Trojaner-Board - langsam und ständiges öffnen von komischen Internetseiten

Trojaner-Board (https://www.trojaner-board.de/)

- Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)

- - langsam und ständiges öffnen von komischen Internetseiten (https://www.trojaner-board.de/167653-langsam-staendiges-oeffnen-komischen-internetseiten.html)

Ani73

06.06.2015 20:24

langsam und ständiges öffnen von komischen Internetseiten

Guten Abend,

mein Sohn kam heute mit seinem Laptop zu mir. Der spinnt total ich hab keine Ahnung was er und mein Mann gemacht haben. Der öffnet ständig irgendwelche Internetseiten und ist tierisch langsam. Andauernd sich auch eine Seite mit einem Tool das Windows bereinigen soll. Ich habe Eset mal durchlaufen lassen und sehr viele infizierte Dateien gefunden. #Bevor ich jetzt etwas zerschieße dachte ich frag mal Euch um Hilfe.

Hier habe ich ein FRST log

Code:

Additional scan result of Farbar Recovery Scan Tool (x64) Version:06-06-2015

Ran by Undertaker at 2015-06-06 21:17:24

Running from C:\Users\Undertaker\Downloads

Boot Mode: Normal

==========================================================
 
 

==================== Accounts: =============================
 

Administrator (S-1-5-21-1335839233-2991384071-368375801-500 - Administrator - Disabled)

Gast (S-1-5-21-1335839233-2991384071-368375801-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-1335839233-2991384071-368375801-1005 - Limited - Enabled)

Shari (S-1-5-21-1335839233-2991384071-368375801-1001 - Limited - Enabled) => C:\Users\Shari

Undertaker (S-1-5-21-1335839233-2991384071-368375801-1000 - Administrator - Enabled) => C:\Users\Undertaker
 

==================== Security Center ========================
 

(If an entry is included in the fixlist, it will be removed.)
 

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installed Programs ======================
 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden

„Windows Live Messenger“ (x32 Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden

„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version:  - )

Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)

Advanced-System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~9338DF9D_is1) (Version: 2.1.1000.15680 - systweak.com) <==== ATTENTION

Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82 - WildTangent) Hidden

AnyProtect (HKLM-x32\...\AnyProtect) (Version: 1.0.0.4 - CMI Limited) <==== ATTENTION

Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)

ATI Catalyst Install Manager (HKLM\...\{2E26B067-B10A-683A-7E84-5813500EE3B0}) (Version: 3.0.820.0 - ATI Technologies, Inc.)

aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 2.9.1390 - DsNET Corp)

Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)

Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden

BatteryLifeExtender (HKLM-x32\...\{FFD0E594-823B-4E2B-B680-720B3C852588}) (Version: 1.0.11 - Samsung)

Battlefield Heroes (HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version:  - EA Digital illusions)

Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.55 - Broadcom Corporation)

BrowserApp3.7 (HKLM-x32\...\BrowserApp3.7) (Version: 1.36.01.22 - Browsr2App)

BrowserV04.06 (HKLM-x32\...\BrowserV04.06) (Version: 1.36.01.22 - BrowserV04.06)

Build-a-lot (x32 Version: 2.2.0.82 - WildTangent) Hidden

Camtasia Studio 8 (HKLM-x32\...\{8F6F7194-0734-4CDA-8C04-6B766F2241A6}) (Version: 8.0.4.1060 - TechSmith Corporation)

Cassiopesa (HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Chromium) (Version: 45.0.2422.0 - Chromium)

Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden

CinemaPlus-3.2cV05.06 (HKLM-x32\...\CinemaPlus-3.2cV05.06) (Version: 1.36.01.22 - Cinema PlusV05.06) <==== ATTENTION

Crossbrowse (HKLM-x32\...\Crossbrowse) (Version: 39.6.2171.95 - The Crossbrowse Authors) <==== ATTENTION!

CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)

CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.)

CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)

CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)

CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)

CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3509 - CyberLink Corp.)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Das gelobte Land (HKLM-x32\...\Das gelobte Land) (Version: 1.0.0.0 - INTENIUM GmbH)

DC Universe Online (HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\SOE-DC Universe Online) (Version: 1.0.3.183 - Sony Online Entertainment)

DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 1.0.0.46 - INTENIUM GmbH)

Die Siedler 7 (HKLM-x32\...\{63860309-DA8A-4BAE-9EAE-CE1D6D79340C}) (Version: 1.12.1396 - Ubisoft)

Die Siedler III Gold Edition (HKLM-x32\...\S3) (Version:  - )

Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden

DriverScanner (HKLM-x32\...\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1) (Version: 4.0.14.0 - Uniblue Systems Ltd)

Dropbox (HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)

DustApps version 1.7 (HKLM-x32\...\{CE9793E8-C305-45AA-AE10-52EE0ADDED4F}_is1) (Version: 1.7 - Microsoft)

Easy Content Share (HKLM-x32\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0 - Samsung Electronics Co., LTD)

Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.2 - Samsung Electronics Co., Ltd.)

Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.)

Easy Network Manager (HKLM-x32\...\{8732818E-CA78-4ACB-B077-22311BF4C0E4}) (Version: 4.4.7 - Samsung)

Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.1.1.1 - Samsung Electronics Co.,Ltd.)

EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung)

EasyFileShare (HKLM-x32\...\{16880765-677F-440B-B16A-BFD9B9C00012}) (Version: 1.0.12 - Samsung)

ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )

ETDWare PS/2-X64 8.0.7.2_WHQL (HKLM\...\Elantech) (Version: 8.0.7.2 - ELAN Microelectronic Corp.)

Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)

Farm Frenzy (x32 Version: 2.2.0.82 - WildTangent) Hidden

Fast Start (HKLM-x32\...\{77F45ECD-FAFC-45A8-8896-CFFB139DAAA3}) (Version: 2.2.0.1 - SAMSUNG)

Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)

Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

GamesDesktop 014.586 (HKLM-x32\...\gmsd_de_586_is1) (Version:  - GAMESDESKTOP) <==== ATTENTION

GamesDesktop 014.592 (HKLM-x32\...\gmsd_de_592_is1) (Version:  - GAMESDESKTOP) <==== ATTENTION

GoHD (HKLM-x32\...\GoHD) (Version: 1.36.01.22 - InstallMoon) <==== ATTENTION

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)

Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden

Iminent (HKLM-x32\...\IMBoosterARP) (Version: 7.48.4.1 - Iminent) <==== ATTENTION

IminentToolbar (HKLM-x32\...\IminentToolbar) (Version: 7.48.4.1 - Iminent) <==== ATTENTION

Infonaut 1.10.0.14 (HKLM-x32\...\Infonaut_1.10.0.14) (Version: 1.10.0.14 - Infonaut)

inminet (HKLM-x32\...\{e20d6e44-c692-4329-d495-57e2996fc3ed}) (Version: 1.0.0 - esties) <==== ATTENTION!

