Hoffe es stimmt alles ! Code:
# AdwCleaner v3.023 - Bericht erstellt am 14/04/2014 um 19:26:35
# Aktualisiert 01/04/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Marian Curdt - MARIANCURDTPC
# Gestartet von : C:\Users\Marian Curdt\Downloads\adwcleaner.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\WPM
Ordner Gelöscht : C:\Program Files (x86)\BonanzaDeals
Ordner Gelöscht : C:\Program Files (x86)\BrowseSmart
Ordner Gelöscht : C:\Program Files (x86)\Mobogenie
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Program Files (x86)\SupTab
Ordner Gelöscht : C:\Windows\SysWOW64\AI_RecycleBin
Ordner Gelöscht : C:\Users\Marian Curdt\AppData\Local\Mobogenie
Ordner Gelöscht : C:\Users\Marian Curdt\AppData\Roaming\Advanced System Protector
Ordner Gelöscht : C:\Users\Marian Curdt\AppData\Roaming\SupTab
Ordner Gelöscht : C:\Users\Marian Curdt\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Marian Curdt\AppData\Roaming\UpdaterEX
Ordner Gelöscht : C:\Users\Marian Curdt\Documents\Mobogenie
Datei Gelöscht : C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\user.js
Datei Gelöscht : C:\Windows\System32\Tasks\UpdaterEX
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C292AD0A-C11F-479B-B8DB-743E72D283B0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Schlüssel Gelöscht : HKCU\Software\lollipop
Schlüssel Gelöscht : HKCU\Software\pc speed maximizer
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\UpdaterEX
Schlüssel Gelöscht : HKLM\Software\supTab
Schlüssel Gelöscht : HKLM\Software\supWPM
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\Wpm
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.16521
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v28.0 (de)
[ Datei : C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\prefs.js ]
Zeile gelöscht : user_pref("extensions.mysearchdial.aflt", "dnldstr1202");
Zeile gelöscht : user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");
Zeile gelöscht : user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzutDtDtC0FtA0FtDtDzz0EzztAtByE0CtBtN0D0Tzu0SyBtCtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R");
Zeile gelöscht : user_pref("extensions.mysearchdial.cr", "429356880");
Zeile gelöscht : user_pref("extensions.mysearchdial.dfltLng", "");
Zeile gelöscht : user_pref("extensions.mysearchdial.dfltSrch", true);
Zeile gelöscht : user_pref("extensions.mysearchdial.dnsErr", true);
Zeile gelöscht : user_pref("extensions.mysearchdial.excTlbr", false);
Zeile gelöscht : user_pref("extensions.mysearchdial.hmpg", true);
Zeile gelöscht : user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=dnldstr1202&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0FtDtDzz0EzztAtByE0CtBtN0D0Tzu0SyBtCtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1Czu[...]
Zeile gelöscht : user_pref("extensions.mysearchdial.id", "001F3F008E8324C2");
Zeile gelöscht : user_pref("extensions.mysearchdial.instlDay", "16050");
Zeile gelöscht : user_pref("extensions.mysearchdial.instlRef", "");
Zeile gelöscht : user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=dnldstr1202&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0FtDtDzz0EzztAtByE0CtBtN0D0Tzu0SyBtCtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1C[...]
Zeile gelöscht : user_pref("extensions.mysearchdial.prdct", "mysearchdial");
Zeile gelöscht : user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");
Zeile gelöscht : user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");
Zeile gelöscht : user_pref("extensions.mysearchdial.tlbrId", "base");
Zeile gelöscht : user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=dnldstr1202&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0FtDtDzz0EzztAtByE0CtBtN0D0Tzu0SyBtCtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L[...]
Zeile gelöscht : user_pref("extensions.mysearchdial.vrsn", "1.8.21.0");
Zeile gelöscht : user_pref("extensions.mysearchdial.vrsni", "1.8.21.0");
Zeile gelöscht : user_pref("extensions.mysearchdial_i.hmpg", true);
Zeile gelöscht : user_pref("extensions.mysearchdial_i.newTab", false);
Zeile gelöscht : user_pref("extensions.mysearchdial_i.smplGrp", "none");
Zeile gelöscht : user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.21.016:4:53");
-\\ Google Chrome v
[ Datei : C:\Users\Marian Curdt\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [5594 octets] - [14/04/2014 19:26:07]
AdwCleaner[S0].txt - [5087 octets] - [14/04/2014 19:26:35]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5147 octets] ########## Code:
Malwarebytes Anti-Malware
www.malwarebytes.org
Suchlauf Datum: 14.04.2014
Suchlauf-Zeit: 19:12:26
Logdatei: mbam.txt
Administrator: Ja
Version: 2.00.1.1004
Malware Datenbank: v2014.04.14.06
Rootkit Datenbank: v2014.03.27.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Chameleon: Deaktiviert
Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Marian Curdt
Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 300200
Verstrichene Zeit: 15 Min, 14 Sek
Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Shuriken: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
Prozesse: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registrierungsschlüssel: 13
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{D40753C7-8A59-4C1F-BE88-C300F4624D5B}, In Quarantäne, [8b75a8583ac643bd20b1a0a828da58a8],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, In Quarantäne, [8b75a8583ac643bd20b1a0a828da58a8],
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{C292AD0A-C11F-479B-B8DB-743E72D283B0}, In Quarantäne, [8b75a8583ac643bd20b1a0a828da58a8],
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [46bab8484cb4d52ba5bc3e5d34cf8080],
PUP.Optional.Awesomehp.A, HKLM\SOFTWARE\WOW6432NODE\awesomehpSoftware, In Quarantäne, [659b11efb749619f65d0e294eb1754ac],
PUP.Optional.BonanzaDeals.A, HKLM\SOFTWARE\WOW6432NODE\BonanzaDealsLive, In Quarantäne, [d8281be52bd5936d873c6334ae5560a0],
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [8a7601ff7a862ad658090d8ef70c07f9],
PUP.Optional.BrowseSmart.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update BrowseSmart, In Quarantäne, [d828ac5431cf817f68079905fd0615eb],
PUP.Optional.Wisenwizard.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Update wisen wizard, In Quarantäne, [c739827e9868a25e0b9744320af83fc1],
