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (04/19/2015 05:50:21 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{B495D123-3E40-4D95-973A-9ACBCFB6281E}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (04/19/2015 04:54:14 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎19.‎04.‎2015 um 16:53:05 unerwartet heruntergefahren.

Error: (04/10/2015 03:52:21 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}

Error: (03/31/2015 05:12:32 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "EASYBOX",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{B495D123-3E40-4D95-973A-9ACBCFB6281E}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.

Error: (03/31/2015 05:11:15 PM) (Source: Disk) (EventID: 11) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk1\DR1 gefunden.


Microsoft Office:
=========================
Error: (05/20/2015 05:49:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabDie Daten sind unzulässig.

Error: (04/28/2015 03:52:52 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabDie Daten sind unzulässig.

Error: (04/14/2015 04:51:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: recordingmanager.exe1.3.4.353ea5e97unknown0.0.0.000000000c0000005004735a810c801d076bff0cea1f8C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exeunknownaff59ffb-e2b5-11e4-8b21-89f039da55b0

Error: (04/10/2015 03:56:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabDie Daten sind unzulässig.

Error: (03/30/2015 04:56:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabDie Daten sind unzulässig.

Error: (03/10/2015 06:19:16 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabDie Daten sind unzulässig.

Error: (03/09/2015 07:58:01 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: iexplore.exe8.0.7600.1638510dc01d05a92785086f120C:\Program Files (x86)\Internet Explorer\iexplore.exec68244c4-c685-11e4-9b74-de0126e813a8

Error: (03/09/2015 07:04:09 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: realplay.exe16.0.4.19cf401d05a8ad2756b3b40C:\Program Files (x86)\Real\RealPlayer\realplay.exe407726ec-c67e-11e4-9b74-de0126e813a8

Error: (03/04/2015 05:43:51 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: soffice.bin3.2.9498.500ef001d05690cd0e144831C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin31b9ae0e-c285-11e4-8c4c-bab724b723b2

Error: (02/25/2015 06:37:01 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: hxxp://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabDie Daten sind unzulässig.


==================== Memory info ===========================

Processor: Pentium(R) Dual-Core CPU T4300 @ 2.10GHz
Percentage of memory in use: 48%
Total physical RAM: 4090.93 MB
Available physical RAM: 2092.85 MB
Total Pagefile: 8180 MB
Available Pagefile: 5900.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:453.94 GB) (Free:358.29 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: CDB2CDB2)
Partition 1: (Not Active) - (Size=11.7 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=453.9 GB) - (Type=07 NTFS)

==================== End of log ============================

schrauber 23.05.2015 06:29
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307




Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

Firegirl 25.05.2015 16:37
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-05-2015
Ran by Vivien Förster (administrator) on VIVIENFÖRSTER on 25-05-2015 17:33:16
Running from C:\Users\Vivien Förster\Downloads
Loaded Profiles: Vivien Förster (Available profiles: Vivien Förster)
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
(XTab system) C:\Program Files (x86)\XTab\ProtectService.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Acer) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(FileProperties_CompanyName) C:\Program Files (x86)\fun4u\fun4u_notification_service.exe
(browser) C:\Program Files (x86)\Browser+ Apps+\c8db5b52-1d3c-47ad-83a8-1fa7c93c4d74.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
(Chicony) C:\Program Files (x86)\Video Web Camera\traybar.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(SearchProtect) C:\Program Files (x86)\XTab\CmdShell.exe
(XTab system) C:\Program Files (x86)\XTab\HPNotify.exe
(Chicony) C:\Program Files (x86)\Video Web Camera\CEC_MAIN.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
() C:\Program Files (x86)\Opera\29.0.1795.60\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM-x32\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [503864 2009-07-21] (Conexant Systems, Inc.)
HKLM-x32\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-19] (Synaptics Incorporated)
HKLM-x32\...\Run: [Acer ePower Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [828960 2009-08-05] (Acer Incorporated)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe [262912 2009-08-21] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Camera Assistant Software] => C:\Program Files (x86)\Video Web Camera\traybar.exe [630784 2008-12-10] (Chicony)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1194504 2009-08-27] (Dritek System Inc.)
HKLM-x32\...\Run: [DXM6Patch_981116] => C:\Windows\p_981116.exe [497376 1998-11-30] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [348664 2012-07-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2015-02-20] (RealNetworks, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\Run: [Global Registration] => C:\Program Files (x86)\Packard Bell\Registration\GREG.exe [2844704 2009-07-31] (Acer Incorporated)
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: E - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: F - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {43251c25-5c40-11df-bb9f-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {43251c29-5c40-11df-bb9f-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {4ce31a24-53a1-11df-b11b-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {4ce31ac2-53a1-11df-b11b-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {4ce31ac4-53a1-11df-b11b-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {527cbcd6-7888-11df-ae27-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {6ca1a154-d8df-11e1-bba2-d10e42d81abb} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\Start.hta
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {9fb638dd-381b-11df-86ee-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {9fb638e4-381b-11df-86ee-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {9ffd5b3d-6799-11e1-bd23-acd1b65a66b9} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\DVR/AutoRun.exe start.exe
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {b920d96d-5504-11df-b689-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {cfee75c0-788f-11df-b779-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2009-07-14] (Microsoft Corporation)
AppInit_DLLs-x32: c:\progra~3\browse~1\261339~1.144\{16cdf~1\browse~1.dll => "c:\progra~3\browse~1\261339~1.144\{16cdf~1\browse~1.dll" File not found
Startup: C:\Users\Vivien Förster\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktopnotes.lnk [2015-03-09]
ShortcutTarget: Desktopnotes.lnk -> C:\Users\Vivien Förster\Downloads\desknote\desktopnotes.exe (No File)
Startup: C:\Users\Vivien Förster\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk [2010-07-13]
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\Software\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = hxxp://search.babylon.com/?affID=110809&tt=130812_bandext_3312_8&babsrc=HP_ss&mntrId=1cb69d4700000000000000262d50379d
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}
URLSearchHook: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 - (No Name) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - No File
URLSearchHook: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 - (No Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No File
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_dsites_14_41_ie&cd=2XzuyEtN2Y1L1QzuyBtDtC0AtDyEtDyByD0CtAtDzy0DyEyBtN0D0Tzu0StCtDtCtBtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCtAzyzyzy0F0D0CtG0FyC0AtBtGtAyD0F0BtG0A0F0CtCtGyCyC0B0DtC0D0AtCtCyE0C0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0EyD0D0CyEyE0FtGzz0FyB0CtGyE0Dzy0EtGzyzyzy0AtG0BzzyDyEtC0FyE0EtCyE0C0C2Q&cr=203866892&ir=
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_dsites_14_41_ie&cd=2XzuyEtN2Y1L1QzuyBtDtC0AtDyEtDyByD0CtAtDzy0DyEyBtN0D0Tzu0StCtDtCtBtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCtAzyzyzy0F0D0CtG0FyC0AtBtGtAyD0F0BtG0A0F0CtCtGyCyC0B0DtC0D0AtCtCyE0C0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0EyD0D0CyEyE0FtGzz0FyB0CtGyE0Dzy0EtGzyzyzy0AtG0BzzyDyEtC0FyE0EtCyE0C0C2Q&cr=203866892&ir=
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=1&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=1&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=812862174&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {1} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
BHO: Browser+ Apps+ -> {11111111-1111-1111-1111-110611441149} -> C:\Program Files (x86)\Browser+ Apps+\Browser+ Apps+-bho64.dll [2014-09-16] (browser)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04] (Oracle Corporation)
BHO-x32: Browser+ Apps+ -> {11111111-1111-1111-1111-110611441149} -> C:\Program Files (x86)\Browser+ Apps+\Browser+ Apps+-bho.dll [2014-09-16] (browser)
BHO-x32: No Name -> {2EECD738-5844-4a99-B4B6-146BF802613B} ->  No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-08-12] (RealDownloader)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\XTab\SupTab.dll [2015-04-20] (Thinknice Co. Limited)
BHO-x32: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll [2009-08-16] (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\IPSBHO.DLL [2009-08-16] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04] (Oracle Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll [2009-08-16] (Symantec Corporation)
Toolbar: HKLM-x32 - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll [2009-08-16] (Symantec Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-02-23] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-02-23] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-02-23] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-02-23] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default
FF NewTab: hxxp://www.delta-homes.com/newtab/?type=nt&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA
FF DefaultSearchEngine: delta-homes
FF SelectedSearchEngine: delta-homes
FF Homepage: hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-27] ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll [2012-10-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-04] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-27] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8064.0206 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-02-06] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.4.19 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2015-02-20] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.4 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-08-12] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.4.19 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2015-02-20] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2014-08-12] (RealDownloader)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2014-09-16] (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2014-09-16] (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-22] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2015-02-20] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2015-02-20] (RealPlayer)
FF SearchPlugin: C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\searchplugins\delta.xml [2013-06-04]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\delta-homes.xml [2015-04-29]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\istartsurf.xml [2014-09-16]
FF Extension: Browser+ Apps - C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\Extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com [2015-02-20]
FF Extension: fun4u - C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\Extensions\o698XPPx@gmail.com [2015-04-19]
FF Extension: xpath_finderxpath_findercom - C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\Extensions\xpath_finder@xpath_finder.com [2015-04-19]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-09-25]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2015-02-20]
FF HKLM-x32\...\Firefox\Extensions: [{1B12EF76-2B5E-4DA1-B587-4762D49BFE03}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKU\.DEFAULT\...\Firefox\Extensions: [{b64982b1-d112-42b5-b1e4-d3867c4533f8}] - C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension
FF Extension: No Name - C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com [not found]
StartMenuInternet: FIREFOX.EXE - firefox.exe
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\my-prefs.js [2015-03-25] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\my.cfg [2015-03-25] <==== ATTENTION

Chrome:
=======
CHR HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bhphemoobgnikcoofkgackkaimpfmenm] - C:\Users\Vivien Förster\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx [2012-08-01]
CHR HKLM-x32\...\Chrome\Extension: [bhphemoobgnikcoofkgackkaimpfmenm] - C:\Users\Vivien Förster\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx [2012-08-01]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Vivien Förster\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [Not Found]

Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\Vivien Förster\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-02-21]
OPR Extension: (Browser+ Apps+) - C:\Users\Vivien Förster\AppData\Roaming\Opera Software\Opera Stable\Extensions\okhbpnfiofnpilolnjeebnidmkopeeda [2014-10-09]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86224 2012-07-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110032 2012-07-18] (Avira Operations GmbH & Co. KG)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [844320 2009-08-05] (Acer Incorporated)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2009-09-26] (Macrovision Europe Ltd.) []
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-09-16] (globalUpdate) [] <==== ATTENTION
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-09-16] (globalUpdate) [] <==== ATTENTION
R2 Greg_Service; C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [1150496 2009-06-04] (Acer Incorporated)
R2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [158816 2015-04-20] (XTab system)
R2 Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe [117640 2009-08-16] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [62720 2009-08-21] (NewTech Infosystems, Inc.)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2014-08-12] ()
R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [240160 2009-07-04] (Acer)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-07-18] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-07-18] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2012-07-18] (Avira GmbH)
R1 BHDrvx64; C:\Windows\system32\drivers\NISx64\1007000.01E\BHDrvx64.sys [334384 2009-08-16] (Symantec Corporation)
R1 ccHP; C:\Windows\system32\drivers\NISx64\1007000.01E\ccHPx64.sys [583296 2009-08-16] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [475696 2009-08-07] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090712.001\IDSVia64.sys [397360 2009-08-16] (Symantec Corporation)
S3 SRTSP; C:\Windows\system32\drivers\NISx64\1007000.01E\SRTSP64.SYS [476720 2009-08-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1007000.01E\SRTSPX64.SYS [32304 2009-08-16] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1007000.01E\SYMEFA64.SYS [402992 2009-08-16] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [172592 2009-12-24] (Symantec Corporation)
R3 SYMFW; C:\Windows\system32\drivers\NISx64\1007000.01E\SYMFW.SYS [120880 2009-08-16] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [31280 2009-08-16] (Symantec Corporation)
R3 SYMNDISV; C:\Windows\system32\drivers\NISx64\1007000.01E\SYMNDISV.SYS [56880 2009-08-16] (Symantec Corporation)
R1 SYMTDI; C:\Windows\system32\drivers\NISx64\1007000.01E\SYMTDI.SYS [278576 2009-08-16] (Symantec Corporation)
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090807.007\ENG64.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090807.007\EX64.SYS [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-22 15:48 - 2015-05-22 15:50 - 00038823 _____ () C:\Users\Vivien Förster\Downloads\Addition.txt
2015-05-22 15:47 - 2015-05-25 17:33 - 00032224 _____ () C:\Users\Vivien Förster\Downloads\FRST.txt
2015-05-22 15:47 - 2015-05-25 17:33 - 00000000 ____D () C:\FRST
2015-05-22 15:46 - 2015-05-22 15:46 - 02108416 _____ (Farbar) C:\Users\Vivien Förster\Downloads\FRST64.exe
2015-05-17 17:41 - 2015-05-17 17:43 - 00000000 ____D () C:\Users\Vivien Förster\Downloads\Desy
2015-05-11 19:02 - 2015-05-22 15:26 - 00000000 ____D () C:\Users\Vivien Förster\Documents\Bewerbungsunterlagen
2015-05-01 17:29 - 2015-05-01 17:29 - 00000000 ____D () C:\Users\Vivien Förster\Downloads\GG
2015-05-01 17:20 - 2015-05-01 18:17 - 46707722 _____ () C:\Users\Vivien Förster\Desktop\Kriegsdenkmäler erzählen.odp
2015-04-29 16:29 - 2015-04-29 16:29 - 00000000 ____D () C:\ProgramData\IHProtectUpDate
2015-04-29 16:29 - 2015-04-29 16:29 - 00000000 ____D () C:\Program Files (x86)\XTab
2015-04-28 19:07 - 2015-04-29 20:50 - 00017725 _____ () C:\Users\Vivien Förster\Documents\quelle gg london.odt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-25 17:30 - 2009-07-14 06:45 - 00017376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-25 17:30 - 2009-07-14 06:45 - 00017376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-25 17:28 - 2014-09-16 17:49 - 00003474 _____ () C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-6.job
2015-05-25 17:28 - 2009-12-25 11:32 - 00003986 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0D1B1EDE-B618-4E07-A365-64A854AC9435}
2015-05-25 17:24 - 2015-03-09 19:03 - 00003368 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-664774285-3076153036-1514180132-1000
2015-05-25 17:24 - 2014-09-08 16:32 - 00003252 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-664774285-3076153036-1514180132-1000
2015-05-25 17:23 - 2015-04-19 16:54 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-05-25 17:23 - 2015-04-19 16:50 - 00001302 _____ () C:\Windows\Tasks\fun4u_notification_service.job
2015-05-25 17:23 - 2015-04-19 16:50 - 00000664 _____ () C:\Windows\Tasks\fun4u_updating_service.job
2015-05-25 17:23 - 2014-09-16 17:50 - 00002776 _____ () C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-1.job
2015-05-25 17:23 - 2014-09-16 17:50 - 00002450 _____ () C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-5.job
2015-05-25 17:23 - 2014-09-16 17:50 - 00002114 _____ () C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-2.job
2015-05-25 17:23 - 2014-09-16 17:50 - 00001406 _____ () C:\Windows\Tasks\c8db5b52-1d3c-47ad-83a8-1fa7c93c4d74.job
2015-05-25 17:23 - 2014-09-16 17:49 - 00004500 _____ () C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-11.job
2015-05-25 17:23 - 2014-09-16 17:49 - 00003818 _____ () C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-4.job
2015-05-25 17:23 - 2014-09-16 17:49 - 00003818 _____ () C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-3.job
2015-05-25 17:23 - 2014-09-16 17:49 - 00003474 _____ () C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-7.job
2015-05-25 17:23 - 2014-09-16 17:49 - 00000928 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-05-25 17:23 - 2010-05-14 15:20 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-05-25 17:23 - 2010-05-01 09:05 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-25 17:23 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-25 17:23 - 2009-07-14 06:51 - 00181938 _____ () C:\Windows\setupact.log
2015-05-25 17:23 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2015-05-22 16:01 - 2009-09-26 16:02 - 01256432 _____ () C:\Windows\WindowsUpdate.log
2015-05-22 15:46 - 2010-05-01 09:05 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-22 15:41 - 2010-05-01 09:05 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-22 15:41 - 2010-05-01 09:05 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-20 17:54 - 2014-09-16 17:49 - 00000932 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-05-20 17:50 - 2015-02-20 12:41 - 00003862 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1424428891
2015-05-20 17:50 - 2014-10-08 18:09 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-05-18 19:20 - 2015-02-20 12:20 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-18 17:28 - 2013-11-18 18:36 - 00000000 ____D () C:\Users\Vivien Förster\Documents\Feuerwehr  [Ausbildung]
2015-05-17 17:28 - 2015-03-07 14:49 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-11 19:11 - 2014-11-20 17:27 - 00000000 ____D () C:\Users\Vivien Förster\Documents\JFW
2015-05-11 19:09 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-05-11 19:07 - 2014-12-17 16:42 - 00000000 ____D () C:\Users\Vivien Förster\Documents\Jugendfeuerwehr
2015-05-01 17:52 - 2010-06-27 17:52 - 00020480 _____ () C:\Users\Vivien Förster\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-01 17:29 - 2013-07-28 17:15 - 00000000 ____D () C:\Users\Vivien Förster\Downloads\Autoversicherung
2015-05-01 17:28 - 2014-02-25 18:36 - 00000000 ____D () C:\Users\Vivien Förster\Documents\GN 13 B
2015-04-30 18:22 - 2015-04-11 16:42 - 46767872 _____ () C:\Users\Vivien Förster\Documents\Kriegsdenkmäler erzählen.odp
2015-04-29 16:29 - 2015-02-20 12:41 - 00001339 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2015-04-29 16:29 - 2015-02-20 12:12 - 00001655 _____ () C:\Users\Vivien Förster\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-29 16:29 - 2015-02-20 12:12 - 00001633 _____ () C:\Users\Vivien Förster\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2015-04-29 16:29 - 2014-09-16 17:49 - 00000000 ____D () C:\ProgramData\IePluginServices
2015-04-28 15:59 - 2015-04-19 17:30 - 00000000 ____D () C:\Users\Vivien Förster\Downloads\Literatur
2015-04-27 17:20 - 2015-02-20 12:20 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-27 17:20 - 2015-02-20 12:20 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-27 17:20 - 2015-02-20 12:20 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-27 17:08 - 2010-05-11 16:52 - 00000000 ____D () C:\Users\Vivien Förster\AppData\Roaming\Real
2015-04-27 16:29 - 2012-08-08 19:16 - 66085672 _____ (DVDVideoSoft Ltd. ) C:\Users\Vivien

==================== Files in the root of some directories =======

2009-08-22 08:07 - 2008-06-11 17:12 - 0776614 _____ () C:\Program Files (x86)\Common Files\packardbell.ico
2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\Vivien Förster\AppData\Roaming\BgX88AZdj0WaZJQg6qiCpWGLZ
2015-04-03 15:49 - 2015-04-03 15:49 - 1224704 _____ () C:\Users\Vivien Förster\AppData\Roaming\BgX88AZdj0WaZJQg6qiCpWGLZ.exe
2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\Vivien Förster\AppData\Roaming\CGLTJAG
2014-09-16 17:49 - 2014-09-16 17:49 - 1524128 _____ (browser) C:\Users\Vivien Förster\AppData\Roaming\CGLTJAG.exe
2014-05-26 14:49 - 2014-05-26 14:49 - 0000065 _____ () C:\Users\Vivien Förster\AppData\Roaming\gnuplot_history
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\Vivien Förster\AppData\Roaming\NQOVIKVG
2014-09-16 17:49 - 2014-09-16 17:49 - 1972640 _____ (browser) C:\Users\Vivien Förster\AppData\Roaming\NQOVIKVG.exe
2009-12-31 21:47 - 2009-12-31 21:47 - 0033134 _____ () C:\Users\Vivien Förster\AppData\Roaming\UserTile.png
2009-12-28 17:03 - 2015-02-19 13:36 - 0004234 _____ () C:\Users\Vivien Förster\AppData\Roaming\wklnhst.dat
2010-06-27 17:52 - 2015-05-01 17:52 - 0020480 _____ () C:\Users\Vivien Förster\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-06-24 19:22 - 2012-12-20 14:53 - 0007648 _____ () C:\Users\Vivien Förster\AppData\Local\Resmon.ResmonCfg
2009-08-22 08:08 - 2009-07-18 03:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe

Some files in TEMP:
====================
C:\Users\Vivien Förster\AppData\Local\Temp\AskSLib.dll
C:\Users\Vivien Förster\AppData\Local\Temp\BackupSetup.exe
C:\Users\Vivien Förster\AppData\Local\Temp\bitool.dll
C:\Users\Vivien Förster\AppData\Local\Temp\bootstrapper.exe
C:\Users\Vivien Förster\AppData\Local\Temp\chatzum_softonic_yahoo_62_v5.exe
C:\Users\Vivien Förster\AppData\Local\Temp\dotNetFx40_Client_setup.exe
C:\Users\Vivien Förster\AppData\Local\Temp\ffunzip.exe
C:\Users\Vivien Förster\AppData\Local\Temp\FileFormatConverters.exe
C:\Users\Vivien Förster\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Vivien Förster\AppData\Local\Temp\FreeStudio.exe
C:\Users\Vivien Förster\AppData\Local\Temp\ICReinstall_FreeYouTubeToMP3Converter.exe
C:\Users\Vivien Förster\AppData\Local\Temp\iMesh_setup.exe
C:\Users\Vivien Förster\AppData\Local\Temp\Installhelper.dll
C:\Users\Vivien Förster\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Vivien Förster\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Vivien Förster\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Vivien Förster\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Vivien Förster\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Vivien Förster\AppData\Local\Temp\jre-8u40-windows-au.exe
C:\Users\Vivien Förster\AppData\Local\Temp\post1.exe
C:\Users\Vivien Förster\AppData\Local\Temp\post2.dll
C:\Users\Vivien Förster\AppData\Local\Temp\post2.exe
C:\Users\Vivien Förster\AppData\Local\Temp\SetupDataMngr_iMesh.exe
C:\Users\Vivien Förster\AppData\Local\Temp\SHSetup.exe
C:\Users\Vivien Förster\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\Vivien Förster\AppData\Local\Temp\stubhelper.dll
C:\Users\Vivien Förster\AppData\Local\Temp\tbDVDV.dll
C:\Users\Vivien Förster\AppData\Local\Temp\TOBITCLT.DLL
C:\Users\Vivien Förster\AppData\Local\Temp\TsuE5B78F95.dll
C:\Users\Vivien Förster\AppData\Local\Temp\uninst.exe
C:\Users\Vivien Förster\AppData\Local\Temp\uninst1.exe
C:\Users\Vivien Förster\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Vivien Förster\AppData\Local\Temp\{00748123-85B0-4138-88F6-6A30FBFAD5A6}-GoogleUpdateSetup.exe
C:\Users\Vivien Förster\AppData\Local\Temp\{33BA9D65-8150-4FFF-A219-6204BBE0BAB1}-GoogleEarth-Win-Bundle-6.1.0.5001.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-14 18:15

==================== End of log ============================

schrauber 26.05.2015 07:32
Bitte noch Combofix aus obiger Anleitung :)

Firegirl 27.05.2015 15:51
bei der ausführung kommt immer "versuche einen neuen systemwiederherstellungspunkt zu erstellen"
was soll ich tun?

schrauber 28.05.2015 09:11
Bleibt er dort hängen? Ist dein AV Programm abgeschaltet?

Firegirl 29.05.2015 16:38
AV ist abgeschaltet.. hängt dort jedesmal

schrauber 30.05.2015 13:19
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

Firegirl 01.06.2015 16:09
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29-05-2015
Ran by Vivien Förster (administrator) on VIVIENFÖRSTER on 01-06-2015 17:06:06
Running from C:\Users\Vivien Förster\Downloads
Loaded Profiles: Vivien Förster &  (Available Profiles: Vivien Förster)
Platform: Windows 7 Home Premium (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Acer) C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe
(Chicony) C:\Program Files (x86)\Video Web Camera\traybar.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Chicony) C:\Program Files (x86)\Video Web Camera\CEC_MAIN.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
() C:\Program Files (x86)\Opera\29.0.1795.60\opera_crashreporter.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-05] (Intel Corporation)
HKLM\...\Run: [NvCplDaemon] => RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [503864 2009-07-21] (Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1808168 2009-06-19] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [828960 2009-08-05] (Acer Incorporated)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Symantec\Norton Online Backup\Activation\NobuActivation.exe [588648 2009-07-25] (Symantec Corporation)
HKLM-x32\...\Run: [BackupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\BackupManagerTray.exe [262912 2009-08-21] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Camera Assistant Software] => C:\Program Files (x86)\Video Web Camera\traybar.exe [630784 2008-12-10] (Chicony)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [1194504 2009-08-27] (Dritek System Inc.)
HKLM-x32\...\Run: [DXM6Patch_981116] => C:\Windows\p_981116.exe [497376 1998-11-30] (Microsoft Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [348664 2012-07-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe [295512 2015-02-20] (RealNetworks, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\Run: [Global Registration] => C:\Program Files (x86)\Packard Bell\Registration\GREG.exe [2844704 2009-07-31] (Acer Incorporated)
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: E - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: F - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {43251c25-5c40-11df-bb9f-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {43251c29-5c40-11df-bb9f-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {4ce31a24-53a1-11df-b11b-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {4ce31ac2-53a1-11df-b11b-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {4ce31ac4-53a1-11df-b11b-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {527cbcd6-7888-11df-ae27-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {6ca1a154-d8df-11e1-bba2-d10e42d81abb} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\Start.hta
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {9fb638dd-381b-11df-86ee-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {9fb638e4-381b-11df-86ee-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {9ffd5b3d-6799-11e1-bd23-acd1b65a66b9} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\DVR/AutoRun.exe start.exe
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {b920d96d-5504-11df-b689-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\...\MountPoints2: {cfee75c0-788f-11df-b779-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Global Registration] => C:\Program Files (x86)\Packard Bell\Registration\GREG.exe [2844704 2009-07-31] (Acer Incorporated)
HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: E - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: F - F:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {43251c25-5c40-11df-bb9f-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {43251c29-5c40-11df-bb9f-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {4ce31a24-53a1-11df-b11b-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {4ce31ac2-53a1-11df-b11b-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {4ce31ac4-53a1-11df-b11b-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {527cbcd6-7888-11df-ae27-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {6ca1a154-d8df-11e1-bba2-d10e42d81abb} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\Start.hta
HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {9fb638dd-381b-11df-86ee-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {9fb638e4-381b-11df-86ee-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {9ffd5b3d-6799-11e1-bd23-acd1b65a66b9} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL E:\DVR/AutoRun.exe start.exe
HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {b920d96d-5504-11df-b689-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\MountPoints2: {cfee75c0-788f-11df-b779-00262d50379d} - E:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Bubbles.scr [899584 2009-07-14] (Microsoft Corporation)
Startup: C:\Users\Vivien Förster\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Desktopnotes.lnk [2015-03-09]
ShortcutTarget: Desktopnotes.lnk -> C:\Users\Vivien Förster\Downloads\desknote\desktopnotes.exe (No File)
Startup: C:\Users\Vivien Förster\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.2.lnk [2010-07-13]
ShortcutTarget: OpenOffice.org 3.2.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\Software\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = hxxp://search.babylon.com/?affID=110809&tt=130812_bandext_3312_8&babsrc=HP_ss&mntrId=1cb69d4700000000000000262d50379d
HKU\S-1-5-21-664774285-3076153036-1514180132-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}
HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA
HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA
HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}
HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,BrowserMngr Start Page = hxxp://search.babylon.com/?affID=110809&tt=130812_bandext_3312_8&babsrc=HP_ss&mntrId=1cb69d4700000000000000262d50379d
HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}
URLSearchHook: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 - (No Name) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - No File
URLSearchHook: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 - (No Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No File
URLSearchHook: HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - (No Name) - {0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff} - No File
URLSearchHook: HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 - (No Name) - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - No File
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_dsites_14_41_ie&cd=2XzuyEtN2Y1L1QzuyBtDtC0AtDyEtDyByD0CtAtDzy0DyEyBtN0D0Tzu0StCtDtCtBtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCtAzyzyzy0F0D0CtG0FyC0AtBtGtAyD0F0BtG0A0F0CtCtGyCyC0B0DtC0D0AtCtCyE0C0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0EyD0D0CyEyE0FtGzz0FyB0CtGyE0Dzy0EtGzyzyzy0AtG0BzzyDyEtC0FyE0EtCyE0C0C2Q&cr=203866892&ir=
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_dsites_14_41_ie&cd=2XzuyEtN2Y1L1QzuyBtDtC0AtDyEtDyByD0CtAtDzy0DyEyBtN0D0Tzu0StCtDtCtBtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCtAzyzyzy0F0D0CtG0FyC0AtBtGtAyD0F0BtG0A0F0CtCtGyCyC0B0DtC0D0AtCtCyE0C0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0EyD0D0CyEyE0FtGzz0FyB0CtGyE0Dzy0EtGzyzyzy0AtG0BzzyDyEtC0FyE0EtCyE0C0C2Q&cr=203866892&ir=
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=1&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACPW
SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=1&sr=0&q={searchTerms}
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=812862174&q={searchTerms}
SearchScopes: HKU\.DEFAULT -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL =
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {1} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> BrowserMngrDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {1} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
SearchScopes: HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}
BHO: Browser+ Apps+ -> {11111111-1111-1111-1111-110611441149} -> C:\Program Files (x86)\Browser+ Apps+\Browser+ Apps+-bho64.dll No File
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04] (Oracle Corporation)
BHO-x32: Browser+ Apps+ -> {11111111-1111-1111-1111-110611441149} -> C:\Program Files (x86)\Browser+ Apps+\Browser+ Apps+-bho.dll No File
BHO-x32: No Name -> {2EECD738-5844-4a99-B4B6-146BF802613B} ->  No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll [2014-08-12] (RealDownloader)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\XTab\SupTab.dll No File
BHO-x32: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll [2009-08-16] (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\IPSBHO.DLL [2009-08-16] (Symantec Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\ssv.dll [2015-03-04] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\jp2ssv.dll [2015-03-04] (Oracle Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll [2009-08-16] (Symantec Corporation)
Toolbar: HKLM-x32 - No Name - {98889811-442D-49dd-99D7-DC866BE87DBC} -  No File
Toolbar: HKU\S-1-5-21-664774285-3076153036-1514180132-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
DPF: HKLM-x32 {B07F54E6-0806-47DB-B5D8-398F240776F2} file:///D:/viewer/ORDcmViewCD.ocx
Handler-x32: symres - {AA1061FE-6C41-421f-9344-69640C9732AB} - C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\coIEPlg.dll [2009-08-16] (Symantec Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-02-23] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-02-23] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-02-23] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-02-23] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default
FF NewTab: hxxp://www.delta-homes.com/newtab/?type=nt&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA
FF DefaultSearchEngine: delta-homes
FF SelectedSearchEngine: delta-homes
FF Homepage: hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-27] ()
FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\Windows\system32\npDeployJava1.dll [2012-10-22] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-04] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-27] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\dtplugin\npDeployJava1.dll [2015-03-04] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.40.2 -> C:\Program Files (x86)\Java\jre1.8.0_40\bin\plugin2\npjp2.dll [2015-03-04] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8064.0206 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-02-06] (Microsoft Corporation)
FF Plugin-x32: @real.com/nppl3260;version=16.0.4.19 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll [2015-02-20] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.4 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll [2014-08-12] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.4.19 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll [2015-02-20] (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll [2014-08-12] (RealDownloader)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2014-09-16] (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 -> C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll [2014-09-16] (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-22] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-22] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\user.js [2015-05-31]
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll [2015-02-20] (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll [2015-02-20] (RealPlayer)
FF SearchPlugin: C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\searchplugins\delta.xml [2013-06-04]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\delta-homes.xml [2015-04-29]
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\istartsurf.xml [2014-09-16]
FF Extension: Browser+ Apps - C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\Extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com [2015-02-20]
FF Extension: fun4u - C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\Extensions\o698XPPx@gmail.com [2015-04-19]
FF Extension: xpath_finderxpath_findercom - C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\Extensions\xpath_finder@xpath_finder.com [2015-04-19]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-09-25]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2015-02-20]
FF HKLM-x32\...\Firefox\Extensions: [{1B12EF76-2B5E-4DA1-B587-4762D49BFE03}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKU\.DEFAULT\...\Firefox\Extensions: [{b64982b1-d112-42b5-b1e4-d3867c4533f8}] - C:\ProgramData\Browser Manager\2.2.643.41\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension
FF Extension: No Name - C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com [not found]
StartMenuInternet: FIREFOX.EXE - firefox.exe
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\my-prefs.js [2015-03-25] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\my.cfg [2015-03-25] <==== ATTENTION