Insaniquarium Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden

inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)

Internet Speed Tracker Internet Explorer Toolbar (HKLM-x32\...\InternetSpeedTracker_9tbar Uninstall Internet Explorer) (Version:  - Mindspark Interactive Network) <==== ATTENTION

iScreeny (HKLM-x32\...\iScreeny) (Version: 1.0 - Altamirsoft LLC)

iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)

Java 7 Update 75 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217075FF}) (Version: 7.0.750 - Oracle)

John Deere Drive Green (x32 Version: 2.2.0.82 - WildTangent) Hidden

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.227 - LogMeIn, Inc.)

LogMeIn Hamachi (x32 Version: 2.2.0.227 - LogMeIn, Inc.) Hidden

MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{6C855B1C-FC55-4A00-9CCB-5ED6DB8770BF}) (Version: 7.0.2.6 - MAGIX AG)

MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden

MAGIX Video deluxe 2014 Plus (HKLM-x32\...\MX.{9E2FEB28-7407-4009-9DC4-203EF2EF6BB7}) (Version: 13.0.0.28 - MAGIX AG)

MAGIX Video deluxe 2014 Plus (Version: 13.0.0.28 - MAGIX AG) Hidden

Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)

MediaPlayerVid2.4 (HKLM-x32\...\MediaPlayerVid2.4) (Version: 1.36.01.22 - NewPlayerVideo+) <==== ATTENTION

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)

Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Movie Color Enhancer (HKLM-x32\...\{7F6F62F0-7884-4CFB-B86C-597A4A6D9C4D}) (Version: 1.0 - Samsung Electronics Co., Ltd.)

MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)

Multimedia POP (HKLM-x32\...\{331ECF61-69AF-4F57-AC35-AFED610231C3}) (Version: 1.0 - )

MyFreeCodec (HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\MyFreeCodec) (Version:  - )

mystartsearch uninstall (HKLM-x32\...\mystartsearch uninstall) (Version:  - mystartsearch) <==== ATTENTION

NAVIGON Fresh 3.4.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.4.1 - NAVIGON)

Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)

Opera Stable 29.0.1795.60 (HKLM-x32\...\Opera 29.0.1795.60) (Version: 29.0.1795.60 - Opera Software ASA)

Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version: 3.3.1.7 - PCUtilities Software Limited) <==== ATTENTION

PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version:  - )

Peggle (x32 Version: 2.2.0.82 - WildTangent) Hidden

Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden

PhoneShare (HKLM-x32\...\{3F50512F-53DF-46B1-8CCB-6C7E638CADD6}) (Version: 9.1.4 - Samsung)

Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden

Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden

Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Project 64 version 2.2.0.3 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.2.0.3 - )

Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.40.126.2011 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6400 - Realtek Semiconductor Corp.)

RegClean-Pro (HKLM-x32\...\RegClean-Pro_is1) (Version: 6.21 - systweak.com) <==== ATTENTION

Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION

Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

Samsung AnyWeb Print (HKLM-x32\...\{318DBE01-1E6B-4243-84B0-210391FE789A}) (Version: 2.0.67.1 - Samsung Electronics Co., Ltd.)

Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.)

Samsung Kies (x32 Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.) Hidden

Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version:  - Samsung Electronics Co., Ltd.)

Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.0.10 - Samsung)

Samsung Support Center 1.0 (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.38 - Samsung)

Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.02.05.00:27 - Samsung Electronics Co., Ltd.)

Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.5.0 - Samsung Electronics Co., Ltd.)

Samsung Update Plus (HKLM-x32\...\{142D8CA7-2C6F-45A7-83E3-099AAFD99133}) (Version: 3.0.0.17 - Samsung Electronics Co., Ltd.)

SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)

Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.23.31.14 - Client Connect LTD) <==== ATTENTION

Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)

Shop and Save Up (HKLM-x32\...\Shop and Save Up) (Version: 1.36.01.22 - InstallMonetizer)

Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)

Sm23mS (HKLM-x32\...\Sm23mS) (Version: 1.36.01.22 - smart-saverplus)

SmartWeb (HKLM-x32\...\SmartWeb) (Version: 8.0.9 - SoftBrain Technologies Ltd.) <==== ATTENTION

Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.4.2 - ) <==== ATTENTION

Solars Abenteuer (HKLM-x32\...\Solars Abenteuer) (Version: 1.0.0.0 - INTENIUM GmbH)

SpeedUpMyPC (HKLM-x32\...\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1) (Version: 6.0.9.2 - Uniblue Systems Limited) <==== ATTENTION

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

System NotifierV05.06 (HKLM-x32\...\System NotifierV05.06) (Version: 1.36.01.22 - System NotifierV05.06) <==== ATTENTION!

Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)

Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)

Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)

Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)

Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden

UpdaterService version 1.5 (HKLM-x32\...\{DC866C1E-B796-4BD2-93B8-B5706AC5B5CC}_is1) (Version: 1.5 - Updater Service) <==== ATTENTION

User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.7 - )

VidPlaya Version 1.0.1 (HKLM-x32\...\{6EB5DB54-4B19-4AC9-9AE3-8514709FFCBA}_is1) (Version: 1.0.1 - Playswell, Inc.) <==== ATTENTION

Wajam (HKLM-x32\...\WaInternetEnhancer) (Version: 2.32.2.15 (i2.6) - WaInternetEnhancer) <==== ATTENTION

WEB.DE Desktop Icons (HKLM-x32\...\1&1 Mail & Media GmbH 1und1DesktopIconsInstaller) (Version: 3.0.5.0 - 1&1 Mail & Media GmbH)

WEB.DE MailCheck für Internet Explorer (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar IE8) (Version: 2.6.3.1 - 1&1 Mail & Media GmbH)

WEB.DE Softwareaktualisierung (HKLM-x32\...\1&1 Mail & Media GmbH 1und1Softwareaktualisierung) (Version: 3.0.3.0 - 1&1 Mail & Media GmbH)

WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.1.5 - WildTangent)

WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-samsung) (Version: 4.0.11.14 - WildTangent)

WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames) (Version: 4.0.10.5 - WildTangent)

WindeskWinsearch 1.0 (HKLM-x32\...\WindeskWinsearch) (Version: 1.0 - PCSoftware)

Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)

Word Processor Text Wrap (HKLM-x32\...\wincheck) (Version: 1.0.0.0 - Word Processor Text Wrap) <==== ATTENTION

