Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Spyhunter 4 läßt sich nicht deinstallieren (https://www.trojaner-board.de/162912-spyhunter-4-laesst-deinstallieren.html)

supertrine 18.01.2015 17:27
Spyhunter 4 läßt sich nicht deinstallieren
 
Irgendwie hat sich zuerst die Omiga Leiste, oder so ähnlich bei mir eingeschlichen und ich habe daraufhin spyhunter 4 heruntergeladen. Die Omiga Leiste bin ich losgeworden, aber Spyhunter 4 werde ich einfach nicht los. Ich habe Norton drüberlaufen lassen, ohne Erfolg. Adware hat mir Norton blockiert. Ich habe noch eine Reihe weiterer Anti-Virus und Malware Programme drüberlaufen lassen. Aber kein Erfolg. Ich kenne mich auch überhaupt nicht aus.
Ein Bekannter vor mir hat gemeint ich müßte den Computer neu aufsetzen, wenn ich diesen Spyhunter gar nicht loswerde.
Bitte kann mir wer sagen was logfiles und wie ich die machen kann?
Noch eine Frage ist es sinnvoll einen Wiederherstellungszeitpunkt in windows xp zu setzen? Löst das vielleicht mein Problem?
Dankesehr!

schrauber 18.01.2015 17:42
hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


supertrine 19.01.2015 22:36
FRST herunterladen geht leider nicht
 
Vielen Dank fuer deine rasche Antwort. Ich habe probiert die beiden Versionen herunterzuladen. Zuerst wollte Norton das Download blockieren, dann habe ich Norton deaktiviert. Dann kam aber trotzdem das Pop-up window mit der Meldung .....exe is not a valid WIN32 application.
Kann ich das deaktieren/umgehen oder soll ich ganz was anderes machen?
Dankeschoen

schrauber 20.01.2015 12:34
Wenn diese Meldung kommt war Norton nicht komplett abgeschaltet :)

supertrine 24.01.2015 16:16
Vielen Dank! Habe Norton jetzt komplett deinstalliert. Irgendwas blockiert trotzdem den scan von FRST 32, ich befürchte es ist spyhunter 4.
Und das Internet ist extrem langsam und ganz eigenartig. Ist das noch was zu retten, oder muss ich einen Techniker rufen?
Danke!:stirn:

schrauber 24.01.2015 20:26
Spyhunter kannste auch deinstallieren, das ist ein Fake Programm.

Was genau kommt an Fehlermeldung? Screenshot bitte.

supertrine 25.01.2015 01:20
Liste der Anhänge anzeigen (Anzahl: 1)
ich kann den spyhunter nicht deinstallieren, laesst sich nicht, da dachte ich mir es waere ein virus.
jedenfalls habe ich es geschafft FRST 32 zu installieren und drueberlaufen zu lassen.
habe im Anhang die Daten geschickt die es nach dem scan angezeigt hat. FST 64 konnte ich nicht erfolgreich downloaden. Habe eine screenshot probiert um die fehlermeldung schicken zu koennen, aber da ist nix passiert. Mit Strg und Druck, nix.
Danke!

schrauber 25.01.2015 09:05
Hi,

Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen.
Ich kann auf Arbeit keine Anhänge öffnen, danke.

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

supertrine 27.01.2015 10:19
Danke! Habe oder finde leider keinen Editor auf meinem Computer.

schrauber 27.01.2015 13:38
Scroll man nach unten und schau dir die Antworten-Box hier im Forum an. Das ist genau das was Du auf dem Screenshot siehst :)

supertrine 16.02.2015 11:34
FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-01-2015 01
Ran by windows at 2015-01-25 01:07:40
Running from C:\Documents and Settings\windows\Local Settings\Temporary Internet Files\Content.IE5\ST97GZA2
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus 2015 (Disabled - Up to date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM\...\uTorrent) (Version: 2.2.0 - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.1.102.64 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 10.2.152.32 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{EE6097DD-05F4-4178-9719-D3170BF098E8}) (Version: 1.4.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{308B6AEA-DE50-4666-996D-0FA461719D6B}) (Version: 3.3.0.69 - Apple Inc.)
Apple Software Update (HKLM\...\{C41300B9-185D-475E-BFEC-39EF732F19B1}) (Version: 2.1.2.120 - Apple Inc.)
Bonjour (HKLM\...\{2A981294-F14C-4F0F-9627-D793270922F8}) (Version: 2.0.4.0 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
CCleaner Packages (HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\CCleaner Packages) (Version:  - ) <==== ATTENTION
Generic Wireless LAN Driver (HKLM\...\{7CC7C026-F81D-4405-9639-B157B7480D73}) (Version: 1.01.0005T - Generic)
Google Chrome (HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\Google Chrome) (Version: 39.0.2171.99 - Google Inc.)
Google Earth (HKLM\...\{C768790F-04FB-11E0-9B2C-001AA037B01E}) (Version: 6.0.1.2032 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Inbox Storage (HKLM\...\{8E262F9D-DDEA-4F30-85CD-FD5C28613894}_is1) (Version: 1.0.0.32 - Xacti, LLC)
iTunes (HKLM\...\{FAE36873-1941-4076-A9A5-48812B5EA0B7}) (Version: 10.1.0.56 - Apple Inc.)
Java(TM) 6 Update 24 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.240 - Sun Microsystems, Inc.)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Motorola SM56 Data Fax Modem (HKLM\...\SMSERIAL) (Version:  - )
Mozilla Firefox 35.0 (x86 de) (HKLM\...\Mozilla Firefox 35.0 (x86 de)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
MSN (HKLM\...\MSNINST) (Version:  - )
OpenOffice.org 3.3 (HKLM\...\{82AF3E91-57E1-4754-84D0-40A46E2479AB}) (Version: 3.3.9567 - OpenOffice.org)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5464 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SiS VGA Utilities (HKLM\...\SiS VGA Driver) (Version:  - )
SiSAGP driver (HKLM\...\{DC226AC9-0314-496C-BE6A-B6A132628466}) (Version: 1.22 - )
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Winamp (HKLM\...\Winamp) (Version: 5.601  - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows PowerShell(TM) 1.0 (HKLM\...\KB926139-v2) (Version: 2 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\39.0.2171.99\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.25.11\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.25.11\psuser.dll (Google Inc.)

==================== Restore Points  =========================

13-10-2014 18:39:44 First Restore Point
13-10-2014 20:36:19 First Restore Point
13-10-2014 20:36:37 First Restore Point
06-01-2015 11:43:45 System Checkpoint
07-01-2015 09:45:17 Removed Kaspersky Anti-Virus.
09-01-2015 10:18:03 System Checkpoint
10-01-2015 00:51:43 Removed Adobe Community Help
10-01-2015 00:52:50 Removed Java(TM) 6 Update 22
10-01-2015 00:55:26 Removed QuickTime
10-01-2015 09:17:48 Software Distribution Service 3.0
11-01-2015 21:23:12 Software Distribution Service 3.0
12-01-2015 21:43:50 System Checkpoint
15-01-2015 00:58:52 Software Distribution Service 3.0
15-01-2015 16:45:15 Installed %1 %2.
15-01-2015 16:54:01 Restore Point before Corrupt Patch Registry keys
19-01-2015 23:23:38 System Checkpoint

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2008-04-14 09:00 - 2008-04-14 09:00 - 00000734 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-57989841-1177238915-1003Core.job => C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-57989841-1177238915-1003UA.job => C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe

==================== Loaded Modules (whitelisted) =============

2008-04-14 09:00 - 2008-04-14 09:00 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2008-04-14 09:00 - 2008-04-14 09:00 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2008-07-12 20:09 - 2013-01-02 07:48 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2015-01-18 01:20 - 2014-03-26 07:20 - 00493568 _____ () C:\Program Files\Inbox Storage\sqlite3.dll
2011-01-17 16:19 - 2011-02-15 20:30 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Utility Tray.lnk => C:\WINDOWS\pss\Utility Tray.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\WINDOWS\pss\OpenOffice.org 3.2.lnkStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Google Update => "C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SMSERIAL => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-1606980848-57989841-1177238915-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
Guest (S-1-5-21-1606980848-57989841-1177238915-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-1606980848-57989841-1177238915-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-1606980848-57989841-1177238915-1002 - Limited - Disabled)
windows (S-1-5-21-1606980848-57989841-1177238915-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\windows

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/24/2015 00:54:00 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/19/2015 09:00:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application chrome.exe, version 39.0.2171.95, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/19/2015 08:53:50 PM) (Source: Application Hang) (EventID: 1001) (User: )
Description: Fault bucket 1180947459.

Error: (01/19/2015 08:53:07 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.

Error: (01/18/2015 10:47:43 AM) (Source: Application Hang) (EventID: 1001) (User: )
Description: Fault bucket 1180947459.

Error: (01/18/2015 10:47:14 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000.


System errors:
=============
Error: (01/24/2015 11:51:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMService service terminated unexpectedly.  It has done this 1 time(s).

Error: (01/24/2015 11:47:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error:
%%1053

Error: (01/24/2015 11:47:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security Center Service service to connect.

Error: (01/24/2015 11:47:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Scanner Service service failed to start due to the following error:
%%1053

Error: (01/24/2015 11:47:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Scanner Service service to connect.

Error: (01/24/2015 01:27:51 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the MBAMService service.

Error: (01/24/2015 01:27:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error:
%%1053

Error: (01/24/2015 01:27:16 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Timeout (30000 milliseconds) waiting for the Spybot-S&D 2 Security Center Service service to connect.

Error: (01/24/2015 01:02:40 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Timeout (30000 milliseconds) waiting for a transaction response from the MBAMService service.

Error: (01/24/2015 01:02:02 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Spybot-S&D 2 Security Center Service service failed to start due to the following error:
%%1053


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU 570 @ 2.26GHz
Percentage of memory in use: 82%
Total physical RAM: 765.1 MB
Available physical RAM: 134.47 MB
Total Pagefile: 1873.05 MB
Available Pagefile: 1204.72 MB
Total Virtual: 2047.88 MB
Available Virtual: 1936.23 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:129.86 GB) (Free:52.39 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: 51EC51EC)
Partition 1: (Active) - (Size=129.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=19.2 GB) - (Type=05)

==================== End Of Log ============================
--- --- ---



FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-01-2015 01
Ran by windows (administrator) on WINDOWS-2BA645A on 25-01-2015 01:05:35
Running from C:\Documents and Settings\windows\Local Settings\Temporary Internet Files\Content.IE5\ST97GZA2
Loaded Profiles: windows (Available profiles: windows & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Ares Development Group) C:\Program Files\Ares\Ares.exe
(Inbox.com, Inc.) C:\Program Files\Inbox Storage\InboxStorage.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GROOVE.EXE
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Farbar) C:\Documents and Settings\windows\Local Settings\Temporary Internet Files\Content.IE5\ST97GZA2\FRST[2].exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [421160 2010-11-17] (Apple Inc.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16384000 2007-08-10] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SiSPower] => Rundll32.exe SiSPower.dll,ModeAgent
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2010-12-09] (Nullsoft, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKU\S-1-5-19\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32
HKU\S-1-5-20\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\Run: [ares] => C:\Program Files\Ares\Ares.exe [1015808 2010-10-27] (Ares Development Group)
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\Run: [Google Update] => C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [107912 2015-01-07] (Google Inc.)
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\Run: [Inbox Storage] => C:\Program Files\Inbox Storage\InboxStorage.exe [4107176 2014-03-26] (Inbox.com, Inc.)
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\MountPoints2: G - G:\LaunchU3.exe -a
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\MountPoints2: {172a75ba-2e3d-11e0-a0ea-001e330204b1} - E:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\MountPoints2: {30ddf53a-06f7-11e0-a064-0016441f7a07} - E:\LaunchU3.exe -a
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\MountPoints2: {6ab95dc0-45a9-11e0-a13e-001e330204b1} - E:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-18\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32
Startup: C:\Documents and Settings\windows\Start Menu\Programs\Startup\Microsoft Office Groove.lnk
ShortcutTarget: Microsoft Office Groove.lnk -> C:\Program Files\Microsoft Office\Office12\GROOVE.EXE (Microsoft Corporation)
Startup: C:\Documents and Settings\windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1606980848-57989841-1177238915-1003 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.es/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_en
SearchScopes: HKU\S-1-5-21-1606980848-57989841-1177238915-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.es/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_en
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 213.153.32.129 213.153.32.1

FireFox:
========
FF ProfilePath: C:\Documents and Settings\windows\Application Data\Mozilla\Firefox\Profiles\bouagziu.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1606980848-57989841-1177238915-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-1606980848-57989841-1177238915-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\answers.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\windows\Application Data\Mozilla\Firefox\Profiles\bouagziu.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-01-21]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-12-26]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010-12-11]
FF Extension: No Name - C:\Program Files\Veoh Networks\VeohWebPlayer\FFVideoFinder [Not Found]
FF Extension: No Name - C:\Program Files\AVAST Software\Avast\WebRep\FF [Not Found]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} [Not Found]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} [Not Found]
FF Extension: No Name - C:\Documents and Settings\windows\Application Data\Mozilla\Firefox\Profiles\bouagziu.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [Not Found]
FF Extension: No Name - C:\Documents and Settings\windows\Application Data\Mozilla\Firefox\Profiles\bouagziu.default\extensions\engine@conduit.com [Not Found]
FF Extension: No Name - C:\Documents and Settings\windows\Application Data\Mozilla\Firefox\Profiles\bouagziu.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [Not Found]
FF Extension: No Name - C:\Documents and Settings\windows\Application Data\Mozilla\Firefox\Profiles\bouagziu.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} [Not Found]
FF Extension: No Name - C:\Documents and Settings\windows\Application Data\Mozilla\Firefox\Profiles\bouagziu.default\extensions\{cc05a3e3-64c3-4af2-bfc1-af0d66b69065} [Not Found]
FF Extension: No Name - C:\Documents and Settings\windows\Application Data\Mozilla\Firefox\Profiles\bouagziu.default\extensions\faststartff@gmail.com [Not Found]