Chrome:
=======
CHR HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bhphemoobgnikcoofkgackkaimpfmenm] - C:\Users\Vivien Förster\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx [2012-08-01]
CHR HKU\S-1-5-21-664774285-3076153036-1514180132-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bhphemoobgnikcoofkgackkaimpfmenm] - C:\Users\Vivien Förster\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx [2012-08-01]
CHR HKLM-x32\...\Chrome\Extension: [bhphemoobgnikcoofkgackkaimpfmenm] - C:\Users\Vivien Förster\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx [2012-08-01]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Vivien Förster\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [Not Found]

Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\Vivien Förster\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-02-21]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86224 2012-07-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110032 2012-07-18] (Avira Operations GmbH & Co. KG)
R2 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [844320 2009-08-05] (Acer Incorporated)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2009-09-26] (Macrovision Europe Ltd.) [File not signed]
R2 Greg_Service; C:\Program Files (x86)\Packard Bell\Registration\GregHSRW.exe [1150496 2009-06-04] (Acer Incorporated)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 Norton Internet Security; C:\Program Files (x86)\Norton Internet Security\Engine\16.7.0.30\ccSvcHst.exe [117640 2009-08-16] (Symantec Corporation)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Packard Bell MyBackup\IScheduleSvc.exe [62720 2009-08-21] (NewTech Infosystems, Inc.)
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2014-08-12] ()
R2 Updater Service; C:\Program Files\Packard Bell\Packard Bell Updater\UpdaterService.exe [240160 2009-07-04] (Acer)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /svc [X] <==== ATTENTION
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe /medsvc [X] <==== ATTENTION
S2 IHProtect Service; C:\Program Files (x86)\XTab\ProtectService.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-07-18] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-07-18] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2012-07-18] (Avira GmbH)
R1 BHDrvx64; C:\Windows\system32\drivers\NISx64\1007000.01E\BHDrvx64.sys [334384 2009-08-16] (Symantec Corporation)
R1 ccHP; C:\Windows\system32\drivers\NISx64\1007000.01E\ccHPx64.sys [583296 2009-08-16] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [475696 2009-08-07] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\IPSDefs\20090712.001\IDSVia64.sys [397360 2009-08-16] (Symantec Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-01] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
S3 SRTSP; C:\Windows\system32\drivers\NISx64\1007000.01E\SRTSP64.SYS [476720 2009-08-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1007000.01E\SRTSPX64.SYS [32304 2009-08-16] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1007000.01E\SYMEFA64.SYS [402992 2009-08-16] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [172592 2009-12-24] (Symantec Corporation)
R3 SYMFW; C:\Windows\system32\drivers\NISx64\1007000.01E\SYMFW.SYS [120880 2009-08-16] (Symantec Corporation)
R1 SymIM; C:\Windows\System32\DRIVERS\SymIMv.sys [31280 2009-08-16] (Symantec Corporation)
R3 SYMNDISV; C:\Windows\system32\drivers\NISx64\1007000.01E\SYMNDISV.SYS [56880 2009-08-16] (Symantec Corporation)
R1 SYMTDI; C:\Windows\system32\drivers\NISx64\1007000.01E\SYMTDI.SYS [278576 2009-08-16] (Symantec Corporation)
S3 NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090807.007\ENG64.SYS [X]
S3 NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\Definitions\VirusDefs\20090807.007\EX64.SYS [X]
S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]
S3 RtsUIR; system32\DRIVERS\Rts516xIR.sys [X]
S3 USBCCID; system32\DRIVERS\RtsUCcid.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-01 17:06 - 2015-06-01 17:07 - 00042560 _____ () C:\Users\Vivien Förster\Downloads\FRST.txt
2015-06-01 17:05 - 2015-06-01 17:05 - 02108928 _____ (Farbar) C:\Users\Vivien Förster\Downloads\FRST64.exe
2015-06-01 16:51 - 2015-06-01 16:51 - 02231296 _____ () C:\Users\Vivien Förster\Downloads\AdwCleaner_4.206.exe
2015-06-01 16:50 - 2015-06-01 16:50 - 01147392 _____ (Farbar) C:\Users\Vivien Förster\Downloads\FRST.exe
2015-06-01 13:14 - 2015-06-01 13:14 - 00000000 ____D () C:\Users\Vivien Förster\Downloads\Phy
2015-06-01 13:08 - 2015-06-01 13:08 - 00000000 ____D () C:\Users\Vivien Förster\AppData\Local\gegl-0.2
2015-06-01 13:08 - 2015-06-01 13:08 - 00000000 ____D () C:\Users\Vivien Förster\.gimp-2.8
2015-06-01 13:06 - 2015-06-01 13:07 - 00000000 ____D () C:\Users\Vivien Förster\Downloads\eRe
2015-05-31 19:19 - 2015-06-01 16:48 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-31 19:18 - 2015-05-31 19:18 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-31 19:18 - 2015-05-31 19:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-31 19:18 - 2015-05-31 19:18 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-05-31 19:18 - 2015-05-31 19:18 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-31 19:18 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-31 19:18 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-31 19:18 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-28 08:29 - 2015-05-28 08:29 - 00139656 _____ () C:\Users\Vivien Förster\Documents\Mun Sekte handout.odt
2015-05-27 18:51 - 2015-05-27 18:51 - 00967711 _____ () C:\Users\Vivien Förster\Documents\MRT.odp
2015-05-27 17:16 - 2015-05-27 17:16 - 00021687 _____ () C:\Users\Vivien Förster\Documents\mrt.odt
2015-05-27 16:49 - 2015-05-27 16:50 - 00000000 ___SD () C:\ComboFix
2015-05-27 16:49 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2015-05-27 16:49 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2015-05-27 16:49 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-05-27 16:49 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-05-27 16:49 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-05-27 16:49 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2015-05-27 16:49 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2015-05-27 16:49 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2015-05-27 16:48 - 2015-05-27 16:48 - 05628291 ____R (Swearware) C:\Users\Vivien Förster\Downloads\ComboFix.exe
2015-05-27 16:48 - 2015-05-27 16:48 - 00000000 ____D () C:\Windows\erdnt
2015-05-27 16:33 - 2015-05-28 07:53 - 05094227 _____ () C:\Users\Vivien Förster\Documents\Mun Sekte.odp
2015-05-25 17:39 - 2015-05-25 17:39 - 00000000 ____D () C:\Qoobox
2015-05-22 15:47 - 2015-06-01 17:06 - 00000000 ____D () C:\FRST
2015-05-17 17:41 - 2015-06-01 13:07 - 00000000 ____D () C:\Users\Vivien Förster\Downloads\Desy
2015-05-11 19:02 - 2015-05-28 07:35 - 00000000 ____D () C:\Users\Vivien Förster\Documents\Bewerbungsunterlagen

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-01 16:50 - 2015-04-19 16:50 - 00001302 _____ () C:\Windows\Tasks\fun4u_notification_service.job
2015-06-01 16:50 - 2015-04-19 16:50 - 00000664 _____ () C:\Windows\Tasks\fun4u_updating_service.job
2015-06-01 16:49 - 2014-09-16 17:49 - 00003474 _____ () C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-6.job
2015-06-01 16:47 - 2009-07-14 06:45 - 00017376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-01 16:47 - 2009-07-14 06:45 - 00017376 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-01 16:46 - 2010-05-01 09:05 - 00001110 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-01 16:42 - 2009-09-26 16:02 - 01286610 _____ () C:\Windows\WindowsUpdate.log
2015-06-01 16:41 - 2015-02-20 12:41 - 00001123 _____ () C:\Users\Vivien Förster\Desktop\Opera.lnk
2015-06-01 16:39 - 2014-09-16 17:50 - 00002776 _____ () C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-1.job
2015-06-01 16:39 - 2014-09-16 17:50 - 00002450 _____ () C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-5.job
2015-06-01 16:39 - 2014-09-16 17:50 - 00002114 _____ () C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-2.job
2015-06-01 16:39 - 2014-09-16 17:50 - 00001406 _____ () C:\Windows\Tasks\c8db5b52-1d3c-47ad-83a8-1fa7c93c4d74.job
2015-06-01 16:39 - 2014-09-16 17:49 - 00004500 _____ () C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-11.job
2015-06-01 16:39 - 2014-09-16 17:49 - 00003818 _____ () C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-4.job
2015-06-01 16:39 - 2014-09-16 17:49 - 00003818 _____ () C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-3.job
2015-06-01 16:39 - 2014-09-16 17:49 - 00003474 _____ () C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-7.job
2015-06-01 16:39 - 2014-09-16 17:49 - 00000928 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-06-01 16:39 - 2014-09-11 17:57 - 00003390 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-664774285-3076153036-1514180132-1000
2015-06-01 16:39 - 2014-09-11 17:57 - 00003274 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-664774285-3076153036-1514180132-1000
2015-06-01 16:39 - 2010-05-14 15:20 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2015-06-01 16:39 - 2010-05-01 09:05 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-01 16:39 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-06-01 16:39 - 2009-07-14 06:51 - 00182442 _____ () C:\Windows\setupact.log
2015-06-01 16:39 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\tracing
2015-06-01 14:20 - 2015-02-20 12:20 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-01 13:08 - 2009-12-24 19:59 - 00000000 ____D () C:\Users\Vivien Förster
2015-06-01 11:56 - 2014-09-16 17:49 - 00000932 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-06-01 11:05 - 2009-08-22 08:21 - 00427004 _____ () C:\Windows\PFRO.log
2015-05-31 19:57 - 2014-11-03 18:41 - 00000000 ____D () C:\Users\Vivien F”rster
2015-05-31 19:05 - 2009-12-25 11:32 - 00003986 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{0D1B1EDE-B618-4E07-A365-64A854AC9435}
2015-05-31 18:58 - 2015-04-19 16:54 - 00000004 _____ () C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
2015-05-27 19:36 - 2015-03-09 19:03 - 00003368 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-664774285-3076153036-1514180132-1000
2015-05-27 19:36 - 2014-09-08 16:32 - 00003252 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-664774285-3076153036-1514180132-1000
2015-05-27 16:24 - 2010-06-27 17:52 - 00020480 _____ () C:\Users\Vivien Förster\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-25 18:29 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2015-05-25 17:45 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2015-05-22 15:41 - 2010-05-01 09:05 - 00004106 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-22 15:41 - 2010-05-01 09:05 - 00003854 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-20 17:50 - 2015-02-20 12:41 - 00003862 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1424428891
2015-05-20 17:50 - 2014-10-08 18:09 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-05-18 17:28 - 2013-11-18 18:36 - 00000000 ____D () C:\Users\Vivien Förster\Documents\Feuerwehr  [Ausbildung]
2015-05-17 17:28 - 2015-03-07 14:49 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-11 19:11 - 2014-11-20 17:27 - 00000000 ____D () C:\Users\Vivien Förster\Documents\JFW
2015-05-11 19:07 - 2014-12-17 16:42 - 00000000 ____D () C:\Users\Vivien Förster\Documents\Jugendfeuerwehr

==================== Files in the root of some directories =======

2009-08-22 08:07 - 2008-06-11 17:12 - 0776614 _____ () C:\Program Files (x86)\Common Files\packardbell.ico
2015-03-31 10:14 - 2015-03-31 10:14 - 0004387 _____ () C:\Users\Vivien Förster\AppData\Roaming\BgX88AZdj0WaZJQg6qiCpWGLZ
2015-04-03 15:49 - 2015-04-03 15:49 - 1224704 _____ () C:\Users\Vivien Förster\AppData\Roaming\BgX88AZdj0WaZJQg6qiCpWGLZ.exe
2014-09-01 10:18 - 2014-09-01 10:18 - 0002086 _____ () C:\Users\Vivien Förster\AppData\Roaming\CGLTJAG
2014-09-16 17:49 - 2014-09-16 17:49 - 1524128 _____ (browser) C:\Users\Vivien Förster\AppData\Roaming\CGLTJAG.exe
2014-05-26 14:49 - 2014-05-26 14:49 - 0000065 _____ () C:\Users\Vivien Förster\AppData\Roaming\gnuplot_history
2014-09-01 10:18 - 2014-09-01 10:18 - 0001248 _____ () C:\Users\Vivien Förster\AppData\Roaming\NQOVIKVG
2014-09-16 17:49 - 2014-09-16 17:49 - 1972640 _____ (browser) C:\Users\Vivien Förster\AppData\Roaming\NQOVIKVG.exe
2009-12-31 21:47 - 2009-12-31 21:47 - 0033134 _____ () C:\Users\Vivien Förster\AppData\Roaming\UserTile.png
2009-12-28 17:03 - 2015-02-19 13:36 - 0004234 _____ () C:\Users\Vivien Förster\AppData\Roaming\wklnhst.dat
2010-06-27 17:52 - 2015-05-27 16:24 - 0020480 _____ () C:\Users\Vivien Förster\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2012-06-24 19:22 - 2012-12-20 14:53 - 0007648 _____ () C:\Users\Vivien Förster\AppData\Local\Resmon.ResmonCfg
2009-08-22 08:08 - 2009-07-18 03:57 - 0036136 _____ (Oberon Media) C:\ProgramData\FullRemove.exe

Some files in TEMP:
====================
C:\Users\Vivien Förster\AppData\Local\Temp\AskSLib.dll
C:\Users\Vivien Förster\AppData\Local\Temp\BackupSetup.exe
C:\Users\Vivien Förster\AppData\Local\Temp\bitool.dll
C:\Users\Vivien Förster\AppData\Local\Temp\bootstrapper.exe
C:\Users\Vivien Förster\AppData\Local\Temp\chatzum_softonic_yahoo_62_v5.exe
C:\Users\Vivien Förster\AppData\Local\Temp\dotNetFx40_Client_setup.exe
C:\Users\Vivien Förster\AppData\Local\Temp\ffunzip.exe
C:\Users\Vivien Förster\AppData\Local\Temp\FileFormatConverters.exe
C:\Users\Vivien Förster\AppData\Local\Temp\FlashPlayerUpdate.exe
C:\Users\Vivien Förster\AppData\Local\Temp\FreeStudio.exe
C:\Users\Vivien Förster\AppData\Local\Temp\ICReinstall_FreeYouTubeToMP3Converter.exe
C:\Users\Vivien Förster\AppData\Local\Temp\iMesh_setup.exe
C:\Users\Vivien Förster\AppData\Local\Temp\Installhelper.dll
C:\Users\Vivien Förster\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Vivien Förster\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Vivien Förster\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Vivien Förster\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Vivien Förster\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Vivien Förster\AppData\Local\Temp\jre-8u40-windows-au.exe
C:\Users\Vivien Förster\AppData\Local\Temp\post1.exe
C:\Users\Vivien Förster\AppData\Local\Temp\post2.dll
C:\Users\Vivien Förster\AppData\Local\Temp\post2.exe
C:\Users\Vivien Förster\AppData\Local\Temp\SetupDataMngr_iMesh.exe
C:\Users\Vivien Förster\AppData\Local\Temp\SHSetup.exe
C:\Users\Vivien Förster\AppData\Local\Temp\SRAssetsHelper.dll
C:\Users\Vivien Förster\AppData\Local\Temp\stubhelper.dll
C:\Users\Vivien Förster\AppData\Local\Temp\tbDVDV.dll
C:\Users\Vivien Förster\AppData\Local\Temp\TOBITCLT.DLL
C:\Users\Vivien Förster\AppData\Local\Temp\TsuE5B78F95.dll
C:\Users\Vivien Förster\AppData\Local\Temp\uninst.exe
C:\Users\Vivien Förster\AppData\Local\Temp\uninst1.exe
C:\Users\Vivien Förster\AppData\Local\Temp\vcredist_x64.exe
C:\Users\Vivien Förster\AppData\Local\Temp\{00748123-85B0-4138-88F6-6A30FBFAD5A6}-GoogleUpdateSetup.exe
C:\Users\Vivien Förster\AppData\Local\Temp\{33BA9D65-8150-4FFF-A219-6204BBE0BAB1}-GoogleEarth-Win-Bundle-6.1.0.5001.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-01-14 18:15

==================== End of log ============================

Firegirl 01.06.2015 16:27
mbam teil 1

Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlauf Datum: 01.06.2015
Suchlauf-Zeit: 16:48:38
Logdatei: mbam.txt
Administrator: Ja

Version: 2.01.6.1022
Malware Datenbank: v2015.06.01.03
Rootkit Datenbank: v2015.05.31.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7
CPU: x64
Dateisystem: NTFS
Benutzer: Vivien Förster