PUP.Optional.BonanzaDeals.A, HKU\S-1-5-21-1656074084-342888944-3947257893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BonanzaDealsLive, In Quarantäne, [d828c43c31cfe91749789cfb34cf6898],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1656074084-342888944-3947257893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, In Quarantäne, [19e7c040f709bc4499c188f1e2205da3],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1656074084-342888944-3947257893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, In Quarantäne, [3bc505fbfd033ec2a5f0444baf541ee2],
PUP.Optional.Qone8, HKU\S-1-5-21-1656074084-342888944-3947257893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, In Quarantäne, [d729a85807f9aa5617490695aa59ea16],
Registrierungswerte: 2
PUP.Optional.QuickStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|quick_start@gmail.com, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com, In Quarantäne, [45bb8d7340c0f808f01976f7ee141ee2]
PUP.Optional.InstallCore.A, HKU\S-1-5-21-1656074084-342888944-3947257893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0H1L1J1L1S1R1N, In Quarantäne, [3bc505fbfd033ec2a5f0444baf541ee2]
Registrierungsdaten: 9
PUP.Optional.Awesomehp.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.awesomehp.com/?type=hp&ts=1393854552&from=amt&uid=ST500DM002-1BD142_Z3T99M3NXXXXZ3T99M3N, Gut: (hxxp://www.google.com), Schlecht: (hxxp://www.awesomehp.com/?type=hp&ts=1393854552&from=amt&uid=ST500DM002-1BD142_Z3T99M3NXXXXZ3T99M3N),Ersetzt,[18e8e41cdb255ca4f387ac6c09fb58a8]
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[48b835cb0ff19a66b2844ed421e327d9]
PUP.Optional.MySearchDial.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\ABOUTURLS|Tabs, hxxp://start.mysearchdial.com/?f=2&a=dnldstr1202&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0FtDtDzz0EzztAtByE0CtBtN0D0Tzu0SyBtCtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=429356880&ir=, Gut: (www.google.com), Schlecht: (hxxp://start.mysearchdial.com/?f=2&a=dnldstr1202&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0FtDtDzz0EzztAtByE0CtBtN0D0Tzu0SyBtCtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=429356880&ir=),Ersetzt,[8d7328d818e87a86044bef29db296c94]
PUP.Optional.Awesomehp.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.awesomehp.com/web/?type=ds&ts=1393854552&from=amt&uid=ST500DM002-1BD142_Z3T99M3NXXXXZ3T99M3N&q={searchTerms}, Gut: (hxxp://www.google.com), Schlecht: (hxxp://www.awesomehp.com/web/?type=ds&ts=1393854552&from=amt&uid=ST500DM002-1BD142_Z3T99M3NXXXXZ3T99M3N&q={searchTerms}),Ersetzt,[4eb28d73aa56ec1480f8b8602dd7fb05]
PUP.Optional.Awesomehp.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.awesomehp.com/?type=hp&ts=1393854552&from=amt&uid=ST500DM002-1BD142_Z3T99M3NXXXXZ3T99M3N, Gut: (hxxp://www.google.com), Schlecht: (hxxp://www.awesomehp.com/?type=hp&ts=1393854552&from=amt&uid=ST500DM002-1BD142_Z3T99M3NXXXXZ3T99M3N),Ersetzt,[b24e2ad6f8089b65b8bbd64242c232ce]
PUP.Optional.Awesomehp.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.awesomehp.com/?type=hp&ts=1393854552&from=amt&uid=ST500DM002-1BD142_Z3T99M3NXXXXZ3T99M3N, Gut: (hxxp://www.google.com), Schlecht: (hxxp://www.awesomehp.com/?type=hp&ts=1393854552&from=amt&uid=ST500DM002-1BD142_Z3T99M3NXXXXZ3T99M3N),Ersetzt,[98687d83fe024cb49bdf32e601038a76]
PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Ersetzt,[f10f0bf5c63a05fbc1753fe372921fe1]
PUP.Optional.Awesomehp.A, HKU\S-1-5-21-1656074084-342888944-3947257893-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.awesomehp.com/?type=hp&ts=1393854552&from=amt&uid=ST500DM002-1BD142_Z3T99M3NXXXXZ3T99M3N, Gut: (hxxp://www.google.com), Schlecht: (hxxp://www.awesomehp.com/?type=hp&ts=1393854552&from=amt&uid=ST500DM002-1BD142_Z3T99M3NXXXXZ3T99M3N),Ersetzt,[2bd52ed23ec2a25e45367b9d46bec53b]
PUP.Optional.MySearchDial.A, HKU\S-1-5-21-1656074084-342888944-3947257893-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://start.mysearchdial.com/?f=1&a=dnldstr1202&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0FtDtDzz0EzztAtByE0CtBtN0D0Tzu0SyBtCtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=429356880&ir=, Gut: (hxxp://www.google.com), Schlecht: (hxxp://start.mysearchdial.com/?f=1&a=dnldstr1202&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0FtDtDzz0EzztAtByE0CtBtN0D0Tzu0SyBtCtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=429356880&ir=),Ersetzt,[33cda15f9967718f514dee338f75e719]
Ordner: 42
PUP.Optional.Awesomehp.A, C:\Users\Marian Curdt\AppData\Roaming\awesomehp, In Quarantäne, [f709a15fba46b947b15e61155aa813ed],
PUP.Optional.Awesomehp.A, C:\Users\Marian Curdt\AppData\Roaming\awesomehp\images, In Quarantäne, [f709a15fba46b947b15e61155aa813ed],
PUP.Optional.BonanzaDeals.A, C:\ProgramData\BonanzaDealsLive, In Quarantäne, [d12f9c64ea167090d2aa2636659ddf21],
PUP.Optional.BonanzaDeals.A, C:\ProgramData\BonanzaDealsLive\Update, In Quarantäne, [d12f9c64ea167090d2aa2636659ddf21],
PUP.Optional.BonanzaDeals.A, C:\ProgramData\BonanzaDealsLive\Update\Log, In Quarantäne, [d12f9c64ea167090d2aa2636659ddf21],
PUP.Optional.BonanzaDeals.A, C:\Users\Marian Curdt\AppData\Local\BonanzaDealsLive, In Quarantäne, [5ea2d22ea35d46ba205de27acc3612ee],
PUP.Optional.BonanzaDeals.A, C:\Users\Marian Curdt\AppData\Local\BonanzaDealsLive\CrashReports, In Quarantäne, [5ea2d22ea35d46ba205de27acc3612ee],
PUP.Optional.BonanzaDeals.A, C:\Program Files (x86)\BonanzaDealsLive, In Quarantäne, [f80849b7b947847c067969f306fca45c],
PUP.Optional.BonanzaDeals.A, C:\Program Files (x86)\BonanzaDealsLive\CrashReports, In Quarantäne, [f80849b7b947847c067969f306fca45c],
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService, In Quarantäne, [7b85cf31af51ff0163f10c52917134cc],
PUP.Optional.IePluginService.A, C:\ProgramData\IePluginService\update, In Quarantäne, [7b85cf31af51ff0163f10c52917134cc],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\content, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\content\include, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\content\include\tools, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\content\js, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\en, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\en-US, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\es, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\es-419, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\fr, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\fr-BE, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\fr-CA, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\fr-CH, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\fr-LU, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\it, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\it-CH, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\pl, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\pt-BR, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\ru, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\ru-MO, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\tr, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\vi, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\zh-CN, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\zh-TW, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\skin, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\skin\weather, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\defaults, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\defaults\preferences, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\modules, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