Chrome:
=======
CHR StartupUrls: Default -> "hxxp://isearch.omiga-plus.com/?type=hp&ts=1420844763&from=cor&uid=FUJITSUXMHZ2160BHXG2_K62KT8A28NMGT8A28NMGX"
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\39.0.2171.95\pdf.dll ()
CHR Plugin: (Google Gears 0.5.33.0) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\39.0.2171.95\gears.dll No File
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\39.0.2171.95\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-30]
CHR Extension: (Norton Security Toolbar) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-01-15]
CHR Extension: (MapsGalaxy) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd [2014-10-13]
CHR Extension: (Norton Identity Safe) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-01-07]
CHR Extension: (My Logon Manager) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jhibgpjnkkfaiepmjglnhppopjpknhak [2015-01-19]
CHR Extension: (Allin1Convert) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ncheegbloelpifhkekmpljcbekcmbpig [2015-01-15]
CHR Extension: (Google Wallet) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-26]
CHR HKLM\...\Chrome\Extension: [avast! WebRep] - C:\Program Files\AVAST Software\Avast\Setup\WebRep\aswWebRep.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2010-11-22]
StartMenuInternet: chrome.exe - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [770944 2015-01-15] (Enigma Software Group USA, LLC.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R3 AR5211; C:\WINDOWS\System32\DRIVERS\ar5211.sys [547072 2007-06-21] (Atheros Communications, Inc.)
S3 EsgScanner; C:\WINDOWS\System32\DRIVERS\EsgScanner.sys [19984 2015-01-15] ()
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
R3 SiS315; C:\WINDOWS\System32\DRIVERS\sisgrp.sys [321536 2007-08-03] (Silicon Integrated Systems Corporation)
R3 SiSGbeXP; C:\WINDOWS\System32\DRIVERS\SiSGbeXP.sys [43264 2007-10-15] (Silicon Integrated Systems Corp.)
R1 SiSkp; C:\WINDOWS\System32\DRIVERS\srvkp.sys [18688 2007-08-03] (Silicon Integrated Systems Corporation)
S3 cpuz134; \??\C:\DOCUME~1\windows\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [X]
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]
S4 IntelIde; No ImagePath
S3 massfilter; system32\drivers\massfilter.sys [X]
U1 WS2IFSL; No ImagePath
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-24 23:47 - 2015-01-24 23:49 - 00000079 _____ () C:\WINDOWS\wininit.ini
2015-01-24 01:11 - 2015-01-25 01:05 - 00000000 ____D () C:\FRST
2015-01-19 21:29 - 2015-01-19 21:29 - 00000730 _____ () C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-19 21:29 - 2015-01-19 21:29 - 00000724 _____ () C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
2015-01-19 21:29 - 2015-01-19 21:29 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-19 21:29 - 2015-01-19 21:29 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Mozilla
2015-01-18 02:06 - 2015-01-18 02:08 - 00114904 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\6F6744F8.sys
2015-01-18 01:39 - 2015-01-18 01:39 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Malwarebytes
2015-01-18 01:23 - 2015-01-18 01:23 - 00000000 ____D () C:\Documents and Settings\windows\My Documents\Inbox Storage
2015-01-18 01:21 - 2015-01-25 01:03 - 00000000 ____D () C:\Documents and Settings\windows\Application Data\Inbox Storage
2015-01-18 01:20 - 2015-01-18 01:21 - 00000000 ____D () C:\Program Files\Inbox Storage
2015-01-18 01:20 - 2015-01-18 01:20 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Inbox Storage
2015-01-18 01:20 - 2011-06-21 11:24 - 00032768 _____ () C:\WINDOWS\system32\Drivers\sp_rsdrv2.sys
2015-01-18 00:49 - 2015-01-18 00:49 - 00000000 ____D () C:\Documents and Settings\windows\Desktop\travelpics copy folder
2015-01-17 23:14 - 2015-01-17 23:27 - 00000000 ____D () C:\Documents and Settings\windows\Local Settings\Application Data\NPE
2015-01-15 17:15 - 2015-01-25 01:02 - 00008647 _____ () C:\WINDOWS\setupapi.log
2015-01-15 16:46 - 2015-01-19 22:44 - 00013345 _____ () C:\WINDOWS\iis6.log
2015-01-15 16:46 - 2015-01-19 22:44 - 00012973 _____ () C:\WINDOWS\FaxSetup.log
2015-01-15 16:46 - 2015-01-19 22:44 - 00009833 _____ () C:\WINDOWS\ocgen.log
2015-01-15 16:46 - 2015-01-19 22:44 - 00007412 _____ () C:\WINDOWS\tsoc.log
2015-01-15 16:46 - 2015-01-19 22:44 - 00004580 _____ () C:\WINDOWS\comsetup.log
2015-01-15 16:46 - 2015-01-19 22:44 - 00003069 _____ () C:\WINDOWS\ntdtcsetup.log
2015-01-15 16:46 - 2015-01-19 22:44 - 00002675 _____ () C:\WINDOWS\netfxocm.log
2015-01-15 16:46 - 2015-01-19 22:44 - 00001917 _____ () C:\WINDOWS\imsins.log
2015-01-15 16:46 - 2015-01-19 22:44 - 00001144 _____ () C:\WINDOWS\MedCtrOC.log
2015-01-15 16:46 - 2015-01-19 22:44 - 00000811 _____ () C:\WINDOWS\ocmsn.log
2015-01-15 16:46 - 2015-01-19 22:44 - 00000788 _____ () C:\WINDOWS\msgsocm.log
2015-01-15 16:46 - 2015-01-19 22:44 - 00000622 _____ () C:\WINDOWS\tabletoc.log
2015-01-15 16:46 - 2015-01-19 22:43 - 00003756 _____ () C:\WINDOWS\msmqinst.log
2015-01-15 16:46 - 2015-01-15 16:46 - 00001374 _____ () C:\WINDOWS\imsins.BAK
2015-01-15 16:46 - 2015-01-15 16:46 - 00000000 _____ () C:\WINDOWS\setuperr.log
2015-01-15 16:46 - 2015-01-15 16:46 - 00000000 _____ () C:\WINDOWS\setupact.log
2015-01-15 16:45 - 2015-01-15 17:11 - 00001084 _____ () C:\WINDOWS\spupdsvc.log
2015-01-15 16:45 - 2015-01-15 17:07 - 00065536 _____ () C:\WINDOWS\system32\config\WindowsPowerShell.evt
2015-01-15 16:45 - 2015-01-15 16:46 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Windows PowerShell 1.0
2015-01-15 16:45 - 2015-01-15 16:45 - 00000000 ____D () C:\WINDOWS\system32\windowspowershell
2015-01-15 16:44 - 2015-01-15 16:46 - 00030775 _____ () C:\WINDOWS\KB926139-v2.log
2015-01-15 16:44 - 2015-01-15 16:45 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB926139-v2$
2015-01-15 15:19 - 2015-01-15 15:19 - 00000000 ____D () C:\AdwCleaner
2015-01-15 14:57 - 2015-01-15 14:57 - 00000917 _____ () C:\Documents and Settings\windows\Desktop\Revo Uninstaller.lnk
2015-01-15 14:57 - 2015-01-15 14:57 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-01-15 13:01 - 2015-01-24 23:50 - 00000000 ____D () C:\Program Files\Spybot - Search & Destroy 2
2015-01-15 13:01 - 2015-01-24 23:48 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2015-01-15 13:01 - 2015-01-15 13:31 - 00065536 _____ () C:\WINDOWS\system32\config\SpybotSD.evt
2015-01-15 12:15 - 2015-01-15 12:15 - 00000000 ____D () C:\Documents and Settings\windows\Application Data\Nico Mak Computing
2015-01-15 12:15 - 2015-01-15 12:15 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Nico Mak Computing
2015-01-15 12:15 - 2013-03-15 17:01 - 00016384 _____ () C:\WINDOWS\system32\wsusnative32.exe
2015-01-15 11:47 - 2015-01-15 11:47 - 00000935 _____ () C:\Documents and Settings\windows\Desktop\SpyHunter.lnk
2015-01-15 11:47 - 2015-01-15 11:47 - 00000000 ____D () C:\sh4ldr
2015-01-15 11:47 - 2015-01-15 11:47 - 00000000 ____D () C:\Documents and Settings\windows\Start Menu\Programs\SpyHunter
2015-01-15 11:47 - 2015-01-15 11:47 - 00000000 ____D () C:\Documents and Settings\windows\Application Data\Enigma Software Group
2015-01-15 11:45 - 2015-01-15 11:45 - 00019984 _____ () C:\WINDOWS\system32\Drivers\EsgScanner.sys
2015-01-15 11:45 - 2015-01-15 11:45 - 00000000 ____D () C:\Program Files\Enigma Software Group
2015-01-10 00:25 - 2015-01-10 00:25 - 00000682 _____ () C:\Documents and Settings\All Users\Desktop\CCleaner.lnk
2015-01-10 00:25 - 2015-01-10 00:25 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\CCleaner
2015-01-10 00:13 - 2015-01-10 00:13 - 00061952 ____H () C:\WINDOWS\system32\mlfcache.dat
2015-01-10 00:13 - 2015-01-10 00:13 - 00000000 ____D () C:\Documents and Settings\windows\Local Settings\Application Data\StormFall
2015-01-07 10:22 - 2015-01-24 00:45 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Norton

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-01-25 01:06 - 2010-12-09 04:24 - 00000000 ____D () C:\Documents and Settings\windows\Local Settings\Temp
2015-01-25 01:05 - 2010-12-09 03:48 - 01913794 _____ () C:\WINDOWS\WindowsUpdate.log
2015-01-25 00:28 - 2010-12-09 00:12 - 00000986 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-57989841-1177238915-1003UA.job
2015-01-25 00:28 - 2010-12-08 23:57 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-24 23:59 - 2014-09-10 22:49 - 00000000 ____D () C:\Documents and Settings\windows\Desktop\travelpics
2015-01-24 23:58 - 2008-04-14 09:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2015-01-24 23:57 - 2014-09-30 16:35 - 00000226 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2015-01-24 23:57 - 2011-01-21 11:05 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-01-24 23:57 - 2011-01-21 11:05 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-01-24 23:57 - 2010-12-09 04:24 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-01-24 23:57 - 2010-12-08 23:57 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-24 23:56 - 2011-01-21 11:05 - 00032590 _____ () C:\WINDOWS\SchedLgU.Txt
2015-01-24 23:56 - 2010-12-09 04:24 - 00000178 ___SH () C:\Documents and Settings\windows\ntuser.ini
2015-01-19 21:28 - 2011-01-02 19:52 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-18 10:36 - 2010-12-10 03:02 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB975025$
2015-01-18 10:28 - 2010-12-09 00:12 - 00000934 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-57989841-1177238915-1003Core.job
2015-01-18 01:06 - 2011-01-16 14:14 - 00000000 ____D () C:\Documents and Settings\windows\Application Data\U3
2015-01-18 00:45 - 2010-12-10 21:43 - 00034304 _____ () C:\Documents and Settings\windows\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-01-17 23:27 - 2010-12-08 19:32 - 00000211 _____ () C:\boot.ini
2015-01-17 23:12 - 2014-09-26 21:00 - 00000000 ____D () C:\Documents and Settings\Administrator\Local Settings\Temp
2015-01-17 14:06 - 2010-12-24 22:30 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2015-01-15 15:49 - 2010-12-09 04:24 - 00000000 ____D () C:\Documents and Settings\windows
2015-01-15 13:20 - 2010-12-09 04:25 - 00000803 _____ () C:\Documents and Settings\windows\Start Menu\Programs\Internet Explorer.lnk
2015-01-15 13:05 - 2010-12-09 04:24 - 00000000 __SHD () C:\Documents and Settings\LocalService
2015-01-15 12:03 - 2014-09-26 21:00 - 00001599 _____ () C:\Documents and Settings\Administrator\Start Menu\Programs\Remote Assistance.lnk
2015-01-15 02:02 - 2011-01-20 12:26 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Microsoft Help
2015-01-15 01:58 - 2010-12-08 19:35 - 00562470 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-01-15 01:50 - 2014-09-30 15:46 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-01-10 09:23 - 2010-12-20 13:58 - 00000000 ____D () C:\Documents and Settings\windows\Application Data\Skype
2015-01-10 00:53 - 2010-12-11 15:14 - 00000000 ____D () C:\Program Files\Java
2015-01-10 00:51 - 2010-12-12 21:32 - 00000000 ____D () C:\Program Files\Adobe
2015-01-10 00:34 - 2010-12-12 21:29 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2015-01-10 00:34 - 2010-12-12 21:29 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Adobe
2015-01-10 00:27 - 2010-12-10 14:58 - 00000000 ____D () C:\Documents and Settings\windows\Application Data\uTorrent
2015-01-10 00:25 - 2011-01-20 12:17 - 00000000 ____D () C:\Program Files\CCleaner
2015-01-09 10:01 - 2014-09-30 16:35 - 00000220 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2015-01-07 10:08 - 2014-10-13 20:41 - 00404834 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2015-01-07 10:08 - 2014-10-13 20:41 - 00404834 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1606980848-57989841-1177238915-1003-0.dat
2015-01-07 09:47 - 2014-10-13 18:40 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2015-01-07 09:43 - 2010-12-09 00:19 - 00001324 _____ () C:\WINDOWS\system32\d3d9caps.dat
2014-12-31 13:15 - 2011-01-21 00:38 - 110348472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2010-12-10 21:43 - 2015-01-18 00:45 - 0034304 _____ () C:\Documents and Settings\windows\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---

entschuldige die sehr späte Antwort, u.a. siehst du die FRST 32 Logdateien.
Vielen vielen Dank!

schrauber 16.02.2015 18:28
Du nutzt immer noch XP?? :wtf:


Lade Dir bitte von hier Revo Uninstaller Download Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
  • Installiere und starte das Programm. (Bebilderte Anleitung zu Revo Uninstaller)
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den Programmen:

    CCleaner Packages


  • Wähle die Programme nacheinander aus und klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

 






Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Combofix wird überprüfen, ob die Microsoft Windows Wiederherstellungskonsole installiert ist.
    Ist diese nicht installiert, erlaube Combofix diese herunter zu laden und zu installieren. Folge dazu einfach den Anweisungen und aktzeptiere die Endbenutzer-Lizenz.
    Bei heutiger Malware ist dies sehr empfehlenswert, da diese uns eine Möglichkeit bietet, dein System zu reparieren, falls etwas schief geht.
    Bestätige die Information, dass die Wiederherstellungskonsole installiert wurde mit Ja.
    Hinweis: Ist diese bereits installiert, wird Combofix mit der Malwareentfernung fortfahren.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es eine Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort.
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

supertrine 06.04.2015 15:14
antivirus software
 
Lieber Schrauber,
wieder lange gebraucht, entschuldigung, und jetzt den cc cleaner deinstalliert, allerdings mit erweitert und nicht moderat. :(
Combifix hat nicht funktioniert, ich habe alle spyware, malware, avg antivirus programme deinstalliert, aber combifix sagt, dass avg noch aktiv ist, ich finde aber nix mehr, habe alles geloescht, habe das progamm gar nicht mehr drauf.
Hilfe, vielen Dank,
Christine

schrauber 06.04.2015 18:16
Dann bei der Meldung von Combofix einfach auf OK klicken, einfach weiter machen.

supertrine 07.04.2015 16:02
fehlgeschlagen, auch oefters probiert.

schrauber 08.04.2015 06:17
Dann anders, CF weg lassen:


Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.

supertrine 14.04.2015 18:44
Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software

Suchlauf Datum: 4/14/2015
Suchlauf-Zeit: 4:29:32 PM
Logdatei: MBAM log.txt
Administrator: Ja

Version: 2.01.4.1018
Malware Datenbank: v2015.04.14.04
Rootkit Datenbank: v2015.03.31.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows XP Service Pack 3
CPU: x86
Dateisystem: NTFS
Benutzer: windows

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 349991
Verstrichene Zeit: 15 Min, 9 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 2
PUP.Optional.Softonic.A, HKLM\SOFTWARE\softonic-de3, In Quarantäne, [eb91a7c5fc8ed0669cfc7954d62ddf21],
PUP.Optional.Softonic.A, HKU\S-1-5-21-1606980848-57989841-1177238915-1003\SOFTWARE\softonic-de3, In Quarantäne, [a2daf3793852ad89a6f1a8252dd63bc5],

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 87
PUP.Optional.Softonic.A, C:\Documents and Settings\NetworkService\Local Settings\Application Data\softonic-de3, In Quarantäne, [45378ede5c2e6ccafda7b303b053c53b],
PUP.Optional.Softonic.A, C:\Documents and Settings\NetworkService\Local Settings\Application Data\softonic-de3\Logs, In Quarantäne, [45378ede5c2e6ccafda7b303b053c53b],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\adapter, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\abstractbutton, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\abstractbutton\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\alert, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\alert\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedhtml, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedhtml\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedhtml\html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedhtml\js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedscript, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedscript\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedscript\html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedscript\js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\flare, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\flare\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\flare\icons, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\generic, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\generic\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\link, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\link\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu\css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu\html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu\images, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu\js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\rss, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\rss\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\thirdparty, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\thirdparty\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\uninstall, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\uninstall\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\weather, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\weather\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\common, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\radio, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\radio\css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\radio\js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\rss, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\rss\js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\test, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\topapps, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\topapps\css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\topapps\js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\weather, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\weather\css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\weather\js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\api, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\api\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\api\window, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\defaultSearch, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\defaultSearch\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\defaultSearch\foreground, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\moviereviews, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\moviereviews\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\moviereviews\css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\moviereviews\html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\moviereviews\js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\radio, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\radio\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\radio\css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\radio\foreground, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\radio\radioWrapper, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\search, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\search\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\search\html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\supertab, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\supertab\css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\supertab\html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\supertab\js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\icons, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\native, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\native\libs, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\shared, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\_metadata, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],