WordCaptureX Pro (HKLM-x32\...\{139C1D95-9037-3AB3-F5F4-4A79BF6831EC}) (Version: 4.0.0 - Deskperience)

Zombie Invasion (HKLM-x32\...\ZombieInvasion) (Version: 2.7.67 - Time Lapse Solutions) <==== ATTENTION

Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden

Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 

==================== Custom CLSID (Whitelisted): ==========================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\inminet\sencolny.dll No File <==== ATTENTION

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 

==================== Restore Points =========================
 

28-05-2015 15:13:02 Windows Update

29-05-2015 00:04:27 Windows Update

29-05-2015 15:00:43 Windows Update

31-05-2015 19:47:07 Windows Update

31-05-2015 21:38:06 Windows-Sicherung

01-06-2015 15:07:53 Windows Update

01-06-2015 23:21:59 Windows Update

02-06-2015 15:05:18 Windows Update

03-06-2015 00:09:38 Windows Update

03-06-2015 15:01:11 Windows Update

03-06-2015 23:13:41 Windows Update

04-06-2015 15:02:37 Windows Update

04-06-2015 23:58:02 Windows Update

05-06-2015 15:00:33 Windows Update

05-06-2015 23:36:42 Windows Update

06-06-2015 13:21:50 Uniblue SpeedUpMyPC installation

06-06-2015 13:22:08 Uniblue DriverScanner installation

06-06-2015 15:04:17 Windows Update
 

==================== Hosts content: ===============================
 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (Whitelisted) =============
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

Task: {0106FF68-678C-4DC1-9E86-428909CA00AB} - System32\Tasks\StartPoint Updater => C:\Program Files (x86)\StartPoint\startpoint\1.3.23.0\startup.exe

Task: {029E30BF-C130-40FB-A74A-0ED246A2EDFD} - System32\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-3 => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-3.exe <==== ATTENTION

Task: {03B46B81-D603-4C24-B55A-DB0712795E65} - System32\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-10_user => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-10.exe <==== ATTENTION

Task: {0524867D-A169-481C-9A0C-198C6518875D} - System32\Tasks\WifiManager => C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe [2011-01-04] (Samsung Electronics Co., Ltd.)

Task: {0734196F-E6B9-4177-AA24-D7FF71D63EEF} - System32\Tasks\6ed91930-41af-4297-8930-5e8db03633db-1-7 => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-1-7.exe <==== ATTENTION

Task: {078FFB22-9015-49A6-B981-89BC1A8126BA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)

Task: {08889E4D-7DB6-4FD3-AA3C-31AB1ECCD811} - System32\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-5_user => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-5.exe [2015-06-06] (Cinema PlusV05.06) <==== ATTENTION

Task: {0995AE17-7029-48B2-A3FF-C19164C69DB5} - System32\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-11 => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-11.exe <==== ATTENTION

Task: {0B24F555-A496-4416-A87D-2915A103E4A0} - System32\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-1-6 => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-1-6.exe [2015-06-06] (Cinema PlusV05.06) <==== ATTENTION

Task: {0BAA9BE4-9E38-44C2-A618-7F4ADEDA6DEC} - System32\Tasks\Advanced System~Protector => C:\Program Files (x86)\ASP\AspManager.exe [2015-05-25] ()

Task: {0F80DD36-32C6-459D-9D85-B556EC5B9523} - System32\Tasks\Registration 1und1 Task => C:\Program Files (x86)\1und1Softwareaktualisierung\cdsupdclient.exe [2015-01-12] (1&1 Mail & Media GmbH)

Task: {1045A109-2585-4D87-BE18-E96A7111F49F} - System32\Tasks\iren3006 => C:\PROGRA~2\HIGHLI~1\iren3006.exe <==== ATTENTION

Task: {1148457B-9F78-4282-9588-257D7BB254ED} - System32\Tasks\Tny_cassiopesa => C:\Users\Undertaker\AppData\Roaming\Tny_cassiopesa\UpdateProc\UpdateTask.exe [2015-06-06] () <==== ATTENTION

Task: {11AB16B9-224A-4B50-A8A2-0B0F05E26B70} - System32\Tasks\Advanced System~Protector_startup => C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe [2015-05-25] () <==== ATTENTION

Task: {11F49869-7344-4330-B099-A5E2975B523E} - System32\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-10_user => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-10.exe <==== ATTENTION

Task: {13338BA0-0B90-4DFB-A98F-A15036CF5ED3} - System32\Tasks\7bc2aaac-95f2-48a4-b572-c6e2311540f9-7 => C:\Program Files (x86)\Shop and Save Up\7bc2aaac-95f2-48a4-b572-c6e2311540f9-7.exe [2015-06-06] (InstallMonetizer) <==== ATTENTION

Task: {15E8F254-AEFD-4866-83EB-387C256209C9} - System32\Tasks\2Ovhr6lC1 => C:\Users\Undertaker\AppData\Roaming\2Ovhr6lC1.exe <==== ATTENTION

Task: {195CEDED-2B4D-4BD1-859F-F5C54FB45F90} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-06-06] (AnyProtect.com) <==== ATTENTION

Task: {1C20B52F-0746-4CCA-9841-4BBF9C107340} - System32\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-7 => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-7.exe <==== ATTENTION

Task: {1FBEECA0-FE73-457A-A7B9-C74D1792A1B4} - System32\Tasks\gSyGSmIu0Kf3G => C:\Users\Undertaker\AppData\Roaming\gSyGSmIu0Kf3G.exe <==== ATTENTION

Task: {22AED057-8225-4325-9A00-C0F87F13580F} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-06-06] (AnyProtect.com) <==== ATTENTION

Task: {233A71C2-21F5-4CA9-BF71-C99289A62CA8} - System32\Tasks\6ed91930-41af-4297-8930-5e8db03633db-3 => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-3.exe <==== ATTENTION

Task: {25D1A4DA-9695-4EF7-B6E7-2CD9C9B89E71} - System32\Tasks\Crossbrowse => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION

Task: {288B17BB-063D-4C39-96D0-B19E15D17AC2} - System32\Tasks\6ed91930-41af-4297-8930-5e8db03633db-5 => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-5.exe <==== ATTENTION

Task: {2B7671F8-C360-4B3D-A932-FA79D5A4B8B7} - System32\Tasks\dsmonitor => C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2015-02-16] (Uniblue Systems Ltd)

Task: {2C16B50A-96AB-448B-AA14-133B045D4007} - System32\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-6 => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-6.exe <==== ATTENTION