Dateien: 137
PUP.Optional.SupTab.A, C:\Users\Marian Curdt\AppData\Roaming\SupTab\SupTab.dll, In Quarantäne, [e21ec33da45c7c84fa502f06db25fb05],
PUP.Optional.DomaIQ, C:\Users\Marian Curdt\Downloads\Java.exe, In Quarantäne, [27d9e61a3cc4fb05222c52ed35cb2ed2],
PUP.Optional.Somoto, C:\Users\Marian Curdt\Downloads\_crAzy-WRiterZ)_downloader-0By6hr8L.exe, In Quarantäne, [2cd428d89e62689875c4486eec173ec2],
PUP.Optional.AdlSoft, C:\Users\Marian Curdt\Downloads\MinecraftSetup.exe, In Quarantäne, [6898c23e05fbb44c80d9bcb0dc25c937],
PUP.Optional.4shared, C:\Users\Marian Curdt\Downloads\DESERT STORM.part1.exe, In Quarantäne, [29d75da3ca36a0603b6d35312bd6cc34],
PUP.Optional.Amonetize.A, C:\Users\Marian Curdt\Downloads\DOWNLOAD GAME Conflict_ Desert Storm [PC GAME] Full Version__2774_il14783.exe, In Quarantäne, [e719619f936d4fb14efaee4b9967d030],
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}.xpi, In Quarantäne, [887821dfae526d93f2796cfbd52dbc44],
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\searchplugins\Mysearchdial.xml, In Quarantäne, [2ed243bd0df3619f891ea9c507fb659b],
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, In Quarantäne, [0af60bf5e21eb34dfa1a7ff4788a1fe1],
PUP.Optional.Awesomehp.A, C:\Users\Marian Curdt\AppData\Roaming\awesomehp\67.json, In Quarantäne, [f709a15fba46b947b15e61155aa813ed],
PUP.Optional.Awesomehp.A, C:\Users\Marian Curdt\AppData\Roaming\awesomehp\uninstallDlg.xml, In Quarantäne, [f709a15fba46b947b15e61155aa813ed],
PUP.Optional.Awesomehp.A, C:\Users\Marian Curdt\AppData\Roaming\awesomehp\UninstallManager.exe, In Quarantäne, [f709a15fba46b947b15e61155aa813ed],
PUP.Optional.Awesomehp.A, C:\Users\Marian Curdt\AppData\Roaming\awesomehp\images\bg1.png, In Quarantäne, [f709a15fba46b947b15e61155aa813ed],
PUP.Optional.Awesomehp.A, C:\Users\Marian Curdt\AppData\Roaming\awesomehp\images\button1.png, In Quarantäne, [f709a15fba46b947b15e61155aa813ed],
PUP.Optional.Awesomehp.A, C:\Users\Marian Curdt\AppData\Roaming\awesomehp\images\checked.png, In Quarantäne, [f709a15fba46b947b15e61155aa813ed],
PUP.Optional.Awesomehp.A, C:\Users\Marian Curdt\AppData\Roaming\awesomehp\images\close.png, In Quarantäne, [f709a15fba46b947b15e61155aa813ed],
PUP.Optional.Awesomehp.A, C:\Users\Marian Curdt\AppData\Roaming\awesomehp\images\min.png, In Quarantäne, [f709a15fba46b947b15e61155aa813ed],
PUP.Optional.Awesomehp.A, C:\Users\Marian Curdt\AppData\Roaming\awesomehp\images\Thumbs.db, In Quarantäne, [f709a15fba46b947b15e61155aa813ed],
PUP.Optional.Awesomehp.A, C:\Users\Marian Curdt\AppData\Roaming\awesomehp\images\unchecked.png, In Quarantäne, [f709a15fba46b947b15e61155aa813ed],
PUP.Optional.Awesomehp.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\awesomehp.xml, In Quarantäne, [e91744bc827e9e624cc4f680966c27d9],
PUP.Optional.FunMoods.A, C:\Users\Marian Curdt\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pflphaooapbgpeakohlggbpidpppgdff_0.localstorage, In Quarantäne, [2dd358a833cd47b98247c7d149baeb15],
PUP.Optional.BonanzaDeals.A, C:\ProgramData\BonanzaDealsLive\Update\Log\BonanzaDealsLive.log, In Quarantäne, [d12f9c64ea167090d2aa2636659ddf21],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome.manifest, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\install.rdf, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\content\index.html, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\content\quick_start.js, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\content\quick_start.xul, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\content\include\speed_dial.js, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\content\include\tools\about_blank_hook.js, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\content\include\tools\misc.js, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\content\include\tools\popup_image_helper.js, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\content\include\tools\urlrequestor.js, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\content\js\common.js, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\content\js\doT.min.js, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\content\js\ga.js, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\content\js\jquery-2.1.0.min.js, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\content\js\jquery.autocomplete.js, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\content\js\js.js, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\content\js\xagainit.js, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\en\locale.properties, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\en-US\locale.properties, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\es\locale.properties, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\es-419\locale.properties, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\fr\locale.properties, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\fr-BE\locale.properties, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\fr-CA\locale.properties, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\fr-CH\locale.properties, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\fr-LU\locale.properties, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\it\locale.properties, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\it-CH\locale.properties, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\pl\locale.properties, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\pt-BR\locale.properties, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\ru