Dateien: 222
PUP.Optional.InstallCore.SID.A, C:\Documents and Settings\windows\My Documents\Downloads\ccleaner (1).exe, In Quarantäne, [2a52adbfbbcf87af3f7781bbf5119868],
PUP.Optional.InstallCore.SID.A, C:\Documents and Settings\windows\My Documents\Downloads\ccleaner.exe, In Quarantäne, [b5c74c20d0ba3402278f0438f70f966a],
PUP.Optional.Softonic, C:\Documents and Settings\windows\Local Settings\Temporary Internet Files\Content.IE5\3XVU5MEJ\SoftonicDownloader_for_superedi[1].exe, In Quarantäne, [fe7ee587296152e49dd9e27ab64a7888],
PUP.Optional.Softonic.A, C:\Documents and Settings\NetworkService\Local Settings\Application Data\softonic-de3\tbsof0.dll, In Quarantäne, [45378ede5c2e6ccafda7b303b053c53b],
PUP.Optional.Softonic.A, C:\Documents and Settings\NetworkService\Local Settings\Application Data\softonic-de3\toolbar.cfg, In Quarantäne, [45378ede5c2e6ccafda7b303b053c53b],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\bg.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\buildVars, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\buildVars.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\companionSW.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\config.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\contentScript.css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\contentScript.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\debug.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\debug.jade, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\extension_toolbar_api.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\initWidgetWindow.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\manifest.json, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\newTabContentScript.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\options.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\spent.css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\spent.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\spent.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\spent2.css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\spent2.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\spentJ.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\spentK.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\spentK.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\startup.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\stub.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\stubby.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\superFrame.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\toolbar.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\toolbar.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\toolbarUI.css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\toolbarUI.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\toolbarUI.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\url.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\adapter\adapterUtil.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\adapter\widget-adapter.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\abstractbutton\background\abstractButton.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\alert\background\alertButton.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedhtml\background\embedHtmlWidget.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedhtml\html\embedHtmlTemplate.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedhtml\html\innerEmbedHtmlTemplate.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedhtml\js\embedHtmlUI.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedscript\background\embedScriptWidget.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedscript\html\embedScriptTemplate.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedscript\html\innerEmbedScriptTemplate.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedscript\js\embedScriptUI.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\flare\background\FlareWidget.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\flare\icons\Icon_Flare_blue.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\flare\icons\Icon_Flare_pink.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\flare\icons\Thumbs.db, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\generic\background\GenericWidget.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\link\background\linkButton.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu\README.txt, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu\background\menuButton.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu\css\menuframe.css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu\html\menuframe.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu\images\right_arrow.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu\images\right_arrow_white.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu\js\jquery-1.7.1.min.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu\js\menuframe.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu\js\query-string.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu\js\underscore-1.3.1.min.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\rss\background\RssWidget.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\thirdparty\background\thirdPartyWidget.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\uninstall\background\uninstallButton.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\weather\background\weatherButton.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\bs.30.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\common.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\dynamic.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\enableDetect.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\eventListening.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\global.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\jquery-1.7.1.min.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\list-interaction.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\messageEventListener.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\navRedirector.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\paramReplacer.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\PartnerId.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\set.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\underscore-1.3.1.min.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\underscore-1.5.2.min.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\unifiedLogging.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widget-context-1.0.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\common\common.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\common\eventListening.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\common\jquery-1.7.1.min.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\common\list-interaction.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\common\set.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\common\underscore-1.3.1.min.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\radio\radio-widget.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\radio\css\radio-widget.css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\radio\js\radio-custom.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\radio\js\radio-parser.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\radio\js\radio-widget-ui.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\radio\js\radio-widget.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\rss\rssWidget.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\rss\js\rss-widget-custom.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\rss\js\rss-widget-parse.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\rss\js\rss-widget.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\test\invalid.json, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\test\jquery.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\test\qunit.css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\test\qunit.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\test\resource.json, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\test\resource.xml, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\test\testWidget.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\test\testWidget.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\topapps\widget.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\topapps\css\widget.css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\topapps\js\nanigans-topapps-feed.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\topapps\js\topapps-config.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\topapps\js\widget.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\weather\weatherButton.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\weather\css\weatherButton.css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\weather\js\weather.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\api\background\ApiBasedWidget.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\api\background\widget-api-impl.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\api\window\hiddenWidgetWindow.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\api\window\hiddenWidgetWindow.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\api\window\hiddenWidgetWindowInit.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\api\window\widgetWindow.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\api\window\widgetWindow.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\defaultSearch\background\updateSearch.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\defaultSearch\background\updateSearchPromptBg.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\defaultSearch\foreground\07_buttons2.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\defaultSearch\foreground\08_buttons2.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\defaultSearch\foreground\defaultSearchModal.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\defaultSearch\foreground\defaultSearchModalInjector.css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\defaultSearch\foreground\defaultSearchModalInjector.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\defaultSearch\foreground\tvf_btn_ok.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\defaultSearch\foreground\tvf_btn_ok2.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\defaultSearch\foreground\tvf_restart_alert_icon.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\defaultSearch\foreground\tvf_restart_icon.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\defaultSearch\foreground\updateSearchPromptFg.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\moviereviews\background\MovieReviewsWidget.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\moviereviews\css\movieReviews.css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\moviereviews\html\movieReviews.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\moviereviews\js\movieReviews.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\radio\background\RadioWidget.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\radio\css\toolbar-item.css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\radio\foreground\button.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\radio\radioWrapper\radioWrapper.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\radio\radioWrapper\radioWrapper.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\search\background\searchBox.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\search\html\searchSuggestions.css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\search\html\searchSuggestions.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\search\html\searchSuggestions.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\search\html\searchSuggestionsInit.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\supertab\css\supertab.css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\supertab\html\supertab.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\supertab\js\newtabfork.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\supertab\js\reporting.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\supertab\js\srchsugg.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\supertab\js\supertab.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\supertab\js\unifiedLogging.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\supertab\js\__utm.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\icons\arrowSprite.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\icons\icon128.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\icons\icon16.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\icons\icon19disabled.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\icons\icon19on.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\icons\icon48.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\icons\tb_icon_search_disappearing_ask.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images\222116621.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images\222116625.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images\222116640.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images\222116644.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images\222116653.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images\222116675.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images\down_arrow.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images\IDR_PRODUCT_LOGO_16.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images\IDR_WEBSTORE_ICON.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images\magnifying_glass.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images\RadioPlayerSprite.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images\search_button.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images\tvf_icon_guide.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images\tvf_logo.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images\wrench.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\chromeUtils.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\exeManager.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\exeManagerNMD.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\exePackageManager.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\focusManager.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\globalBlacklistManager.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\messaging.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\mutation_summary-min.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\mutation_summary.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\nativeMessagingDispatcher.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\newTabInfo.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\newTabInitialize.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\options.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\readLocalStorage.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\reservespacefortoolbar.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\reservespaceifenabled.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\scriptInjector.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\searchContext.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\settingsOverrides.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\toolbarCookieParser.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\toolbarPreinit.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\underscore-1.3.1.min.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\URILoaderContentScript.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\Widget.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\widgetContentScriptInjectee.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\widgetFactory.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\widgetWindowManager.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\native\cache.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\native\ce.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\native\debug.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\native\ss.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\native\libs\jquery-1.7.1.min.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\native\libs\jquery-1.9.1.min.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\native\libs\underscore-1.5.2.min.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\shared\HttpURL.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\shared\rsvp-latest.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\shared\unifiedLogging.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\shared\universalConsole.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\shared\utils.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\_metadata\computed_hashes.json, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\_metadata\verified_contents.json, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)

supertrine 14.04.2015 18:58
Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software

Suchlauf Datum: 4/14/2015
Suchlauf-Zeit: 4:29:32 PM
Logdatei: MBAM log.txt
Administrator: Ja

Version: 2.01.4.1018
Malware Datenbank: v2015.04.14.04
Rootkit Datenbank: v2015.03.31.01
Lizenz: Kostenlos
Malware Schutz: Deaktiviert
Bösartiger Webseiten Schutz: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows XP Service Pack 3
CPU: x86
Dateisystem: NTFS
Benutzer: windows

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 349991
Verstrichene Zeit: 15 Min, 9 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente gefunden)

Module: 0
(Keine schädliche Elemente gefunden)

Registrierungsschlüssel: 2
PUP.Optional.Softonic.A, HKLM\SOFTWARE\softonic-de3, In Quarantäne, [eb91a7c5fc8ed0669cfc7954d62ddf21],
PUP.Optional.Softonic.A, HKU\S-1-5-21-1606980848-57989841-1177238915-1003\SOFTWARE\softonic-de3, In Quarantäne, [a2daf3793852ad89a6f1a8252dd63bc5],

Registrierungswerte: 0
(Keine schädliche Elemente gefunden)

Registrierungsdaten: 0
(Keine schädliche Elemente gefunden)

Ordner: 87
PUP.Optional.Softonic.A, C:\Documents and Settings\NetworkService\Local Settings\Application Data\softonic-de3, In Quarantäne, [45378ede5c2e6ccafda7b303b053c53b],
PUP.Optional.Softonic.A, C:\Documents and Settings\NetworkService\Local Settings\Application Data\softonic-de3\Logs, In Quarantäne, [45378ede5c2e6ccafda7b303b053c53b],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\adapter, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\abstractbutton, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\abstractbutton\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\alert, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\alert\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedhtml, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedhtml\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedhtml\html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedhtml\js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedscript, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedscript\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedscript\html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedscript\js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\flare, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\flare\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\flare\icons, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\generic, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\generic\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\link, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\link\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu\css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu\html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu\images, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu\js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\rss, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\rss\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\thirdparty, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\thirdparty\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\uninstall, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\uninstall\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\weather, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\weather\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\common, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\radio, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\radio\css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\radio\js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\rss, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\rss\js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\test, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\topapps, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\topapps\css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\topapps\js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\weather, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\weather\css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\weather\js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\api, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\api\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\api\window, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\defaultSearch, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\defaultSearch\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\defaultSearch\foreground, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\moviereviews, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\moviereviews\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\moviereviews\css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\moviereviews\html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\moviereviews\js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\radio, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\radio\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\radio\css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\radio\foreground, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\radio\radioWrapper, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\search, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\search\background, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\search\html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\supertab, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\supertab\css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\supertab\html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\supertab\js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\icons, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\native, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\native\libs, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\shared, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\_metadata, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],

Dateien: 222
PUP.Optional.InstallCore.SID.A, C:\Documents and Settings\windows\My Documents\Downloads\ccleaner (1).exe, In Quarantäne, [2a52adbfbbcf87af3f7781bbf5119868],
PUP.Optional.InstallCore.SID.A, C:\Documents and Settings\windows\My Documents\Downloads\ccleaner.exe, In Quarantäne, [b5c74c20d0ba3402278f0438f70f966a],
PUP.Optional.Softonic, C:\Documents and Settings\windows\Local Settings\Temporary Internet Files\Content.IE5\3XVU5MEJ\SoftonicDownloader_for_superedi[1].exe, In Quarantäne, [fe7ee587296152e49dd9e27ab64a7888],
PUP.Optional.Softonic.A, C:\Documents and Settings\NetworkService\Local Settings\Application Data\softonic-de3\tbsof0.dll, In Quarantäne, [45378ede5c2e6ccafda7b303b053c53b],
PUP.Optional.Softonic.A, C:\Documents and Settings\NetworkService\Local Settings\Application Data\softonic-de3\toolbar.cfg, In Quarantäne, [45378ede5c2e6ccafda7b303b053c53b],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\bg.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\buildVars, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\buildVars.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\companionSW.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\config.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\contentScript.css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\contentScript.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\debug.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\debug.jade, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\extension_toolbar_api.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\initWidgetWindow.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\manifest.json, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\newTabContentScript.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\options.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\spent.css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\spent.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\spent.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\spent2.css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\spent2.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\spentJ.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\spentK.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\spentK.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\startup.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\stub.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\stubby.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\superFrame.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\toolbar.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\toolbar.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\toolbarUI.css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\toolbarUI.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\toolbarUI.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\url.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\adapter\adapterUtil.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\adapter\widget-adapter.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\abstractbutton\background\abstractButton.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\alert\background\alertButton.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedhtml\background\embedHtmlWidget.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedhtml\html\embedHtmlTemplate.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedhtml\html\innerEmbedHtmlTemplate.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedhtml\js\embedHtmlUI.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedscript\background\embedScriptWidget.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedscript\html\embedScriptTemplate.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedscript\html\innerEmbedScriptTemplate.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\embedscript\js\embedScriptUI.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\flare\background\FlareWidget.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\flare\icons\Icon_Flare_blue.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\flare\icons\Icon_Flare_pink.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\flare\icons\Thumbs.db, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\generic\background\GenericWidget.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\link\background\linkButton.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu\README.txt, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu\background\menuButton.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu\css\menuframe.css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu\html\menuframe.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu\images\right_arrow.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu\images\right_arrow_white.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu\js\jquery-1.7.1.min.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu\js\menuframe.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu\js\query-string.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\menu\js\underscore-1.3.1.min.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\rss\background\RssWidget.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\thirdparty\background\thirdPartyWidget.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\uninstall\background\uninstallButton.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\components\weather\background\weatherButton.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\bs.30.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\common.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\dynamic.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\enableDetect.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\eventListening.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\global.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\jquery-1.7.1.min.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\list-interaction.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\messageEventListener.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\navRedirector.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\paramReplacer.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\PartnerId.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\set.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\underscore-1.3.1.min.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\underscore-1.5.2.min.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\js\unifiedLogging.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widget-context-1.0.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\common\common.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\common\eventListening.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\common\jquery-1.7.1.min.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\common\list-interaction.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\common\set.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\common\underscore-1.3.1.min.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\radio\radio-widget.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\radio\css\radio-widget.css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\radio\js\radio-custom.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\radio\js\radio-parser.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\radio\js\radio-widget-ui.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\radio\js\radio-widget.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\rss\rssWidget.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\rss\js\rss-widget-custom.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\rss\js\rss-widget-parse.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\rss\js\rss-widget.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\test\invalid.json, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\test\jquery.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\test\qunit.css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\test\qunit.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\test\resource.json, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\test\resource.xml, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\test\testWidget.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\test\testWidget.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\topapps\widget.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\topapps\css\widget.css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\topapps\js\nanigans-topapps-feed.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\topapps\js\topapps-config.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\topapps\js\widget.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\weather\weatherButton.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\weather\css\weatherButton.css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\common\widget-api\widgets\weather\js\weather.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\api\background\ApiBasedWidget.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\api\background\widget-api-impl.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\api\window\hiddenWidgetWindow.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\api\window\hiddenWidgetWindow.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\api\window\hiddenWidgetWindowInit.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\api\window\widgetWindow.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\api\window\widgetWindow.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\defaultSearch\background\updateSearch.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\defaultSearch\background\updateSearchPromptBg.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\defaultSearch\foreground\07_buttons2.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\defaultSearch\foreground\08_buttons2.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\defaultSearch\foreground\defaultSearchModal.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\defaultSearch\foreground\defaultSearchModalInjector.css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\defaultSearch\foreground\defaultSearchModalInjector.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\defaultSearch\foreground\tvf_btn_ok.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\defaultSearch\foreground\tvf_btn_ok2.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\defaultSearch\foreground\tvf_restart_alert_icon.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\defaultSearch\foreground\tvf_restart_icon.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\defaultSearch\foreground\updateSearchPromptFg.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\moviereviews\background\MovieReviewsWidget.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\moviereviews\css\movieReviews.css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\moviereviews\html\movieReviews.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\moviereviews\js\movieReviews.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\radio\background\RadioWidget.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\radio\css\toolbar-item.css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\radio\foreground\button.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\radio\radioWrapper\radioWrapper.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\radio\radioWrapper\radioWrapper.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\search\background\searchBox.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\search\html\searchSuggestions.css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\search\html\searchSuggestions.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\search\html\searchSuggestions.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\search\html\searchSuggestionsInit.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\supertab\css\supertab.css, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\supertab\html\supertab.html, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\supertab\js\newtabfork.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\supertab\js\reporting.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\supertab\js\srchsugg.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\supertab\js\supertab.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\supertab\js\unifiedLogging.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\components\supertab\js\__utm.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\icons\arrowSprite.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\icons\icon128.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\icons\icon16.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\icons\icon19disabled.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\icons\icon19on.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\icons\icon48.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\icons\tb_icon_search_disappearing_ask.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images\222116621.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images\222116625.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images\222116640.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images\222116644.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images\222116653.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images\222116675.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images\down_arrow.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images\IDR_PRODUCT_LOGO_16.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images\IDR_WEBSTORE_ICON.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images\magnifying_glass.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images\RadioPlayerSprite.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images\search_button.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images\tvf_icon_guide.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images\tvf_logo.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\images\wrench.png, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\chromeUtils.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\exeManager.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\exeManagerNMD.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\exePackageManager.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\focusManager.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\globalBlacklistManager.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\messaging.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\mutation_summary-min.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\mutation_summary.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\nativeMessagingDispatcher.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\newTabInfo.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\newTabInitialize.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\options.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\readLocalStorage.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\reservespacefortoolbar.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\reservespaceifenabled.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\scriptInjector.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\searchContext.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\settingsOverrides.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\toolbarCookieParser.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\toolbarPreinit.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\underscore-1.3.1.min.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\URILoaderContentScript.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\Widget.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\widgetContentScriptInjectee.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\widgetFactory.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\js\widgetWindowManager.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\native\cache.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\native\ce.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\native\debug.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\native\ss.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\native\libs\jquery-1.7.1.min.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\native\libs\jquery-1.9.1.min.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\native\libs\underscore-1.5.2.min.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\shared\HttpURL.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\shared\rsvp-latest.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\shared\unifiedLogging.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\shared\universalConsole.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\shared\utils.js, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\_metadata\computed_hashes.json, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],
PUP.Optional.Spigot.A, C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd\11.87.5.11265_0\_metadata\verified_contents.json, In Quarantäne, [89f3a6c60189f34306b0c0fd50b336ca],