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 374033
Verstrichene Zeit: 29 Min, 30 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 355
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, , [6a1dcaeb9ceebf77fb1e594238cbbb45],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, , [6a1dcaeb9ceebf77fb1e594238cbbb45],
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, , [6a1dcaeb9ceebf77fb1e594238cbbb45],
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, , [45428c291a703bfb982e2f3721e2e51b],
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, , [45428c291a703bfb982e2f3721e2e51b],
PUP.Optional.DynConIE.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}, , [45428c291a703bfb982e2f3721e2e51b],
PUP.Optional.Mediabar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{28387537-e3f9-4ed7-860c-11e69af4a8a0}, , [93f41a9b177369cdd03f333051b2a759],
PUP.Optional.Mediabar.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}, , [93f41a9b177369cdd03f333051b2a759],
PUP.Optional.Mediabar.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}, , [93f41a9b177369cdd03f333051b2a759],
PUP.Optional.Mediabar.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}, , [93f41a9b177369cdd03f333051b2a759],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [1671b8fd6d1d2e08221c94d27b88df21],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, , [1671b8fd6d1d2e08221c94d27b88df21],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, , [1671b8fd6d1d2e08221c94d27b88df21],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, , [1671b8fd6d1d2e08221c94d27b88df21],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{917CAAE9-DD47-4025-936E-1414F07DF5B8}, , [1671b8fd6d1d2e08221c94d27b88df21],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, , [1671b8fd6d1d2e08221c94d27b88df21],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}, , [1671b8fd6d1d2e08221c94d27b88df21],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [1671b8fd6d1d2e08221c94d27b88df21],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [1671b8fd6d1d2e08221c94d27b88df21],
PUP.Optional.SupTab.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [1671b8fd6d1d2e08221c94d27b88df21],
PUP.Optional.SupTab.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [1671b8fd6d1d2e08221c94d27b88df21],
PUP.Optional.Babylon.A, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, , [f691862f62287eb8febe6df44ab916ea],
PUP.Optional.Babylon.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}, , [f691862f62287eb8febe6df44ab916ea],
PUP.Optional.DataMangr.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}, , [d6b1367fdab08fa77d6363fe2fd404fc],
PUP.Optional.DataMangr.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{BE7A24F5-69CB-4708-B77B-B1EDA6043B95}, , [d6b1367fdab08fa77d6363fe2fd404fc],
PUP.Optional.DVDVideoSoftTB.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}, , [1f6806afb8d258de3cfb74ec8e75857b],
PUP.Optional.DVDVideoSoftTB.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}, , [bccbfcb9820859dd64972837689bf709],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68B81CCD-A80C-4060-8947-5AE69ED01199}, , [bacd03b23b4f37ff49167c1f07fcd22e],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E6B969FB-6D33-48d2-9061-8BBD4899EB08}, , [5037d3e27515b87e352b0d8e748fd32d],
PUP.Optional.BrowserApps.A, HKLM\SOFTWARE\Browser+ Apps+-nv, , [2d5a5b5a2e5cdd590ee903f7679ce917],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\DataMngr, , [1e69c6ef305ab87e190330e916ee728e],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickCtrl.10, , [dea9feb7ef9b12244e066a0de81dc33d],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickProcessLauncherMachine, , [bbcc872e43478ea8c68e9cdbd3324cb4],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdate.OneClickProcessLauncherMachine.1.0, , [ceb96b4ae2a8a5911c388ee9a56010f0],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoCreateAsync, , [5f288530e6a437ff2a2b07709570956b],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoCreateAsync.1.0, , [4a3dded7078390a6c78e3e3958ad1ce4],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreClass, , [adda8035a5e52b0b79dce493ab5a49b7],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreClass.1, , [2e593c794f3bd264bb9adf98a85d24dc],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreMachineClass, , [a9def9bc36549d99e66f9bdc8e7738c8],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CoreMachineClass.1, , [394e6f468505999d9bba82f5e124629e],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CredentialDialogMachine, , [adda8d28dab03cfaa3b2492e44c126da],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.CredentialDialogMachine.1.0, , [c8bfaa0b94f6072fa6af97e0f90c956b],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine, , [20679b1a602afe38183dbbbc22e32ed2],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine.1.0, , [6e19edc894f6c2741f36275061a4c739],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback, , [097ec7ee2a6095a11243096e16ef9b65],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0, , [186fecc9becca49214418dea31d4cb35],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc, , [790eb6ffa0ea5bdb183dbdbae91c9868],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc.1.0, , [a2e56e47107a57dfdf762d4a7a8bc53b],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.ProcessLauncher, , [2f58367f93f7b28458fd8dea6c99a759],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.ProcessLauncher.1.0, , [88ff0ea76129a2942332f87f0104bc44],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3COMClassService, , [dbac3c79beccb97dc78ebabdc73e0af6],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3COMClassService.1.0, , [4f3812a35e2c1f174b0aa7d0df269b65],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachine, , [2562f8bd4a409b9b282d176008fd58a8],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachine.1.0, , [5a2d298c97f31b1b12439cdb55b0847c],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback, , [2b5c278e06844de9223385f25baa0af6],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback.1.0, , [5b2c12a32862c373ba9b1d5a867fb44c],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebSvc, , [5b2c13a22b5ff343e471275027de4bb5],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\CLASSES\globalUpdateUpdate.Update3WebSvc.1.0, , [73143a7bdcae5cdadc79d89fa65fcd33],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\CLASSES\Toolbar.CT2269050, , [fe89b5001b6f1c1a79d56c13ce3751af],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\CLASSES\Toolbar.CT2625848, , [ef98f9bc2763a6909db1e897d72e0af6],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21636, , [3057bff66f1b1323248336f0a95bad53],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{69F756CD-31D0-4CC0-B402-F0154CE4CF5C}, , [f39405b0008a2610cb94a4d8a95c0af6],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CD0C2BD6-4382-4E92-8C45-A2D572D1BD27}, , [17709520e6a474c2540994e895702bd5],
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}, , [0b7cd8dda0ea56e00042086d61a4817f],
PUP.Optional.Astromenda.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [2e59dfd63555a2944ce85322669fd12f],
PUP.Optional.Babylon.A, HKLM\SOFTWARE\WOW6432NODE\babylontoolbar, , [4740981d3d4d57dfadf738112fd6966a],
PUP.Optional.BrowserApps.A, HKLM\SOFTWARE\WOW6432NODE\Browser+ Apps+, , [bec9882d2664df572ccb6d8d9d668977],
PUP.Optional.BrowserApps.A, HKLM\SOFTWARE\WOW6432NODE\Browser+ Apps+-nv, , [a4e37342b1d9cb6bb245db1f24df58a8],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\DataMngr, , [d9ae6352d3b71e1863b964b5e4201ae6],
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\delta-homesSoftware, , [ddaa3f76fa90ff37e7296ba229dbc739],
PUP.Optional.IHProtect.A, HKLM\SOFTWARE\WOW6432NODE\IHProtect, , [2f58cbea602aba7c038b07ed5ea5c43c],
PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, , [00879e17f79306307bcb84af0103f50b],
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\istartsurfSoftware, , [7c0bd8dd157503334da77792768e54ac],
PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, , [2d5a02b3bcce88aeb56ea2c53acb6b95],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\supWPM, , [ea9d239298f2072ff37716f2bc4803fd],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickCtrl.10, , [dfa8e0d57a10ac8a1a3a88ef09fc4eb2],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickProcessLauncherMachine, , [4a3d03b28109ef4790c47dfae5207888],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.OneClickProcessLauncherMachine.1.0, , [5f2811a4a7e3c27457fd3a3d966fd42c],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoCreateAsync, , [256202b3404ae94d7adbe493a16432ce],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoCreateAsync.1.0, , [17704075ee9c8da982d31b5c51b446ba],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreClass, , [1c6bd8dd7a1068ce5bfa086f4fb69967],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreClass.1, , [95f20fa61872cf670e475b1c966fd729],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreMachineClass, , [06811c996129be784d080d6a3ec710f0],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CoreMachineClass.1, , [0d7a684d8208f145e76e1166fe07ca36],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CredentialDialogMachine, , [3d4ac3f2008a16202b2a88ef1ce9629e],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.CredentialDialogMachine.1.0, , [b5d21f96404ac86ef164b8bf39ccf30d],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine, , [0483f5c0fa90b77f99bcf0874fb66d93],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachine.1.0, , [2c5bb5008dfd81b5c491c3b430d5c739],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback, , [5c2b05b01e6cb284c78ec7b036cf1ee2],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0, , [afd8eec7c8c2c96dc09554230ff6ce32],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc, , [4e3981343d4d0c2a92c3f78061a4a25e],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.OnDemandCOMClassSvc.1.0, , [ec9b55608ffbfe389bbabbbc01043cc4],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.ProcessLauncher, , [7e09c0f5a6e42d09c491fc7b1ce9936d],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.ProcessLauncher.1.0, , [b5d26c49206a3df9cc89db9c897c9a66],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3COMClassService, , [8dfa84313e4cb086d87d383fc63f1be5],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3COMClassService.1.0, , [88ff9421e3a742f415409dda689d768a],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachine, , [e1a6b8fd4248b68084d193e432d3ac54],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachine.1.0, , [3e495c5957331125b89d2b4ceb1a10f0],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback, , [1374b9fc93f784b2ff5604737f86cd33],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebMachineFallback.1.0, , [6e19f2c3e7a3ea4c02538bec06ff33cd],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebSvc, , [b5d26253deac88aefb5af97edb2a45bb],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdateUpdate.Update3WebSvc.1.0, , [33545f56c6c4a98db1a4512632d3738d],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Toolbar.CT2269050, , [b6d13184b5d5a195ca84acd37e87728e],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Toolbar.CT2625848, , [ea9d06af4149cb6b024cdfa00005aa56],
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE\Clients, , [c3c4496c1a70f73f2d34334a1beae719],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE, , [186fd5e05d2d2f0729770807ab5935cb],
PUP.Optional.QuickStart.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pelmeidfhdlhlbjimpabfcbnnojbboma, , [a5e2d5e0ed9de74f072ad453fa0ab749],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\BHPHEMOOBGNIKCOOFKGACKKAIMPFMENM, , [4740447181092e08236c489c44bfb14f],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\INSTALLEDBROWSEREXTENSIONS\21636, , [6e19b203b1d9e155a106e640758ffc04],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{69F756CD-31D0-4CC0-B402-F0154CE4CF5C}, , [7e09c2f35535191d1748abd14fb68e72],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CD0C2BD6-4382-4E92-8C45-A2D572D1BD27}, , [5d2a6451c5c5e5517fde7efede276997],
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [8205a3127317da5c7dc593e21ce99f61],
PUP.Optional.ChatZum.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}, , [eb9c01b4058558de4b01b9c6b55005fb],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=10, , [c6c1268fd0ba00362c835e0ba560d828],
PUP.Optional.GlobalUpdate.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@staging.google.com/globalUpdate Update;version=4, , [1176783d7b0f2610298705643ec7be42],
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, , [1c6b9f160e7c2b0b33368a7eba4a9b65],
PUP.Optional.SystemSpeedup, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\ssd, , [0d7a9c19a2e894a2147da66b03016898],
PUP.Optional.IHProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\IHProtect Service, , [6324c9ec107a5fd79df0975dd92ad030],
PUP.Optional.IEPluginServices.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\IePluginServices, , [4e39a411afdbcc6aa3d9847a8c77ab55],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, , [51369a1b3159bc7a84f9a25ca45f42be],
PUP.Optional.DataMngr.A, HKU\S-1-5-18\SOFTWARE\DataMngr, , [3a4dc1f4d0ba5cdaf803ab9c7f86659b],
PUP.Optional.DataMngr.A, HKU\S-1-5-18\SOFTWARE\DataMngr_Toolbar, , [8ef98035b0daec4a03f7ae995fa6cf31],
PUP.Optional.BrowserApps.A, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\Browser+ Apps+, , [92f509ace6a46ccad22734c65ea56b95],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\Datamngr, , [9deaa0158dfdd95df6051c2b24e1e21e],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\DataMngr_Toolbar, , [8007b1041d6d6accc03ab493ac599a66],
PUP.Optional.Delta.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\delta LTD, , [6c1ba90cf29864d25e4769e020e5ba46],
PUP.Optional.Iminent.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\Iminent, , [02850ea76525eb4b0c3bc56ed331b44c],
PUP.Optional.WebSearches.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\SupHpUISoft, , [c9be24917f0b50e6b43bfb0e9173a060],
PUP.Optional.BrowserApps.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\APPDATALOW\SOFTWARE\Browser+ Apps+, , [097ecee79feb62d4817819e1b84bb947],
PUP.Optional.Conduit.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\APPDATALOW\SOFTWARE\ConduitSearchScopes, , [ef98f7beddad082e541a9b60f70c6f91],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\APPDATALOW\SOFTWARE\Crossrider, , [0a7dc9ec038705311219be9ed134bd43],
PUP.Optional.MultiIE.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\APPDATALOW\SOFTWARE\DynConIE, , [f196bdf86b1f0333ad3f6400ee170af6],
PUP.Optional.GenericAddon.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\APPDATALOW\SOFTWARE\GenericAddon, , [70175b5acac083b3fc7934d223e1c23e],
PUP.Optional.Babylon.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\BABSOLUTION\Updater, , [93f43184345640f6a45971d7e322b848],
PUP.Optional.GlobalUpdate.C, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY, , [9bece6cfe0aa1e183e5740a617eced13],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\BHPHEMOOBGNIKCOOFKGACKKAIMPFMENM, , [bfc8dbda8cfe94a2c4cc9054ac57c23e],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [1a6dd0e592f81e182f2de15148bc3dc3],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\INSTALLCORE, , [5433f0c5cebc02341e0073d5b2534fb1],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\21636, , [f691189d9eec56e004f0df25b54f8779],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\browser, , [b2d5a5107f0b89adcaa38965bd4627d9],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{10838295-92D8-4481-8ED7-E390A2424990}, , [4e393a7b197141f5cb90aece887dcb35],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{110EF42E-C29A-45C0-9BB8-865667B52A75}, , [7e097d38fb8f3303d983d8a427de40c0],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1227F6DF-A616-43D0-A0C0-8DB728ED26BF}, , [e2a59d18c2c8132386d690ecd5304db3],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{13C52E9A-C764-444E-87E0-9A66EA1CC19D}, , [41466d48e7a3201675e7483444c1c838],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{13CAD705-A8FC-44D8-A37A-F67FF96AD559}, , [1e69763f0c7e3ef8c9938eee12f3936d],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{140AC560-40A5-40BC-9CB4-3743E237B1B4}, , [b3d41f96345668ceacb0e399f411a15f],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1488A13B-9B19-4218-8DC6-566EF7B159AC}, , [5f289124a6e42313a8b30775ff06f50b],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{14DD98BD-26A5-4F7E-ACF6-544C5BDAB63A}, , [2661793cb7d3191d64f7b6c69a6bcd33],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{17F52D86-D630-46C9-99BD-583C8F5ACB58}, , [9cebe6cf4a4038fe2e2de8944bbab050],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{182F4352-66DF-433E-B03E-AD6BDACC49AF}, , [10770ea7286234023f1dd3a941c4a35d],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1899E26C-3B78-4324-B0D4-8D3828918154}, , [295e62535d2d96a05a02ee8eaf56f50b],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1B6AA3ED-6F63-4F9D-AE3A-C8E19C3E9FA9}, , [780f93226e1c73c386d6423a1aeb3fc1],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1C63CE23-7D26-4BB1-868D-963B8233B63B}, , [3b4c486dd7b32e08025aabd1689dce32],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1C6B2958-AD36-42BC-B6E1-278FD261C173}, , [b6d1f1c4652591a5104ca4d842c3a25e],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1EA786EE-CC94-4A5B-9F3C-A2A3785448A0}, , [5235ad088604ed494d0e6715aa5bd12f],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1EB0FC7A-9E05-45F8-80B0-4D8B83E87EAF}, , [9cebb00514765bdb7cdf3448679e08f8],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2038BED0-BCC4-45B1-A98A-A43C2EFC23CC}, , [96f1f1c47d0d1e187fdd493344c10df3],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{207E38CB-C354-46AD-9979-91896E17E0A1}, , [2562ffb6513993a35705fc80bd48a25e],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{22775FA9-A290-428A-919B-69D89B233AA4}, , [0d7a3184ef9bd363f269a4d82fd625db],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{23891DAF-C214-4F64-B449-27FC4EE76AE0}, , [2c5bdfd62565dd59cd8f423af510bb45],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{250E4C25-5F80-455E-BEB8-1683F5A21423}, , [2e594b6a2f5b50e6c4984e2eae57dd23],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{27F656DC-862D-4304-A427-6C1892D9A86B}, , [3c4b5263fe8cfe38fd5feb9122e3a759],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{29021686-DE86-467F-89AA-8188E5E11A50}, , [c3c4cfe60d7d70c64d0fadcf2fd67090],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{29D9C6BC-7DA3-48B1-A1D7-C6DFE897E85B}, , [087fc7ee0c7eac8a5704dba1ee1706fa],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2AAA9FEE-337E-43C0-849B-E8E23AD6C8A3}, , [8700882d3b4f41f5fa62205c2fd6bf41],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2B38E0EC-5ECD-432C-A599-C9A2A1ACF91D}, , [c5c23085177356e0dc7f96e63fc6c040],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2DF9812B-F773-4D87-821C-DD13E3E41622}, , [a8df3c79beccdd594516394331d40af6],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2F512D3A-CFB7-4197-8890-71FC23287FF9}, , [5f28eacb6624f24463f8c7b52fd6ec14],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{300A8789-E9D9-48ED-BC29-6D692F45246C}, , [fb8c625318723ff793c926565ea7e818],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{301B5A47-6283-48F2-B0CA-4738FD3EAFD7}, , [99ee01b436549f97510b5a2280851ce4],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{33863E3F-AF9C-4726-8F7F-D61BC85BC2B1}, , [b1d6fbba7c0ecb6be87333493dc88e72],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{39723C30-C69F-4128-A570-575EE7CF1B34}, , [66217f369bef0e2879e338449570d729],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3992DAEC-812B-4472-A558-D8AA92E5BC29}, , [11766e471674979fe577f08cf4116c94],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3BDAB24F-651C-4846-A640-F1C056EDE8C2}, , [1671a015ed9de155d08b77059c6916ea],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3C3E2105-FC59-40B2-9E8C-C66A3ED7F548}, , [91f6496c2e5c989e2239611bae57e917],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3FA8AAC6-FFD0-4487-9FE6-FA6FE98222EE}, , [4740b8fd6327d75f88d4cab27c8939c7],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3FD152AE-CF3D-4C54-B4A5-76C9CC1C8A52}, , [fb8c595c2e5c5fd75ffc225a699cc33d],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{408E4823-DEF7-4A13-A7FB-1CF3B0681F55}, , [0a7d8e27bcceaa8c1d3f7a02af56b14f],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{40E3216B-88BF-41AE-AD56-FBFF6C582DE3}, , [9ee9466fe3a75cda99c216668f760df3],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{42AC0299-D012-4DE2-BDD9-6348CE3984CE}, , [1c6b52638109cc6adb8054282fd68878],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{43C61396-E391-4448-A596-EF221339B120}, , [32552b8a018972c4e07cc8b4a2634bb5],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{47EFF5E0-8851-401A-B9DB-28A67B51FC83}, , [d1b6b104f892f046213bbdbf838232ce],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{493EEEF2-903A-4964-941E-6976A882D7E2}, , [513662534e3c48ee1b40d3a9887d946c],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4AC17D6D-94A1-4B51-B23E-8F3F9CBEC3DD}, , [1770ebca38520531b3a87ffda65ffa06],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4C818CE5-70AE-443D-A913-71FECC9180A3}, , [bec9f1c4b5d5999d510b1567e42128d8],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4CDCEB24-3C1E-48ED-88F1-241C23EDBED5}, , [4f386f468ffb9f97342880fc8b7ad030],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{502D24A8-8FF2-4287-93CD-E8FF7E9D272D}, , [493e4273e4a65dd9be9e9fdd669f46ba],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{50D59B93-C8F5-4EE6-9F32-BA5ECD6B5E1E}, , [4c3bd9dc800a9b9b0a5193e92cd9f709],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{51E3A272-3675-465A-8264-FE9DB9EFE1E1}, , [2661f7be800a4de9a1bb285441c4e41c],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{53C872E3-219F-418A-BE4A-217FAE4734F7}, , [4641d5e0dbaf7db91249d7a52cd906fa],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{53FF4B5D-4342-41E1-9ECC-D3B435E6A681}, , [bdcabef755358caaf4682e4e986d21df],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{553FA385-F8B2-475E-A754-CE893DB0F13F}, , [2c5b387db5d50a2c3e1d5725af56b947],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{585DE4B5-AB33-4DB5-A0D9-EC94BD6E9A5B}, , [f88fb104b6d4ca6cf567a9d3b64ff20e],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{59456BA8-B9B2-409C-8367-CE581CF9512F}, , [c6c1496c3e4c79bd5408116b0ff6d42c],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5A74635B-D60D-4E0A-AEE2-E5BC978D9D5B}, , [5235fabbf397fb3be27a4a32fa0b18e8],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5B376915-CE81-42B0-9714-C8BF6DA11BF4}, , [196e981de2a8e551c497e29a53b27c84],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5B5CC14A-B517-4197-8563-614A79B9BFD9}, , [f98e8a2baddd24123b20bac27095b24e],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5B92A9FA-322E-45FF-AC2B-D8BC4526CB87}, , [ef98ad0829618aac70ec007ce91c7987],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5D6EF8BC-8717-43FD-A273-EE7C2138F0BB}, , [6c1b6d481674f4423d1ff4885ca936ca],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5DB3DC0C-67F0-425A-9C66-8F58B9D4415B}, , [5e29f9bc91f92016f26aafcdcb3a20e0],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5EBA15C8-82AB-470A-B57B-8D782F9F24A3}, , [5235961f1f6b77bf64f799e392733ec2],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{60D32118-ACC6-4231-80EC-727A494AD916}, , [2d5a3e770a8045f153081c6008fd51af],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{630FAFD6-EEC7-4837-977D-135A3596D8E3}, , [2a5d1a9b6723cb6b2537116b07fe39c7],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6439161F-7D8D-446D-B852-B75C5DF88A45}, , [94f322933c4eaf871f3c5c20669f0ff1],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{67259623-240F-4EA8-B7AB-BCFF128F5F4C}, , [b8cf0ca91971f343540799e3a06531cf],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6881C551-D680-4B6A-8E36-9267BE76F1ED}, , [91f6b9fc2f5b4aec99c3bcc07b8a0cf4],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{69F756CD-31D0-4CC0-B402-F0154CE4CF5C}, , [1b6ce0d54c3ef046a3b9275550b5926e],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6B19548B-B707-4EF0-8BEE-F1D621C2B596}, , [2463c8ed3555bf7793c9047809fc44bc],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6E264567-D04B-4B02-B41B-514B422E3864}, , [7b0c457063274de9acb0d6a632d3ae52],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{723E038E-952F-41EA-8D3B-2148B47DC517}, , [582f793c0b7ff83ebe9e6a12fc090af6],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{74125A38-3944-4E51-B9B9-117BE2EFEBC3}, , [0a7d12a3a2e85dd96eed304cd82db848],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{74537590-D657-47DB-BDF7-6B85B0338B5D}, , [d6b11b9a464458de6bf17309e5204eb2],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{751EE0E8-9750-487D-BA19-5EDE6127AECB}, , [e2a5aa0bc3c7280eb6a53a424bba60a0],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{752C6FF3-9F3F-480A-A335-DEE13F174D32}, , [dcab882daedcb0866defb4c8c441a957],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{757C7896-3B93-4FCD-8015-17A44233DC32}, , [ed9a6c4979113df9d8833d3f21e454ac],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{75AD61A1-4234-40DC-9230-6C52D0CB13A9}, , [9cebab0a3e4cec4a223a6c105ca927d9],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{75CA1757-9EFE-48C5-A943-9F74441E5859}, , [f295fcb9b9d1d5618bd01e5ef90cea16],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{77396244-9772-4CC4-B4A9-DFA16D1ED3D1}, , [c6c14273028857dfff5c4537d530e020],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{781C7FB0-6134-401C-9C2F-13B31890264E}, , [a5e2f2c3a5e5af875dff4d2fd62faa56],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{79573A06-3145-4A6C-9C17-4EAF7D1D70CF}, , [99ee10a5414985b11f3c512bf312a15f],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{79E14774-4302-487D-A75B-89F1FAD42333}, , [4740ddd8b4d684b27be198e4d82d9d63],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7BCD1B6B-7D7B-40D0-BE1B-4CF3ACDD57C9}, , [b7d006af99f1ba7c2f2ddca0ee17d030],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7C05FACA-FCF9-41A2-B0BE-F69E36EA6D8F}, , [d2b58c29a6e4bb7b401bd9a39174e11f],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7F5E88C6-E68D-4974-A2D9-CCE0E6B5C7B0}, , [b7d095204644a2948fcc15678184a858],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7F8A838D-CA29-479E-9BF4-D539F8A62F78}, , [afd820958ffb4fe7c299b1cbd5306f91],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{85EB68CD-2BB2-4F09-BD65-523FF32D3CE3}, , [4b3c7c392b5f1224d883c0bc53b24eb2],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{863E8BCB-D393-4A9A-93F6-6848D735184F}, , [fc8b3b7ac1c971c545168fed8d78728e],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{877B739A-6AD0-4911-A61E-1E183D587255}, , [137451647218e3533b20eb917b8aaf51],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{87BA550C-87C8-43A6-9DDB-BD67D4C2C5FE}, , [2e5901b4107a2a0c58047408bb4a8b75],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8B0752BE-7964-41BA-BAC0-783445355CDC}, , [6027b302731741f56eee413bc144da26],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8CFF2E1A-4950-4EEE-B17F-EAD96464735B}, , [6e195e576f1bda5cd18abcc008fd39c7],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8EF1E629-9619-4164-9F74-56F27F813E7B}, , [681f13a2c3c79a9cb2aa8cf08b7ae41c],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8F6265B2-29A8-430F-BFEE-E168E386C558}, , [0285a70ef2983cfa74e8a4d8ee173bc5],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9110D8E6-81E5-4131-B46A-69277E7844A6}, , [3453575e494147ef3c206d0f29dcb848],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{918019CF-40E7-45EC-8FF5-D315AAA348F8}, , [c3c4fcb93f4b2b0bd982314bcc391fe1],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{91BD9B20-C24F-465D-B5DB-896DC17818B7}, , [8205fabb26643ff70e4ec1bbeb1aef11],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{937E4FC4-41A5-4F69-848A-21C3A43387A5}, , [cbbc882da9e1b87eadaebebe5ca945bb],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{94DE9E23-F8CD-4292-A07F-36FDBFD9F1FB}, , [8106496caae068cec497d6a6bb4aeb15],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{98F278CB-E89F-4E81-8936-F31A62F24621}, , [cabd6451c5c58fa7b1abb7c5ff06dd23],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{99902F90-C1D1-4DEA-AB46-B6BDD0A94983}, , [0186f0c59eec79bd1843a1db2cd9ad53],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9A03056D-2291-428F-816B-41DF95FF48BA}, , [2e5901b45f2bbd7982daa6d69471629e],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9B065EE7-8FB2-4A77-B2F2-C8D15BB34098}, , [61261f96b9d147efd28a493341c457a9],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9B567175-CD29-4149-8C75-D1502E253A99}, , [6e19f4c12169c67073e9d9a32ed7db25],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9E1FAE46-59D7-4BC6-9B8A-C6AA3E1D95B2}, , [00878431bcce0c2a3b2197e50302a25e],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9E2BF708-33BC-4C6A-9BA7-784C18B64CB6}, , [b7d0f0c567236bcbea710c708a7bbe42],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9E7842CC-DB28-450D-AA12-2C3D114F356F}, , [9becb6ff5e2c1b1b0b5185f7a0650ff1],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A02FA462-D05B-4F98-82AA-9DB612AE29A0}, , [b4d38e276c1ebc7a87d4502c986d59a7],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A1ACE7AB-4050-4432-BEE7-C94CBF695794}, , [7413655090fa76c064f7601c30d56a96],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A2AC4892-381E-48BD-A2A6-40648DD026BB}, , [aed910a526645dd9b5a71f5d0afbae52],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A2C994D3-811B-4550-8CBB-E7F0D4845257}, , [f196932204862a0c6fecd3a927de11ef],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A31276CE-7F46-427B-80DD-1E60EAA1A332}, , [c4c3e9cc31594cea58040973d82dad53],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A54DA843-7315-4973-A6CD-1C142E86981B}, , [5433eacba0ea48ee6bf1dd9ffe078977],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A6E9DC0E-4571-4036-B7DD-DCF98A6FA08B}, , [6027b8fde2a8191d93c87606d0358977],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A83687B8-99BE-45EE-82DB-D99E9DFC5E21}, , [0e79f3c239512d09fa61f389d431916f],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A84E4E1E-55F1-4FAA-ABB6-5816EC5B178E}, , [35523382088287afb7a46d0f966f41bf],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A87DBB52-B484-46F1-8CF6-5B39D9C2F2FC}, , [c1c64e673f4b320486d6ff7d00059070],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A95F768A-C8A2-4C0E-889C-22B6E058DAB8}, , [e89f13a27b0f6accdb81225a3bcaa45c],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ACECFAC3-CE71-4F29-AF1D-3851C61F3243}, , [89fec5f07c0ecd692d2fc3b954b15da3],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AD10CDD5-AD0F-4B5E-B039-EAFA99E6BB13}, , [097e5263b0da76c0a2ba7309828327d9],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AD4C57AD-7BDE-46EB-806E-B0D36AB44EAB}, , [c2c5fbba3d4ddf574813bdbf23e2bf41],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AE3FD9C3-CA45-43E5-BCE1-BE71FD74E5E1}, , [6621af06a0eab0868fccd7a5778e10f0],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AE79FA9E-2CBC-43FC-A9D7-3FC58399AFA7}, , [2661bafb14762d09b9a3d3a9976e817f],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B0CE718C-C3A2-4815-AEB3-D2547623AEC4}, , [f196e4d1b3d723135ffd720af31205fb],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B0E8D8B8-82F4-4EE2-A253-F753E7CB7333}, , [daadedc8622879bd3527522a06fff40c],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B135EBA7-9699-4AF4-A791-E17B1C36B974}, , [47407342d0ba59dd19425d1f897c847c],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B1E56751-ACF1-4DCC-BE8C-B0E269D1AB11}, , [6d1aa3125139bc7a5507126aa560d42c],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B3C8721E-845A-4A75-879C-2EAD6061F476}, , [7017cbea5c2e072f44183844df26e41c],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B50A847B-6B7A-41F6-BA18-42923BAAB563}, , [c3c43d78d1b989adb2a96e0eef1646ba],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B5BF739F-18BE-4057-9755-BDF0426CD926}, , [74139f167a10c76fda8248342fd636ca],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B7D54940-82DF-44F3-9049-A824ECAF1E8F}, , [cfb8249181099b9b2339f08c42c39070],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BA94F974-60B8-45C5-8E55-AA3DF3D0C326}, , [4a3dd7deed9d3204fe5e5f1d986db44c],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BD116C4C-AA0B-4512-9AE2-62CCFA92AEE3}, , [dbac25903a5072c4a5b679035fa6ce32],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C266CBD6-454D-4AE7-86CF-3897E1335C97}, , [b2d5ded78ffb90a60c4f0b716f963cc4],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C28C6634-B59F-49C1-8120-836BC6FAE7E0}, , [d8af3a7b5a302c0a3328235916ef0cf4],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C45F018A-7684-4DF9-AE5B-C664DA422ED1}, , [afd87f36246625111c40de9eda2b966a],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C52B9C01-C649-4BDE-838C-AA86DA18EFB4}, , [2a5dc2f3b7d323134418d3a991743ac6],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C6D05213-F8C2-4897-8D96-18762BED3BC4}, , [0f78d4e1e0aa79bd104c6e0e5aabc739],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C6E22481-8CDE-4340-BBC4-B3255278F029}, , [5631199c494182b467f52e4e6d98df21],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7E756F2-73D0-4E53-A525-BD16A5F46B39}, , [eb9cc6eff793c670a7b4ee8ede2752ae],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C8FCDB02-B19A-41F9-BC62-9CE133767D59}, , [fd8a2194f397f343d18ab9c3bb4a15eb],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C97ACE12-4FFA-428D-901C-D3F1A8BCB4A0}, , [afd8d1e4e1a957dfed6ea1dbec197888],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CA642CFB-87BF-4051-897B-9A23CA56FC17}, , [e1a65a5b85057eb806559ce05aab3dc3],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CA778CEB-54C2-48DA-97E8-DA37E1BBB098}, , [7512b7fe523824125408ccb0b84dd927],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CB38C57E-3099-4B14-9B67-CD8C62809EE4}, , [5631c4f19ded0d29005bb1cbea1be51b],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CCF15010-3376-4A5A-AC1E-51DEB0AFD650}, , [acdbdadb2b5fc96dc09bd8a470958a76],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CD0C2BD6-4382-4E92-8C45-A2D572D1BD27}, , [f6912f86503a59dde476374572937987],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D016D981-606C-46AF-B570-42B8D542C9A9}, , [22659f16761467cfd18b5b21c83d48b8],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D051D5B8-80D7-4C65-8DB5-888FE2899EBE}, , [f1968d28a9e15fd770ec562627de10f0],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D06788BF-AC89-47CB-A890-CE4E786EAF2E}, , [c5c2b005276338fec19a0b71877e44bc],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D0E3B847-61DD-4C7F-88BC-15EE49E061E1}, , [71167b3a98f23df93e1e2b511de8c13f],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D2750D30-5D92-43F8-AE30-C0EA35C08868}, , [66211d986f1bd85e6bf15428d332e61a],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D599D16E-A815-48F1-8D19-16C78E8F2ED6}, , [50374b6a94f65adcfe5d97e57c893dc3],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D8D59970-7287-4DA0-BC24-E0C786949368}, , [ccbb377e276363d35902f785669f2cd4],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D91A4EF1-8270-40AB-8526-68A7E09AAF44}, , [662112a38703bc7aaeadfa82d0359a66],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D933DA65-B7CA-4406-984F-3E92F79CEF67}, , [7215ebca91f9ae884b10047845c0867a],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D96D4C23-87D3-4AC6-B021-A67DB0886CF7}, , [8afd85302b5f92a4f269215b8b7a8c74],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DA070E84-9671-4DE1-9C12-10919C305F69}, , [e2a5eacb3357fb3b3625c2ba838231cf],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DC025B81-17E9-41BC-AE96-E22A1D76A81E}, , [4f386b4a96f46fc787d435477e874ab6],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DC1C3FED-5886-4F85-B3BC-9A907FB7D832}, , [95f265504545f640a6b5afcdd530b44c],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DC5F7619-C6B4-4F5A-A212-39A19A26A147}, , [00870fa69af0072f99c2374516efff01],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DD7E6FFA-17F6-47F9-B461-42F0CCB4212A}, , [7b0cf7be503a41f597c486f6d1349c64],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DFFA6143-636C-46C2-AC36-AE7A323760B9}, , [7c0bbdf82961d06677e47dff73929a66],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E305C121-3D56-47E5-9CC5-3081BCB875CA}, , [315672438ffb3ff7114a8bf137ce1ce4],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E3F8FF8E-DB33-4F04-BE47-898E933D3323}, , [3651476e5a30ad8968f3bac2d4310ef2],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E54EA834-B22A-421A-B6BA-2C217D9B9A9A}, , [087f64517b0f181ed08ca7d559ac0bf5],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E753E430-31FD-4209-90A8-AB32336E15C9}, , [adda8332127875c1ea72a8d4b25319e7],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E78432C4-6EC9-49D9-BA97-B085841626C5}, , [1275f4c1d3b77fb789d2d8a4fd084cb4],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E82A0AAE-8800-4977-8365-C7A730F0B7DB}, , [6b1cfcb931594ee8302b4834bd48916f],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E8C29A7B-CB20-42B7-9A77-25238EDA1CB6}, , [7017ac09eaa0ff3770ecbbc1699cc33d],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E8E85F5A-BA04-4D3A-A954-E6EA57EA10AE}, , [fc8b35809af06ec88ccffc80030239c7],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E94BDD53-F4A5-4E81-BA61-81497DCC382A}, , [d4b3b9fc4f3b3cfae17a3d3fc5401be5],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E97F888A-9198-4033-B929-3ADF11DCE0C8}, , [582f53625d2d65d1cf8c85f712f3f907],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EA028062-BE71-42B9-8BFD-E77D3F82F7B2}, , [1f68892ca3e73006d18a85f7de272bd5],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EC8B6045-D342-4A7E-BE49-6067379B44AD}, , [54334f66b8d2023463f9423a51b4c739],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EEE6CA6F-16FE-4666-B745-A712EAA3D08E}, , [ff884471c8c23ff70952324a778e3ac6],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EF3A19DF-CED1-4FE0-8692-1F3862527F35}, , [4542585da6e439fd3d1f8fed35d022de],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F145E173-3D05-467D-AECE-1B2135AD339D}, , [1d6a6451dbaf5adc02590b71ea1b9967],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F3718708-6A53-476B-AAF5-318CEBFD485B}, , [e7a0c9ec404a063003584c306f966799],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F61C258D-2A7A-4C9B-A258-24B8ADBADF6C}, , [c0c7773e216980b681da720aef163dc3],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F766DEDC-2283-4EB6-8BD5-D9DC1DF3E689}, , [e2a5694c325856e0c9920d6f8c79c23e],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F83829E8-B823-4446-AFDF-D389F0A5967C}, , [592e387d0387f244db8137457d88926e],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F9D824E6-FB76-45A4-B99B-ACB8F5EC8D95}, , [fd8ad0e50387ec4a75e65e1e6c99728e],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FA1BDF9E-BCFB-4F39-9BAA-7C6A821D9BDB}, , [94f31c993d4dfa3c4c102854e22342be],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FAEA1D28-9623-46F8-B75D-FD4C6417752C}, , [e1a645708a009c9a5606483420e57f81],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FB5D8586-EFD2-4EFB-8975-10979F399E15}, , [0780d9dc305af046be9e0676b84d9868],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FDCD14B5-975E-46C1-866F-1F449C6E512D}, , [89feb203f199be78c8942f4d27de0bf5],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FE5824DE-3871-44B8-9985-A2CF4881B7C7}, , [93f460552565989e64f76b115ca9f50b],
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FF9E9E48-9919-4AE8-9E4A-20E8841FB613}, , [2b5c8e275d2d62d41a417a02778ef40c],
PUP.Optional.DoSearch.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, , [f691d1e438521d19e26c638370930ef2],
PUP.Optional.DoSearch.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}, , [5235edc88109d4628fbf62842bd8946c],
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}, , [0186dbda6e1c7fb793aebfb608fd4bb5],
PUP.Optional.DoSearch.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [d0b79c19058560d60e4083637b889868],
PUP.Optional.DoSearch.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}, , [2760eec76f1bcc6af9557f670cf7c33d],
PUP.Optional.DoSearch.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}, , [2c5b24918604ad8908462eb841c2ae52],
PUP.Optional.DoSearch.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}, , [4740961f3357f73f0945b23440c3b64a],
PUP.Optional.DoSearch.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}, , [bec9486d94f6db5b381665810cf70ff1],
PUP.Optional.DoSearch.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}, , [fb8c53621f6be94df05ea343838030d0],
PUP.Optional.OptimizerPro.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\OPTIMIZER PRO, , [5631ad0857333cfad9f5b5c99d688779],
PUP.Optional.SystemSpeedup, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\SYSTWEAK\ssd, , [6225991cb7d3b284eaa67c95c143827e],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\globalUpdate.OneClickCtrl.10, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{5645E0E7-FC12-43BF-A6E4-F9751942B298}, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\globalUpdate.Update3WebControl.4, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\globalUpdate.Update3WebControl.4, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\globalUpdate.Update3WebControl.4, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{E0ADB535-D7B5-4D8B-B15D-578BDD20D76A}, , [e7a0a411d8b241f51c754d776a9951af],