\locale.properties, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\ru-MO\locale.properties, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\tr\locale.properties, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\vi\locale.properties, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\zh-CN\locale.properties, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\locale\zh-TW\locale.properties, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\skin\arrow.png, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\skin\default_add_logo.png, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\skin\default_add_logo_hover.png, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\skin\default_logo.png, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\skin\googlelogo.png, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\skin\googlelogo2.png, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\skin\google_trends.png, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\skin\icon.png, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\skin\loading.gif, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\skin\logo.ico, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\skin\logo.png, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\skin\logo32.ico, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\skin\style.css, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\chrome\skin\weather\0.png, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\defaults\preferences\fvd.js, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\modules\addonmanager.js, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\modules\aes.js, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\modules\config.js, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\modules\dialogs.js, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\modules\last_tab.js, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\modules\misc.js, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\modules\properties.js, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\modules\remoterequest.js, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\modules\restoreprefs.js, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.QuickStart.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\extensions\quick_start@gmail.com\modules\settings.js, In Quarantäne, [bc44768a10f027d9919978eaed15a858],
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.aflt", "dnldstr1202");), Ersetzt,[39c7ac5457a93fc121d576d6b64e4eb2]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");), Ersetzt,[0ef201ff55ab9e624ea88dbfe91ba759]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzutDtDtC0FtA0FtDtDzz0EzztAtByE0CtBtN0D0Tzu0SyBtCtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R");), Ersetzt,[15eb9a6627d956aa6096f05c4eb6ed13]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.cr", "429356880");), Ersetzt,[0000fb05f60a857b18de4c003aca5fa1]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.dfltLng", "");), Ersetzt,[916f5da3877918e89f574dffd92bee12]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.dfltSrch", true);), Ersetzt,[a7599769fc0418e8698d96b66a9a14ec]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.dnsErr", true);), Ersetzt,[42be46baea163bc54ea8f05cb054f010]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.excTlbr", false);), Ersetzt,[649c837dca3612ee23d390bc34d0d729]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.hmpg", true);), Ersetzt,[a858ec145aa605fbb54166e63dc79f61]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=dnldstr1202&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0FtDtDzz0EzztAtByE0CtBtN0D0Tzu0SyBtCtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=429356880&ir=");), Ersetzt,[4fb129d73bc58b756a8c1e2e17ed946c]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.id", "001F3F008E8324C2");), Ersetzt,[45bb6c94e61aeb1516e0c58705ff926e]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.instlDay", "16050");), Ersetzt,[01ffe61a718fd42c11e5044816ee3cc4]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.instlRef", "");), Ersetzt,[5da3e21e9b656a96ef072d1ff014af51]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=dnldstr1202&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0FtDtDzz0EzztAtByE0CtBtN0D0Tzu0SyBtCtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=429356880&ir=");), Ersetzt,[2cd4ae522dd3c9376b8b262607fdf010]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.prdct", "mysearchdial");), Ersetzt,[b44cdc24ad53e31da15590bcd133be42]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");), Ersetzt,[54ac34ccf7097a86e21451fb17ed39c7]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");), Ersetzt,[837daa56ee126e926f872b2143c1db25]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.tlbrId", "base");), Ersetzt,[12ee966a18e8669af402e56750b4af51]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=dnldstr1202&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0FtDtDzz0EzztAtByE0CtBtN0D0Tzu0SyBtCtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=429356880&ir=&q=");), Ersetzt,[51af8977cc34926eb83e044880846a96]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.vrsn", "1.8.21.0");), Ersetzt,[0000bd434eb221df8b6bb29abe46966a]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.vrsni", "1.8.21.0");), Ersetzt,[3ec26e92fa06d72930c67ad27f85e020]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial_i.hmpg", true);), Ersetzt,[758b24dc07f9c43c6e88400ca85c966a]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial_i.newTab", false);), Ersetzt,[ec14ed1333cd8779bc3a94b81ee64eb2]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial_i.smplGrp", "none");), Ersetzt,[b54b8a76e11fba46d2240349a95b38c8]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.21.016:4:53");), Ersetzt,[17e9f9070ef2e71951a5d7755da7b848]
PUP.Optional.MySearch.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\user.js, Gut: (), Schlecht: (user_pref("extensions.irmysearch.aflt", "dnldstr1202");), Ersetzt,[f10f31cf22dedd2314dab29a20e4a15f]
PUP.Optional.MySearch.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\user.js, Gut: (), Schlecht: (user_pref("extensions.irmysearch.instlRef", "");), Ersetzt,[38c8ee12d12f22de41addd6f3acaa35d]
PUP.Optional.MySearch.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\user.js, Gut: (), Schlecht: (user_pref("extensions.irmysearch.cr", "429356880");), Ersetzt,[bc44659b4ab617e9707e55f742c250b0]