Physische Sektoren: 0
(Keine schädliche Elemente gefunden)


(end)

Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software


Update, 4/14/2015 4:28:34 PM, SYSTEM, WINDOWS-2BA645A, Manual, Remediation Database, 2015.3.9.1, 2015.4.6.2,
Update, 4/14/2015 4:28:34 PM, SYSTEM, WINDOWS-2BA645A, Manual, Rootkit Database, 2015.2.25.1, 2015.3.31.1,
Update, 4/14/2015 4:29:15 PM, SYSTEM, WINDOWS-2BA645A, Manual, Malware Database, 2015.3.9.5, 2015.4.14.4,
Scan, 4/14/2015 4:45:12 PM, SYSTEM, WINDOWS-2BA645A, Manual, Start: 4/14/2015 4:29:32 PM, Dauer: 15 Minuten 9 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, "311" nicht-Malwareerkennung,
Error, 4/14/2015 4:47:33 PM, SYSTEM, WINDOWS-2BA645A, Protection, IsLicensed, 13,
Protection, 4/14/2015 4:47:33 PM, SYSTEM, WINDOWS-2BA645A, Protection, Malware Protection, Stopping,
Protection, 4/14/2015 4:47:33 PM, SYSTEM, WINDOWS-2BA645A, Protection, Malware Protection, Stopped,
Error, 4/14/2015 7:02:58 PM, SYSTEM, WINDOWS-2BA645A, Protection, IsLicensed, 13,
Protection, 4/14/2015 7:02:58 PM, SYSTEM, WINDOWS-2BA645A, Protection, Malware Protection, Stopping,
Protection, 4/14/2015 7:02:58 PM, SYSTEM, WINDOWS-2BA645A, Protection, Malware Protection, Stopped,

(end)

Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software


Update, 4/14/2015 4:28:34 PM, SYSTEM, WINDOWS-2BA645A, Manual, Remediation Database, 2015.3.9.1, 2015.4.6.2,
Update, 4/14/2015 4:28:34 PM, SYSTEM, WINDOWS-2BA645A, Manual, Rootkit Database, 2015.2.25.1, 2015.3.31.1,
Update, 4/14/2015 4:29:15 PM, SYSTEM, WINDOWS-2BA645A, Manual, Malware Database, 2015.3.9.5, 2015.4.14.4,
Scan, 4/14/2015 4:45:12 PM, SYSTEM, WINDOWS-2BA645A, Manual, Start: 4/14/2015 4:29:32 PM, Dauer: 15 Minuten 9 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, "311" nicht-Malwareerkennung,
Error, 4/14/2015 4:47:33 PM, SYSTEM, WINDOWS-2BA645A, Protection, IsLicensed, 13,
Protection, 4/14/2015 4:47:33 PM, SYSTEM, WINDOWS-2BA645A, Protection, Malware Protection, Stopping,
Protection, 4/14/2015 4:47:33 PM, SYSTEM, WINDOWS-2BA645A, Protection, Malware Protection, Stopped,
Error, 4/14/2015 7:02:58 PM, SYSTEM, WINDOWS-2BA645A, Protection, IsLicensed, 13,
Protection, 4/14/2015 7:02:58 PM, SYSTEM, WINDOWS-2BA645A, Protection, Malware Protection, Stopping,
Protection, 4/14/2015 7:02:58 PM, SYSTEM, WINDOWS-2BA645A, Protection, Malware Protection, Stopped,

(end)

Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software


Update, 4/14/2015 4:28:34 PM, SYSTEM, WINDOWS-2BA645A, Manual, Remediation Database, 2015.3.9.1, 2015.4.6.2,
Update, 4/14/2015 4:28:34 PM, SYSTEM, WINDOWS-2BA645A, Manual, Rootkit Database, 2015.2.25.1, 2015.3.31.1,
Update, 4/14/2015 4:29:15 PM, SYSTEM, WINDOWS-2BA645A, Manual, Malware Database, 2015.3.9.5, 2015.4.14.4,
Scan, 4/14/2015 4:45:12 PM, SYSTEM, WINDOWS-2BA645A, Manual, Start: 4/14/2015 4:29:32 PM, Dauer: 15 Minuten 9 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, "311" nicht-Malwareerkennung,
Error, 4/14/2015 4:47:33 PM, SYSTEM, WINDOWS-2BA645A, Protection, IsLicensed, 13,
Protection, 4/14/2015 4:47:33 PM, SYSTEM, WINDOWS-2BA645A, Protection, Malware Protection, Stopping,
Protection, 4/14/2015 4:47:33 PM, SYSTEM, WINDOWS-2BA645A, Protection, Malware Protection, Stopped,
Error, 4/14/2015 7:02:58 PM, SYSTEM, WINDOWS-2BA645A, Protection, IsLicensed, 13,
Protection, 4/14/2015 7:02:58 PM, SYSTEM, WINDOWS-2BA645A, Protection, Malware Protection, Stopping,
Protection, 4/14/2015 7:02:58 PM, SYSTEM, WINDOWS-2BA645A, Protection, Malware Protection, Stopped,

(end)

Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software


Update, 4/14/2015 4:28:34 PM, SYSTEM, WINDOWS-2BA645A, Manual, Remediation Database, 2015.3.9.1, 2015.4.6.2,
Update, 4/14/2015 4:28:34 PM, SYSTEM, WINDOWS-2BA645A, Manual, Rootkit Database, 2015.2.25.1, 2015.3.31.1,
Update, 4/14/2015 4:29:15 PM, SYSTEM, WINDOWS-2BA645A, Manual, Malware Database, 2015.3.9.5, 2015.4.14.4,
Scan, 4/14/2015 4:45:12 PM, SYSTEM, WINDOWS-2BA645A, Manual, Start: 4/14/2015 4:29:32 PM, Dauer: 15 Minuten 9 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, "311" nicht-Malwareerkennung,
Error, 4/14/2015 4:47:33 PM, SYSTEM, WINDOWS-2BA645A, Protection, IsLicensed, 13,
Protection, 4/14/2015 4:47:33 PM, SYSTEM, WINDOWS-2BA645A, Protection, Malware Protection, Stopping,
Protection, 4/14/2015 4:47:33 PM, SYSTEM, WINDOWS-2BA645A, Protection, Malware Protection, Stopped,
Error, 4/14/2015 7:02:58 PM, SYSTEM, WINDOWS-2BA645A, Protection, IsLicensed, 13,
Protection, 4/14/2015 7:02:58 PM, SYSTEM, WINDOWS-2BA645A, Protection, Malware Protection, Stopping,
Protection, 4/14/2015 7:02:58 PM, SYSTEM, WINDOWS-2BA645A, Protection, Malware Protection, Stopped,

(end)

AdwCleaner Logfile:
Code:
# AdwCleaner v4.201 - Logfile created 14/04/2015 at 19:24:11
# Updated 08/04/2015 by Xplode
# Database : 2015-04-08.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : windows - WINDOWS-2BA645A
# Running from : C:\Documents and Settings\windows\My Documents\Downloads\AdwCleaner_4.201.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\windows\Local Settings\Application Data\StormFall
Folder Deleted : C:\Documents and Settings\windows\Application Data\Mozilla\Firefox\Profiles\bouagziu.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[!] Folder Deleted : C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ncheegbloelpifhkekmpljcbekcmbpig
File Deleted : C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ncheegbloelpifhkekmpljcbekcmbpig_0.localstorage
File Deleted : C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
File Deleted : C:\Program Files\Mozilla Firefox\defaults\pref\firefox-branding.js
File Deleted : C:\Program Files\Mozilla Firefox\defaults\pref\firefox-l10n.js
File Deleted : C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js
File Deleted : C:\Program Files\Mozilla Firefox\defaults\pref\reporter.js

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\CCleaner Packages
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Web browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v35.0 (x86 de)


-\\ Google Chrome v

[C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : ncheegbloelpifhkekmpljcbekcmbpig
[C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Startup_URLs] : hxxp://isearch.omiga-plus.com/?type=hp&ts=1420844763&from=cor&uid=FUJITSUXMHZ2160BHXG2_K62KT8A28NMGT8A28NMGX

*************************

AdwCleaner[R0].txt - [3196 bytes] - [14/04/2015 19:17:18]
AdwCleaner[S0].txt - [3171 bytes] - [14/04/2015 19:24:11]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3230  bytes] ##########
--- --- ---

AdwCleaner Logfile:
Code:
# AdwCleaner v4.201 - Logfile created 14/04/2015 at 19:24:11
# Updated 08/04/2015 by Xplode
# Database : 2015-04-08.1 [Server]
# Operating system : Microsoft Windows XP Service Pack 3 (x86)
# Username : windows - WINDOWS-2BA645A
# Running from : C:\Documents and Settings\windows\My Documents\Downloads\AdwCleaner_4.201.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\windows\Local Settings\Application Data\StormFall
Folder Deleted : C:\Documents and Settings\windows\Application Data\Mozilla\Firefox\Profiles\bouagziu.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[!] Folder Deleted : C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ncheegbloelpifhkekmpljcbekcmbpig
File Deleted : C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ncheegbloelpifhkekmpljcbekcmbpig_0.localstorage
File Deleted : C:\WINDOWS\system32\drivers\sp_rsdrv2.sys
File Deleted : C:\Program Files\Mozilla Firefox\defaults\pref\firefox-branding.js
File Deleted : C:\Program Files\Mozilla Firefox\defaults\pref\firefox-l10n.js
File Deleted : C:\Program Files\Mozilla Firefox\defaults\pref\firefox.js
File Deleted : C:\Program Files\Mozilla Firefox\defaults\pref\reporter.js

***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
Key Deleted : HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
Key Deleted : HKCU\Software\Softonic
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\CCleaner Packages
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6}
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - *.local

***** [ Web browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v35.0 (x86 de)


-\\ Google Chrome v

[C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Extension] : ncheegbloelpifhkekmpljcbekcmbpig
[C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Startup_URLs] : hxxp://isearch.omiga-plus.com/?type=hp&ts=1420844763&from=cor&uid=FUJITSUXMHZ2160BHXG2_K62KT8A28NMGT8A28NMGX

*************************

AdwCleaner[R0].txt - [3196 bytes] - [14/04/2015 19:17:18]
AdwCleaner[S0].txt - [3171 bytes] - [14/04/2015 19:24:11]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [3230  bytes] ##########
--- --- ---

Malwarebytes Anti-Malware
Malwarebytes | Free Anti-Malware & Internet Security Software


Update, 4/14/2015 4:28:34 PM, SYSTEM, WINDOWS-2BA645A, Manual, Remediation Database, 2015.3.9.1, 2015.4.6.2,
Update, 4/14/2015 4:28:34 PM, SYSTEM, WINDOWS-2BA645A, Manual, Rootkit Database, 2015.2.25.1, 2015.3.31.1,
Update, 4/14/2015 4:29:15 PM, SYSTEM, WINDOWS-2BA645A, Manual, Malware Database, 2015.3.9.5, 2015.4.14.4,
Scan, 4/14/2015 4:45:12 PM, SYSTEM, WINDOWS-2BA645A, Manual, Start: 4/14/2015 4:29:32 PM, Dauer: 15 Minuten 9 Sekunden, Bedrohungs-Suchlauf, Abgeschlossen, 0 Malwareerkennung, "311" nicht-Malwareerkennung,
Error, 4/14/2015 4:47:33 PM, SYSTEM, WINDOWS-2BA645A, Protection, IsLicensed, 13,
Protection, 4/14/2015 4:47:33 PM, SYSTEM, WINDOWS-2BA645A, Protection, Malware Protection, Stopping,
Protection, 4/14/2015 4:47:33 PM, SYSTEM, WINDOWS-2BA645A, Protection, Malware Protection, Stopped,
Error, 4/14/2015 7:02:58 PM, SYSTEM, WINDOWS-2BA645A, Protection, IsLicensed, 13,
Protection, 4/14/2015 7:02:58 PM, SYSTEM, WINDOWS-2BA645A, Protection, Malware Protection, Stopping,
Protection, 4/14/2015 7:02:58 PM, SYSTEM, WINDOWS-2BA645A, Protection, Malware Protection, Stopped,

(end)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.5.4 (04.13.2015:1)
OS: Microsoft Windows XP x86
Ran by windows on Tue 04/14/2015 at 19:32:55.34
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files