Firegirl 01.06.2015 16:29
mbam teil 2

Code:
Registrierungswerte: 241
PUP.Optional.DVDVideoSoftTB.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}, , [1f6806afb8d258de3cfb74ec8e75857b],
PUP.Optional.DVDVideoSoftTB.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{872B5B88-9DB5-4310-BDD0-AC189557E5F5}, , [bccbfcb9820859dd64972837689bf709],
PUP.Optional.DVDVideoSoftTB.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}, , [94f32f862862df57b780015f996a847c],
PUP.Optional.DVDVideoSoftTB.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{872b5b88-9db5-4310-bdd0-ac189557e5f5}, , [4146eec7ddade74f956662fdc83ba15f],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{69f756cd-31d0-4cc0-b402-f0154ce4cf5c}|AppName, Browser+ Apps+-codedownloader.exe, , [f39405b0008a2610cb94a4d8a95c0af6]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{cd0c2bd6-4382-4e92-8c45-a2d572d1bd27}|AppName, Browser+ Apps+-bg.exe, , [17709520e6a474c2540994e895702bd5]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}|DisplayName, istartsurf, , [0b7cd8dda0ea56e00042086d61a4817f]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}|URL, hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}, , [26617e37c0ca72c47ac862138481ce32]
PUP.Optional.Astromenda.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_dsites_14_41_ie&cd=2XzuyEtN2Y1L1QzuyBtDtC0AtDyEtDyByD0CtAtDzy0DyEyBtN0D0Tzu0StCtDtCtBtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCtAzyzyzy0F0D0CtG0FyC0AtBtGtAyD0F0BtG0A0F0CtCtGyCyC0B0DtC0D0AtCtCyE0C0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0EyD0D0CyEyE0FtGzz0FyB0CtGyE0Dzy0EtGzyzyzy0AtG0BzzyDyEtC0FyE0EtCyE0C0C2Q&cr=203866892&ir=, , [2e59dfd63555a2944ce85322669fd12f]
PUP.Optional.Astromenda.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|TopResultURLFallback, hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_dsites_14_41_ie&cd=2XzuyEtN2Y1L1QzuyBtDtC0AtDyEtDyByD0CtAtDzy0DyEyBtN0D0Tzu0StCtDtCtBtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCtAzyzyzy0F0D0CtG0FyC0AtBtGtAyD0F0BtG0A0F0CtCtGyCyC0B0DtC0D0AtCtCyE0C0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0EyD0D0CyEyE0FtGzz0FyB0CtGyE0Dzy0EtGzyzyzy0AtG0BzzyDyEtC0FyE0EtCyE0C0C2Q&cr=203866892&ir=, , [266125908cfe06306dc74d28719450b0]
PUP.Optional.Astromenda.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|FaviconPath, C:\Program Files (x86)\WSE_Astromenda\\FavIcon.ico, , [cdba694ce8a2a69060d4fa7b768fa759]
PUP.Optional.Astromenda.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Astromenda, , [4f38bcf9f29820163301c8ad699ca15f]
PUP.Optional.Astromenda.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, Astromenda, , [ff8811a41476e6505dd7b3c2897c9967]
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, , [186fd5e05d2d2f0729770807ab5935cb]
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATEDEV|AuCheckPeriodMs, 21600000, , [9becd2e39feb3105ec168a5cac579769]
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\bhphemoobgnikcoofkgackkaimpfmenm|path, C:\Users\Vivien Förster\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx, , [4740447181092e08236c489c44bfb14f]
PUP.Optional.Astromenda.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Astromenda\\, , [5d2a0baaafdb6bcb7bef9f45d42fa55b]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{69f756cd-31d0-4cc0-b402-f0154ce4cf5c}|AppName, Browser+ Apps+-codedownloader.exe, , [7e09c2f35535191d1748abd14fb68e72]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{cd0c2bd6-4382-4e92-8c45-a2d572d1bd27}|AppName, Browser+ Apps+-bg.exe, , [5d2a6451c5c5e5517fde7efede276997]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, istartsurf, , [8205a3127317da5c7dc593e21ce99f61]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}, , [bdcae6cf96f49a9c241eb2c3f90cf10f]
PUP.Optional.ChatZum.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|URL, hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=812862174&q={searchTerms}, , [eb9c01b4058558de4b01b9c6b55005fb]
PUP.Optional.ChatZum.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|TopResultURLFallback, hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=812862174&q={searchTerms}, , [93f413a2a6e4b87ea5a7304fd92c847c]
PUP.Optional.ChatZum.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|TopResultURL, hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=812862174&q={searchTerms}, , [bdca3481cbbf52e41d2f384731d42bd5]
PUP.Optional.ChatZum.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|FaviconURL, hxxp://cdn.chatzum.com/favicon.ico, , [9aed6e47e6a493a393b9106f768fba46]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, tugs, , [1c6b9f160e7c2b0b33368a7eba4a9b65]
PUP.Optional.GlobalUpdate.C, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY|source, IE, , [9bece6cfe0aa1e183e5740a617eced13]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\bhphemoobgnikcoofkgackkaimpfmenm|path, C:\Users\Vivien Förster\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx, , [bfc8dbda8cfe94a2c4cc9054ac57c23e]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\INSTALLCORE|tb, zr2Y1E2Z1G1J1T1M, , [5433f0c5cebc02341e0073d5b2534fb1]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{10838295-92D8-4481-8ED7-E390A2424990}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [4e393a7b197141f5cb90aece887dcb35]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{110EF42E-C29A-45C0-9BB8-865667B52A75}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [7e097d38fb8f3303d983d8a427de40c0]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1227F6DF-A616-43D0-A0C0-8DB728ED26BF}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [e2a59d18c2c8132386d690ecd5304db3]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{13C52E9A-C764-444E-87E0-9A66EA1CC19D}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [41466d48e7a3201675e7483444c1c838]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{13CAD705-A8FC-44D8-A37A-F67FF96AD559}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [1e69763f0c7e3ef8c9938eee12f3936d]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{140AC560-40A5-40BC-9CB4-3743E237B1B4}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [b3d41f96345668ceacb0e399f411a15f]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1488A13B-9B19-4218-8DC6-566EF7B159AC}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [5f289124a6e42313a8b30775ff06f50b]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{14DD98BD-26A5-4F7E-ACF6-544C5BDAB63A}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [2661793cb7d3191d64f7b6c69a6bcd33]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{17F52D86-D630-46C9-99BD-583C8F5ACB58}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [9cebe6cf4a4038fe2e2de8944bbab050]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{182F4352-66DF-433E-B03E-AD6BDACC49AF}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [10770ea7286234023f1dd3a941c4a35d]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1899E26C-3B78-4324-B0D4-8D3828918154}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [295e62535d2d96a05a02ee8eaf56f50b]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1B6AA3ED-6F63-4F9D-AE3A-C8E19C3E9FA9}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [780f93226e1c73c386d6423a1aeb3fc1]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1C63CE23-7D26-4BB1-868D-963B8233B63B}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [3b4c486dd7b32e08025aabd1689dce32]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1C6B2958-AD36-42BC-B6E1-278FD261C173}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [b6d1f1c4652591a5104ca4d842c3a25e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1EA786EE-CC94-4A5B-9F3C-A2A3785448A0}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [5235ad088604ed494d0e6715aa5bd12f]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1EB0FC7A-9E05-45F8-80B0-4D8B83E87EAF}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [9cebb00514765bdb7cdf3448679e08f8]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2038BED0-BCC4-45B1-A98A-A43C2EFC23CC}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [96f1f1c47d0d1e187fdd493344c10df3]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{207E38CB-C354-46AD-9979-91896E17E0A1}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [2562ffb6513993a35705fc80bd48a25e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{22775FA9-A290-428A-919B-69D89B233AA4}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [0d7a3184ef9bd363f269a4d82fd625db]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{23891DAF-C214-4F64-B449-27FC4EE76AE0}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [2c5bdfd62565dd59cd8f423af510bb45]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{250E4C25-5F80-455E-BEB8-1683F5A21423}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [2e594b6a2f5b50e6c4984e2eae57dd23]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{27F656DC-862D-4304-A427-6C1892D9A86B}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [3c4b5263fe8cfe38fd5feb9122e3a759]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{29021686-DE86-467F-89AA-8188E5E11A50}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [c3c4cfe60d7d70c64d0fadcf2fd67090]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{29D9C6BC-7DA3-48B1-A1D7-C6DFE897E85B}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [087fc7ee0c7eac8a5704dba1ee1706fa]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2AAA9FEE-337E-43C0-849B-E8E23AD6C8A3}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [8700882d3b4f41f5fa62205c2fd6bf41]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2B38E0EC-5ECD-432C-A599-C9A2A1ACF91D}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [c5c23085177356e0dc7f96e63fc6c040]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2DF9812B-F773-4D87-821C-DD13E3E41622}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [a8df3c79beccdd594516394331d40af6]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2F512D3A-CFB7-4197-8890-71FC23287FF9}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [5f28eacb6624f24463f8c7b52fd6ec14]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{300A8789-E9D9-48ED-BC29-6D692F45246C}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [fb8c625318723ff793c926565ea7e818]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{301B5A47-6283-48F2-B0CA-4738FD3EAFD7}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [99ee01b436549f97510b5a2280851ce4]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{33863E3F-AF9C-4726-8F7F-D61BC85BC2B1}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [b1d6fbba7c0ecb6be87333493dc88e72]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{39723C30-C69F-4128-A570-575EE7CF1B34}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [66217f369bef0e2879e338449570d729]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3992DAEC-812B-4472-A558-D8AA92E5BC29}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [11766e471674979fe577f08cf4116c94]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3BDAB24F-651C-4846-A640-F1C056EDE8C2}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [1671a015ed9de155d08b77059c6916ea]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3C3E2105-FC59-40B2-9E8C-C66A3ED7F548}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [91f6496c2e5c989e2239611bae57e917]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3FA8AAC6-FFD0-4487-9FE6-FA6FE98222EE}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [4740b8fd6327d75f88d4cab27c8939c7]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3FD152AE-CF3D-4C54-B4A5-76C9CC1C8A52}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [fb8c595c2e5c5fd75ffc225a699cc33d]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{408E4823-DEF7-4A13-A7FB-1CF3B0681F55}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [0a7d8e27bcceaa8c1d3f7a02af56b14f]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{40E3216B-88BF-41AE-AD56-FBFF6C582DE3}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [9ee9466fe3a75cda99c216668f760df3]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{42AC0299-D012-4DE2-BDD9-6348CE3984CE}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [1c6b52638109cc6adb8054282fd68878]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{43C61396-E391-4448-A596-EF221339B120}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [32552b8a018972c4e07cc8b4a2634bb5]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{47EFF5E0-8851-401A-B9DB-28A67B51FC83}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [d1b6b104f892f046213bbdbf838232ce]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{493EEEF2-903A-4964-941E-6976A882D7E2}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [513662534e3c48ee1b40d3a9887d946c]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4AC17D6D-94A1-4B51-B23E-8F3F9CBEC3DD}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [1770ebca38520531b3a87ffda65ffa06]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4C818CE5-70AE-443D-A913-71FECC9180A3}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [bec9f1c4b5d5999d510b1567e42128d8]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4CDCEB24-3C1E-48ED-88F1-241C23EDBED5}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [4f386f468ffb9f97342880fc8b7ad030]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{502D24A8-8FF2-4287-93CD-E8FF7E9D272D}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [493e4273e4a65dd9be9e9fdd669f46ba]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{50D59B93-C8F5-4EE6-9F32-BA5ECD6B5E1E}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [4c3bd9dc800a9b9b0a5193e92cd9f709]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{51E3A272-3675-465A-8264-FE9DB9EFE1E1}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [2661f7be800a4de9a1bb285441c4e41c]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{53C872E3-219F-418A-BE4A-217FAE4734F7}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [4641d5e0dbaf7db91249d7a52cd906fa]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{53FF4B5D-4342-41E1-9ECC-D3B435E6A681}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [bdcabef755358caaf4682e4e986d21df]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{553FA385-F8B2-475E-A754-CE893DB0F13F}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [2c5b387db5d50a2c3e1d5725af56b947]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{585DE4B5-AB33-4DB5-A0D9-EC94BD6E9A5B}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [f88fb104b6d4ca6cf567a9d3b64ff20e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{59456BA8-B9B2-409C-8367-CE581CF9512F}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [c6c1496c3e4c79bd5408116b0ff6d42c]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5A74635B-D60D-4E0A-AEE2-E5BC978D9D5B}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [5235fabbf397fb3be27a4a32fa0b18e8]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5B376915-CE81-42B0-9714-C8BF6DA11BF4}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [196e981de2a8e551c497e29a53b27c84]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5B5CC14A-B517-4197-8563-614A79B9BFD9}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [f98e8a2baddd24123b20bac27095b24e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5B92A9FA-322E-45FF-AC2B-D8BC4526CB87}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [ef98ad0829618aac70ec007ce91c7987]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5D6EF8BC-8717-43FD-A273-EE7C2138F0BB}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [6c1b6d481674f4423d1ff4885ca936ca]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5DB3DC0C-67F0-425A-9C66-8F58B9D4415B}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [5e29f9bc91f92016f26aafcdcb3a20e0]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5EBA15C8-82AB-470A-B57B-8D782F9F24A3}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [5235961f1f6b77bf64f799e392733ec2]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{60D32118-ACC6-4231-80EC-727A494AD916}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [2d5a3e770a8045f153081c6008fd51af]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{630FAFD6-EEC7-4837-977D-135A3596D8E3}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [2a5d1a9b6723cb6b2537116b07fe39c7]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6439161F-7D8D-446D-B852-B75C5DF88A45}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [94f322933c4eaf871f3c5c20669f0ff1]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{67259623-240F-4EA8-B7AB-BCFF128F5F4C}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [b8cf0ca91971f343540799e3a06531cf]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6881C551-D680-4B6A-8E36-9267BE76F1ED}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [91f6b9fc2f5b4aec99c3bcc07b8a0cf4]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{69f756cd-31d0-4cc0-b402-f0154ce4cf5c}|AppName, Browser+ Apps+-codedownloader.exe, , [1b6ce0d54c3ef046a3b9275550b5926e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6B19548B-B707-4EF0-8BEE-F1D621C2B596}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [2463c8ed3555bf7793c9047809fc44bc]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6E264567-D04B-4B02-B41B-514B422E3864}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [7b0c457063274de9acb0d6a632d3ae52]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{723E038E-952F-41EA-8D3B-2148B47DC517}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [582f793c0b7ff83ebe9e6a12fc090af6]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{74125A38-3944-4E51-B9B9-117BE2EFEBC3}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [0a7d12a3a2e85dd96eed304cd82db848]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{74537590-D657-47DB-BDF7-6B85B0338B5D}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [d6b11b9a464458de6bf17309e5204eb2]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{751EE0E8-9750-487D-BA19-5EDE6127AECB}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [e2a5aa0bc3c7280eb6a53a424bba60a0]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{752C6FF3-9F3F-480A-A335-DEE13F174D32}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [dcab882daedcb0866defb4c8c441a957]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{757C7896-3B93-4FCD-8015-17A44233DC32}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [ed9a6c4979113df9d8833d3f21e454ac]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{75AD61A1-4234-40DC-9230-6C52D0CB13A9}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [9cebab0a3e4cec4a223a6c105ca927d9]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{75CA1757-9EFE-48C5-A943-9F74441E5859}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [f295fcb9b9d1d5618bd01e5ef90cea16]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{77396244-9772-4CC4-B4A9-DFA16D1ED3D1}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [c6c14273028857dfff5c4537d530e020]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{781C7FB0-6134-401C-9C2F-13B31890264E}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [a5e2f2c3a5e5af875dff4d2fd62faa56]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{79573A06-3145-4A6C-9C17-4EAF7D1D70CF}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [99ee10a5414985b11f3c512bf312a15f]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{79E14774-4302-487D-A75B-89F1FAD42333}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [4740ddd8b4d684b27be198e4d82d9d63]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7BCD1B6B-7D7B-40D0-BE1B-4CF3ACDD57C9}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [b7d006af99f1ba7c2f2ddca0ee17d030]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7C05FACA-FCF9-41A2-B0BE-F69E36EA6D8F}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [d2b58c29a6e4bb7b401bd9a39174e11f]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7F5E88C6-E68D-4974-A2D9-CCE0E6B5C7B0}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [b7d095204644a2948fcc15678184a858]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7F8A838D-CA29-479E-9BF4-D539F8A62F78}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [afd820958ffb4fe7c299b1cbd5306f91]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{85EB68CD-2BB2-4F09-BD65-523FF32D3CE3}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [4b3c7c392b5f1224d883c0bc53b24eb2]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{863E8BCB-D393-4A9A-93F6-6848D735184F}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [fc8b3b7ac1c971c545168fed8d78728e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{877B739A-6AD0-4911-A61E-1E183D587255}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [137451647218e3533b20eb917b8aaf51]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{87BA550C-87C8-43A6-9DDB-BD67D4C2C5FE}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [2e5901b4107a2a0c58047408bb4a8b75]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8B0752BE-7964-41BA-BAC0-783445355CDC}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [6027b302731741f56eee413bc144da26]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8CFF2E1A-4950-4EEE-B17F-EAD96464735B}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [6e195e576f1bda5cd18abcc008fd39c7]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8EF1E629-9619-4164-9F74-56F27F813E7B}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [681f13a2c3c79a9cb2aa8cf08b7ae41c]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8F6265B2-29A8-430F-BFEE-E168E386C558}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [0285a70ef2983cfa74e8a4d8ee173bc5]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9110D8E6-81E5-4131-B46A-69277E7844A6}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [3453575e494147ef3c206d0f29dcb848]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{918019CF-40E7-45EC-8FF5-D315AAA348F8}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [c3c4fcb93f4b2b0bd982314bcc391fe1]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{91BD9B20-C24F-465D-B5DB-896DC17818B7}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [8205fabb26643ff70e4ec1bbeb1aef11]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{937E4FC4-41A5-4F69-848A-21C3A43387A5}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [cbbc882da9e1b87eadaebebe5ca945bb]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{94DE9E23-F8CD-4292-A07F-36FDBFD9F1FB}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [8106496caae068cec497d6a6bb4aeb15]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{98F278CB-E89F-4E81-8936-F31A62F24621}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [cabd6451c5c58fa7b1abb7c5ff06dd23]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{99902F90-C1D1-4DEA-AB46-B6BDD0A94983}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [0186f0c59eec79bd1843a1db2cd9ad53]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9A03056D-2291-428F-816B-41DF95FF48BA}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [2e5901b45f2bbd7982daa6d69471629e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9B065EE7-8FB2-4A77-B2F2-C8D15BB34098}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [61261f96b9d147efd28a493341c457a9]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9B567175-CD29-4149-8C75-D1502E253A99}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [6e19f4c12169c67073e9d9a32ed7db25]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9E1FAE46-59D7-4BC6-9B8A-C6AA3E1D95B2}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [00878431bcce0c2a3b2197e50302a25e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9E2BF708-33BC-4C6A-9BA7-784C18B64CB6}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [b7d0f0c567236bcbea710c708a7bbe42]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9E7842CC-DB28-450D-AA12-2C3D114F356F}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [9becb6ff5e2c1b1b0b5185f7a0650ff1]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A02FA462-D05B-4F98-82AA-9DB612AE29A0}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [b4d38e276c1ebc7a87d4502c986d59a7]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A1ACE7AB-4050-4432-BEE7-C94CBF695794}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [7413655090fa76c064f7601c30d56a96]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A2AC4892-381E-48BD-A2A6-40648DD026BB}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [aed910a526645dd9b5a71f5d0afbae52]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A2C994D3-811B-4550-8CBB-E7F0D4845257}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [f196932204862a0c6fecd3a927de11ef]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A31276CE-7F46-427B-80DD-1E60EAA1A332}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [c4c3e9cc31594cea58040973d82dad53]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A54DA843-7315-4973-A6CD-1C142E86981B}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [5433eacba0ea48ee6bf1dd9ffe078977]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A6E9DC0E-4571-4036-B7DD-DCF98A6FA08B}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [6027b8fde2a8191d93c87606d0358977]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A83687B8-99BE-45EE-82DB-D99E9DFC5E21}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [0e79f3c239512d09fa61f389d431916f]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A84E4E1E-55F1-4FAA-ABB6-5816EC5B178E}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [35523382088287afb7a46d0f966f41bf]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A87DBB52-B484-46F1-8CF6-5B39D9C2F2FC}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [c1c64e673f4b320486d6ff7d00059070]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A95F768A-C8A2-4C0E-889C-22B6E058DAB8}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [e89f13a27b0f6accdb81225a3bcaa45c]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ACECFAC3-CE71-4F29-AF1D-3851C61F3243}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [89fec5f07c0ecd692d2fc3b954b15da3]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AD10CDD5-AD0F-4B5E-B039-EAFA99E6BB13}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [097e5263b0da76c0a2ba7309828327d9]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AD4C57AD-7BDE-46EB-806E-B0D36AB44EAB}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [c2c5fbba3d4ddf574813bdbf23e2bf41]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AE3FD9C3-CA45-43E5-BCE1-BE71FD74E5E1}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [6621af06a0eab0868fccd7a5778e10f0]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AE79FA9E-2CBC-43FC-A9D7-3FC58399AFA7}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [2661bafb14762d09b9a3d3a9976e817f]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B0CE718C-C3A2-4815-AEB3-D2547623AEC4}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [f196e4d1b3d723135ffd720af31205fb]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B0E8D8B8-82F4-4EE2-A253-F753E7CB7333}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [daadedc8622879bd3527522a06fff40c]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B135EBA7-9699-4AF4-A791-E17B1C36B974}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [47407342d0ba59dd19425d1f897c847c]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B1E56751-ACF1-4DCC-BE8C-B0E269D1AB11}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [6d1aa3125139bc7a5507126aa560d42c]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B3C8721E-845A-4A75-879C-2EAD6061F476}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [7017cbea5c2e072f44183844df26e41c]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B50A847B-6B7A-41F6-BA18-42923BAAB563}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [c3c43d78d1b989adb2a96e0eef1646ba]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B5BF739F-18BE-4057-9755-BDF0426CD926}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [74139f167a10c76fda8248342fd636ca]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B7D54940-82DF-44F3-9049-A824ECAF1E8F}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [cfb8249181099b9b2339f08c42c39070]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BA94F974-60B8-45C5-8E55-AA3DF3D0C326}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [4a3dd7deed9d3204fe5e5f1d986db44c]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BD116C4C-AA0B-4512-9AE2-62CCFA92AEE3}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [dbac25903a5072c4a5b679035fa6ce32]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C266CBD6-454D-4AE7-86CF-3897E1335C97}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [b2d5ded78ffb90a60c4f0b716f963cc4]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C28C6634-B59F-49C1-8120-836BC6FAE7E0}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [d8af3a7b5a302c0a3328235916ef0cf4]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C45F018A-7684-4DF9-AE5B-C664DA422ED1}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [afd87f36246625111c40de9eda2b966a]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C52B9C01-C649-4BDE-838C-AA86DA18EFB4}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [2a5dc2f3b7d323134418d3a991743ac6]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C6D05213-F8C2-4897-8D96-18762BED3BC4}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [0f78d4e1e0aa79bd104c6e0e5aabc739]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C6E22481-8CDE-4340-BBC4-B3255278F029}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [5631199c494182b467f52e4e6d98df21]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7E756F2-73D0-4E53-A525-BD16A5F46B39}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [eb9cc6eff793c670a7b4ee8ede2752ae]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C8FCDB02-B19A-41F9-BC62-9CE133767D59}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [fd8a2194f397f343d18ab9c3bb4a15eb]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C97ACE12-4FFA-428D-901C-D3F1A8BCB4A0}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [afd8d1e4e1a957dfed6ea1dbec197888]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CA642CFB-87BF-4051-897B-9A23CA56FC17}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [e1a65a5b85057eb806559ce05aab3dc3]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CA778CEB-54C2-48DA-97E8-DA37E1BBB098}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [7512b7fe523824125408ccb0b84dd927]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CB38C57E-3099-4B14-9B67-CD8C62809EE4}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [5631c4f19ded0d29005bb1cbea1be51b]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CCF15010-3376-4A5A-AC1E-51DEB0AFD650}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [acdbdadb2b5fc96dc09bd8a470958a76]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{cd0c2bd6-4382-4e92-8c45-a2d572d1bd27}|AppName, Browser+ Apps+-bg.exe, , [f6912f86503a59dde476374572937987]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D016D981-606C-46AF-B570-42B8D542C9A9}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [22659f16761467cfd18b5b21c83d48b8]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D051D5B8-80D7-4C65-8DB5-888FE2899EBE}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [f1968d28a9e15fd770ec562627de10f0]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D06788BF-AC89-47CB-A890-CE4E786EAF2E}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [c5c2b005276338fec19a0b71877e44bc]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D0E3B847-61DD-4C7F-88BC-15EE49E061E1}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [71167b3a98f23df93e1e2b511de8c13f]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D2750D30-5D92-43F8-AE30-C0EA35C08868}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [66211d986f1bd85e6bf15428d332e61a]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D599D16E-A815-48F1-8D19-16C78E8F2ED6}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [50374b6a94f65adcfe5d97e57c893dc3]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D8D59970-7287-4DA0-BC24-E0C786949368}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [ccbb377e276363d35902f785669f2cd4]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D91A4EF1-8270-40AB-8526-68A7E09AAF44}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [662112a38703bc7aaeadfa82d0359a66]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D933DA65-B7CA-4406-984F-3E92F79CEF67}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [7215ebca91f9ae884b10047845c0867a]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D96D4C23-87D3-4AC6-B021-A67DB0886CF7}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [8afd85302b5f92a4f269215b8b7a8c74]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DA070E84-9671-4DE1-9C12-10919C305F69}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [e2a5eacb3357fb3b3625c2ba838231cf]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DC025B81-17E9-41BC-AE96-E22A1D76A81E}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [4f386b4a96f46fc787d435477e874ab6]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DC1C3FED-5886-4F85-B3BC-9A907FB7D832}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [95f265504545f640a6b5afcdd530b44c]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DC5F7619-C6B4-4F5A-A212-39A19A26A147}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [00870fa69af0072f99c2374516efff01]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DD7E6FFA-17F6-47F9-B461-42F0CCB4212A}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [7b0cf7be503a41f597c486f6d1349c64]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DFFA6143-636C-46C2-AC36-AE7A323760B9}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [7c0bbdf82961d06677e47dff73929a66]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E305C121-3D56-47E5-9CC5-3081BCB875CA}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [315672438ffb3ff7114a8bf137ce1ce4]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E3F8FF8E-DB33-4F04-BE47-898E933D3323}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [3651476e5a30ad8968f3bac2d4310ef2]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E54EA834-B22A-421A-B6BA-2C217D9B9A9A}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [087f64517b0f181ed08ca7d559ac0bf5]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E753E430-31FD-4209-90A8-AB32336E15C9}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [adda8332127875c1ea72a8d4b25319e7]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E78432C4-6EC9-49D9-BA97-B085841626C5}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [1275f4c1d3b77fb789d2d8a4fd084cb4]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E82A0AAE-8800-4977-8365-C7A730F0B7DB}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [6b1cfcb931594ee8302b4834bd48916f]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E8C29A7B-CB20-42B7-9A77-25238EDA1CB6}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [7017ac09eaa0ff3770ecbbc1699cc33d]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E8E85F5A-BA04-4D3A-A954-E6EA57EA10AE}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [fc8b35809af06ec88ccffc80030239c7]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E94BDD53-F4A5-4E81-BA61-81497DCC382A}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [d4b3b9fc4f3b3cfae17a3d3fc5401be5]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E97F888A-9198-4033-B929-3ADF11DCE0C8}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [582f53625d2d65d1cf8c85f712f3f907]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EA028062-BE71-42B9-8BFD-E77D3F82F7B2}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [1f68892ca3e73006d18a85f7de272bd5]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EC8B6045-D342-4A7E-BE49-6067379B44AD}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [54334f66b8d2023463f9423a51b4c739]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EEE6CA6F-16FE-4666-B745-A712EAA3D08E}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [ff884471c8c23ff70952324a778e3ac6]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EF3A19DF-CED1-4FE0-8692-1F3862527F35}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [4542585da6e439fd3d1f8fed35d022de]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F145E173-3D05-467D-AECE-1B2135AD339D}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [1d6a6451dbaf5adc02590b71ea1b9967]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F3718708-6A53-476B-AAF5-318CEBFD485B}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [e7a0c9ec404a063003584c306f966799]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F61C258D-2A7A-4C9B-A258-24B8ADBADF6C}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [c0c7773e216980b681da720aef163dc3]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F766DEDC-2283-4EB6-8BD5-D9DC1DF3E689}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [e2a5694c325856e0c9920d6f8c79c23e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F83829E8-B823-4446-AFDF-D389F0A5967C}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [592e387d0387f244db8137457d88926e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F9D824E6-FB76-45A4-B99B-ACB8F5EC8D95}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [fd8ad0e50387ec4a75e65e1e6c99728e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FA1BDF9E-BCFB-4F39-9BAA-7C6A821D9BDB}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [94f31c993d4dfa3c4c102854e22342be]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FAEA1D28-9623-46F8-B75D-FD4C6417752C}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [e1a645708a009c9a5606483420e57f81]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FB5D8586-EFD2-4EFB-8975-10979F399E15}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [0780d9dc305af046be9e0676b84d9868]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FDCD14B5-975E-46C1-866F-1F449C6E512D}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [89feb203f199be78c8942f4d27de0bf5]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FE5824DE-3871-44B8-9985-A2CF4881B7C7}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [93f460552565989e64f76b115ca9f50b]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FF9E9E48-9919-4AE8-9E4A-20E8841FB613}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [2b5c8e275d2d62d41a417a02778ef40c]
PUP.Optional.BProtector, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|BrowserMngr Start Page, hxxp://search.babylon.com/?affID=110809&tt=130812_bandext_3312_8&babsrc=HP_ss&mntrId=1cb69d4700000000000000262d50379d, , [e3a41c99b3d79d99339992c208fd0ef2]
PUP.Optional.DoSearch.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, , [f691d1e438521d19e26c638370930ef2]
PUP.Optional.Babylon.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|DisplayName, Search the web (Babylon), , [b0d7fbba94f637ff0c9c017425e0e11f]
PUP.Optional.DoSearch.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|URL, hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, , [ff88298c0c7e57df9db10bdb758e738d]
PUP.Optional.Babylon.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|TopResultURL, hxxp://search.babylon.com/?q={searchTerms}&affID=110809&tt=130812_bandext_3312_8&babsrc=SP_ss&mntrId=1cb69d4700000000000000262d50379d, , [6027674e424880b6985042a018ebf709]
PUP.Optional.DoSearch.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|URL, hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, , [5235edc88109d4628fbf62842bd8946c]
PUP.Optional.DoSearch.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|FaviconURL, hxxp://do-search.com//favicon.ico, , [bacd9322563489adcc82a83e996a40c0]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}|DisplayName, istartsurf, , [0186dbda6e1c7fb793aebfb608fd4bb5]
PUP.Optional.DoSearch.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}|URL, hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, , [c2c54471eaa07db989c5a046996a54ac]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}|TopResultURL, hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}, , [0d7ad0e52268ae88da677005c93c25db]
PUP.Optional.DoSearch.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, , [d0b79c19058560d60e4083637b889868]
PUP.Optional.Astromenda.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|TopResultURLFallback, hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_dsites_14_41_ie&cd=2XzuyEtN2Y1L1QzuyBtDtC0AtDyEtDyByD0CtAtDzy0DyEyBtN0D0Tzu0StCtDtCtBtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCtAzyzyzy0F0D0CtG0FyC0AtBtGtAyD0F0BtG0A0F0CtCtGyCyC0B0DtC0D0AtCtCyE0C0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0EyD0D0CyEyE0FtGzz0FyB0CtGyE0Dzy0EtGzyzyzy0AtG0BzzyDyEtC0FyE0EtCyE0C0C2Q&cr=203866892&ir=, , [d7b02e8707831224a291ff761aeb52ae]
PUP.Optional.Astromenda.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|FaviconPath, C:\Program Files (x86)\WSE_Astromenda\\FavIcon.ico, , [6225b4017911d0662d064530788df10f]
PUP.Optional.Astromenda.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Astromenda, , [bccb5164eaa0c472cd66561fad586997]
PUP.Optional.Astromenda.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, Astromenda, , [8afd33827713f34346ed7500d13415eb]
PUP.Optional.DoSearch.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{483830EE-A4CD-4b71-B0A3-3D82E62A6909}|URL, hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, , [2760eec76f1bcc6af9557f670cf7c33d]
PUP.Optional.DoSearch.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}|URL, hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, , [2c5b24918604ad8908462eb841c2ae52]
PUP.Optional.DoSearch.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}|URL, hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, , [4740961f3357f73f0945b23440c3b64a]
PUP.Optional.DoSearch.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|URL, hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, , [bec9486d94f6db5b381665810cf70ff1]
PUP.Optional.ChatZum.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|TopResultURLFallback, hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=812862174&q={searchTerms}, , [34533f7652383afc4308dda2f01512ee]
PUP.Optional.ChatZum.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|TopResultURL, hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=812862174&q={searchTerms}, , [97f0328378123402ca81b6c93acb53ad]
PUP.Optional.ChatZum.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|FaviconURL, hxxp://cdn.chatzum.com/favicon.ico, , [47406a4bd2b8ad896fdcf38ce61f1fe1]
PUP.Optional.DoSearch.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}|URL, hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, , [fb8c53621f6be94df05ea343838030d0]
PUP.Optional.OptimizerPro.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\OPTIMIZER PRO|AdsBuyNowURL, hxxp://www.safeshopgate.com/r?s=121001468&g=1F6B7017-CD19-646C-2CEC-95E322623D17, , [5631ad0857333cfad9f5b5c99d688779]