PUP.Optional.MySearch.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\user.js, Gut: (), Schlecht: (user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutDtDtC0FtA0FtDtDzz0EzztAtByE0CtBtN0D0Tzu0SyBtCtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R");), Ersetzt,[dc24a35d728ed62aa64877d5cf3550b0]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.hmpg", true);), Ersetzt,[21dfb34d3fc18a76985f8bc103018878]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.hmpgUrl", "hxxp://start.mysearchdial.com/?f=1&a=dnldstr1202&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0FtDtDzz0EzztAtByE0CtBtN0D0Tzu0SyBtCtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=429356880&ir=");), Ersetzt,[9f613ec29070639dd720014bfe06e51b]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.dfltSrch", true);), Ersetzt,[da2623dd2ed21fe155a20a4228dcdd23]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.srchPrvdr", "Mysearchdial");), Ersetzt,[7b8507f92cd4ad53d621ad9f1de77f81]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.dnsErr", true);), Ersetzt,[f50bf90714ec39c706f197b56a9a827e]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial_i.newTab", false);), Ersetzt,[d12f728e629e926ebf38af9d0df73bc5]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.newTabUrl", "hxxp://start.mysearchdial.com/?f=2&a=dnldstr1202&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0FtDtDzz0EzztAtByE0CtBtN0D0Tzu0SyBtCtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=429356880&ir=");), Ersetzt,[11ef18e8f20ec43c15e2f557cc38a25e]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.tlbrSrchUrl", "hxxp://start.mysearchdial.com/?f=3&a=dnldstr1202&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0FtDtDzz0EzztAtByE0CtBtN0D0Tzu0SyBtCtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=429356880&ir=&q=");), Ersetzt,[88787a86718f9868d81f1636956f35cb]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.id", "001F3F008E8324C2");), Ersetzt,[22de35cbad53679920d754f8b15328d8]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.instlDay", "16050");), Ersetzt,[50b0d22ec23eba4692654804b94bcd33]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.vrsn", "1.8.21.0");), Ersetzt,[10f040c0af51be42c82f3f0daf55659b]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.vrsni", "1.8.21.0");), Ersetzt,[5fa1eb158878ce32fff8f05cb45028d8]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial_i.vrsnTs", "1.8.21.016:4:53");), Ersetzt,[26da9967b54b13ed768164e8db2906fa]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.prtnrId", "mysearchdial");), Ersetzt,[0ff1d32df40c6d934daa2f1d3bc9bb45]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.prdct", "mysearchdial");), Ersetzt,[e11fa15f2dd3d12f985f2e1e9371d12f]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.aflt", "dnldstr1202");), Ersetzt,[53ad817fd03021dfac4b35178a7a4ab6]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial_i.smplGrp", "none");), Ersetzt,[738d1fe1f50bb14f26d1e468f3117b85]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.tlbrId", "base");), Ersetzt,[3dc3b24e1ae6cb35cb2c1e2ea0649868]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.instlRef", "");), Ersetzt,[7090fa0624dcc43caf482b21f60e13ed]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.dfltLng", "");), Ersetzt,[c838f50b7a86d92734c365e723e11ae6]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.appId", "{CA5CAA63-B27C-4963-9BEC-CB16A36D56F8}");), Ersetzt,[aa56ac548c74be42c037ed5fe3219c64]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.excTlbr", false);), Ersetzt,[916f936d12ee8a7665921834db29847c]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial_i.hmpg", true);), Ersetzt,[ef1156aa1ce440c0de19af9de420fc04]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.cr", "429356880");), Ersetzt,[738d9769b24e718fc53227251ee67d83]
PUP.Optional.MySearchDial.A, C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\user.js, Gut: (), Schlecht: (user_pref("extensions.mysearchdial.cd", "2XzuyEtN2Y1L1QzutDtDtC0FtA0FtDtDzz0EzztAtByE0CtBtN0D0Tzu0SyBtCtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R");), Ersetzt,[e818ce32ff01b34dbe39321a29db12ee]
Physische Sektoren: 0
(No malicious items detected)
(end) Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Marian Curdt on 14.04.2014 at 19:32:16,90
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Marian Curdt\AppData\Roaming\mozilla\firefox\profiles\7wdw1shj.default\minidumps [82 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 14.04.2014 at 19:36:46,65
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-04-2014 01
Ran by Marian Curdt (administrator) on MARIANCURDTPC on 14-04-2014 19:59:28
Running from C:\Users\Marian Curdt\Downloads
Windows 7 Home Premium Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WlanNetService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
(SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_IATIINE.EXE
(Spotify Ltd) C:\Users\Marian Curdt\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanGUI.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
(Farbar) C:\Users\Marian Curdt\Downloads\FRST64(1).exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7506136 2013-12-06] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVMWlanClient] => C:\Program Files (x86)\avmwlanstick\wlangui.exe [2105344 2010-10-22] (AVM Berlin)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039240 2013-06-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3774312 2014-04-02] (AVAST Software)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292088 2013-02-22] (Intel Corporation)
HKU\S-1-5-21-1656074084-342888944-3947257893-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIINE.EXE [278112 2011-11-01] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1656074084-342888944-3947257893-1000\...\Run: [Spotify Web Helper] => C:\Users\Marian Curdt\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-12] (Spotify Ltd)
HKU\S-1-5-21-1656074084-342888944-3947257893-1003\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\Sidebar.exe [1475584 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-21-1656074084-342888944-3947257893-1003\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIINE.EXE [278112 2011-11-01] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-1656074084-342888944-3947257893-1003\...\Run: [Spotify Web Helper] => C:\Users\Marian Curdt\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171000 2014-04-12] (Spotify Ltd)