Task: {312A5F15-77B7-4EAD-8125-161455D93614} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RCP\RegCleanPro.exe [2015-02-19] () <==== ATTENTION

Task: {3186155D-F876-4EC6-BB9C-A6A4D6002EEC} - System32\Tasks\7bc2aaac-95f2-48a4-b572-c6e2311540f9-1-6 => C:\Program Files (x86)\Shop and Save Up\7bc2aaac-95f2-48a4-b572-c6e2311540f9-1-6.exe [2015-06-06] (InstallMonetizer) <==== ATTENTION

Task: {343D0C95-AB99-4052-B3C1-BE765F63AB6C} - System32\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-6 => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-6.exe [2015-06-06] (InstallMoon) <==== ATTENTION

Task: {39BCE7A0-D484-495A-B44E-E60340DE59F1} - System32\Tasks\{97BF6DCC-9FA9-46AE-AB8A-6B23DCEE672D} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.2.59.106/de/abandoninstall?page=tsProgressBar

Task: {3B1F434D-E7AF-4570-9387-0047BC44BCE1} - System32\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-5 => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-5.exe <==== ATTENTION

Task: {3C7D0263-C7C8-41DA-A95A-181929376679} - System32\Tasks\4TKchDi => C:\Users\Undertaker\AppData\Roaming\4TKchDi.exe [2015-04-20] () <==== ATTENTION

Task: {3DEE5779-9B2C-4FFA-B9AF-31AB86CBBA58} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== ATTENTION

Task: {41282ACD-434E-4181-9AAC-D2117EACEA32} - System32\Tasks\6ed91930-41af-4297-8930-5e8db03633db-5_user => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-5.exe <==== ATTENTION

Task: {452D00C0-6296-4B5E-ACA3-5C0178D7089E} - System32\Tasks\7bc2aaac-95f2-48a4-b572-c6e2311540f9-5 => C:\Program Files (x86)\Shop and Save Up\7bc2aaac-95f2-48a4-b572-c6e2311540f9-5.exe [2015-06-06] (InstallMonetizer) <==== ATTENTION

Task: {47DF81C2-E6F9-4921-AAA0-AFD40E04E37B} - System32\Tasks\6ed91930-41af-4297-8930-5e8db03633db-11 => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-11.exe <==== ATTENTION

Task: {49A469C3-8563-4D89-AD28-D133B789308D} - System32\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-10_user => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-10.exe <==== ATTENTION

Task: {49BD6846-64BA-47B8-8F4B-7722319619DC} - System32\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-11 => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-11.exe [2015-06-06] (InstallMoon) <==== ATTENTION

Task: {4BBBFDEA-A4B6-4446-9011-E27435109445} - System32\Tasks\Nropnumipre => C:\ProgramData\Nropnumipre\1.0.1.0\altohria.exe

Task: {4BF86BE3-00BE-4407-B084-9FEE9707A22E} - System32\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-1-7 => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-1-7.exe [2015-06-06] (InstallMoon) <==== ATTENTION

Task: {4C561420-9855-4FE9-AD86-54D66B591061} - System32\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-5 => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-5.exe <==== ATTENTION

Task: {4E488278-C49F-4546-B593-D345A3C4CFF8} - System32\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-1-6 => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-1-6.exe <==== ATTENTION

Task: {4F235196-2FB6-4427-8CD7-E97414AF1BC6} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [2010-11-29] (Samsung Electronics Co., Ltd.)

Task: {52E744F0-7285-441B-9A1E-0DD90F184DA8} - System32\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-1-7 => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-1-7.exe <==== ATTENTION

Task: {53748062-8E77-43D4-B8E2-90174D405BF9} - System32\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-1-7 => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-1-7.exe <==== ATTENTION

Task: {5698F9C1-AB3B-43DC-B9DF-85285797AE4E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1335839233-2991384071-368375801-1000Core => C:\Users\Undertaker\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-25] (Facebook Inc.)

Task: {5916A456-E8AC-4C67-AA81-4087CCA81CBC} - System32\Tasks\d2df547c-f525-4d5b-9dfe-1dc20fbde0e5-10_user => C:\Program Files (x86)\System NotifierV05.06\d2df547c-f525-4d5b-9dfe-1dc20fbde0e5-10.exe <==== ATTENTION

Task: {5B23A2EB-32F1-4969-BBA0-7C130F2B082D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1335839233-2991384071-368375801-1000UA => C:\Users\Undertaker\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-25] (Facebook Inc.)

Task: {5C2A08F4-45A8-4038-A631-14C64CBD25CC} - System32\Tasks\{CFD54570-C1FD-4FD8-A2A8-5AC5940FC6A2} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.3.59.107/de/abandoninstall?page=tsProgressBar

Task: {5E2CE52F-4829-418E-9F0C-CF59E913C1F5} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-06-06] (globalUpdate) <==== ATTENTION

Task: {620895E4-E026-4C11-8E84-3641DB5A85EF} - System32\Tasks\DriverScanner => C:\Program Files (x86)\Uniblue\DriverScanner\driverscanner.exe [2015-02-16] (Uniblue Systems Ltd)

Task: {6681E283-1040-428E-A69C-D57A35C8396C} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2010-08-27] (Samsung Electronics)

Task: {6781603E-58F0-4C02-A068-E46ACA760AEC} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2010-11-10] (CyberLink)

Task: {69861C92-6C94-4313-BD31-4509DCBAE01F} - System32\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-1-7 => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-1-7.exe [2015-06-06] (Cinema PlusV05.06) <==== ATTENTION

Task: {6FB2EC90-A4F3-4283-819A-C1923291AC70} - System32\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-7 => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-7.exe <==== ATTENTION

Task: {6FD85206-4A1D-474A-9989-A89B63F1F304} - System32\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-11 => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-11.exe <==== ATTENTION

Task: {702C8509-0379-4DA2-AB52-66B5F1D28721} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-12225A02\EPM.exe

Task: {70AAB17E-917F-43F3-BE88-B278994DADFB} - System32\Tasks\QmNpb01D3S9 => C:\Users\Undertaker\AppData\Roaming\QmNpb01D3S9.exe <==== ATTENTION

Task: {721C5D0E-4987-4CB8-A981-E4303915D727} - System32\Tasks\StartPoint => C:\Program Files (x86)\StartPoint\startpoint\1.3.23.0\startpoint.exe

Task: {76064839-0993-4963-87E1-CEF7FD08EDDF} - System32\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-1-7 => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-1-7.exe <==== ATTENTION