Registrierungsdaten: 15
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}),,[d0b73e77f69462d47dbdae77828451af]
PUP.Optional.Delta.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA, Gut: (www.google.com), Schlecht: (hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA),,[4443f2c3058556e0ee1870c29373916f]
PUP.Optional.Delta.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA, Gut: (www.google.com), Schlecht: (hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA),,[c5c2ebca513930067c8a4fe37d899f61]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}),,[bdca872e9eec2016f24851d4fc0a9f61]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[8afd7d38cbbf0c2a0327cc658b7bd42c]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}),,[6e198530a5e51323a1996db831d520e0]
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA, Gut: (www.google.com), Schlecht: (hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA),,[e4a307ae5535b77fa26469c901059769]
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA, Gut: (www.google.com), Schlecht: (hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA),,[60279223cac00a2ccb3b3101e5213cc4]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}),,[1a6d605571193ef871c9a283d630b24e]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[ddaab7fe503a6bcb62c8270a12f4e719]
PUP.Optional.Delta.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA, Gut: (www.google.com), Schlecht: (hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA),,[5730e1d4a0eaa2949d6a1f1309fda759]
PUP.Optional.Delta.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA, Gut: (www.google.com), Schlecht: (hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA),,[89fe288d9ceeba7cea1d9999da2cbd43]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}),,[2e597540a7e3a4922711fe27cb3b13ed]
PUP.Optional.Babylon.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|BrowserMngr Start Page, hxxp://search.babylon.com/?affID=110809&tt=130812_bandext_3312_8&babsrc=HP_ss&mntrId=1cb69d4700000000000000262d50379d, Gut: (www.google.com), Schlecht: (hxxp://search.babylon.com/?affID=110809&tt=130812_bandext_3312_8&babsrc=HP_ss&mntrId=1cb69d4700000000000000262d50379d),,[4245c2f3cbbfd75f51bddc57d630c63a]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}),,[8afd575ec5c551e50b2d78ad57afaa56]

Ordner: 53
PUP.Optional.ConduitTB.Gen, C:\Users\Vivien Förster\AppData\Local\CRE, , [f6912f864b3f87af6c22ecf80201de22],
PUP.Optional.ConduitTB.Gen, C:\Users\Vivien Förster\AppData\Local\Temp\ct2625848, , [1176575ef1990630563c9f450ef59c64],
PUP.Optional.ConduitTB.Gen, C:\Users\Vivien Förster\AppData\Local\Temp\ct2625848\xpi, , [1176575ef1990630563c9f450ef59c64],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\defaults, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\defaults\preferences, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\userCode, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\locale, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\locale\en-US, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.OptimizerPro.A, C:\Users\Vivien Förster\Documents\Optimizer Pro, , [5d2a50652565ff377c50dda18b7a3ac6],
Rogue.Multiple, C:\ProgramData\374311380, , [ddaaa31201892e084d63a0009a695ca4],
PUP.Optional.OpenCandy, C:\Users\Vivien Förster\AppData\Roaming\OpenCandy, , [0d7aa114cfbb0036e54bc4ec0ef57888],
PUP.Optional.OpenCandy, C:\Users\Vivien Förster\AppData\Roaming\OpenCandy\1B9BB2D9FA9940A5A934CAF6EDFBC889, , [0d7aa114cfbb0036e54bc4ec0ef57888],
PUP.Optional.OpenCandy, C:\Users\Vivien Förster\AppData\Roaming\OpenCandy\24E0A121D864429C97D63C92C9327BE8, , [0d7aa114cfbb0036e54bc4ec0ef57888],
PUP.Optional.Delta.A, C:\Users\Vivien Förster\AppData\Local\Temp\mt_ffx\Delta, , [582f3580b8d25dd955f28c2410f3b14f],
PUP.Optional.Delta.A, C:\Users\Vivien Förster\AppData\Local\Temp\mt_ffx\Delta\delta, , [582f3580b8d25dd955f28c2410f3b14f],
PUP.Optional.Delta.A, C:\Users\Vivien Förster\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.21.5, , [582f3580b8d25dd955f28c2410f3b14f],
PUP.Optional.Datamngr.A, C:\Users\Vivien Förster\AppData\LocalLow\DataMngr, , [90f733820783a78f506c387d18eb51af],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, , [3c4bd3e22565d2649efe2e93669d5aa6],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, , [3c4bd3e22565d2649efe2e93669d5aa6],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, , [97f0d5e0701a7eb82b3d7a49b2512dd3],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log, , [97f0d5e0701a7eb82b3d7a49b2512dd3],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, , [97f0d5e0701a7eb82b3d7a49b2512dd3],
PUP.Optional.SystemSpeedup, C:\Users\Vivien Förster\AppData\Roaming\systweak\ssd, , [4641397c2862da5ce6eb2d96f60df20e],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download\{3905E6B7-140D-44B4-8354-FB0A97ECBEA2}, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download\{3905E6B7-140D-44B4-8354-FB0A97ECBEA2}\1.3.25.27, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{86A2C2D9-0F5A-46AE-A111-23673B01F32B}, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.A, C:\Users\Vivien Förster\AppData\Local\Temp\comh.67507, , [cfb84f668efc1d198129fbc909fa5ea2],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\code, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.BrowserManager.A, C:\ProgramData\Browser Manager\2.2.565.25, , [f88f3a7b76149c9a831930a5729136ca],
PUP.Optional.BrowserManager.A, C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}, , [f88f3a7b76149c9a831930a5729136ca],
PUP.Optional.BrowserManager.A, C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings, , [f88f3a7b76149c9a831930a5729136ca],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate, , [4f38eec71476ea4c2eb52fa9a063ea16],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update, , [4f38eec71476ea4c2eb52fa9a063ea16],
PUP.Optional.Fun4U.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\o698XPPx@gmail.com, , [394ed4e1d4b61d1951326905ca3c0af6],
PUP.Optional.Fun4U.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\o698XPPx@gmail.com\chrome, , [394ed4e1d4b61d1951326905ca3c0af6],
PUP.Optional.Fun4U.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\o698XPPx@gmail.com\chrome\content, , [394ed4e1d4b61d1951326905ca3c0af6],
PUP.Optional.Fun4U.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\o698XPPx@gmail.com\defaults, , [394ed4e1d4b61d1951326905ca3c0af6],
PUP.Optional.Fun4U.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\o698XPPx@gmail.com\defaults\preferences, , [394ed4e1d4b61d1951326905ca3c0af6],