HKU\S-1-5-21-1656074084-342888944-3947257893-1003\...\MountPoints2: {21fde83c-5e8b-11e3-8c52-d3a745ceaade} - G:\pushinst.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x83ECDAC49CF2CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldstr1202&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0FtDtDzz0EzztAtByE0CtBtN0D0Tzu0SyBtCtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=429356880&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnldstr1202&cd=2XzuyEtN2Y1L1QzutDtDtC0FtA0FtDtDzz0EzztAtByE0CtBtN0D0Tzu0SyBtCtCtN1L2XzutBtFtBtFtCyEtFtCtAyBzytN1L1CzutCyD1B1P1R&cr=429356880&ir=
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search
BHO: avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKLM-x32 - avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
FireFox:
========
FF ProfilePath: C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default
FF NewTab: chrome://quick_start/content/index.html
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Unseen - C:\Users\Marian Curdt\AppData\Roaming\Mozilla\Firefox\Profiles\7wdw1shj.default\Extensions\unseen@tangrs.xpi [2014-02-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-02-05]
Chrome:
=======
CHR Extension: (Google Docs) - C:\Users\Marian Curdt\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-05]
CHR Extension: (Google Drive) - C:\Users\Marian Curdt\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-05]
CHR Extension: (YouTube) - C:\Users\Marian Curdt\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-05]
CHR Extension: (Google-Suche) - C:\Users\Marian Curdt\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-05]
CHR Extension: (avast! Online Security) - C:\Users\Marian Curdt\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-02-05]
CHR Extension: (Google Wallet) - C:\Users\Marian Curdt\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-05]
CHR Extension: (Google Mail) - C:\Users\Marian Curdt\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-05]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-02-05]
==================== Services (Whitelisted) =================
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-02-05] (AVAST Software)
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-17] (Intel Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-12-22] ()
S2 Util wisen wizard; "C:\Program Files (x86)\wisen wizard\bin\utilwisenwizard.exe" [X]
==================== Drivers (Whitelisted) ====================
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [78648 2014-02-05] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [92544 2014-02-05] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-02-05] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1038072 2014-02-05] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [421704 2014-02-05] (AVAST Software)
R3 aswStm; C:\Windows\system32\drivers\aswStm.sys [80184 2014-02-05] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [207904 2014-02-05] ()
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
R3 fwlanusbn; C:\Windows\System32\DRIVERS\fwlanusbn.sys [714368 2010-10-22] (AVM GmbH)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-17] (Intel Corporation)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-06-22] (Corel Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S2 tandpl; C:\Windows\SysWOW64\drivers\tandpl.sys [4736 2003-04-19] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-04-14 19:59 - 2014-04-14 19:59 - 02157568 _____ (Farbar) C:\Users\Marian Curdt\Downloads\FRST64(1).exe
2014-04-14 19:58 - 2014-04-14 19:58 - 01146368 _____ (Farbar) C:\Users\Marian Curdt\Downloads\FRST.exe
2014-04-14 19:36 - 2014-04-14 19:36 - 00001087 _____ () C:\Users\Marian Curdt\Desktop\JRT.txt
2014-04-14 19:30 - 2014-04-14 19:30 - 01016261 _____ (Thisisu) C:\Users\Marian Curdt\Downloads\JRT.exe
2014-04-14 19:30 - 2014-04-14 19:30 - 00000000 ____D () C:\Windows\ERUNT
2014-04-14 19:29 - 2014-04-14 19:29 - 00005231 _____ () C:\Users\Marian Curdt\Desktop\adw.txt
2014-04-14 19:26 - 2014-04-14 19:26 - 00000000 ____D () C:\AdwCleaner
2014-04-14 19:25 - 2014-04-14 19:25 - 01426178 _____ () C:\Users\Marian Curdt\Downloads\adwcleaner.exe
2014-04-14 19:16 - 2014-04-14 19:16 - 00046806 _____ () C:\Users\Marian Curdt\Desktop\mbam.txt
2014-04-14 18:53 - 2014-04-14 18:53 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-14 18:53 - 2014-04-14 18:53 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-14 18:53 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-14 18:53 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-14 18:52 - 2014-04-14 18:53 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Marian Curdt\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-13 21:15 - 2014-04-13 21:15 - 00021475 _____ () C:\ComboFix.txt
2014-04-13 21:08 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-04-13 21:08 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-04-13 21:08 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-04-13 21:08 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-04-13 21:08 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-04-13 21:08 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-04-13 21:08 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-04-13 21:08 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-04-13 21:07 - 2014-04-13 21:15 - 00000000 ____D () C:\Qoobox
2014-04-13 21:07 - 2014-04-13 21:14 - 00000000 ____D () C:\Windows\erdnt
2014-04-13 21:06 - 2014-04-13 21:06 - 05194807 ____R (Swearware) C:\Users\Marian Curdt\Desktop\ComboFix.exe
2014-04-13 20:27 - 2014-04-13 20:27 - 00000000 ____D () C:\Users\Marian Curdt\Documents\My Games
2014-04-13 20:25 - 2014-04-13 20:25 - 00002227 _____ () C:\Users\Public\Desktop\Fable - The Lost Chapters.lnk
2014-04-13 20:14 - 2014-04-13 20:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
2014-04-13 18:30 - 2014-04-13 18:30 - 05194807 _____ (Swearware) C:\Users\Marian Curdt\Downloads\ComboFix.exe
2014-04-12 15:45 - 2014-04-12 15:45 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Roaming\com.treefortress.Bardbarian
2014-04-11 14:35 - 2014-04-11 14:35 - 00020745 _____ () C:\Users\Marian Curdt\Downloads\Addition.txt