Task: {76DC9DCF-086C-4A56-84EE-6B3B33B3E369} - System32\Tasks\avabvbyvyc => C:\Users\Undertaker\AppData\Local\avabvbyvyc\avabvbyvyc.exe <==== ATTENTION

Task: {78680EB8-1130-4834-8B75-909B77F2D96F} - System32\Tasks\qYVcguT => C:\Users\Undertaker\AppData\Roaming\qYVcguT.exe <==== ATTENTION

Task: {7B5BEBE6-D21B-4E0F-BB33-B76FFEDE9079} - System32\Tasks\d2df547c-f525-4d5b-9dfe-1dc20fbde0e5-5 => C:\Program Files (x86)\System NotifierV05.06\d2df547c-f525-4d5b-9dfe-1dc20fbde0e5-5.exe <==== ATTENTION

Task: {7E35FD72-4063-4DCB-9EEF-C541EDE9CEB8} - System32\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-3 => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-3.exe [2015-06-06] (Cinema PlusV05.06) <==== ATTENTION

Task: {7EA198A0-82AB-442B-B5E2-43D3187112EF} - System32\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-10_user => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-10.exe [2015-06-06] (InstallMoon) <==== ATTENTION

Task: {81A9A286-D7BD-4317-9A7A-416181BB60F6} - System32\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-6 => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-6.exe <==== ATTENTION

Task: {82C66057-B32C-448C-967C-5A0D0518D2DC} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-07-20] (SAMSUNG Electronics co., LTD.)

Task: {8495CCBF-7A64-430C-9C60-D79F26538DBA} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files (x86)\Optimizer Pro 3.95\OptProLauncher.exe <==== ATTENTION

Task: {8981DE4E-34BB-4C2B-B517-7BEAAB6F224D} - System32\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-6 => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-6.exe <==== ATTENTION

Task: {89F58F8B-4B42-4A1D-A366-AA4839A8D471} - System32\Tasks\7bc2aaac-95f2-48a4-b572-c6e2311540f9-6 => C:\Program Files (x86)\Shop and Save Up\7bc2aaac-95f2-48a4-b572-c6e2311540f9-6.exe [2015-06-06] (InstallMonetizer) <==== ATTENTION

Task: {8A25F2A5-BF76-45D9-B7CA-839AA3469180} - System32\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-7 => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-7.exe <==== ATTENTION

Task: {8F1878C9-BF39-416F-86EA-C6615409388F} - System32\Tasks\ASP => C:\Program Files (x86)\RCP\systweakasp.exe [2015-02-19] (Systweak Inc                                                )

Task: {93318583-D4F0-4A2F-8203-2A3D7307DA32} - System32\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-11 => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-11.exe [2015-06-06] (Cinema PlusV05.06) <==== ATTENTION

Task: {943839E7-E0D1-4E44-9A4D-4D0D8FB30697} - System32\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-5 => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-5.exe [2015-06-06] (Cinema PlusV05.06) <==== ATTENTION

Task: {961ACA20-0E01-4988-98AC-14A6FCECFC92} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe [2010-12-23] (Samsung Electronics)

Task: {A07280E1-6B54-45F6-9862-FFF406179D93} - System32\Tasks\6ed91930-41af-4297-8930-5e8db03633db-1-6 => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-1-6.exe <==== ATTENTION

Task: {A6D3F105-B2D8-4F9C-96FA-D69C09B1FD50} - System32\Tasks\6ed91930-41af-4297-8930-5e8db03633db-7 => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-7.exe <==== ATTENTION

Task: {ACB3427D-F69F-4A6D-B32E-17AB41F8650A} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RCP\RegCleanPro.exe [2015-02-19] () <==== ATTENTION

Task: {AE32B64F-6B83-4609-B026-C0FFC6733526} - System32\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-1-6 => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-1-6.exe <==== ATTENTION

Task: {B44DE6E1-5102-4CEE-9451-9AF14E2434D1} - System32\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-5_user => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-5.exe <==== ATTENTION

Task: {B5BCBF7A-B8AD-4A89-AE97-E97F7403EF7E} - System32\Tasks\d2df547c-f525-4d5b-9dfe-1dc20fbde0e5-5_user => C:\Program Files (x86)\System NotifierV05.06\d2df547c-f525-4d5b-9dfe-1dc20fbde0e5-5.exe <==== ATTENTION

Task: {B849DBD8-E301-4A41-A5B4-59104FA39CC8} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2011-09-04] (SAMSUNG Electronics)

Task: {B8EE3797-176C-4DD7-8D5F-93A57E50CBAA} - System32\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-7 => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-7.exe [2015-06-06] (Cinema PlusV05.06) <==== ATTENTION

Task: {B9EC978F-E5F4-4913-8C14-555536BC0FED} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)

Task: {BABA9B97-7BE3-468C-A9A5-48890FF536AC} - System32\Tasks\{3675E0E0-9D70-4AFD-BB54-ED930B6B0AC7} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.1.0.129.272/de/abandoninstall?page=tsProgressBar

Task: {BB0886E8-CB1C-4752-BEC5-F59CD522229D} - System32\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-5 => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-5.exe <==== ATTENTION

Task: {BFE3F5FD-FF42-44D4-96A9-63B74E0C6185} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-12-23] (Samsung Electronics Co., Ltd.)

Task: {C2D950CC-4A30-492E-B8C2-DA3B63E7A8EF} - System32\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-1-6 => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-1-6.exe [2015-06-06] (InstallMoon) <==== ATTENTION

Task: {C32150CB-F573-4214-A86C-C7D6F15AB157} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RCP\RegCleanPro.exe [2015-02-19] () <==== ATTENTION

Task: {C9A646E4-7858-4023-8BEE-FF47051572AB} - System32\Tasks\7bc2aaac-95f2-48a4-b572-c6e2311540f9-11 => C:\Program Files (x86)\Shop and Save Up\7bc2aaac-95f2-48a4-b572-c6e2311540f9-11.exe [2015-06-06] (InstallMonetizer) <==== ATTENTION

Task: {D40E18CC-F78C-4889-B1EC-FE1EEE779F6B} - System32\Tasks\Opera scheduled Autoupdate 1433586837 => C:\Program Files (x86)\Opera\launcher.exe [2015-05-18] (Opera Software)

Task: {D6C18B2E-F7D3-41CF-9121-0F9F08632AFF} - System32\Tasks\SmartRestarter => C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2010-08-05] (Samsung Electronics Co., Ltd.)