Firegirl 01.06.2015 16:30
mbam teil 2

Code:
Registrierungswerte: 241
PUP.Optional.DVDVideoSoftTB.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{0027DA2D-C9F2-4B0B-AE05-E2CD1BDB6CFF}, , [1f6806afb8d258de3cfb74ec8e75857b],
PUP.Optional.DVDVideoSoftTB.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{872B5B88-9DB5-4310-BDD0-AC189557E5F5}, , [bccbfcb9820859dd64972837689bf709],
PUP.Optional.DVDVideoSoftTB.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{0027da2d-c9f2-4b0b-ae05-e2cd1bdb6cff}, , [94f32f862862df57b780015f996a847c],
PUP.Optional.DVDVideoSoftTB.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{872b5b88-9db5-4310-bdd0-ac189557e5f5}, , [4146eec7ddade74f956662fdc83ba15f],
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{69f756cd-31d0-4cc0-b402-f0154ce4cf5c}|AppName, Browser+ Apps+-codedownloader.exe, , [f39405b0008a2610cb94a4d8a95c0af6]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{cd0c2bd6-4382-4e92-8c45-a2d572d1bd27}|AppName, Browser+ Apps+-bg.exe, , [17709520e6a474c2540994e895702bd5]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}|DisplayName, istartsurf, , [0b7cd8dda0ea56e00042086d61a4817f]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}|URL, hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}, , [26617e37c0ca72c47ac862138481ce32]
PUP.Optional.Astromenda.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_dsites_14_41_ie&cd=2XzuyEtN2Y1L1QzuyBtDtC0AtDyEtDyByD0CtAtDzy0DyEyBtN0D0Tzu0StCtDtCtBtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCtAzyzyzy0F0D0CtG0FyC0AtBtGtAyD0F0BtG0A0F0CtCtGyCyC0B0DtC0D0AtCtCyE0C0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0EyD0D0CyEyE0FtGzz0FyB0CtGyE0Dzy0EtGzyzyzy0AtG0BzzyDyEtC0FyE0EtCyE0C0C2Q&cr=203866892&ir=, , [2e59dfd63555a2944ce85322669fd12f]
PUP.Optional.Astromenda.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|TopResultURLFallback, hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_dsites_14_41_ie&cd=2XzuyEtN2Y1L1QzuyBtDtC0AtDyEtDyByD0CtAtDzy0DyEyBtN0D0Tzu0StCtDtCtBtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCtAzyzyzy0F0D0CtG0FyC0AtBtGtAyD0F0BtG0A0F0CtCtGyCyC0B0DtC0D0AtCtCyE0C0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0EyD0D0CyEyE0FtGzz0FyB0CtGyE0Dzy0EtGzyzyzy0AtG0BzzyDyEtC0FyE0EtCyE0C0C2Q&cr=203866892&ir=, , [266125908cfe06306dc74d28719450b0]
PUP.Optional.Astromenda.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|FaviconPath, C:\Program Files (x86)\WSE_Astromenda\\FavIcon.ico, , [cdba694ce8a2a69060d4fa7b768fa759]
PUP.Optional.Astromenda.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Astromenda, , [4f38bcf9f29820163301c8ad699ca15f]
PUP.Optional.Astromenda.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, Astromenda, , [ff8811a41476e6505dd7b3c2897c9967]
PUP.Optional.GlobalUpdate.T, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATE|path, C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe, , [186fd5e05d2d2f0729770807ab5935cb]
PUP.Optional.GlobalUpdate.C, HKLM\SOFTWARE\WOW6432NODE\GLOBALUPDATE\UPDATEDEV|AuCheckPeriodMs, 21600000, , [9becd2e39feb3105ec168a5cac579769]
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\bhphemoobgnikcoofkgackkaimpfmenm|path, C:\Users\Vivien Förster\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx, , [4740447181092e08236c489c44bfb14f]
PUP.Optional.Astromenda.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Astromenda\\, , [5d2a0baaafdb6bcb7bef9f45d42fa55b]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{69f756cd-31d0-4cc0-b402-f0154ce4cf5c}|AppName, Browser+ Apps+-codedownloader.exe, , [7e09c2f35535191d1748abd14fb68e72]
PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{cd0c2bd6-4382-4e92-8c45-a2d572d1bd27}|AppName, Browser+ Apps+-bg.exe, , [5d2a6451c5c5e5517fde7efede276997]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, istartsurf, , [8205a3127317da5c7dc593e21ce99f61]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}, , [bdcae6cf96f49a9c241eb2c3f90cf10f]
PUP.Optional.ChatZum.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|URL, hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=812862174&q={searchTerms}, , [eb9c01b4058558de4b01b9c6b55005fb]
PUP.Optional.ChatZum.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|TopResultURLFallback, hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=812862174&q={searchTerms}, , [93f413a2a6e4b87ea5a7304fd92c847c]
PUP.Optional.ChatZum.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|TopResultURL, hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=812862174&q={searchTerms}, , [bdca3481cbbf52e41d2f384731d42bd5]
PUP.Optional.ChatZum.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|FaviconURL, hxxp://cdn.chatzum.com/favicon.ico, , [9aed6e47e6a493a393b9106f768fba46]
PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, tugs, , [1c6b9f160e7c2b0b33368a7eba4a9b65]
PUP.Optional.GlobalUpdate.C, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\GLOBALUPDATE\UPDATE\PROXY|source, IE, , [9bece6cfe0aa1e183e5740a617eced13]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\bhphemoobgnikcoofkgackkaimpfmenm|path, C:\Users\Vivien Förster\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx, , [bfc8dbda8cfe94a2c4cc9054ac57c23e]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\INSTALLCORE|tb, zr2Y1E2Z1G1J1T1M, , [5433f0c5cebc02341e0073d5b2534fb1]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{10838295-92D8-4481-8ED7-E390A2424990}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [4e393a7b197141f5cb90aece887dcb35]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{110EF42E-C29A-45C0-9BB8-865667B52A75}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [7e097d38fb8f3303d983d8a427de40c0]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1227F6DF-A616-43D0-A0C0-8DB728ED26BF}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [e2a59d18c2c8132386d690ecd5304db3]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{13C52E9A-C764-444E-87E0-9A66EA1CC19D}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [41466d48e7a3201675e7483444c1c838]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{13CAD705-A8FC-44D8-A37A-F67FF96AD559}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [1e69763f0c7e3ef8c9938eee12f3936d]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{140AC560-40A5-40BC-9CB4-3743E237B1B4}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [b3d41f96345668ceacb0e399f411a15f]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1488A13B-9B19-4218-8DC6-566EF7B159AC}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [5f289124a6e42313a8b30775ff06f50b]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{14DD98BD-26A5-4F7E-ACF6-544C5BDAB63A}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [2661793cb7d3191d64f7b6c69a6bcd33]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{17F52D86-D630-46C9-99BD-583C8F5ACB58}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [9cebe6cf4a4038fe2e2de8944bbab050]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{182F4352-66DF-433E-B03E-AD6BDACC49AF}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [10770ea7286234023f1dd3a941c4a35d]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1899E26C-3B78-4324-B0D4-8D3828918154}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [295e62535d2d96a05a02ee8eaf56f50b]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1B6AA3ED-6F63-4F9D-AE3A-C8E19C3E9FA9}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [780f93226e1c73c386d6423a1aeb3fc1]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1C63CE23-7D26-4BB1-868D-963B8233B63B}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [3b4c486dd7b32e08025aabd1689dce32]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1C6B2958-AD36-42BC-B6E1-278FD261C173}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [b6d1f1c4652591a5104ca4d842c3a25e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1EA786EE-CC94-4A5B-9F3C-A2A3785448A0}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [5235ad088604ed494d0e6715aa5bd12f]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{1EB0FC7A-9E05-45F8-80B0-4D8B83E87EAF}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [9cebb00514765bdb7cdf3448679e08f8]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2038BED0-BCC4-45B1-A98A-A43C2EFC23CC}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [96f1f1c47d0d1e187fdd493344c10df3]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{207E38CB-C354-46AD-9979-91896E17E0A1}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [2562ffb6513993a35705fc80bd48a25e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{22775FA9-A290-428A-919B-69D89B233AA4}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [0d7a3184ef9bd363f269a4d82fd625db]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{23891DAF-C214-4F64-B449-27FC4EE76AE0}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [2c5bdfd62565dd59cd8f423af510bb45]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{250E4C25-5F80-455E-BEB8-1683F5A21423}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [2e594b6a2f5b50e6c4984e2eae57dd23]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{27F656DC-862D-4304-A427-6C1892D9A86B}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [3c4b5263fe8cfe38fd5feb9122e3a759]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{29021686-DE86-467F-89AA-8188E5E11A50}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [c3c4cfe60d7d70c64d0fadcf2fd67090]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{29D9C6BC-7DA3-48B1-A1D7-C6DFE897E85B}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [087fc7ee0c7eac8a5704dba1ee1706fa]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2AAA9FEE-337E-43C0-849B-E8E23AD6C8A3}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [8700882d3b4f41f5fa62205c2fd6bf41]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2B38E0EC-5ECD-432C-A599-C9A2A1ACF91D}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [c5c23085177356e0dc7f96e63fc6c040]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2DF9812B-F773-4D87-821C-DD13E3E41622}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [a8df3c79beccdd594516394331d40af6]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2F512D3A-CFB7-4197-8890-71FC23287FF9}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [5f28eacb6624f24463f8c7b52fd6ec14]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{300A8789-E9D9-48ED-BC29-6D692F45246C}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [fb8c625318723ff793c926565ea7e818]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{301B5A47-6283-48F2-B0CA-4738FD3EAFD7}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [99ee01b436549f97510b5a2280851ce4]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{33863E3F-AF9C-4726-8F7F-D61BC85BC2B1}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [b1d6fbba7c0ecb6be87333493dc88e72]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{39723C30-C69F-4128-A570-575EE7CF1B34}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [66217f369bef0e2879e338449570d729]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3992DAEC-812B-4472-A558-D8AA92E5BC29}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [11766e471674979fe577f08cf4116c94]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3BDAB24F-651C-4846-A640-F1C056EDE8C2}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [1671a015ed9de155d08b77059c6916ea]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3C3E2105-FC59-40B2-9E8C-C66A3ED7F548}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [91f6496c2e5c989e2239611bae57e917]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3FA8AAC6-FFD0-4487-9FE6-FA6FE98222EE}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [4740b8fd6327d75f88d4cab27c8939c7]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3FD152AE-CF3D-4C54-B4A5-76C9CC1C8A52}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [fb8c595c2e5c5fd75ffc225a699cc33d]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{408E4823-DEF7-4A13-A7FB-1CF3B0681F55}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [0a7d8e27bcceaa8c1d3f7a02af56b14f]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{40E3216B-88BF-41AE-AD56-FBFF6C582DE3}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [9ee9466fe3a75cda99c216668f760df3]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{42AC0299-D012-4DE2-BDD9-6348CE3984CE}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [1c6b52638109cc6adb8054282fd68878]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{43C61396-E391-4448-A596-EF221339B120}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [32552b8a018972c4e07cc8b4a2634bb5]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{47EFF5E0-8851-401A-B9DB-28A67B51FC83}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [d1b6b104f892f046213bbdbf838232ce]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{493EEEF2-903A-4964-941E-6976A882D7E2}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [513662534e3c48ee1b40d3a9887d946c]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4AC17D6D-94A1-4B51-B23E-8F3F9CBEC3DD}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [1770ebca38520531b3a87ffda65ffa06]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4C818CE5-70AE-443D-A913-71FECC9180A3}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [bec9f1c4b5d5999d510b1567e42128d8]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{4CDCEB24-3C1E-48ED-88F1-241C23EDBED5}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [4f386f468ffb9f97342880fc8b7ad030]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{502D24A8-8FF2-4287-93CD-E8FF7E9D272D}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [493e4273e4a65dd9be9e9fdd669f46ba]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{50D59B93-C8F5-4EE6-9F32-BA5ECD6B5E1E}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [4c3bd9dc800a9b9b0a5193e92cd9f709]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{51E3A272-3675-465A-8264-FE9DB9EFE1E1}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [2661f7be800a4de9a1bb285441c4e41c]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{53C872E3-219F-418A-BE4A-217FAE4734F7}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [4641d5e0dbaf7db91249d7a52cd906fa]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{53FF4B5D-4342-41E1-9ECC-D3B435E6A681}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [bdcabef755358caaf4682e4e986d21df]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{553FA385-F8B2-475E-A754-CE893DB0F13F}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [2c5b387db5d50a2c3e1d5725af56b947]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{585DE4B5-AB33-4DB5-A0D9-EC94BD6E9A5B}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [f88fb104b6d4ca6cf567a9d3b64ff20e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{59456BA8-B9B2-409C-8367-CE581CF9512F}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [c6c1496c3e4c79bd5408116b0ff6d42c]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5A74635B-D60D-4E0A-AEE2-E5BC978D9D5B}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [5235fabbf397fb3be27a4a32fa0b18e8]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5B376915-CE81-42B0-9714-C8BF6DA11BF4}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [196e981de2a8e551c497e29a53b27c84]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5B5CC14A-B517-4197-8563-614A79B9BFD9}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [f98e8a2baddd24123b20bac27095b24e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5B92A9FA-322E-45FF-AC2B-D8BC4526CB87}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [ef98ad0829618aac70ec007ce91c7987]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5D6EF8BC-8717-43FD-A273-EE7C2138F0BB}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [6c1b6d481674f4423d1ff4885ca936ca]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5DB3DC0C-67F0-425A-9C66-8F58B9D4415B}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [5e29f9bc91f92016f26aafcdcb3a20e0]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5EBA15C8-82AB-470A-B57B-8D782F9F24A3}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [5235961f1f6b77bf64f799e392733ec2]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{60D32118-ACC6-4231-80EC-727A494AD916}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [2d5a3e770a8045f153081c6008fd51af]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{630FAFD6-EEC7-4837-977D-135A3596D8E3}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [2a5d1a9b6723cb6b2537116b07fe39c7]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6439161F-7D8D-446D-B852-B75C5DF88A45}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [94f322933c4eaf871f3c5c20669f0ff1]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{67259623-240F-4EA8-B7AB-BCFF128F5F4C}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [b8cf0ca91971f343540799e3a06531cf]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6881C551-D680-4B6A-8E36-9267BE76F1ED}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [91f6b9fc2f5b4aec99c3bcc07b8a0cf4]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{69f756cd-31d0-4cc0-b402-f0154ce4cf5c}|AppName, Browser+ Apps+-codedownloader.exe, , [1b6ce0d54c3ef046a3b9275550b5926e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6B19548B-B707-4EF0-8BEE-F1D621C2B596}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [2463c8ed3555bf7793c9047809fc44bc]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6E264567-D04B-4B02-B41B-514B422E3864}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [7b0c457063274de9acb0d6a632d3ae52]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{723E038E-952F-41EA-8D3B-2148B47DC517}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [582f793c0b7ff83ebe9e6a12fc090af6]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{74125A38-3944-4E51-B9B9-117BE2EFEBC3}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [0a7d12a3a2e85dd96eed304cd82db848]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{74537590-D657-47DB-BDF7-6B85B0338B5D}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [d6b11b9a464458de6bf17309e5204eb2]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{751EE0E8-9750-487D-BA19-5EDE6127AECB}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [e2a5aa0bc3c7280eb6a53a424bba60a0]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{752C6FF3-9F3F-480A-A335-DEE13F174D32}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [dcab882daedcb0866defb4c8c441a957]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{757C7896-3B93-4FCD-8015-17A44233DC32}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [ed9a6c4979113df9d8833d3f21e454ac]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{75AD61A1-4234-40DC-9230-6C52D0CB13A9}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [9cebab0a3e4cec4a223a6c105ca927d9]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{75CA1757-9EFE-48C5-A943-9F74441E5859}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [f295fcb9b9d1d5618bd01e5ef90cea16]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{77396244-9772-4CC4-B4A9-DFA16D1ED3D1}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [c6c14273028857dfff5c4537d530e020]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{781C7FB0-6134-401C-9C2F-13B31890264E}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [a5e2f2c3a5e5af875dff4d2fd62faa56]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{79573A06-3145-4A6C-9C17-4EAF7D1D70CF}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [99ee10a5414985b11f3c512bf312a15f]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{79E14774-4302-487D-A75B-89F1FAD42333}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [4740ddd8b4d684b27be198e4d82d9d63]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7BCD1B6B-7D7B-40D0-BE1B-4CF3ACDD57C9}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [b7d006af99f1ba7c2f2ddca0ee17d030]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7C05FACA-FCF9-41A2-B0BE-F69E36EA6D8F}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [d2b58c29a6e4bb7b401bd9a39174e11f]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7F5E88C6-E68D-4974-A2D9-CCE0E6B5C7B0}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [b7d095204644a2948fcc15678184a858]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7F8A838D-CA29-479E-9BF4-D539F8A62F78}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [afd820958ffb4fe7c299b1cbd5306f91]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{85EB68CD-2BB2-4F09-BD65-523FF32D3CE3}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [4b3c7c392b5f1224d883c0bc53b24eb2]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{863E8BCB-D393-4A9A-93F6-6848D735184F}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [fc8b3b7ac1c971c545168fed8d78728e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{877B739A-6AD0-4911-A61E-1E183D587255}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [137451647218e3533b20eb917b8aaf51]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{87BA550C-87C8-43A6-9DDB-BD67D4C2C5FE}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [2e5901b4107a2a0c58047408bb4a8b75]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8B0752BE-7964-41BA-BAC0-783445355CDC}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [6027b302731741f56eee413bc144da26]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8CFF2E1A-4950-4EEE-B17F-EAD96464735B}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [6e195e576f1bda5cd18abcc008fd39c7]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8EF1E629-9619-4164-9F74-56F27F813E7B}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [681f13a2c3c79a9cb2aa8cf08b7ae41c]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8F6265B2-29A8-430F-BFEE-E168E386C558}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [0285a70ef2983cfa74e8a4d8ee173bc5]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9110D8E6-81E5-4131-B46A-69277E7844A6}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [3453575e494147ef3c206d0f29dcb848]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{918019CF-40E7-45EC-8FF5-D315AAA348F8}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [c3c4fcb93f4b2b0bd982314bcc391fe1]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{91BD9B20-C24F-465D-B5DB-896DC17818B7}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [8205fabb26643ff70e4ec1bbeb1aef11]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{937E4FC4-41A5-4F69-848A-21C3A43387A5}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [cbbc882da9e1b87eadaebebe5ca945bb]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{94DE9E23-F8CD-4292-A07F-36FDBFD9F1FB}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [8106496caae068cec497d6a6bb4aeb15]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{98F278CB-E89F-4E81-8936-F31A62F24621}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [cabd6451c5c58fa7b1abb7c5ff06dd23]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{99902F90-C1D1-4DEA-AB46-B6BDD0A94983}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [0186f0c59eec79bd1843a1db2cd9ad53]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9A03056D-2291-428F-816B-41DF95FF48BA}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [2e5901b45f2bbd7982daa6d69471629e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9B065EE7-8FB2-4A77-B2F2-C8D15BB34098}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [61261f96b9d147efd28a493341c457a9]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9B567175-CD29-4149-8C75-D1502E253A99}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [6e19f4c12169c67073e9d9a32ed7db25]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9E1FAE46-59D7-4BC6-9B8A-C6AA3E1D95B2}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [00878431bcce0c2a3b2197e50302a25e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9E2BF708-33BC-4C6A-9BA7-784C18B64CB6}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [b7d0f0c567236bcbea710c708a7bbe42]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{9E7842CC-DB28-450D-AA12-2C3D114F356F}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [9becb6ff5e2c1b1b0b5185f7a0650ff1]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A02FA462-D05B-4F98-82AA-9DB612AE29A0}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [b4d38e276c1ebc7a87d4502c986d59a7]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A1ACE7AB-4050-4432-BEE7-C94CBF695794}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [7413655090fa76c064f7601c30d56a96]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A2AC4892-381E-48BD-A2A6-40648DD026BB}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [aed910a526645dd9b5a71f5d0afbae52]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A2C994D3-811B-4550-8CBB-E7F0D4845257}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [f196932204862a0c6fecd3a927de11ef]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A31276CE-7F46-427B-80DD-1E60EAA1A332}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [c4c3e9cc31594cea58040973d82dad53]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A54DA843-7315-4973-A6CD-1C142E86981B}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [5433eacba0ea48ee6bf1dd9ffe078977]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A6E9DC0E-4571-4036-B7DD-DCF98A6FA08B}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [6027b8fde2a8191d93c87606d0358977]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A83687B8-99BE-45EE-82DB-D99E9DFC5E21}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [0e79f3c239512d09fa61f389d431916f]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A84E4E1E-55F1-4FAA-ABB6-5816EC5B178E}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [35523382088287afb7a46d0f966f41bf]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A87DBB52-B484-46F1-8CF6-5B39D9C2F2FC}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [c1c64e673f4b320486d6ff7d00059070]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A95F768A-C8A2-4C0E-889C-22B6E058DAB8}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [e89f13a27b0f6accdb81225a3bcaa45c]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{ACECFAC3-CE71-4F29-AF1D-3851C61F3243}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [89fec5f07c0ecd692d2fc3b954b15da3]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AD10CDD5-AD0F-4B5E-B039-EAFA99E6BB13}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [097e5263b0da76c0a2ba7309828327d9]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AD4C57AD-7BDE-46EB-806E-B0D36AB44EAB}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [c2c5fbba3d4ddf574813bdbf23e2bf41]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AE3FD9C3-CA45-43E5-BCE1-BE71FD74E5E1}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [6621af06a0eab0868fccd7a5778e10f0]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AE79FA9E-2CBC-43FC-A9D7-3FC58399AFA7}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [2661bafb14762d09b9a3d3a9976e817f]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B0CE718C-C3A2-4815-AEB3-D2547623AEC4}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [f196e4d1b3d723135ffd720af31205fb]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B0E8D8B8-82F4-4EE2-A253-F753E7CB7333}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [daadedc8622879bd3527522a06fff40c]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B135EBA7-9699-4AF4-A791-E17B1C36B974}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [47407342d0ba59dd19425d1f897c847c]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B1E56751-ACF1-4DCC-BE8C-B0E269D1AB11}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [6d1aa3125139bc7a5507126aa560d42c]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B3C8721E-845A-4A75-879C-2EAD6061F476}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [7017cbea5c2e072f44183844df26e41c]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B50A847B-6B7A-41F6-BA18-42923BAAB563}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [c3c43d78d1b989adb2a96e0eef1646ba]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B5BF739F-18BE-4057-9755-BDF0426CD926}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [74139f167a10c76fda8248342fd636ca]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{B7D54940-82DF-44F3-9049-A824ECAF1E8F}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [cfb8249181099b9b2339f08c42c39070]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BA94F974-60B8-45C5-8E55-AA3DF3D0C326}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [4a3dd7deed9d3204fe5e5f1d986db44c]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{BD116C4C-AA0B-4512-9AE2-62CCFA92AEE3}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [dbac25903a5072c4a5b679035fa6ce32]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C266CBD6-454D-4AE7-86CF-3897E1335C97}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [b2d5ded78ffb90a60c4f0b716f963cc4]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C28C6634-B59F-49C1-8120-836BC6FAE7E0}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [d8af3a7b5a302c0a3328235916ef0cf4]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C45F018A-7684-4DF9-AE5B-C664DA422ED1}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [afd87f36246625111c40de9eda2b966a]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C52B9C01-C649-4BDE-838C-AA86DA18EFB4}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [2a5dc2f3b7d323134418d3a991743ac6]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C6D05213-F8C2-4897-8D96-18762BED3BC4}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [0f78d4e1e0aa79bd104c6e0e5aabc739]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C6E22481-8CDE-4340-BBC4-B3255278F029}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [5631199c494182b467f52e4e6d98df21]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C7E756F2-73D0-4E53-A525-BD16A5F46B39}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [eb9cc6eff793c670a7b4ee8ede2752ae]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C8FCDB02-B19A-41F9-BC62-9CE133767D59}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [fd8a2194f397f343d18ab9c3bb4a15eb]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{C97ACE12-4FFA-428D-901C-D3F1A8BCB4A0}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [afd8d1e4e1a957dfed6ea1dbec197888]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CA642CFB-87BF-4051-897B-9A23CA56FC17}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [e1a65a5b85057eb806559ce05aab3dc3]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CA778CEB-54C2-48DA-97E8-DA37E1BBB098}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [7512b7fe523824125408ccb0b84dd927]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CB38C57E-3099-4B14-9B67-CD8C62809EE4}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [5631c4f19ded0d29005bb1cbea1be51b]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{CCF15010-3376-4A5A-AC1E-51DEB0AFD650}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [acdbdadb2b5fc96dc09bd8a470958a76]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{cd0c2bd6-4382-4e92-8c45-a2d572d1bd27}|AppName, Browser+ Apps+-bg.exe, , [f6912f86503a59dde476374572937987]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D016D981-606C-46AF-B570-42B8D542C9A9}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [22659f16761467cfd18b5b21c83d48b8]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D051D5B8-80D7-4C65-8DB5-888FE2899EBE}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [f1968d28a9e15fd770ec562627de10f0]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D06788BF-AC89-47CB-A890-CE4E786EAF2E}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [c5c2b005276338fec19a0b71877e44bc]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D0E3B847-61DD-4C7F-88BC-15EE49E061E1}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [71167b3a98f23df93e1e2b511de8c13f]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D2750D30-5D92-43F8-AE30-C0EA35C08868}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [66211d986f1bd85e6bf15428d332e61a]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D599D16E-A815-48F1-8D19-16C78E8F2ED6}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [50374b6a94f65adcfe5d97e57c893dc3]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D8D59970-7287-4DA0-BC24-E0C786949368}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [ccbb377e276363d35902f785669f2cd4]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D91A4EF1-8270-40AB-8526-68A7E09AAF44}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [662112a38703bc7aaeadfa82d0359a66]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D933DA65-B7CA-4406-984F-3E92F79CEF67}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [7215ebca91f9ae884b10047845c0867a]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D96D4C23-87D3-4AC6-B021-A67DB0886CF7}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [8afd85302b5f92a4f269215b8b7a8c74]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DA070E84-9671-4DE1-9C12-10919C305F69}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [e2a5eacb3357fb3b3625c2ba838231cf]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DC025B81-17E9-41BC-AE96-E22A1D76A81E}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [4f386b4a96f46fc787d435477e874ab6]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DC1C3FED-5886-4F85-B3BC-9A907FB7D832}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [95f265504545f640a6b5afcdd530b44c]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DC5F7619-C6B4-4F5A-A212-39A19A26A147}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [00870fa69af0072f99c2374516efff01]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DD7E6FFA-17F6-47F9-B461-42F0CCB4212A}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [7b0cf7be503a41f597c486f6d1349c64]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{DFFA6143-636C-46C2-AC36-AE7A323760B9}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [7c0bbdf82961d06677e47dff73929a66]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E305C121-3D56-47E5-9CC5-3081BCB875CA}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [315672438ffb3ff7114a8bf137ce1ce4]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E3F8FF8E-DB33-4F04-BE47-898E933D3323}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [3651476e5a30ad8968f3bac2d4310ef2]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E54EA834-B22A-421A-B6BA-2C217D9B9A9A}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [087f64517b0f181ed08ca7d559ac0bf5]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E753E430-31FD-4209-90A8-AB32336E15C9}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [adda8332127875c1ea72a8d4b25319e7]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E78432C4-6EC9-49D9-BA97-B085841626C5}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [1275f4c1d3b77fb789d2d8a4fd084cb4]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E82A0AAE-8800-4977-8365-C7A730F0B7DB}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [6b1cfcb931594ee8302b4834bd48916f]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E8C29A7B-CB20-42B7-9A77-25238EDA1CB6}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [7017ac09eaa0ff3770ecbbc1699cc33d]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E8E85F5A-BA04-4D3A-A954-E6EA57EA10AE}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [fc8b35809af06ec88ccffc80030239c7]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E94BDD53-F4A5-4E81-BA61-81497DCC382A}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [d4b3b9fc4f3b3cfae17a3d3fc5401be5]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E97F888A-9198-4033-B929-3ADF11DCE0C8}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [582f53625d2d65d1cf8c85f712f3f907]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EA028062-BE71-42B9-8BFD-E77D3F82F7B2}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [1f68892ca3e73006d18a85f7de272bd5]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EC8B6045-D342-4A7E-BE49-6067379B44AD}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [54334f66b8d2023463f9423a51b4c739]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EEE6CA6F-16FE-4666-B745-A712EAA3D08E}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [ff884471c8c23ff70952324a778e3ac6]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{EF3A19DF-CED1-4FE0-8692-1F3862527F35}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [4542585da6e439fd3d1f8fed35d022de]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F145E173-3D05-467D-AECE-1B2135AD339D}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [1d6a6451dbaf5adc02590b71ea1b9967]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F3718708-6A53-476B-AAF5-318CEBFD485B}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [e7a0c9ec404a063003584c306f966799]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F61C258D-2A7A-4C9B-A258-24B8ADBADF6C}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [c0c7773e216980b681da720aef163dc3]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F766DEDC-2283-4EB6-8BD5-D9DC1DF3E689}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [e2a5694c325856e0c9920d6f8c79c23e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F83829E8-B823-4446-AFDF-D389F0A5967C}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [592e387d0387f244db8137457d88926e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F9D824E6-FB76-45A4-B99B-ACB8F5EC8D95}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [fd8ad0e50387ec4a75e65e1e6c99728e]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FA1BDF9E-BCFB-4F39-9BAA-7C6A821D9BDB}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [94f31c993d4dfa3c4c102854e22342be]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FAEA1D28-9623-46F8-B75D-FD4C6417752C}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [e1a645708a009c9a5606483420e57f81]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FB5D8586-EFD2-4EFB-8975-10979F399E15}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [0780d9dc305af046be9e0676b84d9868]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FDCD14B5-975E-46C1-866F-1F449C6E512D}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-codedownloader.exe, , [89feb203f199be78c8942f4d27de0bf5]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FE5824DE-3871-44B8-9985-A2CF4881B7C7}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [93f460552565989e64f76b115ca9f50b]
PUP.Optional.CrossRider.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FF9E9E48-9919-4AE8-9E4A-20E8841FB613}|AppName, 58bdf064-05ee-4829-b90e-14cee42c2e5c-2.exe-buttonutil.exe, , [2b5c8e275d2d62d41a417a02778ef40c]
PUP.Optional.BProtector, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|BrowserMngr Start Page, hxxp://search.babylon.com/?affID=110809&tt=130812_bandext_3312_8&babsrc=HP_ss&mntrId=1cb69d4700000000000000262d50379d, , [e3a41c99b3d79d99339992c208fd0ef2]
PUP.Optional.DoSearch.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, , [f691d1e438521d19e26c638370930ef2]
PUP.Optional.Babylon.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|DisplayName, Search the web (Babylon), , [b0d7fbba94f637ff0c9c017425e0e11f]
PUP.Optional.DoSearch.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|URL, hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, , [ff88298c0c7e57df9db10bdb758e738d]
PUP.Optional.Babylon.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}|TopResultURL, hxxp://search.babylon.com/?q={searchTerms}&affID=110809&tt=130812_bandext_3312_8&babsrc=SP_ss&mntrId=1cb69d4700000000000000262d50379d, , [6027674e424880b6985042a018ebf709]
PUP.Optional.DoSearch.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|URL, hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, , [5235edc88109d4628fbf62842bd8946c]
PUP.Optional.DoSearch.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}|FaviconURL, hxxp://do-search.com//favicon.ico, , [bacd9322563489adcc82a83e996a40c0]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}|DisplayName, istartsurf, , [0186dbda6e1c7fb793aebfb608fd4bb5]
PUP.Optional.DoSearch.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}|URL, hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, , [c2c54471eaa07db989c5a046996a54ac]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}|TopResultURL, hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}, , [0d7ad0e52268ae88da677005c93c25db]
PUP.Optional.DoSearch.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|URL, hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, , [d0b79c19058560d60e4083637b889868]
PUP.Optional.Astromenda.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|TopResultURLFallback, hxxp://astromenda.com/results.php?f=4&q={searchTerms}&a=ast_dsites_14_41_ie&cd=2XzuyEtN2Y1L1QzuyBtDtC0AtDyEtDyByD0CtAtDzy0DyEyBtN0D0Tzu0StCtDtCtBtN1L2XzutAtFyDtFtCtFtBtN1L1CzutCyEtBzytDyD1V1StN1L1G1B1V1N2Y1L1Qzu2StCtAzyzyzy0F0D0CtG0FyC0AtBtGtAyD0F0BtG0A0F0CtCtGyCyC0B0DtC0D0AtCtCyE0C0C2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szz0EyD0D0CyEyE0FtGzz0FyB0CtGyE0Dzy0EtGzyzyzy0AtG0BzzyDyEtC0FyE0EtCyE0C0C2Q&cr=203866892&ir=, , [d7b02e8707831224a291ff761aeb52ae]
PUP.Optional.Astromenda.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|FaviconPath, C:\Program Files (x86)\WSE_Astromenda\\FavIcon.ico, , [6225b4017911d0662d064530788df10f]
PUP.Optional.Astromenda.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, Astromenda, , [bccb5164eaa0c472cd66561fad586997]
PUP.Optional.Astromenda.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}|DisplayName, Astromenda, , [8afd33827713f34346ed7500d13415eb]
PUP.Optional.DoSearch.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{483830EE-A4CD-4b71-B0A3-3D82E62A6909}|URL, hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, , [2760eec76f1bcc6af9557f670cf7c33d]
PUP.Optional.DoSearch.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}|URL, hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, , [2c5b24918604ad8908462eb841c2ae52]
PUP.Optional.DoSearch.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}|URL, hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, , [4740961f3357f73f0945b23440c3b64a]
PUP.Optional.DoSearch.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|URL, hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, , [bec9486d94f6db5b381665810cf70ff1]
PUP.Optional.ChatZum.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|TopResultURLFallback, hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=812862174&q={searchTerms}, , [34533f7652383afc4308dda2f01512ee]
PUP.Optional.ChatZum.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|TopResultURL, hxxp://search.chatzum.com/?orig=DS&affid=62&cztbid=812862174&q={searchTerms}, , [97f0328378123402ca81b6c93acb53ad]
PUP.Optional.ChatZum.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|FaviconURL, hxxp://cdn.chatzum.com/favicon.ico, , [47406a4bd2b8ad896fdcf38ce61f1fe1]
PUP.Optional.DoSearch.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{E733165D-CBCF-4FDA-883E-ADEF965B476C}|URL, hxxp://do-search.com/web/?utm_source=b&utm_medium=&utm_campaign=install_ie&utm_content=ds&from=&uid=ST500DM002-1BC142_W2A27G6AXXXXW2A27G6A&ts=1420373293&type=default&q={searchTerms}, , [fb8c53621f6be94df05ea343838030d0]
PUP.Optional.OptimizerPro.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\OPTIMIZER PRO|AdsBuyNowURL, hxxp://www.safeshopgate.com/r?s=121001468&g=1F6B7017-CD19-646C-2CEC-95E322623D17, , [5631ad0857333cfad9f5b5c99d688779]

Registrierungsdaten: 15
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}),,[d0b73e77f69462d47dbdae77828451af]
PUP.Optional.Delta.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA, Gut: (www.google.com), Schlecht: (hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA),,[4443f2c3058556e0ee1870c29373916f]
PUP.Optional.Delta.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA, Gut: (www.google.com), Schlecht: (hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA),,[c5c2ebca513930067c8a4fe37d899f61]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}),,[bdca872e9eec2016f24851d4fc0a9f61]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[8afd7d38cbbf0c2a0327cc658b7bd42c]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}),,[6e198530a5e51323a1996db831d520e0]
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA, Gut: (www.google.com), Schlecht: (hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA),,[e4a307ae5535b77fa26469c901059769]
PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA, Gut: (www.google.com), Schlecht: (hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA),,[60279223cac00a2ccb3b3101e5213cc4]
PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}),,[1a6d605571193ef871c9a283d630b24e]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[ddaab7fe503a6bcb62c8270a12f4e719]
PUP.Optional.Delta.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA, Gut: (www.google.com), Schlecht: (hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA),,[5730e1d4a0eaa2949d6a1f1309fda759]
PUP.Optional.Delta.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA, Gut: (www.google.com), Schlecht: (hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA),,[89fe288d9ceeba7cea1d9999da2cbd43]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}),,[2e597540a7e3a4922711fe27cb3b13ed]
PUP.Optional.Babylon.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|BrowserMngr Start Page, hxxp://search.babylon.com/?affID=110809&tt=130812_bandext_3312_8&babsrc=HP_ss&mntrId=1cb69d4700000000000000262d50379d, Gut: (www.google.com), Schlecht: (hxxp://search.babylon.com/?affID=110809&tt=130812_bandext_3312_8&babsrc=HP_ss&mntrId=1cb69d4700000000000000262d50379d),,[4245c2f3cbbfd75f51bddc57d630c63a]
PUP.Optional.IStartSurf.A, HKU\S-1-5-21-664774285-3076153036-1514180132-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=ds&ts=1410882464&from=tugs&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA&q={searchTerms}),,[8afd575ec5c551e50b2d78ad57afaa56]

Ordner: 53
PUP.Optional.ConduitTB.Gen, C:\Users\Vivien Förster\AppData\Local\CRE, , [f6912f864b3f87af6c22ecf80201de22],
PUP.Optional.ConduitTB.Gen, C:\Users\Vivien Förster\AppData\Local\Temp\ct2625848, , [1176575ef1990630563c9f450ef59c64],
PUP.Optional.ConduitTB.Gen, C:\Users\Vivien Förster\AppData\Local\Temp\ct2625848\xpi, , [1176575ef1990630563c9f450ef59c64],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\defaults, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\defaults\preferences, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\userCode, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\locale, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\locale\en-US, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.OptimizerPro.A, C:\Users\Vivien Förster\Documents\Optimizer Pro, , [5d2a50652565ff377c50dda18b7a3ac6],
Rogue.Multiple, C:\ProgramData\374311380, , [ddaaa31201892e084d63a0009a695ca4],
PUP.Optional.OpenCandy, C:\Users\Vivien Förster\AppData\Roaming\OpenCandy, , [0d7aa114cfbb0036e54bc4ec0ef57888],
PUP.Optional.OpenCandy, C:\Users\Vivien Förster\AppData\Roaming\OpenCandy\1B9BB2D9FA9940A5A934CAF6EDFBC889, , [0d7aa114cfbb0036e54bc4ec0ef57888],
PUP.Optional.OpenCandy, C:\Users\Vivien Förster\AppData\Roaming\OpenCandy\24E0A121D864429C97D63C92C9327BE8, , [0d7aa114cfbb0036e54bc4ec0ef57888],
PUP.Optional.Delta.A, C:\Users\Vivien Förster\AppData\Local\Temp\mt_ffx\Delta, , [582f3580b8d25dd955f28c2410f3b14f],
PUP.Optional.Delta.A, C:\Users\Vivien Förster\AppData\Local\Temp\mt_ffx\Delta\delta, , [582f3580b8d25dd955f28c2410f3b14f],
PUP.Optional.Delta.A, C:\Users\Vivien Förster\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.21.5, , [582f3580b8d25dd955f28c2410f3b14f],
PUP.Optional.Datamngr.A, C:\Users\Vivien Förster\AppData\LocalLow\DataMngr, , [90f733820783a78f506c387d18eb51af],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, , [3c4bd3e22565d2649efe2e93669d5aa6],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, , [3c4bd3e22565d2649efe2e93669d5aa6],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, , [97f0d5e0701a7eb82b3d7a49b2512dd3],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log, , [97f0d5e0701a7eb82b3d7a49b2512dd3],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, , [97f0d5e0701a7eb82b3d7a49b2512dd3],
PUP.Optional.SystemSpeedup, C:\Users\Vivien Förster\AppData\Roaming\systweak\ssd, , [4641397c2862da5ce6eb2d96f60df20e],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download\{3905E6B7-140D-44B4-8354-FB0A97ECBEA2}, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download\{3905E6B7-140D-44B4-8354-FB0A97ECBEA2}\1.3.25.27, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Install, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Offline\{86A2C2D9-0F5A-46AE-A111-23673B01F32B}, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.A, C:\Users\Vivien Förster\AppData\Local\Temp\comh.67507, , [cfb84f668efc1d198129fbc909fa5ea2],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\code, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.BrowserManager.A, C:\ProgramData\Browser Manager\2.2.565.25, , [f88f3a7b76149c9a831930a5729136ca],
PUP.Optional.BrowserManager.A, C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}, , [f88f3a7b76149c9a831930a5729136ca],
PUP.Optional.BrowserManager.A, C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings, , [f88f3a7b76149c9a831930a5729136ca],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate, , [4f38eec71476ea4c2eb52fa9a063ea16],
PUP.Optional.IHProtectUpDate.A, C:\ProgramData\IHProtectUpDate\update, , [4f38eec71476ea4c2eb52fa9a063ea16],
PUP.Optional.Fun4U.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\o698XPPx@gmail.com, , [394ed4e1d4b61d1951326905ca3c0af6],
PUP.Optional.Fun4U.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\o698XPPx@gmail.com\chrome, , [394ed4e1d4b61d1951326905ca3c0af6],
PUP.Optional.Fun4U.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\o698XPPx@gmail.com\chrome\content, , [394ed4e1d4b61d1951326905ca3c0af6],
PUP.Optional.Fun4U.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\o698XPPx@gmail.com\defaults, , [394ed4e1d4b61d1951326905ca3c0af6],
PUP.Optional.Fun4U.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\o698XPPx@gmail.com\defaults\preferences, , [394ed4e1d4b61d1951326905ca3c0af6],