2014-04-10 15:31 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-04-10 15:31 - 2014-03-31 03:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-04-10 15:31 - 2014-03-31 02:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-04-10 15:31 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-04-10 15:30 - 2014-03-04 11:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-04-10 15:30 - 2014-03-04 11:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-04-10 15:30 - 2014-03-04 11:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-04-10 15:30 - 2014-03-04 11:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-04-10 15:30 - 2014-03-04 11:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-04-10 15:30 - 2014-03-04 11:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-04-10 15:30 - 2014-03-04 11:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-04-10 15:30 - 2014-03-04 11:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-04-10 15:30 - 2014-03-04 11:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-04-10 15:30 - 2014-03-04 10:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-04-10 15:30 - 2014-03-04 10:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-04-10 15:30 - 2014-02-04 04:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-04-10 15:30 - 2014-02-04 04:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-04-10 15:30 - 2014-02-04 04:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-04-10 15:30 - 2014-02-04 04:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-04-10 15:30 - 2014-02-04 04:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-04-10 15:30 - 2014-01-24 04:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-04-09 17:26 - 2014-04-09 17:26 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Marian Curdt\Downloads\mbar-1.07.0.1009(1).exe
2014-04-09 16:49 - 2014-04-14 19:16 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-09 16:49 - 2014-04-14 18:53 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-09 16:49 - 2014-04-10 16:28 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-04-09 16:48 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-09 16:47 - 2014-04-09 16:47 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Marian Curdt\Downloads\mbar-1.07.0.1009.exe
2014-04-06 16:51 - 2014-04-06 16:52 - 66555904 _____ () C:\Users\Marian Curdt\Downloads\Stonehearth™ Alpha Setup.exe
2014-04-06 15:12 - 2014-04-06 15:12 - 01620442 _____ (Picroma ) C:\Users\Marian Curdt\Downloads\CubeSetup3(1).exe
2014-04-06 13:39 - 2014-04-06 14:40 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Local\stonehearth
2014-04-06 13:38 - 2014-04-06 13:38 - 00000000 ____D () C:\ProgramData\Caphyon
2014-04-06 13:37 - 2014-04-06 13:37 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Roaming\Radiant Entertainment
2014-03-31 18:34 - 2014-03-31 18:34 - 00000000 ____D () C:\Users\Marian Curdt\Downloads\FRST-OlderVersion
2014-03-29 22:14 - 2014-04-13 20:25 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-03-29 22:14 - 2014-03-29 22:21 - 00000000 ____D () C:\Users\Marian Curdt\Documents\Stronghold 2
2014-03-29 22:14 - 2014-03-29 22:14 - 00098304 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt.dll
2014-03-29 21:47 - 2014-03-29 21:47 - 00002173 _____ () C:\Users\UpdatusUser\Desktop\Ubisoft Product Registration.lnk
2014-03-29 21:47 - 2001-05-04 11:05 - 00505104 ____R (Microsoft Corporation) C:\Windows\SysWOW64\msxml.dll
2014-03-29 21:47 - 1998-06-24 00:00 - 00115016 ____R (Microsoft Corporation) C:\Windows\SysWOW64\MSINET.OCX
2014-03-29 21:46 - 2014-03-29 21:49 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-03-29 21:46 - 2002-10-17 10:35 - 00026096 ____R (Microsoft Corporation) C:\Windows\SysWOW64\xmlinst.exe
2014-03-29 21:46 - 2002-04-24 12:43 - 00035840 ____R () C:\Windows\SysWOW64\comdlg32.oca
2014-03-29 21:46 - 2002-04-09 17:23 - 00029184 ____R () C:\Windows\SysWOW64\MSINET.oca
2014-03-29 21:46 - 2002-01-07 16:30 - 00024576 ____R (Microsoft Corporation) C:\Windows\SysWOW64\msxml3a.dll
2014-03-29 21:46 - 2001-05-04 11:05 - 00028432 ____R (Microsoft Corporation) C:\Windows\SysWOW64\msxmlr.dll
2014-03-29 21:46 - 2000-05-22 00:00 - 00140488 ____R (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.ocx
2014-03-29 21:46 - 2000-03-17 08:21 - 00069632 ____R () C:\Windows\SysWOW64\xmltok.dll
2014-03-29 21:46 - 2000-03-17 08:21 - 00036864 ____R () C:\Windows\SysWOW64\xmlparse.dll
2014-03-29 21:46 - 1998-06-18 00:00 - 00089360 ____R (Microsoft Corporation) C:\Windows\SysWOW64\VB5DB.DLL
2014-03-29 21:36 - 2003-04-19 01:39 - 00006659 _____ () C:\Windows\SysWOW64\TANDPL.VXD
2014-03-29 21:36 - 2003-04-19 01:32 - 00004736 _____ () C:\Windows\SysWOW64\Drivers\tandpl.sys
2014-03-29 21:36 - 2003-03-02 18:44 - 00007552 _____ () C:\Windows\SysWOW64\Drivers\enodpl.sys
2014-03-29 21:36 - 2001-08-31 16:16 - 00006532 _____ () C:\Windows\SysWOW64\ENODPL.VXD
2014-03-29 14:35 - 2014-03-29 14:35 - 00000000 ____D () C:\Users\Marian Curdt\Desktop\Splash
==================== One Month Modified Files and Folders =======
2014-04-14 19:59 - 2014-04-14 19:59 - 02157568 _____ (Farbar) C:\Users\Marian Curdt\Downloads\FRST64(1).exe
2014-04-14 19:59 - 2013-12-15 23:04 - 00015740 _____ () C:\Users\Marian Curdt\Downloads\FRST.txt
2014-04-14 19:59 - 2013-11-23 13:50 - 00000000 ____D () C:\FRST
2014-04-14 19:58 - 2014-04-14 19:58 - 01146368 _____ (Farbar) C:\Users\Marian Curdt\Downloads\FRST.exe
2014-04-14 19:36 - 2014-04-14 19:36 - 00001087 _____ () C:\Users\Marian Curdt\Desktop\JRT.txt
2014-04-14 19:36 - 2013-12-06 18:34 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-14 19:35 - 2009-07-14 06:45 - 00021648 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-04-14 19:35 - 2009-07-14 06:45 - 00021648 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-04-14 19:34 - 2013-12-06 19:56 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Roaming\.minecraft
2014-04-14 19:30 - 2014-04-14 19:30 - 01016261 _____ (Thisisu) C:\Users\Marian Curdt\Downloads\JRT.exe
2014-04-14 19:30 - 2014-04-14 19:30 - 00000000 ____D () C:\Windows\ERUNT
2014-04-14 19:29 - 2014-04-14 19:29 - 00005231 _____ () C:\Users\Marian Curdt\Desktop\adw.txt
2014-04-14 19:28 - 2014-02-05 17:08 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-04-14 19:27 - 2013-12-06 19:08 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-04-14 19:27 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-04-14 19:27 - 2009-07-14 06:51 - 00069786 _____ () C:\Windows\setupact.log
2014-04-14 19:26 - 2014-04-14 19:26 - 00000000 ____D () C:\AdwCleaner
2014-04-14 19:26 - 2013-12-06 17:24 - 01639576 _____ () C:\Windows\WindowsUpdate.log
2014-04-14 19:25 - 2014-04-14 19:25 - 01426178 _____ () C:\Users\Marian Curdt\Downloads\adwcleaner.exe