Task: {D7ADED28-34EC-47C7-8AC5-6C159904FB72} - System32\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-7 => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-7.exe [2015-06-06] (InstallMoon) <==== ATTENTION

Task: {D8FE4286-85E6-4453-A9DD-33E13E2B98C7} - System32\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-3 => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-3.exe [2015-06-06] (InstallMoon) <==== ATTENTION

Task: {D92842FC-252C-47C2-A83F-A1B670943B5B} - System32\Tasks\7bc2aaac-95f2-48a4-b572-c6e2311540f9-1-7 => C:\Program Files (x86)\Shop and Save Up\7bc2aaac-95f2-48a4-b572-c6e2311540f9-1-7.exe [2015-06-06] (InstallMonetizer) <==== ATTENTION

Task: {DA52604F-D62E-4A7B-972B-6E5A2AB1AD63} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-06-06] (AnyProtect.com) <==== ATTENTION

Task: {DC15ED03-753C-42A7-A9EA-0D22610D8965} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {DEE6CBD1-045A-46CB-97B6-C85EEC4331DF} - System32\Tasks\{3B277F02-A186-4B0D-ADE2-DB67C0D2B029} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.6.0.106/de/abandoninstall?page=tsPlugin

Task: {DF7F79B4-38B5-496B-9386-08743BA41921} - System32\Tasks\6ed91930-41af-4297-8930-5e8db03633db-6 => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-6.exe <==== ATTENTION

Task: {E28C6E1A-A2E7-4705-B9E7-203E113D75D6} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2010-11-17] (SEC)

Task: {EA29D57E-8D8E-4584-81A6-53C32CD1DF32} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-12-18] (Samsung Electronics. Co. Ltd.)

Task: {EB70DF30-9121-430B-9D03-5C31005E7B2E} - System32\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-5 => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-5.exe [2015-06-06] (InstallMoon) <==== ATTENTION

Task: {ED68CDCA-CCEC-4D4A-B673-36987F07B29A} - System32\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-6 => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-6.exe [2015-06-06] (Cinema PlusV05.06) <==== ATTENTION

Task: {EF391FA4-42EA-48C4-ABEA-74159AE528C2} - System32\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-5_user => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-5.exe [2015-06-06] (InstallMoon) <==== ATTENTION

Task: {F131EF3B-7615-4D31-9575-C8CF3EA5218A} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)

Task: {F37D8CB2-CE0E-4ED5-9C93-E048FA6E58B3} - System32\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-1-6 => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-1-6.exe <==== ATTENTION

Task: {F5C79C28-6A04-4153-B394-AD182EF85117} - System32\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-5_user => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-5.exe <==== ATTENTION

Task: {F755F6CE-34C2-49D6-917F-E46874E862B8} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-06-06] (globalUpdate) <==== ATTENTION

Task: {F8F1156F-876C-4908-AC4A-A4DD87E897F8} - System32\Tasks\7bc2aaac-95f2-48a4-b572-c6e2311540f9-5_user => C:\Program Files (x86)\Shop and Save Up\7bc2aaac-95f2-48a4-b572-c6e2311540f9-5.exe [2015-06-06] (InstallMonetizer) <==== ATTENTION

Task: {F9D0B92F-5E55-45D3-8E3A-DAC729E2FB66} - System32\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-11 => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-11.exe <==== ATTENTION

Task: {FDECA174-6AAC-4A94-BAB2-67687784C3CF} - System32\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-5_user => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-5.exe <==== ATTENTION

Task: {FE1E5E70-F0B6-467D-9500-5543FA8F02D6} - System32\Tasks\pPZCdWJiOzyjMMPjw => C:\Users\Undertaker\AppData\Roaming\pPZCdWJiOzyjMMPjw.exe <==== ATTENTION

Task: {FE3C5875-B082-4EB0-9EB7-411D14C6EC70} - System32\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-10_user => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-10.exe <==== ATTENTION

Task: C:\windows\Tasks\2Ovhr6lC1.job => C:\Users\Undertaker\AppData\Roaming\2Ovhr6lC1.exe <==== ATTENTION

Task: C:\windows\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-1-6.job => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-1-6.exe <==== ATTENTION

Task: C:\windows\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-1-7.job => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-1-7.exe <==== ATTENTION

Task: C:\windows\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-10_user.job => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-10.exe <==== ATTENTION

Task: C:\windows\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-11.job => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-11.exe <==== ATTENTION

Task: C:\windows\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-3.job => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-3.exe <==== ATTENTION

Task: C:\windows\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-5.job => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-5.exe <==== ATTENTION

Task: C:\windows\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-5_user.job => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-5.exe <==== ATTENTION

Task: C:\windows\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-6.job => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-6.exe <==== ATTENTION

Task: C:\windows\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-7.job => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-7.exe <==== ATTENTION

Task: C:\windows\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-1-6.job => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-1-6.exe <==== ATTENTION

Task: C:\windows\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-1-7.job => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-1-7.exe <==== ATTENTION

Task: C:\windows\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-10_user.job => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-10.exe <==== ATTENTION

Task: C:\windows\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-11.job => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-11.exe <==== ATTENTION

Task: C:\windows\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-3.job => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-3.exe <==== ATTENTION

Task: C:\windows\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-5.job => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-5.exe <==== ATTENTION

Task: C:\windows\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-5_user.job => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-5.exe <==== ATTENTION

Task: C:\windows\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-6.job => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-6.exe <==== ATTENTION

Task: C:\windows\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-7.job => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-7.exe <==== ATTENTION

Task: C:\windows\Tasks\4TKchDi.job => C:\Users\Undertaker\AppData\Roaming\4TKchDi.exe <==== ATTENTION

Task: C:\windows\Tasks\6ed91930-41af-4297-8930-5e8db03633db-1-6.job => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-1-6.exe <==== ATTENTION

Task: C:\windows\Tasks\6ed91930-41af-4297-8930-5e8db03633db-1-7.job => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-1-7.exe <==== ATTENTION

Task: C:\windows\Tasks\6ed91930-41af-4297-8930-5e8db03633db-11.job => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-11.exe <==== ATTENTION

Task: C:\windows\Tasks\6ed91930-41af-4297-8930-5e8db03633db-3.job => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-3.exe <==== ATTENTION

Task: C:\windows\Tasks\6ed91930-41af-4297-8930-5e8db03633db-5.job => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-5.exe <==== ATTENTION

Task: C:\windows\Tasks\6ed91930-41af-4297-8930-5e8db03633db-5_user.job => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-5.exe <==== ATTENTION