Firegirl 01.06.2015 16:31
mbam teil 3

Code:
Dateien: 306
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\BgX88AZdj0WaZJQg6qiCpWGLZ.exe, , [3c4b2b8ab8d2e353daa12b2c27d904fc],
PUP.Optional.BrowserApps.A, C:\Users\Vivien Förster\AppData\Roaming\CGLTJAG.exe, , [01868b2a4b3fe0565a7deaf6a95838c8],
PUP.Optional.BrowserApps.A, C:\Users\Vivien Förster\AppData\Roaming\NQOVIKVG.exe, , [cfb85c5988028caa677070706899c739],
PUP.Optional.InstallCore, C:\Users\Vivien Förster\AppData\Roaming\0C1I1L1R1J0C1F1G1G1P1R2Z\Internet Explorer Packages\uninstaller.exe, , [8205b302fe8c1026fc18680ae12125db],
PUP.Optional.Delta.A, C:\Users\Vivien Förster\AppData\Roaming\OpenCandy\24E0A121D864429C97D63C92C9327BE8\DeltaTB.exe, , [aed9ad08ccbe71c5b8cc0e2ffa0713ed],
PUP.Optiona.ConduitTB.Gen, C:\Users\Vivien Förster\AppData\Local\Temp\tbDVDV.dll, , [5235ae073654b87e0caa4f1d1beb2dd3],
Trojan.RotBrowse, C:\Users\Vivien Förster\AppData\Local\Temp\3D7D.tmp, , [3b4c684d3159d85ec5f43bb37194a15f],
PUP.Optional.Bandoo.A, C:\Users\Vivien Förster\AppData\Local\Temp\9SVdJvz1.exe.part, , [96f1feb7cdbdc4729320dbb608f9738d],
Trojan.RotBrowse, C:\Users\Vivien Förster\AppData\Local\Temp\A2D5.tmp, , [592e7a3bee9cd85e0dac19d5a560bc44],
PUP.Optional.OptimizePro.A, C:\Users\Vivien Förster\AppData\Local\Temp\OptimizerPro_new.zip, , [c8bf288d56341b1bf999051b12eeba46],
Trojan.Rotbrow, C:\Users\Vivien Förster\AppData\Local\Temp\BabylonMngr.xpi, , [e2a5e5d03b4fa88e6c9ac52aa560fd03],
PUP.Optional.MyPCBackup.A, C:\Users\Vivien Förster\AppData\Local\Temp\BackupSetup.exe, , [75122194dcae66d07b0ccb2ea8591ce4],
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Local\Temp\8391.tmp, , [c2c5912496f4c175c42d828646ba9868],
Trojan.RotBrowse, C:\Users\Vivien Förster\AppData\Local\Temp\843D.tmp, , [8205754061291a1cb900c826e025f010],
Trojan.RotBrow.A, C:\Users\Vivien Förster\AppData\Local\Temp\che28F3.tmp, , [91f6367f741667cf7a81129d946da35d],
Trojan.RotBrow.A, C:\Users\Vivien Förster\AppData\Local\Temp\cheA3CD.tmp, , [b2d5664f3951d1658378e7c8b9482dd3],
PUP.Optional.Somoto, C:\Users\Vivien Förster\AppData\Local\Temp\bitool.dll, , [7710feb72a6085b1c5992ee49e6536ca],
PUP.Optional.Iminent.A, C:\Users\Vivien Förster\AppData\Local\Temp\bootstrapper.exe, , [1671981d791134029c103f24d32e7d83],
PUP.Optional.PerformerSoft.A, C:\Users\Vivien Förster\AppData\Local\Temp\C6E8.tmp, , [0c7b1f960a808ea8892d9ab249b8a759],
PUP.Optional.TVWizard.A, C:\Users\Vivien Förster\AppData\Local\Temp\nsh16CC.tmp\Helper.dll, , [98ef367fd4b673c3c2550cf631d50ff1],
PUP.Optional.NewPlayer, C:\Users\Vivien Förster\AppData\Local\Temp\EA68tmp\newvideoplayersetup.exe, , [7a0dbbfa2763989e9298e2f8936efb05],
PUP.Optional.MyPCBackup.SID.A, C:\Users\Vivien Förster\AppData\Local\Temp\EA69tmp\cloud_backup_setup.exe, , [1770199c06848da9ecf3beae5aacbc44],
PUP.Optional.Graftor, C:\Users\Vivien Förster\AppData\Local\Temp\EA6Btmp\5555-1001_newplayer.exe, , [1d6a991c78121f1750a73326669a37c9],
PUP.Optional.215Apps.A, C:\Users\Vivien Förster\AppData\Local\Temp\is357113909\GiantSavings_US.exe, , [fb8c3e7746448babc515cefaf60b619f],
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Local\Temp\is357113909\MyBabylonTB.exe, , [4f38bcf94149092dca541d0433cd8d73],
PUP.Optional.ModGoog, C:\Users\Vivien Förster\AppData\Local\Temp\comh.67507\GoogleCrashHandler.exe, , [b8cf961ff298ea4cf89f0e3d689a5aa6],
PUP.Optional.ModGoog, C:\Users\Vivien Förster\AppData\Local\Temp\comh.67507\GoogleUpdate.exe, , [9aedd6df7e0c3105f0a760ebf40e0af6],
PUP.Optional.ModGoog, C:\Users\Vivien Förster\AppData\Local\Temp\comh.67507\GoogleUpdateBroker.exe, , [4c3b7540266467cfecabd576ff03728e],
PUP.Optional.ModGoog, C:\Users\Vivien Förster\AppData\Local\Temp\comh.67507\GoogleUpdateOnDemand.exe, , [f2954471f29848ee7b1cd576c53d8d73],
PUP.Optional.ModGoog, C:\Users\Vivien Förster\AppData\Local\Temp\comh.67507\goopdate.dll, , [94f311a40b7fe056ddba89c2a062817f],
PUP.Optional.ModGoog, C:\Users\Vivien Förster\AppData\Local\Temp\comh.67507\goopdateres_en.dll, , [f295aa0bc4c6b68011861833010101ff],
PUP.Optional.ModGoog, C:\Users\Vivien Förster\AppData\Local\Temp\comh.67507\npGoogleUpdate4.dll, , [44430baa6b1f7bbbc4d3a4a7d82a11ef],
PUP.Optional.ModGoog, C:\Users\Vivien Förster\AppData\Local\Temp\comh.67507\psmachine.dll, , [c2c53d78e2a8979fe1b6113a44bed729],
PUP.Optional.ModGoog, C:\Users\Vivien Förster\AppData\Local\Temp\comh.67507\psuser.dll, , [98ef476eb6d4fb3bedaa0942976bb64a],
PUP.Optional.NSXgen, C:\Users\Vivien Förster\AppData\Local\Temp\EA6Dtmp\setup.exe, , [ccbb763f2a603501bc9e6478d928847c],
PUP.Optional.SearchHijacker.A, C:\Users\Vivien Förster\AppData\Local\Temp\EA6Etmp\lly_istartsurf.exe, , [95f2b9fc81092d096cdf8c474bb6718f],
PUP.Optional.TVWizard.A, C:\Users\Vivien Förster\AppData\Local\Temp\EA6Ftmp\setup.exe, , [8700edc8acde8ea84813312c946c17e9],
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Local\Temp\ED50CDCB-BAB0-7891-BFCD-A3D31FEA8EB0\Latest\BExternal.dll, , [9dea7c396d1d4aec5dde968fcf313cc4],
Trojan.RotBrowse, C:\Users\Vivien Förster\AppData\Local\Temp\ED50CDCB-BAB0-7891-BFCD-A3D31FEA8EB0\Latest\ccp.exe, , [7e09ae0774163afc6d4ced01ff06738d],
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Local\Temp\ED50CDCB-BAB0-7891-BFCD-A3D31FEA8EB0\Latest\CrxInstaller.dum, , [f88fc6ef068463d3ae7960ef14ed649c],
PUP.Optional.Delta, C:\Users\Vivien Förster\AppData\Local\Temp\ED50CDCB-BAB0-7891-BFCD-A3D31FEA8EB0\Latest\MyBabylonTB.exe, , [7b0c08ada8e2d66001180639f80920e0],
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Local\Temp\ED50CDCB-BAB0-7891-BFCD-A3D31FEA8EB0\Latest\Setup.exe, , [d7b08530a6e47abce4d78799a06053ad],
PUP.Optional.RegCleanPro, C:\Users\Vivien Förster\AppData\Local\Temp\is1158881826\3142162_stp\rcpsetup_adppi15_adppi15.exe, , [24635c5959312f07499192a4be42a957],
PUP.Optional.OptimizePro.A, C:\Users\Vivien Förster\AppData\Local\Temp\f3903a8feb69f9dbc31157fca6266fec\OptimizerPro.exe, , [4b3c6352ed9d84b28e0432ee0df35ea2],
PUP.Optional.OptimizePro.A, C:\Users\Vivien Förster\AppData\Local\Temp\f3903a8feb69f9dbc31157fca6266fec_\OptimizerPro.exe, , [691e1b9a701a4bebe2b0869a1de3cc34],
PUP.Optional.Conduit, C:\Users\Vivien Förster\AppData\Local\Temp\ct2269050\ieLogic.exe, , [f88f674e6b1f94a20bc61a17df21a25e],
PUP.Optional.Conduit.A, C:\Users\Vivien Förster\AppData\Local\Temp\ct2269050\statisticsStub.exe, , [aadd1e97503a9d994ce3370656ab24dc],
PUP.Optional.Conduit, C:\Users\Vivien Förster\AppData\Local\Temp\ct2625848\ieLogic.exe, , [f592dcd90e7c989ef6db5cd551afd22e],
PUP.Optional.OptimizePro.A, C:\Users\Vivien Förster\AppData\Local\Temp\{15086A63-CE7A-4A23-A8C8-8658CEEB4895}\Addons\OptimizerProInstaller.exe, , [0e79e2d399f152e4b6dc4fd16a96ce32],
PUP.Optional.InstallBrain.A, C:\Windows\Temp\52D1.tmp, , [a1e6bdf84c3e73c3945c06a940c1ec14],
Trojan.RotBrowse, C:\Windows\Temp\BabylonMngr.xpi, , [91f66c497d0dc86e4d4b539be61fc53b],
PUP.Optional.BProtector.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\bProtector_extensions.rdf, , [1c6b31846a2065d10b29657f996aa060],
PUP.Optional.ConduitTB.Gen, C:\Users\Vivien Förster\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx, , [f6912f864b3f87af6c22ecf80201de22],
PUP.Optional.ConduitTB.Gen, C:\Users\Vivien Förster\AppData\Local\Temp\ct2625848\manifest.json, , [1176575ef1990630563c9f450ef59c64],
PUP.Optional.ConduitTB.Gen, C:\Users\Vivien Förster\AppData\Local\Temp\ct2625848\chLogic.exe, , [1176575ef1990630563c9f450ef59c64],
PUP.Optional.ConduitTB.Gen, C:\Users\Vivien Förster\AppData\Local\Temp\ct2625848\CT2625848.txt, , [1176575ef1990630563c9f450ef59c64],
PUP.Optional.ConduitTB.Gen, C:\Users\Vivien Förster\AppData\Local\Temp\ct2625848\CT2625848.xpi, , [1176575ef1990630563c9f450ef59c64],
PUP.Optional.ConduitTB.Gen, C:\Users\Vivien Förster\AppData\Local\Temp\ct2625848\dtime.csf, , [1176575ef1990630563c9f450ef59c64],
PUP.Optional.ConduitTB.Gen, C:\Users\Vivien Förster\AppData\Local\Temp\ct2625848\ffLogic.exe, , [1176575ef1990630563c9f450ef59c64],
PUP.Optional.ConduitTB.Gen, C:\Users\Vivien Förster\AppData\Local\Temp\ct2625848\initData.json, , [1176575ef1990630563c9f450ef59c64],
PUP.Optional.ConduitTB.Gen, C:\Users\Vivien Förster\AppData\Local\Temp\ct2625848\statisticsStub.exe, , [1176575ef1990630563c9f450ef59c64],
PUP.Optional.ConduitTB.Gen, C:\Users\Vivien Förster\AppData\Local\Temp\ct2625848\version.txt, , [1176575ef1990630563c9f450ef59c64],
PUP.Optional.ConduitTB.Gen, C:\Users\Vivien Förster\AppData\Local\Temp\ct2625848\xpi\install.rdf, , [1176575ef1990630563c9f450ef59c64],
PUP.Optional.Updating.A, C:\Windows\System32\Tasks\fun4u_updating_service, , [2562268f6525a5911af66580e91ad927],
PUP.Optional.Updating.A, C:\Windows\Tasks\fun4u_updating_service.job, , [8bfcfcb9e3a7191d3ed3618459aa7987],
PUP.Optional.Notification.A, C:\Windows\Tasks\fun4u_notification_service.job, , [196e4b6acbbf93a30336a540b053ed13],
PUP.Optional.Notification.A, C:\Windows\System32\Tasks\fun4u_notification_service, , [790e585da8e277bfe65416cf35ce7888],
PUP.Optional.IStartSurf.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\istartsurf.xml, , [8304d8dd820853e334d547c4679d09f7],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-1, , [16718e27602a83b3c3d8fc13af557e82],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-11, , [ec9b6c493d4d4ee85a4155bad52f23dd],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-2, , [cabdfbbab8d2ab8beab1bd52f80cef11],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-3, , [94f38b2aacde42f4c4d7f11e6a9a6c94],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-4, , [30576d48deaccb6b158646c96b998b75],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-5, , [6324cde8593147efcad1ad6222e210f0],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-6, , [36513382533791a5e7b422ed39cbba46],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-7, , [6522862f18720f271c7fb857c83cca36],
PUP.Optional.Delta.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\delta-homes.xml, , [7f08ab0a99f178bebef1d54036ce629e],
PUP.Optional.Delta.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\searchplugins\delta.xml, , [bccbab0a82089d992f027fa9ea1a11ef],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-1.job, , [ceb9d9dcdeac7bbb3279f27550b5fb05],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-11.job, , [c5c26d480e7c8caa6447244385805da3],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-2.job, , [444302b3a3e79d99dbd0cf98976eea16],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-3.job, , [96f1e5d095f55dd9397255122cd9bd43],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-4.job, , [6b1c5d58cbbfe551d9d2c89feb1a8878],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-5.job, , [ceb9ab0a8dfd56e0c7e41a4da85d04fc],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-5_user.job, , [e1a68c29058563d36a41580f7d8839c7],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-6.job, , [8502734204861f17a407194ee421916f],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-7.job, , [226544717515de58d5d66dfaca3ba759],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, , [4047d8dd296161d583376bfc13f20df3],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, , [592ed3e29bef1c1ab209ca9db0559d63],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, , [f295585dd7b387af2795204738cd6898],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA, , [6e193a7beaa0eb4bead3ef787a8b7e82],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\crossrider_statusbar.png, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\button1.png, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\button2.png, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\button3.png, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\button4.png, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\button5.png, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\icon128.png, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\icon16.png, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\icon24.png, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\icon48.png, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\panelarrow-up.png, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\popup.html, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\skin.css, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\update.css, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome.manifest, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\install.rdf, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\089e080330e75d367b24577f00ff0ba5.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\0adf44afed55c4345bbf43f91c7aa3a9.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\181d762d79f06c5fa69efe366aa68a30.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\682fe6de48313492e9da4ba224a17b88.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\aca10d53d52f46adc46df507636e604c.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\background.html, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\browser.xul, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\dce2924befb30453b0037f972a2d7b62.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\dialog.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\ffCoreFilesIndex.txt, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\options.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\options.xul, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\search_dialog.xul, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\6798ac301a14a3deea68b0c61d76319d.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\0f85616320878c20870663de54a452c2.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\18010b399f94dc4ca6fd94dfb4172db8.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\1be08de1d4081f348806c91cd01b0f60.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\31a7fa9837134ed847151909a05c4e0b.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\32f7e2d88214d77bb38496337945d6fe.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\3b9b4c21d975b02fdc08be5ba04aa3a2.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\441a7bc20b7b72bd3264d5b0ef708748.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\535ced17b6b9bd9bcd6fc80b8099d97d.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\951a40e2ccff1c0371cc03bb563602fd.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\a954036d6fc478d5b9a38d2caeaa0cba.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\ba86f0f865a43ae47c06aa68800dd582.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\bb7c73d699e1f64c84c1ff336efe8d92.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\c9faff6643c473d5f33306a8be395beb.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\e49533f2d99e15176fb756f50f232006.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\ecae0f8c4c52ec5f2e961ce6fd7625c2.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\bc2e856329ff41527a51926ab91e166d.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\11c9235a9b464861790e018454262b9c.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\16103789070d6bcf6b1479f0c1cae2cb.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\31293503208a70871d735abedb79d53a.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\47d102f22db4797e1b6321f0a4e8e92c.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\55e3c54445ba169d4e5e55f407964e8d.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\5a15cebb41998085b8664ad41f6ba22d.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\5e9c2743126301d2300e2c429aaa7906.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\782cf3c818dc79b9e2ba22f273eabe9d.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\961efc953a32e9ab17f2ff38995b46eb.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\985e9f8fcd307043c03625891e781439.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\a8a4dc9f204fc4e4072b3623b294d491.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\aec787387fc8da51b9b84975dfbabf97.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\b52b4280c9a604bdc1d0bf2e823e92c1.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\c366d326ea1acfe0f03d6ccea321708f.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\c6e2989c90d868503b22fa6c13697d58.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\ea57372c3adcef37e710fb4dcb2ad276.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\f67f324b228ba1d408f828bb0b0c93bf.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\ff0bd9a16bf339f5de855e948faf1fe6.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\ffc48ec5357e0882917cfacd68a22036.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\installer.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\defaults\preferences\prefs.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\manifest.xml, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins.json, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\102.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\13.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\14.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\16.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\17.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\180.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\184.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\192.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\193.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\195.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\220.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\223.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\230.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\233.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\242.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\246.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\253.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\262.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\263.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\281.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\288.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\301.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\337.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\345.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\354.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\373.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\4.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\47.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\64.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\7.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\78.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\9.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\91.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\userCode\background.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\userCode\extension.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\locale\en-US\translations.dtd, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.Browser.A, C:\ProgramData\Browser\prompt.exe.config, , [1e69b6ffd1b94de9ac7097e1cc39a55b],
PUP.Optional.OptimizerPro.A, C:\Users\Vivien Förster\Documents\Optimizer Pro\CookiesException.txt, , [5d2a50652565ff377c50dda18b7a3ac6],
PUP.Optional.OpenCandy, C:\Users\Vivien Förster\AppData\Roaming\OpenCandy\1B9BB2D9FA9940A5A934CAF6EDFBC889\TuneUpUtilities2012_de-DE.exe, , [0d7aa114cfbb0036e54bc4ec0ef57888],
PUP.Optional.OpenCandy, C:\Users\Vivien Förster\AppData\Roaming\OpenCandy\24E0A121D864429C97D63C92C9327BE8\5472.ico, , [0d7aa114cfbb0036e54bc4ec0ef57888],
PUP.Optional.OpenCandy, C:\Users\Vivien Förster\AppData\Roaming\OpenCandy\24E0A121D864429C97D63C92C9327BE8\EBB77268-338F-4C6A-8590-AD88FED26F4A, , [0d7aa114cfbb0036e54bc4ec0ef57888],
PUP.Optional.OpenCandy, C:\Users\Vivien Förster\AppData\Roaming\OpenCandy\24E0A121D864429C97D63C92C9327BE8\OCBrowserHelper_1.0.6.125.exe, , [0d7aa114cfbb0036e54bc4ec0ef57888],
PUP.Optional.Datamngr.A, C:\Users\Vivien Förster\AppData\LocalLow\DataMngr\{7CA1F051-A4FB-4143-B263-02B41E571EED}, , [90f733820783a78f506c387d18eb51af],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update\conf, , [3c4bd3e22565d2649efe2e93669d5aa6],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update\PluginUpdate.exe, , [3c4bd3e22565d2649efe2e93669d5aa6],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-09-16[17-48-58-973].log, , [97f0d5e0701a7eb82b3d7a49b2512dd3],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, , [97f0d5e0701a7eb82b3d7a49b2512dd3],
PUP.Optional.SystemSpeedup, C:\Users\Vivien Förster\AppData\Roaming\systweak\ssd\SSDPTstub.exe, , [4641397c2862da5ce6eb2d96f60df20e],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download\{3905E6B7-140D-44B4-8354-FB0A97ECBEA2}\1.3.25.27\setup.exe, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.A, C:\Users\Vivien Förster\AppData\Local\Temp\comh.67507\GoogleUpdateHelper.msi, , [cfb84f668efc1d198129fbc909fa5ea2],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\235.json, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\MessageBox.xml, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\uninstallDlg2.xml, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\UninstallManager.exe, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\bg.png, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\bg1.png, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\bk_shadow.png, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\button.png, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\button1.png, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\checkbox.png, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\checkbox_select.png, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\checked.png, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\close.png, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\loading_bg.png, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\loading_light.png, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\min.png, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\scrollbar.bmp, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\Thumbs.db, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\unchecked.png, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\code\code1.jpg, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\code\code2.jpg, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\code\code3.jpg, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\code\code4.jpg, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\code\code5.jpg, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\code\code6.jpg, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\code\Thumbs.db, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.BrowserManager.A, C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\00, , [f88f3a7b76149c9a831930a5729136ca],
PUP.Optional.BrowserManager.A, C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\01, , [f88f3a7b76149c9a831930a5729136ca],
PUP.Optional.BrowserManager.A, C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\02, , [f88f3a7b76149c9a831930a5729136ca],
PUP.Optional.BrowserManager.A, C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\10, , [f88f3a7b76149c9a831930a5729136ca],
PUP.Optional.BrowserManager.A, C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\11, , [f88f3a7b76149c9a831930a5729136ca],
PUP.Optional.BrowserManager.A, C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\12, , [f88f3a7b76149c9a831930a5729136ca],
PUP.Optional.BrowserManager.A, C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\20, , [f88f3a7b76149c9a831930a5729136ca],
PUP.Optional.BrowserManager.A, C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\21, , [f88f3a7b76149c9a831930a5729136ca],
PUP.Optional.BrowserManager.A, C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\22, , [f88f3a7b76149c9a831930a5729136ca],
PUP.Optional.Fun4U.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\o698XPPx@gmail.com\chrome.manifest, , [394ed4e1d4b61d1951326905ca3c0af6],
PUP.Optional.Fun4U.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\o698XPPx@gmail.com\install.rdf, , [394ed4e1d4b61d1951326905ca3c0af6],
PUP.Optional.Fun4U.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\o698XPPx@gmail.com\chrome\content\browser.xul, , [394ed4e1d4b61d1951326905ca3c0af6],
PUP.Optional.Fun4U.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\o698XPPx@gmail.com\chrome\content\main.js, , [394ed4e1d4b61d1951326905ca3c0af6],
PUP.Optional.Delta.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA");), ,[7a0d1e97aedc2d09647b4c2456b00df3]
PUP.Optional.Delta.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://www.delta-homes.com/newtab/?type=nt&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA");), ,[cfb8b8fde3a70c2af8e8e18f3cca649c]
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.crossrider.bic", "14898a663421ef8e415b53f2b739e083");), ,[0186ae07bdcda195a99695dc32d47090]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.admin", false);), ,[0285e4d19befbb7b0b40056cee1843bd]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (ferences

/* Do not edit this file.
 *
 * If you m), ,[e1a69c193b4f81b5c685b1c042c4a060]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (rences

/* Do not edit this file.
 *
 * If you make ), ,[3156763fcac02e080e3d3839b0565ba5]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (nces

/* Do not edit this file.
 *
 * If you make change), ,[aed9c4f19cee54e294b70c6582847a86]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (

/* Do not edit this file.
 *
 * If you make ), ,[b8cfa70ee7a370c685c6531e9f67c33d]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (references

/* Do not edit this file.
 *
 * If ), ,[3255763fd9b140f6e863cea3e6203cc4]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (eferences

/* Do not edit this file.
 *
 * If you), ,[2a5d03b295f57bbba2a9125f40c66898]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (erences

/* Do not edit this file.
 *
 * If you m), ,[e3a460554545cb6bb09b5819e91d827e]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (erences

/* Do not edit this file.
 *
 * If you make ), ,[11766a4b4d3d270f88c30c6516f0669a]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (ces

/* Do not edit this file.
 *
 * If you make changes ), ,[5631fdb8dab04aec2d1e89e8ea1c4cb4]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (

/* Do not edit this file.
 *
 * If you make chang), ,[780fc0f54e3c96a00645bdb416f0c937]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (rences

/* Do not edit this file.
 *
 * If you make), ,[9fe8d9dc1d6d072fd07b135eff0702fe]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (ences

/* Do not edit this file.
 *
 * If you make changes to this file while ), ,[e3a4dbda5a30dd594a01323f689ef907]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (s file.
 *
 * If you make changes to this file wh), ,[c4c39322addd13231c2fe68b82846e92]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (eferences

/* Do not edit this file.
 *
 * If you make changes to this file w), ,[2067a411c1c9b185e46759181fe7ed13]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (is file.
 *
 * If you make changes to this file while the application is run), ,[e7a06e47fa90d46257f410618d79a35d]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: ( this file.
 *
 * If you make changes to this file whil), ,[ec9b3a7b5b2fba7cf4571b5649bdd32d]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (ces

/* Do not edit this file.
 *
 * If you make ch), ,[fd8afabbccbe40f66fdc7df4b6508080]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (ences

/* Do not edit this file.
 *
 * If you make ch), ,[2d5a189d1b6fa6907dce630e9f67748c]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (ences

/* Do not edit this file.
 *
 * If you make change), ,[e2a5744173178fa75bf06c05e91d8a76]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (rences

/* Do not edit this file.
 *
 * If you make changes to th), ,[9cebd2e3cfbb4de9212a85ecb94d0af6]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: ( not edit this file.
 *
 * If you make changes t), ,[5037278e0486fe38c2899cd59f670af6]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (references

/* Do not edit this file.
 *
 * If you ma), ,[8bfc85307c0eba7cc08b175a0afc6f91]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (ces

/* Do not edit this file.
 *
 * If you make), ,[6e197045e1a995a12d1e017001051be5]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (ferences

/* Do not edit this file.
 *
 * If you ), ,[97f011a494f6cf6789c23938cb3bae52]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (erences

/* Do not edit this file.
 *
 * If you make change), ,[8700d8dd2565280ecf7c254c10f651af]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (
/* Do not edit this file.
 *
 * If you make changes to ), ,[6126971e1971fe38ce7d5e136a9cfe02]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (es

/* Do not edit this file.
 *
 * If you make change), ,[92f57144266411256cdf472ada2ce51b]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (es

/* Do not edit this file.
 *
 * If you make chan), ,[f790ab0a88021f1797b45f1227dff010]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (nces

/* Do not edit this file.
 *
 * If you m), ,[e6a17540cac0013555f69bd634d25ea2]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (references

/* Do not edit this file.
 *
 * If you ), ,[36519025404a44f2a1aa472aec1a60a0]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (ences

/* Do not edit this file.
 *
 * If you ma), ,[8700f4c1602a3105f8534d247096629e]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (ferences

/* Do not edit this file.
 *
 * If), ,[0e796b4a355577bf2229fb7655b1af51]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: ( Preferences

/* Do not edit this file.
 *
 * If ), ,[f592eacb9dedfe38b299bfb27d89b24e]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (erences

/* Do not edit this file.
 *
 * If you mak), ,[56311d982f5bf640e96275fc2bdb1ae6]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (ences

/* Do not edit this file.
 *
 * If you make c), ,[c9be961ffc8e39fd74d71b56679fbb45]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (nces

/* Do not edit this file.
 *
 * If you make changes to ), ,[2c5b4174acde0d29202bc0b1828417e9]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (* Do not edit this file.
 *
 * If you make changes), ,[4a3d1d9881098aaca5a63b363ec808f8]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (ferences

/* Do not edit this file.
 *
 * If you make changes to this file while the ap), ,[03847a3bd2b82b0baaa1d49d2fd7b34d]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: ( *
 * If you make changes to this file while the appl), ,[2b5ce8cdbccedc5ab596d69b8680dd23]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (rences

/* Do not edit this file.
 *
 * If you make changes to this file while the application is running,
 * the changes will be overwritten when the application exit), ,[e5a26c491179f83ee16a215047bf9a66]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: ( changes will be overwritten when the application exits.
), ,[f2959e17cdbddd5955f6a3ceb25407f9]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (ces

/* Do not edit this file.
 *
 * If you make c), ,[0f78298ced9d35015cef640d3dc912ee]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (rences

/* Do not edit this file.
 *
 * If you make changes to ), ,[e3a4268fd2b8f046ae9d82ef8a7ccd33]