Successfully deleted: [File] C:\WINDOWS\wininit.ini



~~~ Folders

supertrine 14.04.2015 19:04
FRST Logfile:

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 13-04-2015
Ran by windows (administrator) on WINDOWS-2BA645A on 14-04-2015 19:39:56
Running from C:\Documents and Settings\windows\My Documents\Downloads
Loaded Profiles: windows (Available profiles: windows & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GROOVE.EXE
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [421160 2010-11-17] (Apple Inc.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16384000 2007-08-10] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SiSPower] => Rundll32.exe SiSPower.dll,ModeAgent
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2010-12-09] (Nullsoft, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\Run: [ares] => C:\Program Files\Ares\Ares.exe [1015808 2010-10-27] (Ares Development Group)
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\Run: [Google Update] => C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [107912 2015-01-07] (Google Inc.)
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\MountPoints2: G - G:\LaunchU3.exe -a
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\MountPoints2: {172a75ba-2e3d-11e0-a0ea-001e330204b1} - E:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\MountPoints2: {30ddf53a-06f7-11e0-a064-0016441f7a07} - E:\LaunchU3.exe -a
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\MountPoints2: {6ab95dc0-45a9-11e0-a13e-001e330204b1} - E:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\sstext3d.scr [679936 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32
Startup: C:\Documents and Settings\windows\Start Menu\Programs\Startup\Microsoft Office Groove.lnk
ShortcutTarget: Microsoft Office Groove.lnk -> C:\Program Files\Microsoft Office\Office12\GROOVE.EXE (Microsoft Corporation)
Startup: C:\Documents and Settings\windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1606980848-57989841-1177238915-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.es/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_en
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22] (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-03] (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-02-03] (Sun Microsystems, Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
ShellExecuteHooks:  - {AEB6717E-7E19-11d0-97EE-00C04FD91972} -  No File [ ]
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [152864] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.3 8.8.8.8

FireFox:
========
FF ProfilePath: C:\Documents and Settings\windows\Application Data\Mozilla\Firefox\Profiles\bouagziu.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll [2011-03-05] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2010-11-17] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2010-12-11] (Google)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-02-02] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-06] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1606980848-57989841-1177238915-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-1606980848-57989841-1177238915-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-06] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-02-02] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll [2010-12-03] (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-01-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-01-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-01-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-01-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-01-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll [2010-12-09] (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\answers.xml [2010-12-03]
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml [2010-12-03]
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\windows\Application Data\Mozilla\Firefox\Profiles\bouagziu.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2015-04-06]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-12-26]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010-12-11]

Chrome:
=======
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\39.0.2171.95\pdf.dll No File
CHR Plugin: (Google Gears 0.5.33.0) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\39.0.2171.95\gears.dll No File
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\39.0.2171.95\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-30]
CHR Extension: (No Name) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-01-15]
CHR Extension: (Norton Identity Safe) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-01-07]
CHR Extension: (My Logon Manager) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jhibgpjnkkfaiepmjglnhppopjpknhak [2015-01-19]
CHR Extension: (Google Wallet) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-26]
CHR HKLM\...\Chrome\Extension: [avast! WebRep] - C:\Program Files\AVAST Software\Avast\Setup\WebRep\aswWebRep.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2010-11-22]
StartMenuInternet: chrome.exe - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-03-17] (Malwarebytes Corporation)
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [770944 2015-01-15] (Enigma Software Group USA, LLC.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R3 AR5211; C:\WINDOWS\System32\DRIVERS\ar5211.sys [547072 2007-06-21] (Atheros Communications, Inc.)
S3 EsgScanner; C:\WINDOWS\System32\DRIVERS\EsgScanner.sys [19984 2015-01-15] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-03-17] (Malwarebytes Corporation)
S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2015-04-14] (Malwarebytes Corporation)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
R3 SiS315; C:\WINDOWS\System32\DRIVERS\sisgrp.sys [321536 2007-08-03] (Silicon Integrated Systems Corporation)
R3 SiSGbeXP; C:\WINDOWS\System32\DRIVERS\SiSGbeXP.sys [43264 2007-10-15] (Silicon Integrated Systems Corp.)
R1 SiSkp; C:\WINDOWS\System32\DRIVERS\srvkp.sys [18688 2007-08-03] (Silicon Integrated Systems Corporation)
S3 cpuz134; \??\C:\DOCUME~1\windows\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [X]
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]
S4 IntelIde; No ImagePath
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-14 19:35 - 2015-04-14 19:35 - 00000646 _____ () C:\Documents and Settings\windows\Desktop\JRT.txt
2015-04-14 19:32 - 2015-04-14 19:32 - 00000000 ____D () C:\RegBackup
2015-04-14 16:28 - 2015-04-14 19:09 - 00119512 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2015-04-14 16:28 - 2015-04-14 16:28 - 00000777 _____ () C:\Documents and Settings\All Users\Desktop\Malwarebytes Anti-Malware.lnk
2015-04-14 16:28 - 2015-04-14 16:28 - 00000000 ____D () C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware
2015-04-14 16:27 - 2015-04-14 16:28 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-04-14 16:27 - 2015-03-17 06:15 - 00120024 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2015-04-14 16:27 - 2015-03-17 06:15 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2015-04-06 15:42 - 2011-06-26 08:45 - 00256000 _____ () C:\WINDOWS\PEV.exe
2015-04-06 15:42 - 2010-11-07 19:20 - 00208896 _____ () C:\WINDOWS\MBR.exe
2015-04-06 15:42 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2015-04-06 15:42 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2015-04-06 15:42 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2015-04-06 15:42 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2015-04-06 15:42 - 2000-08-31 02:00 - 00098816 _____ () C:\WINDOWS\sed.exe
2015-04-06 15:42 - 2000-08-31 02:00 - 00080412 _____ () C:\WINDOWS\grep.exe
2015-04-06 15:42 - 2000-08-31 02:00 - 00068096 _____ () C:\WINDOWS\zip.exe
2015-04-06 15:20 - 2015-04-06 15:42 - 00000000 ____D () C:\Qoobox
2015-04-06 15:20 - 2015-04-06 15:20 - 00000000 ____D () C:\WINDOWS\erdnt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-14 19:40 - 2010-12-09 05:24 - 00000000 ____D () C:\Documents and Settings\windows\Local Settings\Temp
2015-04-14 19:39 - 2015-01-24 02:11 - 00000000 ____D () C:\FRST
2015-04-14 19:32 - 2010-12-09 04:48 - 01071408 _____ () C:\WINDOWS\WindowsUpdate.log
2015-04-14 19:27 - 2008-04-14 10:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2015-04-14 19:26 - 2014-09-30 17:35 - 00000226 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2015-04-14 19:26 - 2011-01-21 12:05 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-04-14 19:26 - 2011-01-21 12:05 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-04-14 19:26 - 2010-12-09 05:24 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-04-14 19:26 - 2010-12-09 00:57 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-04-14 19:25 - 2011-01-21 12:05 - 00032620 _____ () C:\WINDOWS\SchedLgU.Txt
2015-04-14 19:25 - 2010-12-09 05:24 - 00000178 ___SH () C:\Documents and Settings\windows\ntuser.ini
2015-04-14 19:24 - 2015-01-15 16:19 - 00000000 ____D () C:\AdwCleaner
2015-04-14 19:07 - 2010-12-09 00:57 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-04-14 19:06 - 2010-12-09 01:12 - 00000986 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-57989841-1177238915-1003UA.job
2015-04-14 16:46 - 2010-12-10 04:04 - 00000000 __HDC () C:\WINDOWS\$NtUninstallKB955759$
2015-04-14 16:20 - 2015-01-15 18:15 - 00012962 _____ () C:\WINDOWS\setupapi.log
2015-04-07 16:50 - 2010-12-20 14:58 - 00000000 ____D () C:\Documents and Settings\windows\Application Data\Skype
2015-04-06 16:38 - 2011-01-20 13:26 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Microsoft Help
2015-04-06 16:36 - 2014-09-30 16:46 - 00000000 ____D () C:\WINDOWS\system32\MRT
2015-04-06 16:28 - 2014-11-10 22:38 - 00000000 ____D () C:\Documents and Settings\windows\Desktop\Dokumente
2015-04-06 15:27 - 2015-01-15 17:46 - 00019982 _____ () C:\WINDOWS\iis6.log
2015-04-06 15:27 - 2015-01-15 17:46 - 00019763 _____ () C:\WINDOWS\FaxSetup.log
2015-04-06 15:27 - 2015-01-15 17:46 - 00016305 _____ () C:\WINDOWS\ocgen.log
2015-04-06 15:27 - 2015-01-15 17:46 - 00012003 _____ () C:\WINDOWS\tsoc.log
2015-04-06 15:27 - 2015-01-15 17:46 - 00007084 _____ () C:\WINDOWS\comsetup.log
2015-04-06 15:27 - 2015-01-15 17:46 - 00004879 _____ () C:\WINDOWS\ntdtcsetup.log
2015-04-06 15:27 - 2015-01-15 17:46 - 00004267 _____ () C:\WINDOWS\netfxocm.log
2015-04-06 15:27 - 2015-01-15 17:46 - 00001891 _____ () C:\WINDOWS\imsins.log
2015-04-06 15:27 - 2015-01-15 17:46 - 00001863 _____ () C:\WINDOWS\MedCtrOC.log
2015-04-06 15:27 - 2015-01-15 17:46 - 00001280 _____ () C:\WINDOWS\ocmsn.log
2015-04-06 15:27 - 2015-01-15 17:46 - 00001267 _____ () C:\WINDOWS\msgsocm.log
2015-04-06 15:27 - 2015-01-15 17:46 - 00000933 _____ () C:\WINDOWS\tabletoc.log
2015-04-06 15:26 - 2015-01-15 17:46 - 00005620 _____ () C:\WINDOWS\msmqinst.log
2015-04-06 15:06 - 2010-12-09 01:12 - 00000934 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-57989841-1177238915-1003Core.job
2015-04-06 14:56 - 2010-12-08 20:35 - 00563998 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2015-04-06 14:53 - 2014-09-30 17:35 - 00000220 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job

==================== Files in the root of some directories =======

2010-12-10 22:43 - 2015-01-18 01:45 - 0034304 _____ () C:\Documents and Settings\windows\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some content of TEMP:
====================
C:\Documents and Settings\windows\Local Settings\Temp\Quarantine.exe
C:\Documents and Settings\windows\Local Settings\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
--- --- ---

--- --- ---

--- --- ---


FRST Additions Logfile:
Code:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 13-04-2015
Ran by windows at 2015-04-14 19:40:46
Running from C:\Documents and Settings\windows\My Documents\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus 2015 (Enabled - Out of date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM\...\uTorrent) (Version: 2.2.0 - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.1.102.64 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 10.2.152.32 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{308B6AEA-DE50-4666-996D-0FA461719D6B}) (Version: 3.3.0.69 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{2A981294-F14C-4F0F-9627-D793270922F8}) (Version: 2.0.4.0 - Apple Inc.)
Generic Wireless LAN Driver (HKLM\...\{7CC7C026-F81D-4405-9639-B157B7480D73}) (Version: 1.01.0005T - Generic)
Google Chrome (HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\Google Chrome) (Version: 41.0.2272.118 - Google Inc.)
Google Earth (HKLM\...\{C768790F-04FB-11E0-9B2C-001AA037B01E}) (Version: 6.0.1.2032 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
iTunes (HKLM\...\{FAE36873-1941-4076-A9A5-48812B5EA0B7}) (Version: 10.1.0.56 - Apple Inc.)
Java(TM) 6 Update 24 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.240 - Sun Microsystems, Inc.)
Malwarebytes Anti-Malware Version 2.1.4.1018 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Motorola SM56 Data Fax Modem (HKLM\...\SMSERIAL) (Version:  - )
Mozilla Firefox 35.0 (x86 de) (HKLM\...\Mozilla Firefox 35.0 (x86 de)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
MSN (HKLM\...\MSNINST) (Version:  - )
OpenOffice.org 3.3 (HKLM\...\{82AF3E91-57E1-4754-84D0-40A46E2479AB}) (Version: 3.3.9567 - OpenOffice.org)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5464 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SiS VGA Utilities (HKLM\...\SiS VGA Driver) (Version:  - )
SiSAGP driver (HKLM\...\{DC226AC9-0314-496C-BE6A-B6A132628466}) (Version: 1.22 - )
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Winamp (HKLM\...\Winamp) (Version: 5.601  - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows PowerShell(TM) 1.0 (HKLM\...\KB926139-v2) (Version: 2 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\41.0.2272.118\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.25.11\psuser.dll (the data entry has 8 more characters).
CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.26.9\psuser.dll (Google Inc.)

==================== Restore Points  =========================

13-10-2014 19:39:44 First Restore Point
13-10-2014 21:36:19 First Restore Point
13-10-2014 21:36:37 First Restore Point
06-01-2015 12:43:45 System Checkpoint
07-01-2015 10:45:17 Removed Kaspersky Anti-Virus.
09-01-2015 11:18:03 System Checkpoint
10-01-2015 01:51:43 Removed Adobe Community Help
10-01-2015 01:52:50 Removed Java(TM) 6 Update 22
10-01-2015 01:55:26 Removed QuickTime
10-01-2015 10:17:48 Software Distribution Service 3.0
11-01-2015 22:23:12 Software Distribution Service 3.0
12-01-2015 22:43:50 System Checkpoint
15-01-2015 01:58:52 Software Distribution Service 3.0
15-01-2015 17:45:15 Installed %1 %2.
15-01-2015 17:54:01 Restore Point before Corrupt Patch Registry keys
20-01-2015 00:23:38 System Checkpoint
25-01-2015 02:32:50 Installed QuickTime 7
06-04-2015 15:09:51 Revo Uninstaller's restore point - CCleaner
06-04-2015 15:14:13 Revo Uninstaller's restore point - CCleaner Packages
06-04-2015 16:29:54 Software Distribution Service 3.0

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2008-04-14 10:00 - 2008-04-14 10:00 - 00000734 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-57989841-1177238915-1003Core.job => C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-57989841-1177238915-1003UA.job => C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe

==================== Loaded Modules (whitelisted) ==============

2008-04-14 10:00 - 2008-04-14 10:00 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2008-04-14 10:00 - 2008-04-14 10:00 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2011-01-17 17:19 - 2011-02-15 21:30 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll
2015-01-19 22:28 - 2015-01-06 12:27 - 03925104 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1606980848-57989841-1177238915-1003\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\windows\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
DNS Servers: 192.168.0.3 - 8.8.8.8

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Utility Tray.lnk => C:\WINDOWS\pss\Utility Tray.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\WINDOWS\pss\OpenOffice.org 3.2.lnkStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Google Update => "C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SMSERIAL => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== Accounts: =============================

Administrator (S-1-5-21-1606980848-57989841-1177238915-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
Guest (S-1-5-21-1606980848-57989841-1177238915-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-1606980848-57989841-1177238915-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-1606980848-57989841-1177238915-1002 - Limited - Disabled)
windows (S-1-5-21-1606980848-57989841-1177238915-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\windows

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/14/2015 07:29:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (04/14/2015 07:22:11 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (04/14/2015 07:07:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (04/06/2015 04:14:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (04/06/2015 04:14:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (04/06/2015 04:14:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (04/06/2015 04:14:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (04/06/2015 04:14:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (04/06/2015 04:14:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (04/06/2015 04:14:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong


System errors:
=============