Task: C:\windows\Tasks\6ed91930-41af-4297-8930-5e8db03633db-6.job => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-6.exe <==== ATTENTION

Task: C:\windows\Tasks\6ed91930-41af-4297-8930-5e8db03633db-7.job => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-7.exe <==== ATTENTION

Task: C:\windows\Tasks\7bc2aaac-95f2-48a4-b572-c6e2311540f9-1-6.job => C:\Program Files (x86)\Shop and Save Up\7bc2aaac-95f2-48a4-b572-c6e2311540f9-1-6.exe <==== ATTENTION

Task: C:\windows\Tasks\7bc2aaac-95f2-48a4-b572-c6e2311540f9-1-7.job => C:\Program Files (x86)\Shop and Save Up\7bc2aaac-95f2-48a4-b572-c6e2311540f9-1-7.exe <==== ATTENTION

Task: C:\windows\Tasks\7bc2aaac-95f2-48a4-b572-c6e2311540f9-11.job => C:\Program Files (x86)\Shop and Save Up\7bc2aaac-95f2-48a4-b572-c6e2311540f9-11.exe <==== ATTENTION

Task: C:\windows\Tasks\7bc2aaac-95f2-48a4-b572-c6e2311540f9-5.job => C:\Program Files (x86)\Shop and Save Up\7bc2aaac-95f2-48a4-b572-c6e2311540f9-5.exe <==== ATTENTION

Task: C:\windows\Tasks\7bc2aaac-95f2-48a4-b572-c6e2311540f9-5_user.job => C:\Program Files (x86)\Shop and Save Up\7bc2aaac-95f2-48a4-b572-c6e2311540f9-5.exe <==== ATTENTION

Task: C:\windows\Tasks\7bc2aaac-95f2-48a4-b572-c6e2311540f9-6.job => C:\Program Files (x86)\Shop and Save Up\7bc2aaac-95f2-48a4-b572-c6e2311540f9-6.exe <==== ATTENTION

Task: C:\windows\Tasks\7bc2aaac-95f2-48a4-b572-c6e2311540f9-7.job => C:\Program Files (x86)\Shop and Save Up\7bc2aaac-95f2-48a4-b572-c6e2311540f9-7.exe <==== ATTENTION

Task: C:\windows\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-1-6.job => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-1-6.exe <==== ATTENTION

Task: C:\windows\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-1-7.job => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-1-7.exe <==== ATTENTION

Task: C:\windows\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-10_user.job => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-10.exe <==== ATTENTION

Task: C:\windows\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-11.job => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-11.exe <==== ATTENTION

Task: C:\windows\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-5.job => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-5.exe <==== ATTENTION

Task: C:\windows\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-5_user.job => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-5.exe <==== ATTENTION

Task: C:\windows\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-6.job => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-6.exe <==== ATTENTION

Task: C:\windows\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-7.job => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-7.exe <==== ATTENTION

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION

Task: C:\windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION

Task: C:\windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION

Task: C:\windows\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-1-6.job => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-1-6.exe <==== ATTENTION

Task: C:\windows\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-1-7.job => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-1-7.exe <==== ATTENTION

Task: C:\windows\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-10_user.job => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-10.exe <==== ATTENTION

Task: C:\windows\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-11.job => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-11.exe <==== ATTENTION

Task: C:\windows\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-5.job => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-5.exe <==== ATTENTION

Task: C:\windows\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-5_user.job => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-5.exe <==== ATTENTION

Task: C:\windows\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-6.job => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-6.exe <==== ATTENTION

Task: C:\windows\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-7.job => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-7.exe <==== ATTENTION

Task: C:\windows\Tasks\Crossbrowse.job => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION

Task: C:\windows\Tasks\d2df547c-f525-4d5b-9dfe-1dc20fbde0e5-10_user.job => C:\Program Files (x86)\System NotifierV05.06\d2df547c-f525-4d5b-9dfe-1dc20fbde0e5-10.exe <==== ATTENTION

Task: C:\windows\Tasks\d2df547c-f525-4d5b-9dfe-1dc20fbde0e5-5.job => C:\Program Files (x86)\System NotifierV05.06\d2df547c-f525-4d5b-9dfe-1dc20fbde0e5-5.exe <==== ATTENTION

Task: C:\windows\Tasks\d2df547c-f525-4d5b-9dfe-1dc20fbde0e5-5_user.job => C:\Program Files (x86)\System NotifierV05.06\d2df547c-f525-4d5b-9dfe-1dc20fbde0e5-5.exe <==== ATTENTION

Task: C:\windows\Tasks\DriverScanner.job => C:\Program Files (x86)\Uniblue\DriverScanner\driverscanner.exe

Task: C:\windows\Tasks\dsmonitor.job => C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe

Task: C:\windows\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-1-6.job => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-1-6.exe <==== ATTENTION

Task: C:\windows\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-1-7.job => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-1-7.exe <==== ATTENTION

Task: C:\windows\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-10_user.job => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-10.exe <==== ATTENTION

Task: C:\windows\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-11.job => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-11.exe <==== ATTENTION

Task: C:\windows\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-3.job => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-3.exe <==== ATTENTION

Task: C:\windows\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-5.job => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-5.exe <==== ATTENTION

Task: C:\windows\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-5_user.job => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-5.exe <==== ATTENTION

Task: C:\windows\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-6.job => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-6.exe <==== ATTENTION

Task: C:\windows\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-7.job => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-7.exe <==== ATTENTION

Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1335839233-2991384071-368375801-1000Core.job => C:\Users\Undertaker\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1335839233-2991384071-368375801-1000UA.job => C:\Users\Undertaker\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION

Task: C:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\windows\Tasks\gSyGSmIu0Kf3G.job => C:\Users\Undertaker\AppData\Roaming\gSyGSmIu0Kf3G.exe <==== ATTENTION

Task: C:\windows\Tasks\pPZCdWJiOzyjMMPjw.job => C:\Users\Undertaker\AppData\Roaming\pPZCdWJiOzyjMMPjw.exe <==== ATTENTION

Task: C:\windows\Tasks\QmNpb01D3S9.job => C:\Users\Undertaker\AppData\Roaming\QmNpb01D3S9.exe <==== ATTENTION

Task: C:\windows\Tasks\qYVcguT.job => C:\Users\Undertaker\AppData\Roaming\qYVcguT.exe <==== ATTENTION

Task: C:\windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RCP\RegCleanPro.exe <==== ATTENTION

Task: C:\windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RCP\RegCleanPro.exe <==== ATTENTION