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)
mbam teil 3

Code:
Dateien: 306
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\BgX88AZdj0WaZJQg6qiCpWGLZ.exe, , [3c4b2b8ab8d2e353daa12b2c27d904fc],
PUP.Optional.BrowserApps.A, C:\Users\Vivien Förster\AppData\Roaming\CGLTJAG.exe, , [01868b2a4b3fe0565a7deaf6a95838c8],
PUP.Optional.BrowserApps.A, C:\Users\Vivien Förster\AppData\Roaming\NQOVIKVG.exe, , [cfb85c5988028caa677070706899c739],
PUP.Optional.InstallCore, C:\Users\Vivien Förster\AppData\Roaming\0C1I1L1R1J0C1F1G1G1P1R2Z\Internet Explorer Packages\uninstaller.exe, , [8205b302fe8c1026fc18680ae12125db],
PUP.Optional.Delta.A, C:\Users\Vivien Förster\AppData\Roaming\OpenCandy\24E0A121D864429C97D63C92C9327BE8\DeltaTB.exe, , [aed9ad08ccbe71c5b8cc0e2ffa0713ed],
PUP.Optiona.ConduitTB.Gen, C:\Users\Vivien Förster\AppData\Local\Temp\tbDVDV.dll, , [5235ae073654b87e0caa4f1d1beb2dd3],
Trojan.RotBrowse, C:\Users\Vivien Förster\AppData\Local\Temp\3D7D.tmp, , [3b4c684d3159d85ec5f43bb37194a15f],
PUP.Optional.Bandoo.A, C:\Users\Vivien Förster\AppData\Local\Temp\9SVdJvz1.exe.part, , [96f1feb7cdbdc4729320dbb608f9738d],
Trojan.RotBrowse, C:\Users\Vivien Förster\AppData\Local\Temp\A2D5.tmp, , [592e7a3bee9cd85e0dac19d5a560bc44],
PUP.Optional.OptimizePro.A, C:\Users\Vivien Förster\AppData\Local\Temp\OptimizerPro_new.zip, , [c8bf288d56341b1bf999051b12eeba46],
Trojan.Rotbrow, C:\Users\Vivien Förster\AppData\Local\Temp\BabylonMngr.xpi, , [e2a5e5d03b4fa88e6c9ac52aa560fd03],
PUP.Optional.MyPCBackup.A, C:\Users\Vivien Förster\AppData\Local\Temp\BackupSetup.exe, , [75122194dcae66d07b0ccb2ea8591ce4],
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Local\Temp\8391.tmp, , [c2c5912496f4c175c42d828646ba9868],
Trojan.RotBrowse, C:\Users\Vivien Förster\AppData\Local\Temp\843D.tmp, , [8205754061291a1cb900c826e025f010],
Trojan.RotBrow.A, C:\Users\Vivien Förster\AppData\Local\Temp\che28F3.tmp, , [91f6367f741667cf7a81129d946da35d],
Trojan.RotBrow.A, C:\Users\Vivien Förster\AppData\Local\Temp\cheA3CD.tmp, , [b2d5664f3951d1658378e7c8b9482dd3],
PUP.Optional.Somoto, C:\Users\Vivien Förster\AppData\Local\Temp\bitool.dll, , [7710feb72a6085b1c5992ee49e6536ca],
PUP.Optional.Iminent.A, C:\Users\Vivien Förster\AppData\Local\Temp\bootstrapper.exe, , [1671981d791134029c103f24d32e7d83],
PUP.Optional.PerformerSoft.A, C:\Users\Vivien Förster\AppData\Local\Temp\C6E8.tmp, , [0c7b1f960a808ea8892d9ab249b8a759],
PUP.Optional.TVWizard.A, C:\Users\Vivien Förster\AppData\Local\Temp\nsh16CC.tmp\Helper.dll, , [98ef367fd4b673c3c2550cf631d50ff1],
PUP.Optional.NewPlayer, C:\Users\Vivien Förster\AppData\Local\Temp\EA68tmp\newvideoplayersetup.exe, , [7a0dbbfa2763989e9298e2f8936efb05],
PUP.Optional.MyPCBackup.SID.A, C:\Users\Vivien Förster\AppData\Local\Temp\EA69tmp\cloud_backup_setup.exe, , [1770199c06848da9ecf3beae5aacbc44],
PUP.Optional.Graftor, C:\Users\Vivien Förster\AppData\Local\Temp\EA6Btmp\5555-1001_newplayer.exe, , [1d6a991c78121f1750a73326669a37c9],
PUP.Optional.215Apps.A, C:\Users\Vivien Förster\AppData\Local\Temp\is357113909\GiantSavings_US.exe, , [fb8c3e7746448babc515cefaf60b619f],
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Local\Temp\is357113909\MyBabylonTB.exe, , [4f38bcf94149092dca541d0433cd8d73],
PUP.Optional.ModGoog, C:\Users\Vivien Förster\AppData\Local\Temp\comh.67507\GoogleCrashHandler.exe, , [b8cf961ff298ea4cf89f0e3d689a5aa6],
PUP.Optional.ModGoog, C:\Users\Vivien Förster\AppData\Local\Temp\comh.67507\GoogleUpdate.exe, , [9aedd6df7e0c3105f0a760ebf40e0af6],
PUP.Optional.ModGoog, C:\Users\Vivien Förster\AppData\Local\Temp\comh.67507\GoogleUpdateBroker.exe, , [4c3b7540266467cfecabd576ff03728e],
PUP.Optional.ModGoog, C:\Users\Vivien Förster\AppData\Local\Temp\comh.67507\GoogleUpdateOnDemand.exe, , [f2954471f29848ee7b1cd576c53d8d73],
PUP.Optional.ModGoog, C:\Users\Vivien Förster\AppData\Local\Temp\comh.67507\goopdate.dll, , [94f311a40b7fe056ddba89c2a062817f],
PUP.Optional.ModGoog, C:\Users\Vivien Förster\AppData\Local\Temp\comh.67507\goopdateres_en.dll, , [f295aa0bc4c6b68011861833010101ff],
PUP.Optional.ModGoog, C:\Users\Vivien Förster\AppData\Local\Temp\comh.67507\npGoogleUpdate4.dll, , [44430baa6b1f7bbbc4d3a4a7d82a11ef],
PUP.Optional.ModGoog, C:\Users\Vivien Förster\AppData\Local\Temp\comh.67507\psmachine.dll, , [c2c53d78e2a8979fe1b6113a44bed729],
PUP.Optional.ModGoog, C:\Users\Vivien Förster\AppData\Local\Temp\comh.67507\psuser.dll, , [98ef476eb6d4fb3bedaa0942976bb64a],
PUP.Optional.NSXgen, C:\Users\Vivien Förster\AppData\Local\Temp\EA6Dtmp\setup.exe, , [ccbb763f2a603501bc9e6478d928847c],
PUP.Optional.SearchHijacker.A, C:\Users\Vivien Förster\AppData\Local\Temp\EA6Etmp\lly_istartsurf.exe, , [95f2b9fc81092d096cdf8c474bb6718f],
PUP.Optional.TVWizard.A, C:\Users\Vivien Förster\AppData\Local\Temp\EA6Ftmp\setup.exe, , [8700edc8acde8ea84813312c946c17e9],
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Local\Temp\ED50CDCB-BAB0-7891-BFCD-A3D31FEA8EB0\Latest\BExternal.dll, , [9dea7c396d1d4aec5dde968fcf313cc4],
Trojan.RotBrowse, C:\Users\Vivien Förster\AppData\Local\Temp\ED50CDCB-BAB0-7891-BFCD-A3D31FEA8EB0\Latest\ccp.exe, , [7e09ae0774163afc6d4ced01ff06738d],
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Local\Temp\ED50CDCB-BAB0-7891-BFCD-A3D31FEA8EB0\Latest\CrxInstaller.dum, , [f88fc6ef068463d3ae7960ef14ed649c],
PUP.Optional.Delta, C:\Users\Vivien Förster\AppData\Local\Temp\ED50CDCB-BAB0-7891-BFCD-A3D31FEA8EB0\Latest\MyBabylonTB.exe, , [7b0c08ada8e2d66001180639f80920e0],
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Local\Temp\ED50CDCB-BAB0-7891-BFCD-A3D31FEA8EB0\Latest\Setup.exe, , [d7b08530a6e47abce4d78799a06053ad],
PUP.Optional.RegCleanPro, C:\Users\Vivien Förster\AppData\Local\Temp\is1158881826\3142162_stp\rcpsetup_adppi15_adppi15.exe, , [24635c5959312f07499192a4be42a957],
PUP.Optional.OptimizePro.A, C:\Users\Vivien Förster\AppData\Local\Temp\f3903a8feb69f9dbc31157fca6266fec\OptimizerPro.exe, , [4b3c6352ed9d84b28e0432ee0df35ea2],
PUP.Optional.OptimizePro.A, C:\Users\Vivien Förster\AppData\Local\Temp\f3903a8feb69f9dbc31157fca6266fec_\OptimizerPro.exe, , [691e1b9a701a4bebe2b0869a1de3cc34],
PUP.Optional.Conduit, C:\Users\Vivien Förster\AppData\Local\Temp\ct2269050\ieLogic.exe, , [f88f674e6b1f94a20bc61a17df21a25e],
PUP.Optional.Conduit.A, C:\Users\Vivien Förster\AppData\Local\Temp\ct2269050\statisticsStub.exe, , [aadd1e97503a9d994ce3370656ab24dc],
PUP.Optional.Conduit, C:\Users\Vivien Förster\AppData\Local\Temp\ct2625848\ieLogic.exe, , [f592dcd90e7c989ef6db5cd551afd22e],
PUP.Optional.OptimizePro.A, C:\Users\Vivien Förster\AppData\Local\Temp\{15086A63-CE7A-4A23-A8C8-8658CEEB4895}\Addons\OptimizerProInstaller.exe, , [0e79e2d399f152e4b6dc4fd16a96ce32],
PUP.Optional.InstallBrain.A, C:\Windows\Temp\52D1.tmp, , [a1e6bdf84c3e73c3945c06a940c1ec14],
Trojan.RotBrowse, C:\Windows\Temp\BabylonMngr.xpi, , [91f66c497d0dc86e4d4b539be61fc53b],
PUP.Optional.BProtector.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\bProtector_extensions.rdf, , [1c6b31846a2065d10b29657f996aa060],
PUP.Optional.ConduitTB.Gen, C:\Users\Vivien Förster\AppData\Local\CRE\bhphemoobgnikcoofkgackkaimpfmenm.crx, , [f6912f864b3f87af6c22ecf80201de22],
PUP.Optional.ConduitTB.Gen, C:\Users\Vivien Förster\AppData\Local\Temp\ct2625848\manifest.json, , [1176575ef1990630563c9f450ef59c64],
PUP.Optional.ConduitTB.Gen, C:\Users\Vivien Förster\AppData\Local\Temp\ct2625848\chLogic.exe, , [1176575ef1990630563c9f450ef59c64],
PUP.Optional.ConduitTB.Gen, C:\Users\Vivien Förster\AppData\Local\Temp\ct2625848\CT2625848.txt, , [1176575ef1990630563c9f450ef59c64],
PUP.Optional.ConduitTB.Gen, C:\Users\Vivien Förster\AppData\Local\Temp\ct2625848\CT2625848.xpi, , [1176575ef1990630563c9f450ef59c64],
PUP.Optional.ConduitTB.Gen, C:\Users\Vivien Förster\AppData\Local\Temp\ct2625848\dtime.csf, , [1176575ef1990630563c9f450ef59c64],
PUP.Optional.ConduitTB.Gen, C:\Users\Vivien Förster\AppData\Local\Temp\ct2625848\ffLogic.exe, , [1176575ef1990630563c9f450ef59c64],
PUP.Optional.ConduitTB.Gen, C:\Users\Vivien Förster\AppData\Local\Temp\ct2625848\initData.json, , [1176575ef1990630563c9f450ef59c64],
PUP.Optional.ConduitTB.Gen, C:\Users\Vivien Förster\AppData\Local\Temp\ct2625848\statisticsStub.exe, , [1176575ef1990630563c9f450ef59c64],
PUP.Optional.ConduitTB.Gen, C:\Users\Vivien Förster\AppData\Local\Temp\ct2625848\version.txt, , [1176575ef1990630563c9f450ef59c64],
PUP.Optional.ConduitTB.Gen, C:\Users\Vivien Förster\AppData\Local\Temp\ct2625848\xpi\install.rdf, , [1176575ef1990630563c9f450ef59c64],
PUP.Optional.Updating.A, C:\Windows\System32\Tasks\fun4u_updating_service, , [2562268f6525a5911af66580e91ad927],
PUP.Optional.Updating.A, C:\Windows\Tasks\fun4u_updating_service.job, , [8bfcfcb9e3a7191d3ed3618459aa7987],
PUP.Optional.Notification.A, C:\Windows\Tasks\fun4u_notification_service.job, , [196e4b6acbbf93a30336a540b053ed13],
PUP.Optional.Notification.A, C:\Windows\System32\Tasks\fun4u_notification_service, , [790e585da8e277bfe65416cf35ce7888],
PUP.Optional.IStartSurf.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\istartsurf.xml, , [8304d8dd820853e334d547c4679d09f7],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-1, , [16718e27602a83b3c3d8fc13af557e82],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-11, , [ec9b6c493d4d4ee85a4155bad52f23dd],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-2, , [cabdfbbab8d2ab8beab1bd52f80cef11],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-3, , [94f38b2aacde42f4c4d7f11e6a9a6c94],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-4, , [30576d48deaccb6b158646c96b998b75],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-5, , [6324cde8593147efcad1ad6222e210f0],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-6, , [36513382533791a5e7b422ed39cbba46],
PUP.Optional.CrossRider.T, C:\Windows\System32\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-7, , [6522862f18720f271c7fb857c83cca36],
PUP.Optional.Delta.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\delta-homes.xml, , [7f08ab0a99f178bebef1d54036ce629e],
PUP.Optional.Delta.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\searchplugins\delta.xml, , [bccbab0a82089d992f027fa9ea1a11ef],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-1.job, , [ceb9d9dcdeac7bbb3279f27550b5fb05],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-11.job, , [c5c26d480e7c8caa6447244385805da3],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-2.job, , [444302b3a3e79d99dbd0cf98976eea16],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-3.job, , [96f1e5d095f55dd9397255122cd9bd43],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-4.job, , [6b1c5d58cbbfe551d9d2c89feb1a8878],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-5.job, , [ceb9ab0a8dfd56e0c7e41a4da85d04fc],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-5_user.job, , [e1a68c29058563d36a41580f7d8839c7],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-6.job, , [8502734204861f17a407194ee421916f],
PUP.Optional.CrossRider.T, C:\Windows\Tasks\58bdf064-05ee-4829-b90e-14cee42c2e5c-7.job, , [226544717515de58d5d66dfaca3ba759],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore.job, , [4047d8dd296161d583376bfc13f20df3],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineCore, , [592ed3e29bef1c1ab209ca9db0559d63],
PUP.Optional.GlobalUpdate.A, C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job, , [f295585dd7b387af2795204738cd6898],
PUP.Optional.GlobalUpdate.A, C:\Windows\System32\Tasks\globalUpdateUpdateTaskMachineUA, , [6e193a7beaa0eb4bead3ef787a8b7e82],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\crossrider_statusbar.png, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\button1.png, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\button2.png, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\button3.png, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\button4.png, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\button5.png, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\icon128.png, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\icon16.png, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\icon24.png, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\icon48.png, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\panelarrow-up.png, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\popup.html, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\skin.css, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\skin\update.css, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome.manifest, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\install.rdf, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\089e080330e75d367b24577f00ff0ba5.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\0adf44afed55c4345bbf43f91c7aa3a9.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\181d762d79f06c5fa69efe366aa68a30.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\682fe6de48313492e9da4ba224a17b88.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\aca10d53d52f46adc46df507636e604c.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\background.html, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\browser.xul, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\dce2924befb30453b0037f972a2d7b62.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\dialog.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\ffCoreFilesIndex.txt, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\options.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\options.xul, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\search_dialog.xul, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\6798ac301a14a3deea68b0c61d76319d.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\0f85616320878c20870663de54a452c2.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\18010b399f94dc4ca6fd94dfb4172db8.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\1be08de1d4081f348806c91cd01b0f60.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\31a7fa9837134ed847151909a05c4e0b.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\32f7e2d88214d77bb38496337945d6fe.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\3b9b4c21d975b02fdc08be5ba04aa3a2.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\441a7bc20b7b72bd3264d5b0ef708748.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\535ced17b6b9bd9bcd6fc80b8099d97d.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\951a40e2ccff1c0371cc03bb563602fd.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\a954036d6fc478d5b9a38d2caeaa0cba.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\ba86f0f865a43ae47c06aa68800dd582.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\bb7c73d699e1f64c84c1ff336efe8d92.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\c9faff6643c473d5f33306a8be395beb.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\e49533f2d99e15176fb756f50f232006.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\api\ecae0f8c4c52ec5f2e961ce6fd7625c2.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\bc2e856329ff41527a51926ab91e166d.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\11c9235a9b464861790e018454262b9c.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\16103789070d6bcf6b1479f0c1cae2cb.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\31293503208a70871d735abedb79d53a.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\47d102f22db4797e1b6321f0a4e8e92c.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\55e3c54445ba169d4e5e55f407964e8d.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\5a15cebb41998085b8664ad41f6ba22d.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\5e9c2743126301d2300e2c429aaa7906.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\782cf3c818dc79b9e2ba22f273eabe9d.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\961efc953a32e9ab17f2ff38995b46eb.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\985e9f8fcd307043c03625891e781439.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\a8a4dc9f204fc4e4072b3623b294d491.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\aec787387fc8da51b9b84975dfbabf97.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\b52b4280c9a604bdc1d0bf2e823e92c1.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\c366d326ea1acfe0f03d6ccea321708f.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\c6e2989c90d868503b22fa6c13697d58.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\ea57372c3adcef37e710fb4dcb2ad276.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\f67f324b228ba1d408f828bb0b0c93bf.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\ff0bd9a16bf339f5de855e948faf1fe6.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\ffc48ec5357e0882917cfacd68a22036.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\chrome\content\core\installer.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\defaults\preferences\prefs.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\manifest.xml, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins.json, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\102.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\13.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\14.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\16.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\17.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\180.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\184.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\192.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\193.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\195.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\220.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\223.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\230.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\233.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\242.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\246.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\253.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\262.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\263.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\281.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\288.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\301.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\337.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\345.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\354.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\373.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\4.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\47.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\64.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\7.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\78.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\9.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\plugins\91.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\userCode\background.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\extensionData\userCode\extension.js, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\56560a80-995b-47cd-852a-772f3a7ea92b@gmail.com\locale\en-US\translations.dtd, , [8cfbf2c39af081b54c7c1c5ad5309a66],
PUP.Optional.Browser.A, C:\ProgramData\Browser\prompt.exe.config, , [1e69b6ffd1b94de9ac7097e1cc39a55b],
PUP.Optional.OptimizerPro.A, C:\Users\Vivien Förster\Documents\Optimizer Pro\CookiesException.txt, , [5d2a50652565ff377c50dda18b7a3ac6],
PUP.Optional.OpenCandy, C:\Users\Vivien Förster\AppData\Roaming\OpenCandy\1B9BB2D9FA9940A5A934CAF6EDFBC889\TuneUpUtilities2012_de-DE.exe, , [0d7aa114cfbb0036e54bc4ec0ef57888],
PUP.Optional.OpenCandy, C:\Users\Vivien Förster\AppData\Roaming\OpenCandy\24E0A121D864429C97D63C92C9327BE8\5472.ico, , [0d7aa114cfbb0036e54bc4ec0ef57888],
PUP.Optional.OpenCandy, C:\Users\Vivien Förster\AppData\Roaming\OpenCandy\24E0A121D864429C97D63C92C9327BE8\EBB77268-338F-4C6A-8590-AD88FED26F4A, , [0d7aa114cfbb0036e54bc4ec0ef57888],
PUP.Optional.OpenCandy, C:\Users\Vivien Förster\AppData\Roaming\OpenCandy\24E0A121D864429C97D63C92C9327BE8\OCBrowserHelper_1.0.6.125.exe, , [0d7aa114cfbb0036e54bc4ec0ef57888],
PUP.Optional.Datamngr.A, C:\Users\Vivien Förster\AppData\LocalLow\DataMngr\{7CA1F051-A4FB-4143-B263-02B41E571EED}, , [90f733820783a78f506c387d18eb51af],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update\conf, , [3c4bd3e22565d2649efe2e93669d5aa6],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update\PluginUpdate.exe, , [3c4bd3e22565d2649efe2e93669d5aa6],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-09-16[17-48-58-973].log, , [97f0d5e0701a7eb82b3d7a49b2512dd3],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, , [97f0d5e0701a7eb82b3d7a49b2512dd3],
PUP.Optional.SystemSpeedup, C:\Users\Vivien Förster\AppData\Roaming\systweak\ssd\SSDPTstub.exe, , [4641397c2862da5ce6eb2d96f60df20e],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleCrashHandler.exe, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdate.exe, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateBroker.exe, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateHelper.msi, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\GoogleUpdateOnDemand.exe, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdate.dll, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\goopdateres_en.dll, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psmachine.dll, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\psuser.dll, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.T, C:\Program Files (x86)\globalUpdate\Update\Download\{3905E6B7-140D-44B4-8354-FB0A97ECBEA2}\1.3.25.27\setup.exe, , [e7a0a411d8b241f51c754d776a9951af],
PUP.Optional.GlobalUpdate.A, C:\Users\Vivien Förster\AppData\Local\Temp\comh.67507\GoogleUpdateHelper.msi, , [cfb84f668efc1d198129fbc909fa5ea2],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\235.json, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\MessageBox.xml, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\uninstallDlg2.xml, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\UninstallManager.exe, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\bg.png, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\bg1.png, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\bk_shadow.png, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\button.png, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\button1.png, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\checkbox.png, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\checkbox_select.png, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\checked.png, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\close.png, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\loading_bg.png, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\loading_light.png, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\min.png, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\scrollbar.bmp, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\Thumbs.db, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\unchecked.png, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\code\code1.jpg, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\code\code2.jpg, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\code\code3.jpg, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\code\code4.jpg, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\code\code5.jpg, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\code\code6.jpg, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.IStartSurf.A, C:\Users\Vivien Förster\AppData\Roaming\istartsurf\images\code\Thumbs.db, , [36515461afdbf0460be40eb98f74c739],
PUP.Optional.BrowserManager.A, C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\00, , [f88f3a7b76149c9a831930a5729136ca],
PUP.Optional.BrowserManager.A, C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\01, , [f88f3a7b76149c9a831930a5729136ca],
PUP.Optional.BrowserManager.A, C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\02, , [f88f3a7b76149c9a831930a5729136ca],
PUP.Optional.BrowserManager.A, C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\10, , [f88f3a7b76149c9a831930a5729136ca],
PUP.Optional.BrowserManager.A, C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\11, , [f88f3a7b76149c9a831930a5729136ca],
PUP.Optional.BrowserManager.A, C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\12, , [f88f3a7b76149c9a831930a5729136ca],
PUP.Optional.BrowserManager.A, C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\20, , [f88f3a7b76149c9a831930a5729136ca],
PUP.Optional.BrowserManager.A, C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\21, , [f88f3a7b76149c9a831930a5729136ca],
PUP.Optional.BrowserManager.A, C:\ProgramData\Browser Manager\2.2.565.25\{16cdff19-861d-48e3-a751-d99a27784753}\traking_settings\22, , [f88f3a7b76149c9a831930a5729136ca],
PUP.Optional.Fun4U.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\o698XPPx@gmail.com\chrome.manifest, , [394ed4e1d4b61d1951326905ca3c0af6],
PUP.Optional.Fun4U.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\o698XPPx@gmail.com\install.rdf, , [394ed4e1d4b61d1951326905ca3c0af6],
PUP.Optional.Fun4U.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\o698XPPx@gmail.com\chrome\content\browser.xul, , [394ed4e1d4b61d1951326905ca3c0af6],
PUP.Optional.Fun4U.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\extensions\o698XPPx@gmail.com\chrome\content\main.js, , [394ed4e1d4b61d1951326905ca3c0af6],
PUP.Optional.Delta.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.startup.homepage", "hxxp://www.delta-homes.com/?type=hp&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA");), ,[7a0d1e97aedc2d09647b4c2456b00df3]
PUP.Optional.Delta.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "hxxp://www.delta-homes.com/newtab/?type=nt&ts=1430317765&from=ient04290&uid=ST9500325AS_6VE1V5JAXXXX6VE1V5JA");), ,[cfb8b8fde3a70c2af8e8e18f3cca649c]
PUP.Optional.CrossRider.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.crossrider.bic", "14898a663421ef8e415b53f2b739e083");), ,[0186ae07bdcda195a99695dc32d47090]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.admin", false);), ,[0285e4d19befbb7b0b40056cee1843bd]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (ferences

/* Do not edit this file.
 *
 * If you m), ,[e1a69c193b4f81b5c685b1c042c4a060]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (rences

/* Do not edit this file.
 *
 * If you make ), ,[3156763fcac02e080e3d3839b0565ba5]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (nces

/* Do not edit this file.
 *
 * If you make change), ,[aed9c4f19cee54e294b70c6582847a86]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (

/* Do not edit this file.
 *
 * If you make ), ,[b8cfa70ee7a370c685c6531e9f67c33d]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (references

/* Do not edit this file.
 *
 * If ), ,[3255763fd9b140f6e863cea3e6203cc4]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (eferences

/* Do not edit this file.
 *
 * If you), ,[2a5d03b295f57bbba2a9125f40c66898]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (erences

/* Do not edit this file.
 *
 * If you m), ,[e3a460554545cb6bb09b5819e91d827e]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (erences

/* Do not edit this file.
 *
 * If you make ), ,[11766a4b4d3d270f88c30c6516f0669a]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (ces

/* Do not edit this file.
 *
 * If you make changes ), ,[5631fdb8dab04aec2d1e89e8ea1c4cb4]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (

/* Do not edit this file.
 *
 * If you make chang), ,[780fc0f54e3c96a00645bdb416f0c937]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (rences

/* Do not edit this file.
 *
 * If you make), ,[9fe8d9dc1d6d072fd07b135eff0702fe]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (ences

/* Do not edit this file.
 *
 * If you make changes to this file while ), ,[e3a4dbda5a30dd594a01323f689ef907]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (s file.
 *
 * If you make changes to this file wh), ,[c4c39322addd13231c2fe68b82846e92]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (eferences

/* Do not edit this file.
 *
 * If you make changes to this file w), ,[2067a411c1c9b185e46759181fe7ed13]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (is file.
 *
 * If you make changes to this file while the application is run), ,[e7a06e47fa90d46257f410618d79a35d]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: ( this file.
 *
 * If you make changes to this file whil), ,[ec9b3a7b5b2fba7cf4571b5649bdd32d]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (ces

/* Do not edit this file.
 *
 * If you make ch), ,[fd8afabbccbe40f66fdc7df4b6508080]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (ences

/* Do not edit this file.
 *
 * If you make ch), ,[2d5a189d1b6fa6907dce630e9f67748c]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (ences

/* Do not edit this file.
 *
 * If you make change), ,[e2a5744173178fa75bf06c05e91d8a76]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (rences

/* Do not edit this file.
 *
 * If you make changes to th), ,[9cebd2e3cfbb4de9212a85ecb94d0af6]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: ( not edit this file.
 *
 * If you make changes t), ,[5037278e0486fe38c2899cd59f670af6]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (references

/* Do not edit this file.
 *
 * If you ma), ,[8bfc85307c0eba7cc08b175a0afc6f91]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (ces

/* Do not edit this file.
 *
 * If you make), ,[6e197045e1a995a12d1e017001051be5]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (ferences

/* Do not edit this file.
 *
 * If you ), ,[97f011a494f6cf6789c23938cb3bae52]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (erences

/* Do not edit this file.
 *
 * If you make change), ,[8700d8dd2565280ecf7c254c10f651af]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (
/* Do not edit this file.
 *
 * If you make changes to ), ,[6126971e1971fe38ce7d5e136a9cfe02]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (es

/* Do not edit this file.
 *
 * If you make change), ,[92f57144266411256cdf472ada2ce51b]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (es

/* Do not edit this file.
 *
 * If you make chan), ,[f790ab0a88021f1797b45f1227dff010]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (nces

/* Do not edit this file.
 *
 * If you m), ,[e6a17540cac0013555f69bd634d25ea2]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (references

/* Do not edit this file.
 *
 * If you ), ,[36519025404a44f2a1aa472aec1a60a0]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (ences

/* Do not edit this file.
 *
 * If you ma), ,[8700f4c1602a3105f8534d247096629e]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (ferences

/* Do not edit this file.
 *
 * If), ,[0e796b4a355577bf2229fb7655b1af51]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: ( Preferences

/* Do not edit this file.
 *
 * If ), ,[f592eacb9dedfe38b299bfb27d89b24e]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (erences

/* Do not edit this file.
 *
 * If you mak), ,[56311d982f5bf640e96275fc2bdb1ae6]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (ences

/* Do not edit this file.
 *
 * If you make c), ,[c9be961ffc8e39fd74d71b56679fbb45]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (nces

/* Do not edit this file.
 *
 * If you make changes to ), ,[2c5b4174acde0d29202bc0b1828417e9]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (* Do not edit this file.
 *
 * If you make changes), ,[4a3d1d9881098aaca5a63b363ec808f8]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (ferences

/* Do not edit this file.
 *
 * If you make changes to this file while the ap), ,[03847a3bd2b82b0baaa1d49d2fd7b34d]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: ( *
 * If you make changes to this file while the appl), ,[2b5ce8cdbccedc5ab596d69b8680dd23]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (rences

/* Do not edit this file.
 *
 * If you make changes to this file while the application is running,
 * the changes will be overwritten when the application exit), ,[e5a26c491179f83ee16a215047bf9a66]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: ( changes will be overwritten when the application exits.
), ,[f2959e17cdbddd5955f6a3ceb25407f9]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (ces

/* Do not edit this file.
 *
 * If you make c), ,[0f78298ced9d35015cef640d3dc912ee]
PUP.Optional.Babylon.A, C:\Users\Vivien Förster\AppData\Roaming\Mozilla\Firefox\Profiles\6dc5r5mz.default\prefs.js, Gut: (), Schlecht: (rences

/* Do not edit this file.
 *
 * If you make changes to ), ,[e3a4268fd2b8f046ae9d82ef8a7ccd33]

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)


Alle Zeitangaben in WEZ +1. Es ist jetzt 19:35 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132