Error: (04/14/2015 07:33:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The iPod Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/14/2015 07:33:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Bonjour Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/14/2015 07:33:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Print Spooler service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/14/2015 07:33:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SpyHunter 4 Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/14/2015 07:24:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Office Source Engine service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/14/2015 07:24:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Application Layer Gateway Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/14/2015 07:24:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The iPod Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/14/2015 07:24:11 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Bonjour Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/14/2015 07:24:09 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Apple Mobile Device service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (04/14/2015 07:24:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Print Spooler service terminated unexpectedly.  It has done this 1 time(s).


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU 570 @ 2.26GHz
Percentage of memory in use: 67%
Total physical RAM: 765.1 MB
Available physical RAM: 245.7 MB
Total Pagefile: 1873.05 MB
Available Pagefile: 1330.9 MB
Total Virtual: 2047.88 MB
Available Virtual: 1932.68 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:129.86 GB) (Free:51.62 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: 51EC51EC)
Partition 1: (Active) - (Size=129.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=19.2 GB) - (Type=05)

==================== End Of Log ============================
--- --- ---

:dankeschoen:

alles log files dabei, manche auch oefter, verzeihung, da hat irgendwas gesponnen. spyhunter ist noch immer da.

Dankesehr,
Christine

schrauber 15.04.2015 10:53
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [770944 2015-01-15] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\WINDOWS\System32\DRIVERS\EsgScanner.sys [19984 2015-01-15] ()
C:\WINDOWS\System32\DRIVERS\EsgScanner.sys
C:\Program Files\Enigma Software Group
Emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.






ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme? :)

supertrine 09.05.2015 13:44
Lieber Schrauber,
anbei bitte die Logdateien von ESET und Securitycheck. Diese FRST habe ich leider nicht hingekriegt. FRST und die Logdatei sind im selben folder, aber ich kriege die Anzeige, dass sie es nicht sind und ich 'fix' daher nicht ausfuehren kann. Der Spyhunter ist noch immer da.

[version]
signature="$CHICAGO$"
AdvancedINF=2.0

[Setup Hooks]
hookRegOcx=hookRegOcx

[hookRegOcx]
run=%EXTRACT_DIR%\ESETSmartInstaller.exe -i #version=1.0.0.7623

Results of screen317's Security Check version 1.001
Windows XP Service Pack 3 x86
Internet Explorer 8
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Disabled!
AVG AntiVirus 2015
Antivirus out of date!
`````````Anti-malware/Other Utilities Check:`````````
Java(TM) 6 Update 24
Java version 32-bit out of Date!
Adobe Flash Player 10 Flash Player out of Date!
Adobe Flash Player 10.2.152.32 Flash Player out of Date!
Adobe Reader 9 Adobe Reader out of Date!
Mozilla Firefox 35.0 Firefox out of Date!
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:: 4%
````````````````````End of Log``````````````````````

:dankeschoen:Vielen vielen Dank!!!!

schrauber 10.05.2015 06:17
Entgegen der Anleitung hast Du FRST nicht auf dem Desktop gespeichert, sondern hier:

C:\Documents and Settings\windows\My Documents\Downloads

Dann musst Du auch die Fixlist dort speichern :)

supertrine 10.05.2015 07:58
Fixlist ist auch auf dem Desktop, dort habe ich es wie in der Anleitung beschrieben ursprünglich gespeichert. Dann hat es nichr geklappt, dann habe ich es auch noch im folder gespeichert. Hab beides nicht hingekriegt. Sorry

schrauber 10.05.2015 19:35
Du hast meinen letzten Post gelesen? ICh hab dir doch kopiert wo du die fixlist speichern sollst. Neben dem Tool FRST, nicht Ordner, Tool

Zitat:
C:\Documents and Settings\windows\My Documents\Downloads

supertrine 11.05.2015 17:03
Lieber Schrauber,
FRST und das fixlist document sitzen nebeneinander auf dem desktop, aber ich kriege die selbe meldung, d. h. klappt nicht. tut mir voll leid, irgendwie steh ich auf der leitung???
Wie krieg ich das jetzt hin?
Entschuldige, Danke 😁

schrauber 12.05.2015 07:05
Zeig mal bitte einen Screenshot von deinem Desktop :)

supertrine 22.05.2015 19:42
screenshot f. Schrauber.bmp (2.93 MegaByte)

hier der link zum screenshot
screenshot f. Schrauber.bmp (2.93 MegaByte)

Dankesehr!!!

:)

Liebe Grüße,
Christine

schrauber 23.05.2015 16:44
Ehm, ich seh keine Screenshots :)

bitte direkt im Thread anhängen, oder per mail an schrauber(at)trojaner-board.de

supertrine 23.05.2015 20:26
Hallo Schrauber,

ich habe dir den screenshot an deine email adresse geschickt.

Danke lg
supertrine

schrauber 24.05.2015 17:59
Junge Dame, die fixlist muss fixlist heissen, und nicht fixlist2 :)

supertrine 20.06.2015 20:20
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 09-05-2015
Ran by windows at 2015-06-02 20:06:46 Run:4
Running from C:\Documents and Settings\windows\Desktop
Loaded Profiles: windows (Available profiles: windows & Administrator)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [770944 2015-01-15] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\WINDOWS\System32\DRIVERS\EsgScanner.sys [19984 2015-01-15] ()
C:\WINDOWS\System32\DRIVERS\EsgScanner.sys
C:\Program Files\Enigma Software Group
Emptytemp:
*****************

SpyHunter 4 Service => Service not found.
EsgScanner => Service not found.
"C:\WINDOWS\System32\DRIVERS\EsgScanner.sys" => File/Directory not found.
"C:\Program Files\Enigma Software Group" => File/Directory not found.
EmptyTemp: => Removed 52.8 MB temporary data.


The system needed a reboot.

==== End of Fixlog 20:06:56 ====

Lieber Schrauber,
habe jetzt das Resultat endlich gepostet, auch auf deine emailadresse mit screenshot die zeigt, dass der spyhunter noch immer da ist???
Danke!!!!
lg

schrauber 21.06.2015 09:42
poste bitte nochmal ein frisches FRST log.

supertrine 24.06.2015 15:25
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 09-05-2015
Ran by windows at 2015-06-24 10:35:38 Run:6
Running from C:\Documents and Settings\windows\Desktop
Loaded Profiles: windows (Available profiles: windows & Administrator)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
S2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [770944 2015-01-15] (Enigma Software Group USA, LLC.)
S3 EsgScanner; C:\WINDOWS\System32\DRIVERS\EsgScanner.sys [19984 2015-01-15] ()
C:\WINDOWS\System32\DRIVERS\EsgScanner.sys
C:\Program Files\Enigma Software Group
Emptytemp:

*****************

SpyHunter 4 Service => Service not found.
EsgScanner => Service not found.
"C:\WINDOWS\System32\DRIVERS\EsgScanner.sys" => File/Directory not found.
"C:\Program Files\Enigma Software Group" => File/Directory not found.
EmptyTemp: => Removed 590 KB temporary data.


The system needed a reboot.

==== End of Fixlog 10:35:41 ====

:) Bittesehr.

Vielen vielen Dank, lg
supertrine

schrauber 25.06.2015 09:04
Ein FRST Scan log meinte ich :)

supertrine 28.06.2015 14:18
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 09-05-2015 (ATTENTION: ====> FRST version is 50 days old and could be outdated)
Ran by windows (administrator) on WINDOWS-2BA645A on 28-06-2015 13:07:45
Running from C:\Documents and Settings\windows\Desktop
Loaded Profiles: windows (Available profiles: windows & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Ares Development Group) C:\Program Files\Ares\Ares.exe
(Google Inc.) C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GROOVE.EXE
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Kaspersky Lab ZAO) C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [421160 2010-11-17] (Apple Inc.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16384000 2007-08-10] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SiSPower] => Rundll32.exe SiSPower.dll,ModeAgent
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2010-12-09] (Nullsoft, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\Run: [ares] => C:\Program Files\Ares\Ares.exe [1015808 2010-10-27] (Ares Development Group)
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\Run: [Google Update] => C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [107912 2015-01-07] (Google Inc.)
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\Run: [KSS] => C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-15] (Kaspersky Lab ZAO)
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\MountPoints2: G - G:\LaunchU3.exe -a
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\MountPoints2: {172a75ba-2e3d-11e0-a0ea-001e330204b1} - E:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\MountPoints2: {30ddf53a-06f7-11e0-a064-0016441f7a07} - E:\LaunchU3.exe -a
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\MountPoints2: {6ab95dc0-45a9-11e0-a13e-001e330204b1} - E:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\sstext3d.scr [679936 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32
Startup: C:\Documents and Settings\windows\Start Menu\Programs\Startup\Microsoft Office Groove.lnk [2014-11-10]
ShortcutTarget: Microsoft Office Groove.lnk -> C:\Program Files\Microsoft Office\Office12\GROOVE.EXE (Microsoft Corporation)
Startup: C:\Documents and Settings\windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2011-02-15]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Google
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Google
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Google
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1606980848-57989841-1177238915-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.es/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_en
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Content Blocker Plugin -> {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Virtual Keyboard Plugin -> {73455575-E40C-433C-9784-C78DC7761455} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: Safe Money Plugin -> {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22] (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-03] (Sun Microsystems, Inc.)
BHO: URL Advisor Plugin -> {E33CF602-D945-461A-83F0-819F76A199F8} -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll [2014-04-20] (Kaspersky Lab ZAO)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-02-03] (Sun Microsystems, Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\system32\urlmon.dll [2014-03-06] (Microsoft Corporation)
ShellExecuteHooks:  - {AEB6717E-7E19-11d0-97EE-00C04FD91972} -  No File [ ]
Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [152864 2010-10-07] (Apple Inc.)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\windows\Application Data\Mozilla\Firefox\Profiles\bouagziu.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll [2011-03-05] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2010-11-17] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2010-12-11] (Google)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-02-02] (Sun Microsystems, Inc.)
FF Plugin: @kaspersky.com/content_blocker -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2015-05-09] ()
FF Plugin: @kaspersky.com/online_banking -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2015-05-09] ()
FF Plugin: @kaspersky.com/virtual_keyboard -> C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-05-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-06] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-06] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1606980848-57989841-1177238915-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-1606980848-57989841-1177238915-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-04-06] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-02-02] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll [2010-12-03] (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-01-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-01-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-01-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-01-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-01-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll [2010-12-09] (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\answers.xml [2010-12-03]
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml [2010-12-03]
FF Extension: Microsoft .NET Framework Assistant - C:\Documents and Settings\windows\Application Data\Mozilla\Firefox\Profiles\bouagziu.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2015-04-06]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-12-26]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010-12-11]
FF HKLM\...\Firefox\Extensions: [content_blocker@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com
FF Extension: Dangerous Websites Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com [2015-05-09]
FF HKLM\...\Firefox\Extensions: [virtual_keyboard@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com
FF Extension: Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com [2015-05-09]
FF HKLM\...\Firefox\Extensions:  - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com
FF Extension: Kaspersky URL Advisor - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com [2015-05-09]
FF HKLM\...\Firefox\Extensions: [anti_banner@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com
FF Extension: Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com [2015-05-09]
FF HKLM\...\Firefox\Extensions: [online_banking@kaspersky.com] - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com
FF Extension: Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com [2015-05-09]

Chrome:
=======
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\41.0.2272.118\pdf.dll ()
CHR Plugin: (Google Gears 0.5.33.0) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\41.0.2272.118\gears.dll No File
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\41.0.2272.118\gcswf32.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Profile: C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd [2015-05-09]
CHR Extension: (Chrome Hotword Shared Module) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-09]
CHR Extension: (Google Wallet) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-26]
CHR HKLM\...\Chrome\Extension: [avast! WebRep] - C:\Program Files\AVAST Software\Avast\Setup\WebRep\aswWebRep.crx [Not Found]
CHR HKLM\...\Chrome\Extension: [dbhjdbfgekjfcfkkfjjmlmojhbllhbho] - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2010-11-22]
StartMenuInternet: chrome.exe - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVP15.0.0; C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe [233552 2014-04-20] (Kaspersky Lab ZAO)
S2 KSS; C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-06-15] (Kaspersky Lab ZAO)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
S3 AR5211; C:\WINDOWS\System32\DRIVERS\ar5211.sys [547072 2007-06-21] (Atheros Communications, Inc.)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [135264 2014-02-20] (Kaspersky Lab ZAO)
R3 klflt; C:\WINDOWS\System32\DRIVERS\klflt.sys [107104 2014-04-18] (Kaspersky Lab ZAO)
R1 klhk; C:\WINDOWS\System32\DRIVERS\klhk.sys [33888 2014-04-10] (Kaspersky Lab ZAO)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [640608 2014-04-18] (Kaspersky Lab ZAO)
R3 klim5; C:\WINDOWS\System32\DRIVERS\klim5.sys [36448 2013-04-19] (Kaspersky Lab ZAO)
R3 klkbdflt; C:\WINDOWS\System32\DRIVERS\klkbdflt.sys [23648 2014-03-28] (Kaspersky Lab ZAO)
R3 klmouflt; C:\WINDOWS\System32\DRIVERS\klmouflt.sys [24672 2013-08-08] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [14432 2013-04-12] (Kaspersky Lab ZAO)
R1 kltdi; C:\WINDOWS\System32\DRIVERS\kltdi.sys [45024 2014-03-25] (Kaspersky Lab ZAO)
R1 kneps; C:\WINDOWS\System32\DRIVERS\kneps.sys [145888 2014-03-26] (Kaspersky Lab ZAO)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
R3 SiS315; C:\WINDOWS\System32\DRIVERS\sisgrp.sys [321536 2007-08-03] (Silicon Integrated Systems Corporation)
R3 SiSGbeXP; C:\WINDOWS\System32\DRIVERS\SiSGbeXP.sys [43264 2007-10-15] (Silicon Integrated Systems Corp.)
R1 SiSkp; C:\WINDOWS\System32\DRIVERS\srvkp.sys [18688 2007-08-03] (Silicon Integrated Systems Corporation)
S3 cpuz134; \??\C:\DOCUME~1\windows\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [X]
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]
S4 IntelIde; No ImagePath
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-06-28 13:07 - 2015-06-28 13:09 - 00022168 _____ () C:\Documents and Settings\windows\Desktop\FRST.txt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-06-28 13:09 - 2010-12-09 05:24 - 00000000 ____D () C:\Documents and Settings\windows\Local Settings\Temp
2015-06-28 13:08 - 2015-01-24 02:11 - 00000000 ____D () C:\FRST
2015-06-28 13:08 - 2010-12-09 00:57 - 00000886 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-06-28 13:06 - 2010-12-09 01:12 - 00000986 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-57989841-1177238915-1003UA.job
2015-06-28 13:03 - 2010-12-09 04:48 - 01237992 _____ () C:\WINDOWS\WindowsUpdate.log
2015-06-28 12:59 - 2014-10-13 19:40 - 00000000 ____D () C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2015-06-28 12:58 - 2008-04-14 10:00 - 00002206 _____ () C:\WINDOWS\system32\wpa.dbl
2015-06-28 12:57 - 2014-09-30 17:35 - 00000226 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2015-06-28 12:57 - 2011-01-21 12:05 - 00000159 _____ () C:\WINDOWS\wiadebug.log
2015-06-28 12:57 - 2011-01-21 12:05 - 00000049 _____ () C:\WINDOWS\wiaservc.log
2015-06-28 12:57 - 2010-12-09 05:24 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2015-06-28 12:57 - 2010-12-09 00:57 - 00000882 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-06-24 10:40 - 2011-01-21 12:05 - 00032540 _____ () C:\WINDOWS\SchedLgU.Txt
2015-06-24 10:40 - 2010-12-09 05:24 - 00000178 ___SH () C:\Documents and Settings\windows\ntuser.ini
2015-06-24 10:36 - 2014-10-13 21:41 - 00404834 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2015-06-24 10:36 - 2014-10-13 21:41 - 00404834 _____ () C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-S-1-5-21-1606980848-57989841-1177238915-1003-0.dat
2015-06-24 10:34 - 2015-04-14 20:05 - 00000000 ____D () C:\Documents and Settings\windows\Desktop\trojanerboard