2014-04-14 19:16 - 2014-04-14 19:16 - 00046806 _____ () C:\Users\Marian Curdt\Desktop\mbam.txt
2014-04-14 19:16 - 2014-04-09 16:49 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-04-14 19:13 - 2010-11-21 05:47 - 00597370 _____ () C:\Windows\PFRO.log
2014-04-14 18:53 - 2014-04-14 18:53 - 00001102 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-04-14 18:53 - 2014-04-14 18:53 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-04-14 18:53 - 2014-04-14 18:52 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Marian Curdt\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-14 18:53 - 2014-04-09 16:49 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-14 18:48 - 2009-07-14 07:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-04-14 11:02 - 2013-12-06 18:34 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Local\Adobe
2014-04-13 21:15 - 2014-04-13 21:15 - 00021475 _____ () C:\ComboFix.txt
2014-04-13 21:15 - 2014-04-13 21:07 - 00000000 ____D () C:\Qoobox
2014-04-13 21:14 - 2014-04-13 21:07 - 00000000 ____D () C:\Windows\erdnt
2014-04-13 21:14 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini
2014-04-13 21:06 - 2014-04-13 21:06 - 05194807 ____R (Swearware) C:\Users\Marian Curdt\Desktop\ComboFix.exe
2014-04-13 21:02 - 2014-01-05 12:55 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Roaming\Spotify
2014-04-13 20:27 - 2014-04-13 20:27 - 00000000 ____D () C:\Users\Marian Curdt\Documents\My Games
2014-04-13 20:26 - 2014-02-22 14:01 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-04-13 20:25 - 2014-04-13 20:25 - 00002227 _____ () C:\Users\Public\Desktop\Fable - The Lost Chapters.lnk
2014-04-13 20:25 - 2014-03-29 22:14 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-04-13 20:25 - 2013-12-14 13:59 - 00215087 _____ () C:\Windows\DirectX.log
2014-04-13 20:25 - 2013-12-10 17:37 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Local\CrashDumps
2014-04-13 20:14 - 2014-04-13 20:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games
2014-04-13 18:30 - 2014-04-13 18:30 - 05194807 _____ (Swearware) C:\Users\Marian Curdt\Downloads\ComboFix.exe
2014-04-12 21:51 - 2013-12-07 14:04 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Roaming\TS3Client
2014-04-12 21:38 - 2013-12-06 19:10 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-04-12 15:45 - 2014-04-12 15:45 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Roaming\com.treefortress.Bardbarian
2014-04-12 14:33 - 2014-01-05 13:00 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Local\Spotify
2014-04-12 13:54 - 2014-02-21 17:25 - 00000000 ____D () C:\Windows\rescache
2014-04-11 17:29 - 2013-12-10 19:01 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-04-11 17:29 - 2013-12-10 18:58 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Local\Battle.net
2014-04-11 17:29 - 2013-12-10 18:58 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-04-11 15:33 - 2014-01-06 16:29 - 00000000 ____D () C:\Users\Marian Curdt\Desktop\Neuer Ordner
2014-04-11 14:35 - 2014-04-11 14:35 - 00020745 _____ () C:\Users\Marian Curdt\Downloads\Addition.txt
2014-04-11 14:25 - 2010-11-21 08:50 - 00700128 _____ () C:\Windows\system32\perfh007.dat
2014-04-11 14:25 - 2010-11-21 08:50 - 00149766 _____ () C:\Windows\system32\perfc007.dat
2014-04-11 14:25 - 2009-07-14 07:13 - 01622694 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-04-10 18:29 - 2013-12-06 19:52 - 00000000 ____D () C:\Windows\system32\MRT
2014-04-10 18:28 - 2013-12-06 19:52 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-04-10 17:29 - 2014-03-08 14:03 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-04-10 16:28 - 2014-04-09 16:49 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-04-09 17:26 - 2014-04-09 17:26 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Marian Curdt\Downloads\mbar-1.07.0.1009(1).exe
2014-04-09 16:47 - 2014-04-09 16:47 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Marian Curdt\Downloads\mbar-1.07.0.1009.exe
2014-04-09 07:58 - 2013-12-21 16:15 - 00000000 ____D () C:\Program Files (x86)\Cube World
2014-04-06 16:52 - 2014-04-06 16:51 - 66555904 _____ () C:\Users\Marian Curdt\Downloads\Stonehearth™ Alpha Setup.exe
2014-04-06 15:12 - 2014-04-06 15:12 - 01620442 _____ (Picroma ) C:\Users\Marian Curdt\Downloads\CubeSetup3(1).exe
2014-04-06 14:40 - 2014-04-06 13:39 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Local\stonehearth
2014-04-06 13:38 - 2014-04-06 13:38 - 00000000 ____D () C:\ProgramData\Caphyon
2014-04-06 13:37 - 2014-04-06 13:37 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Roaming\Radiant Entertainment
2014-04-03 09:51 - 2014-04-14 18:53 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-04-03 09:51 - 2014-04-09 16:48 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-04-03 09:50 - 2014-04-14 18:53 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-04-02 08:25 - 2013-12-06 17:37 - 00000000 ___RD () C:\Users\Marian Curdt\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-31 18:34 - 2014-03-31 18:34 - 00000000 ____D () C:\Users\Marian Curdt\Downloads\FRST-OlderVersion
2014-03-31 18:34 - 2013-12-15 23:03 - 02157056 _____ (Farbar) C:\Users\Marian Curdt\Downloads\FRST64.exe
2014-03-31 03:16 - 2014-04-10 15:31 - 23134208 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-31 03:13 - 2014-04-10 15:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-31 02:13 - 2014-04-10 15:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-31 01:57 - 2014-04-10 15:31 - 17073152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-29 22:21 - 2014-03-29 22:14 - 00000000 ____D () C:\Users\Marian Curdt\Documents\Stronghold 2
2014-03-29 22:14 - 2014-03-29 22:14 - 00098304 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt.dll
2014-03-29 21:49 - 2014-03-29 21:46 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-03-29 21:47 - 2014-03-29 21:47 - 00002173 _____ () C:\Users\UpdatusUser\Desktop\Ubisoft Product Registration.lnk
2014-03-29 20:28 - 2014-02-15 12:57 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-03-29 14:35 - 2014-03-29 14:35 - 00000000 ____D () C:\Users\Marian Curdt\Desktop\Splash
2014-03-29 12:56 - 2013-12-25 14:08 - 00000000 ____D () C:\Users\Marian Curdt\AppData\Roaming\Audacity
2014-03-18 12:22 - 2013-12-11 17:12 - 00000000 ____D () C:\Users\Marian Curdt\Documents\Diablo III
Some content of TEMP:
====================
C:\Users\Marian Curdt\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-11 16:20
==================== End Of Log ============================ --- --- --- |