2015-06-24 10:28 - 2014-09-30 17:35 - 00000220 _____ () C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2015-06-02 20:28 - 2015-01-15 12:47 - 00001171 _____ () C:\Documents and Settings\windows\Desktop\SpyHunter.lnk

==================== Files in the root of some directories =======

2010-12-10 22:43 - 2015-01-18 01:45 - 0034304 _____ () C:\Documents and Settings\windows\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End Of Log ============================
--- --- ---


FRST Additions Logfile:
[CODE]Additional
FRST Logfile:
Code:
scan result of Farbar Recovery Scan Tool (x86) Version: 09-05-2015
Ran by windows at 2015-06-28 13:09:36
Running from C:\Documents and Settings\windows\Desktop
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1606980848-57989841-1177238915-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
Guest (S-1-5-21-1606980848-57989841-1177238915-501 - Limited - Disabled)
HelpAssistant (S-1-5-21-1606980848-57989841-1177238915-1000 - Limited - Disabled)
SUPPORT_388945a0 (S-1-5-21-1606980848-57989841-1177238915-1002 - Limited - Disabled)
windows (S-1-5-21-1606980848-57989841-1177238915-1003 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\windows

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG AntiVirus 2015 (Enabled - Out of date) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Kaspersky Internet Security (Enabled - Out of date) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
FW: Kaspersky Internet Security (Disabled) {2C4D4BC6-0793-4956-A9F9-E252435469C0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM\...\uTorrent) (Version: 2.2.0 - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Flash Player 10 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 10.1.102.64 - Adobe Systems Incorporated)
Adobe Flash Player 10 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 10.2.152.32 - Adobe Systems Incorporated)
Adobe Media Player (HKLM\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{308B6AEA-DE50-4666-996D-0FA461719D6B}) (Version: 3.3.0.69 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bonjour (HKLM\...\{2A981294-F14C-4F0F-9627-D793270922F8}) (Version: 2.0.4.0 - Apple Inc.)
Generic Wireless LAN Driver (HKLM\...\{7CC7C026-F81D-4405-9639-B157B7480D73}) (Version: 1.01.0005T - Generic)
Google Chrome (HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\Google Chrome) (Version: 42.0.2311.135 - Google Inc.)
Google Earth (HKLM\...\{C768790F-04FB-11E0-9B2C-001AA037B01E}) (Version: 6.0.1.2032 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
iTunes (HKLM\...\{FAE36873-1941-4076-A9A5-48812B5EA0B7}) (Version: 10.1.0.56 - Apple Inc.)
Java(TM) 6 Update 24 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.240 - Sun Microsystems, Inc.)
Kaspersky Internet Security (HKLM\...\InstallWIX_{653C1B5A-3287-47B1-8613-0745D4E771C4}) (Version: 15.0.0.463 - Kaspersky Lab)
Kaspersky Internet Security (Version: 15.0.0.463 - Kaspersky Lab) Hidden
Kaspersky Security Scan (HKLM\...\InstallWIX_{D1282694-0693-41A8-ABC1-6D1FFC1F65C4}) (Version: 12.0.1.881 - Kaspersky Lab)
Kaspersky Security Scan (Version: 12.0.1.881 - Kaspersky Lab) Hidden
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM\...\{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version:  - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Motorola SM56 Data Fax Modem (HKLM\...\SMSERIAL) (Version:  - )
Mozilla Firefox 35.0 (x86 de) (HKLM\...\Mozilla Firefox 35.0 (x86 de)) (Version: 35.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 35.0 - Mozilla)
MSN (HKLM\...\MSNINST) (Version:  - )
OpenOffice.org 3.3 (HKLM\...\{82AF3E91-57E1-4754-84D0-40A46E2479AB}) (Version: 3.3.9567 - OpenOffice.org)
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5464 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SiS VGA Utilities (HKLM\...\SiS VGA Driver) (Version:  - )
SiSAGP driver (HKLM\...\{DC226AC9-0314-496C-BE6A-B6A132628466}) (Version: 1.22 - )
Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Uninstall 1.0.0.1 (HKLM\...\Uninstall_is1) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WebFldrs XP (Version: 9.50.7523 - Microsoft Corporation) Hidden
Winamp (HKLM\...\Winamp) (Version: 5.601  - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Genuine Advantage Notifications (KB905474) (HKLM\...\WgaNotify) (Version: 1.9.0040.0 - Microsoft Corporation)
Windows Internet Explorer 8 (HKLM\...\ie8) (Version: 20090308.140743 - Microsoft Corporation)
Windows PowerShell(TM) 1.0 (HKLM\...\KB926139-v2) (Version: 2 - Microsoft Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\42.0.2311.135\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.25.11\psuser.dll (the data entry has 8 more characters).
CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1606980848-57989841-1177238915-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.26.9\psuser.dll (Google Inc.)

==================== Restore Points  =========================

13-10-2014 19:39:44 First Restore Point
13-10-2014 21:36:19 First Restore Point
13-10-2014 21:36:37 First Restore Point
06-01-2015 12:43:45 System Checkpoint
07-01-2015 10:45:17 Removed Kaspersky Anti-Virus.
09-01-2015 11:18:03 System Checkpoint
10-01-2015 01:51:43 Removed Adobe Community Help
10-01-2015 01:52:50 Removed Java(TM) 6 Update 22
10-01-2015 01:55:26 Removed QuickTime
10-01-2015 10:17:48 Software Distribution Service 3.0
11-01-2015 22:23:12 Software Distribution Service 3.0
12-01-2015 22:43:50 System Checkpoint
15-01-2015 01:58:52 Software Distribution Service 3.0
15-01-2015 17:45:15 Installed %1 %2.
15-01-2015 17:54:01 Restore Point before Corrupt Patch Registry keys
20-01-2015 00:23:38 System Checkpoint
25-01-2015 02:32:50 Installed QuickTime 7
06-04-2015 15:09:51 Revo Uninstaller's restore point - CCleaner
06-04-2015 15:14:13 Revo Uninstaller's restore point - CCleaner Packages
06-04-2015 16:29:54 Software Distribution Service 3.0
09-05-2015 14:55:41 Installed Kaspersky Security Scan.
09-05-2015 15:46:07 First Restore Point
11-05-2015 17:51:00 Software Distribution Service 3.0

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2008-04-14 10:00 - 2008-04-14 10:00 - 00000734 ____N C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1      localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\AppleSoftwareUpdate.job => C:\Program Files\Apple Software Update\SoftwareUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-57989841-1177238915-1003Core.job => C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-57989841-1177238915-1003UA.job => C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job => C:\WINDOWS\system32\xp_eos.exe
Task: C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job => C:\WINDOWS\system32\xp_eos.exe

==================== Loaded Modules (whitelisted) ==============

2014-03-06 15:00 - 2014-03-06 15:00 - 01269952 _____ () C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\kpcengine.2.3.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 00087952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 20:51 - 2013-09-13 20:51 - 01242952 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2008-04-14 10:00 - 2008-04-14 10:00 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2008-04-14 10:00 - 2008-04-14 10:00 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll
2008-07-12 21:09 - 2013-01-02 08:48 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2011-01-17 17:19 - 2011-02-15 21:30 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, the associated entry will be removed from the registry.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1606980848-57989841-1177238915-1003\Control Panel\Desktop\\Wallpaper -> C:\Documents and Settings\windows\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
DNS Servers: Media is not connected to internet.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Utility Tray.lnk => C:\WINDOWS\pss\Utility Tray.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^windows^Start Menu^Programs^Startup^OpenOffice.org 3.2.lnk => C:\WINDOWS\pss\OpenOffice.org 3.2.lnkStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Google Update => "C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SMSERIAL => C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe

==================== FirewallRules (whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

StandardProfile\AuthorizedApplications: [C:\Program Files\uTorrent\uTorrent.exe] => Enabled:µTorrent
StandardProfile\AuthorizedApplications: [C:\Program Files\Bonjour\mDNSResponder.exe] => Enabled:Bonjour Service
StandardProfile\AuthorizedApplications: [C:\Program Files\iTunes\iTunes.exe] => Enabled:iTunes
StandardProfile\AuthorizedApplications: [C:\Program Files\Skype\Plugin Manager\skypePM.exe] => Enabled:Skype Extras Manager
StandardProfile\AuthorizedApplications: [C:\Program Files\Ares\Ares.exe] => Enabled:Ares p2p for windows
StandardProfile\AuthorizedApplications: [C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe] => Enabled:Veoh Web Player
StandardProfile\AuthorizedApplications: [C:\Program Files\Winamp\winamp.exe] => Enabled:Winamp
StandardProfile\AuthorizedApplications: [C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE] => Enabled:Microsoft Office Outlook
StandardProfile\AuthorizedApplications: [C:\Program Files\Microsoft Office\Office12\GROOVE.EXE] => Enabled:Microsoft Office Groove
StandardProfile\AuthorizedApplications: [C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE] => Enabled:Microsoft Office OneNote
StandardProfile\AuthorizedApplications: [C:\Program Files\AVG\AVG2015\avgmfapx.exe] => Enabled:AVG-Installationsprogramm
StandardProfile\AuthorizedApplications: [C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\chrome.exe] => Enabled:Google Chrome
StandardProfile\AuthorizedApplications: [C:\Program Files\Skype\Phone\Skype.exe] => Enabled:Skype
StandardProfile\AuthorizedApplications: [C:\Program Files\Mozilla Firefox\firefox.exe] => Enabled:Firefox (C:\Program Files\Mozilla Firefox)
StandardProfile\AuthorizedApplications: [C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe] => Enabled:WebKit

==================== Faulty Device Manager Devices =============

Name: Atheros AR5007EG Wireless Network Adapter
Description: Atheros AR5007EG Wireless Network Adapter
Class Guid: {4D36E972-E325-11CE-BFC1-08002BE10318}
Manufacturer: Atheros
Service: AR5211
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/24/2015 10:35:09 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application frst.exe, version 9.5.2015.0, faulting module frst.exe, version 9.5.2015.0, fault address 0x0001f3f6.
Processing media-specific event for [frst.exe!ws!]

Error: (04/20/2015 05:40:52 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (04/20/2015 05:35:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application frst(4).exe, version 19.4.2015.1, faulting module frst(4).exe, version 19.4.2015.1, fault address 0x0001f09e.
Processing media-specific event for [frst(4).exe!ws!]

Error: (04/20/2015 05:26:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (04/20/2015 05:26:12 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (04/20/2015 05:25:33 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (04/20/2015 05:25:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (04/20/2015 05:25:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (04/20/2015 05:25:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong

Error: (04/20/2015 05:25:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: GetLargeResourceRecord: opt 65002 optlen 8 wrong


System errors:
=============
Error: (06/28/2015 01:03:48 PM) (Source: Windows Update Agent) (EventID: 16) (User: )
Description: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.

Error: (06/24/2015 10:29:58 AM) (Source: Windows Update Agent) (EventID: 16) (User: )
Description: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.

Error: (06/24/2015 10:29:16 AM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register with DCOM within the required timeout.

Error: (06/02/2015 08:01:52 PM) (Source: Windows Update Agent) (EventID: 16) (User: )
Description: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.

Error: (05/20/2015 02:47:52 PM) (Source: Windows Update Agent) (EventID: 16) (User: )
Description: Unable to Connect: Windows is unable to connect to the automatic updates service and therefore cannot download and install updates according to the set schedule. Windows will continue to try to establish a connection.

Error: (05/09/2015 00:45:10 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: The server {4EB61BAC-A3B6-4760-9581-655041EF4D69} did not register with DCOM within the required timeout.

Error: (04/14/2015 07:33:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The iPod Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/14/2015 07:33:24 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Bonjour Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/14/2015 07:33:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Print Spooler service terminated unexpectedly.  It has done this 1 time(s).

Error: (04/14/2015 07:33:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The SpyHunter 4 Service service terminated unexpectedly.  It has done this 1 time(s).


Microsoft Office Sessions:
=========================

==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU 570 @ 2.26GHz
Percentage of memory in use: 65%
Total physical RAM: 765.1 MB
Available physical RAM: 267.59 MB
Total Pagefile: 1867.94 MB
Available Pagefile: 1153.07 MB
Total Virtual: 2047.88 MB
Available Virtual: 1934.35 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:129.86 GB) (Free:51.2 GB) NTFS ==>[Drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 149.1 GB) (Disk ID: 51EC51EC)
Partition 1: (Active) - (Size=129.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=19.2 GB) - (Type=05)

==================== End Of Log ============================
--- --- ---

--- --- ---

bitteschön der aktuelle scan.

Dankesehr ;)
lg
supertrine

schrauber 29.06.2015 06:45
Deaktiviere bitte dein Antivirenprogramm, da es die Entfernung von SpyHunter blockieren kann.
Bitte downloade SpyHunterCleaner auf Deinen Desktop.
  • Schließe alle offenen Programme und Browser.
  • Starte die SpyHunterCleaner.exe.
  • Drücke eine beliebige Taste, um den Entfernungsprozess zu starten.
  • Wenn das Tool fertig ist, wird es sich selbst schließen.
  • Gib mir Bescheid, ob nun noch Reste von SpyHunter zu sehen sind.

supertrine 14.10.2015 15:57
Hallo lieber Schrauber, ich wiedermal bzw. noch immer. hab den spyhuntercleaner drueberlaufen lassen, aber der spyhunter ist noch immer da.
Vielen Dank! Trine

schrauber 15.10.2015 13:20
Neu laden und nochmal laufen lassen. Dann:

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


supertrine 17.10.2015 17:31
FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:17-10-2015
Ran by windows (administrator) on WINDOWS-2BA645A (17-10-2015 18:23:54)
Running from C:\Documents and Settings\windows\Desktop
Loaded Profiles: windows (Available Profiles: windows & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Ares Development Group) C:\Program Files\Ares\Ares.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GROOVE.EXE
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Google Inc.) C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
(Farbar) C:\Documents and Settings\windows\Desktop\FRST (2).exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [421160 2010-11-17] (Apple Inc.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16384000 2007-08-10] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SiSPower] => Rundll32.exe SiSPower.dll,ModeAgent
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2010-12-09] (Nullsoft, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\Run: [ares] => C:\Program Files\Ares\Ares.exe [1015808 2010-10-27] (Ares Development Group)
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\Run: [Google Update] => C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [144200 2015-09-21] (Google Inc.)
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\MountPoints2: G - G:\LaunchU3.exe -a
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\MountPoints2: {172a75ba-2e3d-11e0-a0ea-001e330204b1} - E:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\MountPoints2: {30ddf53a-06f7-11e0-a064-0016441f7a07} - E:\LaunchU3.exe -a
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\MountPoints2: {6ab95dc0-45a9-11e0-a13e-001e330204b1} - E:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\sstext3d.scr [679936 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32
ShellExecuteHooks:  - {AEB6717E-7E19-11d0-97EE-00C04FD91972} -  No File [ ]
Startup: C:\Documents and Settings\windows\Start Menu\Programs\Startup\Microsoft Office Groove.lnk [2014-11-10]
ShortcutTarget: Microsoft Office Groove.lnk -> C:\Program Files\Microsoft Office\Office12\GROOVE.EXE (Microsoft Corporation)
Startup: C:\Documents and Settings\windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2011-02-15]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [152864 2010-10-07] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 213.33.99.70 80.120.17.70
Tcpip\..\Interfaces\{E7B884F1-2F3C-4F78-901D-2B605D149E8C}: [DhcpNameServer] 213.33.99.70 80.120.17.70

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1606980848-57989841-1177238915-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.es/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_en
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22] (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-03] (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-02-03] (Sun Microsystems, Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\windows\Application Data\Mozilla\Firefox\Profiles\0n34twbj.default-1442852442062
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll [2011-03-05] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2010-11-17] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2010-12-11] (Google)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-02-02] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-30] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1606980848-57989841-1177238915-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF Plugin HKU\S-1-5-21-1606980848-57989841-1177238915-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-02-02] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll [2010-12-03] (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-01-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-01-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-01-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-01-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-01-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll [2010-12-09] (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\answers.xml [2010-12-03]
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml [2010-12-03]
FF Extension: Yahoo! Toolbar - C:\Documents and Settings\windows\Application Data\Mozilla\Firefox\Profiles\0n34twbj.default-1442852442062\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2015-09-21] [not signed]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-12-26] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF => not found
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010-12-11] [not signed]

Chrome:
=======
CHR NewTab: Default -> "chrome-extension://flcpildhclihlpljpfpojindpglggkpd/stubby.html","chrome-extension://ncheegbloelpifhkekmpljcbekcmbpig/stubby.html"
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\46.0.2490.71\pdf.dll => No File
CHR Plugin: (Google Gears 0.5.33.0) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\46.0.2490.71\gears.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\46.0.2490.71\gcswf32.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll => No File
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll => No File
CHR Plugin: (Microsoft DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll => No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Profile: C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (MapsGalaxy) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd [2015-05-09]
CHR Extension: (Google Wallet) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-26]
CHR HKLM\...\Chrome\Extension: [avast! WebRep] - C:\Program Files\AVAST Software\Avast\Setup\WebRep\aswWebRep.crx <not found>
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2010-11-22]
StartMenuInternet: chrome.exe - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
StartMenuInternet: Google Chrome - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R3 AR5211; C:\WINDOWS\System32\DRIVERS\ar5211.sys [547072 2007-06-21] (Atheros Communications, Inc.)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
R3 SiS315; C:\WINDOWS\System32\DRIVERS\sisgrp.sys [321536 2007-08-03] (Silicon Integrated Systems Corporation)
R3 SiSGbeXP; C:\WINDOWS\System32\DRIVERS\SiSGbeXP.sys [43264 2007-10-15] (Silicon Integrated Systems Corp.)
R1 SiSkp; C:\WINDOWS\System32\DRIVERS\srvkp.sys [18688 2007-08-03] (Silicon Integrated Systems Corporation)
S3 cpuz134; \??\C:\DOCUME~1\windows\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [X]
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]
S4 IntelIde; no ImagePath
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-17 18:23 - 2015-10-17 18:23 - 00000400 _____ C:\Documents and Settings\windows\Desktop\Addition.txt
2015-10-17 18:22 - 2015-10-17 18:23 - 00017890 _____ C:\Documents and Settings\windows\Desktop\FRST.txt
2015-10-17 18:22 - 2015-10-17 18:22 - 01700864 _____ (Farbar) C:\Documents and Settings\windows\Desktop\FRST (2).exe
2015-10-17 18:05 - 2015-10-17 18:05 - 00305152 _____ C:\Documents and Settings\windows\Desktop\SpyHunterCleaner-reboot.exe
2015-10-17 18:04 - 2015-10-17 18:04 - 00496640 _____ C:\Documents and Settings\windows\Desktop\SpyHunterCleaner (4).exe
2015-09-21 19:15 - 2015-09-21 19:15 - 00000104 _____ C:\Documents and Settings\windows\Desktop\Internet.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-17 18:24 - 2010-12-09 05:24 - 00000000 ____D C:\Documents and Settings\windows\Local Settings\Temp
2015-10-17 18:23 - 2015-01-24 02:11 - 00000000 ____D C:\FRST
2015-10-17 18:08 - 2010-12-09 04:48 - 01499586 _____ C:\WINDOWS\WindowsUpdate.log
2015-10-17 18:07 - 2014-09-30 17:35 - 00000226 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2015-10-17 18:07 - 2011-01-21 12:05 - 00000159 _____ C:\WINDOWS\wiadebug.log
2015-10-17 18:07 - 2011-01-21 12:05 - 00000050 _____ C:\WINDOWS\wiaservc.log
2015-10-17 18:07 - 2010-12-09 05:24 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-10-17 18:07 - 2010-12-09 00:57 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-17 18:07 - 2008-04-14 10:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2015-10-17 18:06 - 2011-01-21 12:05 - 00032540 _____ C:\WINDOWS\SchedLgU.Txt
2015-10-17 18:06 - 2010-12-09 05:24 - 00000178 ___SH C:\Documents and Settings\windows\ntuser.ini
2015-10-17 17:52 - 2015-01-15 18:15 - 00025187 _____ C:\WINDOWS\setupapi.log
2015-10-17 17:52 - 2010-12-20 14:58 - 00000000 ____D C:\Documents and Settings\windows\Application Data\Skype
2015-10-17 17:51 - 2014-09-30 17:35 - 00000220 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2015-09-21 19:32 - 2010-12-09 01:12 - 00000986 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-57989841-1177238915-1003UA.job
2015-09-21 19:31 - 2010-12-09 00:57 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-21 19:04 - 2014-10-13 21:41 - 00404834 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\WPFFontCache_v0400-System.dat
2015-09-21 19:03 - 2010-12-09 05:24 - 00000000 ____D C:\Documents and Settings\windows
2015-09-21 18:32 - 2010-12-09 01:12 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-57989841-1177238915-1003Core.job

====================
--- --- ---
Files in the root of some directories =======

2010-12-10 22:43 - 2015-01-18 01:45 - 0034304 _____ () C:\Documents and Settings\windows\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x86) Version:17-10-2015
Ran by windows (2015-10-17 18:23:17)
Running from C:\Documents and Settings\windows\Desktop
Microsoft Windows XP Professional Service Pack 3 (X86) (2010-12-09 03:03:38)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

lieber schrauber,
vielen Dank fuer deine rasche Antwort. Ich habe den Spyhuntercleaner noch mal drueberlaufen gelassen und dann die frst32 gemacht.
vielen lieben dank,
Christine

schrauber 18.10.2015 06:45
Das Log bitte nochmal posten, ist unvollständig :)

supertrine 13.11.2015 18:47
FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:07-11-2015
Ran by windows (administrator) on WINDOWS-2BA645A (13-11-2015 18:29:03)
Running from C:\Documents and Settings\windows\My Documents\Downloads
Loaded Profiles: windows (Available Profiles: windows & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Geeks to Go Forum

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Ares Development Group) C:\Program Files\Ares\Ares.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GROOVE.EXE
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
(Google Inc.) C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
(Farbar) C:\Documents and Settings\windows\My Documents\Downloads\FRST (3).exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [421160 2010-11-17] (Apple Inc.)
HKLM\...\Run: [RTHDCPL] => C:\WINDOWS\RTHDCPL.EXE [16384000 2007-08-10] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\WINDOWS\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
HKLM\...\Run: [SiSPower] => Rundll32.exe SiSPower.dll,ModeAgent
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2010-12-09] (Nullsoft, Inc.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [20584608 2013-11-14] (Skype Technologies S.A.)
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\Run: [ares] => C:\Program Files\Ares\Ares.exe [1015808 2010-10-27] (Ares Development Group)
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\Run: [Google Update] => C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [144200 2015-09-21] (Google Inc.)
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\MountPoints2: G - G:\LaunchU3.exe -a
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\MountPoints2: {172a75ba-2e3d-11e0-a0ea-001e330204b1} - E:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\MountPoints2: {30ddf53a-06f7-11e0-a064-0016441f7a07} - E:\LaunchU3.exe -a
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\...\MountPoints2: {6ab95dc0-45a9-11e0-a13e-001e330204b1} - E:\.\Autorun.exe AUTORUN=1
HKU\S-1-5-21-1606980848-57989841-1177238915-1003\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\sstext3d.scr [679936 2008-04-14] (Microsoft Corporation)
HKU\S-1-5-18\...\RunOnce: [nltide_2] => regsvr32 /s /n /i:U shell32
ShellExecuteHooks:  - {AEB6717E-7E19-11d0-97EE-00C04FD91972} -  No File [ ]
Startup: C:\Documents and Settings\windows\Start Menu\Programs\Startup\Microsoft Office Groove.lnk [2014-11-10]
ShortcutTarget: Microsoft Office Groove.lnk -> C:\Program Files\Microsoft Office\Office12\GROOVE.EXE (Microsoft Corporation)
Startup: C:\Documents and Settings\windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2011-02-15]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe ()
BootExecute: autocheck autochk * sdnclean.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 04 C:\Program Files\Bonjour\mdnsNSP.dll [152864 2010-10-07] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 213.33.99.70 80.120.17.70
Tcpip\..\Interfaces\{E7B884F1-2F3C-4F78-901D-2B605D149E8C}: [DhcpNameServer] 213.33.99.70 80.120.17.70

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1606980848-57989841-1177238915-1003 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.es/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_en
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Skype Plug-In -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22] (Skype Technologies S.A.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2011-02-02] (Sun Microsystems, Inc.)
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2011-02-02] (Sun Microsystems, Inc.)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2010-11-22] (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2013-02-26] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Documents and Settings\windows\Application Data\Mozilla\Firefox\Profiles\0n34twbj.default-1442852442062
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll [2011-03-05] ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2010-11-17] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2010-12-11] (Google)
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll [2011-02-02] (Sun Microsystems, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1606980848-57989841-1177238915-1003: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF Plugin HKU\S-1-5-21-1606980848-57989841-1177238915-1003: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-21] (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll [2011-02-02] (Sun Microsystems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npnul32.dll [2010-12-03] (mozilla.org)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2015-01-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2015-01-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2015-01-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2015-01-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2015-01-25] (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll [2010-12-09] (Nullsoft, Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\answers.xml [2010-12-03]
FF SearchPlugin: C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml [2010-12-03]
FF Extension: Yahoo! Toolbar - C:\Documents and Settings\windows\Application Data\Mozilla\Firefox\Profiles\0n34twbj.default-1442852442062\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2015-09-21] [not signed]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-12-27] [not signed]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF => not found
FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
FF Extension: Java Quick Starter - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2010-12-11] [not signed]

Chrome:
=======
CHR NewTab: Default -> "chrome-extension://flcpildhclihlpljpfpojindpglggkpd/stubby.html","chrome-extension://ncheegbloelpifhkekmpljcbekcmbpig/stubby.html"
CHR Plugin: (Chrome PDF Viewer) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\46.0.2490.71\pdf.dll => No File
CHR Plugin: (Google Gears 0.5.33.0) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\46.0.2490.71\gears.dll => No File
CHR Plugin: (Shockwave Flash) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\46.0.2490.71\gcswf32.dll => No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.220.4) - C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll (Sun Microsystems, Inc.)
CHR Plugin: (Java(TM) Platform SE 6 U22) - C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin6.dll => No File
CHR Plugin: (QuickTime Plug-in 7.6.8) - C:\Program Files\QuickTime\plugins\npqtplugin7.dll => No File
CHR Plugin: (Microsoft DRM) - C:\Program Files\Windows Media Player\npdrmv2.dll (Microsoft Corporation)
CHR Plugin: (Windows Media Player Plug-in Dynamic Link Library) - C:\Program Files\Windows Media Player\npdsplay.dll (Microsoft Corporation (written by Digital Renaissance Inc.))
CHR Plugin: (Microsoft DRM) - C:\Program Files\Windows Media Player\npwmsdrm.dll (Microsoft Corporation)
CHR Plugin: (Google Update) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Update\1.2.183.39\npGoogleOneClick8.dll => No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Profile: C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default
CHR Extension: (MapsGalaxy) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd [2015-05-09]
CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-17]
CHR HKLM\...\Chrome\Extension: [avast! WebRep] - C:\Program Files\AVAST Software\Avast\Setup\WebRep\aswWebRep.crx <not found>
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2010-11-22]
StartMenuInternet: chrome.exe - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
StartMenuInternet: Google Chrome - C:\Documents and Settings\windows\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Ambfilt; C:\WINDOWS\System32\drivers\Ambfilt.sys [1691480 2009-11-18] (Creative)
R3 AR5211; C:\WINDOWS\System32\DRIVERS\ar5211.sys [547072 2007-06-21] (Atheros Communications, Inc.)
S3 Monfilt; C:\WINDOWS\System32\drivers\Monfilt.sys [1395800 2009-11-18] (Creative Technology Ltd.)
R3 SiS315; C:\WINDOWS\System32\DRIVERS\sisgrp.sys [321536 2007-08-03] (Silicon Integrated Systems Corporation)
R3 SiSGbeXP; C:\WINDOWS\System32\DRIVERS\SiSGbeXP.sys [43264 2007-10-15] (Silicon Integrated Systems Corp.)
R1 SiSkp; C:\WINDOWS\System32\DRIVERS\srvkp.sys [18688 2007-08-03] (Silicon Integrated Systems Corporation)
S3 cpuz134; \??\C:\DOCUME~1\windows\LOCALS~1\Temp\cpuz134\cpuz134_x32.sys [X]
S3 hwusbfake; system32\DRIVERS\ewusbfake.sys [X]
S4 IntelIde; no ImagePath
S3 massfilter; system32\drivers\massfilter.sys [X]
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X]
S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X]
S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-17 17:24 - 2015-10-17 17:24 - 00021785 _____ C:\Documents and Settings\windows\Desktop\FRST 17.10.15.txt
2015-10-17 17:23 - 2015-10-17 17:23 - 00000400 _____ C:\Documents and Settings\windows\Desktop\Addition.txt
2015-10-17 17:22 - 2015-10-17 17:24 - 00021785 _____ C:\Documents and Settings\windows\Desktop\FRST.txt
2015-10-17 17:22 - 2015-10-17 17:22 - 01700864 _____ (Farbar) C:\Documents and Settings\windows\Desktop\FRST (2).exe
2015-10-17 17:05 - 2015-10-17 17:05 - 00305152 _____ C:\Documents and Settings\windows\Desktop\SpyHunterCleaner-reboot.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-11-13 18:29 - 2015-01-24 01:11 - 00000000 ____D C:\FRST
2015-11-13 18:29 - 2010-12-09 04:24 - 00000000 ____D C:\Documents and Settings\windows\Local Settings\Temp
2015-11-13 18:29 - 2010-12-09 03:48 - 01705266 _____ C:\WINDOWS\WindowsUpdate.log
2015-11-13 18:25 - 2015-01-15 17:15 - 00026768 _____ C:\WINDOWS\setupapi.log
2015-11-13 18:21 - 2010-12-08 23:57 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-11-13 18:13 - 2014-09-30 16:35 - 00000220 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
2015-11-13 18:12 - 2008-04-14 09:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2015-11-13 18:11 - 2014-09-30 16:35 - 00000226 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
2015-11-13 18:11 - 2011-01-21 11:05 - 00000159 _____ C:\WINDOWS\wiadebug.log
2015-11-13 18:11 - 2011-01-21 11:05 - 00000050 _____ C:\WINDOWS\wiaservc.log
2015-11-13 18:11 - 2010-12-09 04:24 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-11-13 18:10 - 2011-01-21 11:05 - 00032540 _____ C:\WINDOWS\SchedLgU.Txt
2015-11-13 18:10 - 2010-12-09 04:24 - 00000178 ___SH C:\Documents and Settings\windows\ntuser.ini
2015-11-13 17:53 - 2010-12-08 19:35 - 00563998 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-11-13 17:33 - 2010-12-09 00:12 - 00000986 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-57989841-1177238915-1003UA.job
2015-11-13 17:31 - 2010-12-08 23:57 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-29 04:17 - 2011-01-20 12:26 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\Microsoft Help
2015-10-17 17:32 - 2010-12-09 00:12 - 00000934 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-1606980848-57989841-1177238915-1003Core.job
2015-10-17 16:52 - 2010-12-20 13:58 - 00000000 ____D C:\Documents and Settings\windows\Application Data\Skype

====================
--- --- ---

--- --- ---
Files in the root of some directories =======

2010-12-10 21:43 - 2015-01-18 00:45 - 0034304 _____ () C:\Documents and Settings\windows\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

FRST32 ist durch. Addition kam vorher immer von selbst, wo den bitte diese # reintippen? bei der FRST? sorry :(
DANKE!!!! gvlg die supertrine

schrauber 14.11.2015 20:00
Schau dir mal den Screenshot an :)

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

supertrine 06.04.2016 22:52
Aber ich habe dann ja nix geschickt, darum ist keine Antwort gekommen.
Hab auch den alten Computer nie benutzt, aber es waere schon ein Moerdererfolgserlebniss diesen Spyhunter zu besiegen!
Nur wie? Dankesehr!


Alle Zeitangaben in WEZ +1. Es ist jetzt 19:15 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132