Task: C:\windows\Tasks\Tny_cassiopesa.job => C:\Users\UNDERT~1\AppData\Roaming\TNY_CA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
 

==================== Loaded Modules (Whitelisted) ==============
 

2011-10-20 00:34 - 2008-06-05 01:53 - 00027648 _____ () C:\windows\System32\spd__l.dll

2011-03-22 23:23 - 2011-03-22 23:23 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll

2013-03-11 18:10 - 2013-03-11 18:10 - 00075136 _____ () C:\windows\SysWOW64\PnkBstrA.exe

2013-03-11 18:11 - 2013-03-11 18:11 - 00189248 _____ () C:\windows\SysWOW64\PnkBstrB.exe

2011-10-19 10:15 - 2009-12-01 09:21 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

2011-03-22 23:23 - 2011-03-22 23:23 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll

2011-03-17 13:54 - 2011-03-17 13:54 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll

2011-03-22 23:14 - 2011-03-22 23:14 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

2011-10-20 00:34 - 2010-10-21 20:22 - 00709632 _____ () C:\windows\system32\SnMinDrv.dll

2015-05-28 15:53 - 2015-05-28 15:53 - 01073152 _____ () C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\InternetEnhancerService.exe

2015-05-28 15:53 - 2015-05-28 15:53 - 00288256 _____ () C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\InternetEnhancer.exe

2015-06-06 13:08 - 2015-06-06 13:08 - 00003072 _____ () C:\Users\Undertaker\AppData\Local\Temp\isdkAA7uaR9j\ISightHost.exe

2015-06-06 13:30 - 2015-06-06 13:30 - 00161280 _____ () C:\Users\Undertaker\AppData\Roaming\VOPackage\VOsrv.exe

2015-06-05 10:14 - 2015-06-05 10:14 - 00359936 _____ () C:\Users\Undertaker\AppData\Local\C2A6F1A8-1433597562-11E1-B08D-BFCB4EA96E5F\bnsg745.exe

2015-06-06 13:39 - 2015-06-06 13:39 - 00286655 _____ () C:\Users\Undertaker\AppData\Local\Temp\nsw1099.tmp

2015-06-06 13:51 - 2015-06-06 13:51 - 02901504 _____ () C:\Users\Undertaker\AppData\Local\Temp\nsdF15B.tmp

2015-06-06 13:48 - 2015-06-06 13:48 - 02231296 _____ () C:\Users\Undertaker\Downloads\AdwCleaner_4.206.exe

2015-06-06 12:33 - 2015-05-18 09:33 - 00479352 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\opera_crashreporter.exe

2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2011-10-19 10:29 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll

2015-06-06 11:16 - 2015-06-06 11:16 - 00043008 _____ () c:\Users\Undertaker\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprpl7e2.dll

2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\libGLESv2.dll

2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\libEGL.dll

2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll

2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll

2011-10-19 10:32 - 2010-07-05 12:42 - 00203776 _____ () C:\Program Files (x86)\Samsung\Movie Color Enhancer\WinCRT.dll

2011-10-19 10:37 - 2010-05-07 16:22 - 01636864 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll

2009-11-02 07:20 - 2009-11-02 07:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll

2009-11-02 07:23 - 2009-11-02 07:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

2015-05-28 15:54 - 2015-05-28 15:54 - 00011776 _____ () C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\ApiHandlr.dll

2015-06-06 13:08 - 2015-03-04 11:31 - 00577536 _____ () C:\Users\Undertaker\AppData\Local\Temp\isdkAA7uaR9j\ISightSDK.DLL

2015-06-06 14:54 - 2015-06-06 14:54 - 00131072 _____ () C:\Users\Undertaker\AppData\Local\iScreeny\nfapi.dll

2015-06-06 14:54 - 2015-06-06 14:54 - 00325632 _____ () C:\Users\Undertaker\AppData\Local\iScreeny\ProtocolFilters.dll

2015-06-06 12:33 - 2015-05-18 09:33 - 01576568 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\libglesv2.dll

2015-06-06 12:33 - 2015-05-18 09:33 - 00081016 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\libegl.dll

2015-06-06 13:11 - 2015-05-12 13:01 - 01070592 _____ () C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\libglesv2.dll

2015-06-06 13:11 - 2015-05-12 13:01 - 00204800 _____ () C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\libegl.dll
 

==================== Alternate Data Streams (Whitelisted) =========
 

(If an entry is included in the fixlist, only the ADS will be removed.)
 
 

==================== Safe Mode (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\abengine => ""="service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 

==================== EXE Association (Whitelisted) ===============
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 

==================== Internet Explorer trusted/restricted ===============
 

(If an entry is included in the fixlist, it will be removed from the registry.)
 

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com

IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com

IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com

IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
 
 

==================== Other Areas ============================
 

(Currently there is no automatic fix for this section.)
 

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 192.168.2.1
 

==================== MSCONFIG/TASK MANAGER disabled items ==
 

(Currently there is no automatic fix for this section.)
 

MSCONFIG\startupfolder: C:^Users^Undertaker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk => C:\windows\pss\Facebook Messenger.lnk.Startup

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
 

==================== FirewallRules (Whitelisted) ===============
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

FirewallRules: [{69BDB9F9-4084-4D44-A408-5D5FE40CF854}] => (Allow) C:\Windows\System32\SUPDSvc.exe

FirewallRules: [{FE959C3C-AD73-4AEC-9D6C-0382232E663B}] => (Allow) C:\Windows\System32\SUPDSvc.exe

FirewallRules: [{FC7980E9-4F80-4F36-9466-37B9A18652E6}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe

FirewallRules: [{9AC24AFC-1BF5-4550-A687-2B03E4D5F7EB}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe

FirewallRules: [{AF3C80FD-369B-4DE2-ABCA-934544A40985}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe

FirewallRules: [{B3244C98-C00B-437F-8C3F-A653AAE803C0}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe

FirewallRules: [{D926F69B-70A3-42FD-A82C-C21EA696C819}] => (Allow) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10.exe

FirewallRules: [{36998318-A317-4EE4-8BB0-ED2245DB0DAF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE

FirewallRules: [{0160FD72-79D0-4FE8-B6DB-3181E6E3CBE0}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{8C945DD0-F9BF-4C19-B632-B18CE8FFF439}] => (Allow) LPort=2869

FirewallRules: [{E90973CD-FEBC-4B40-A35A-418E0E6164EE}] => (Allow) LPort=1900

FirewallRules: [{11BE53A1-B067-414F-962B-688BDAEA90FC}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

FirewallRules: [{2351B83C-CD9C-4C31-997C-3E4FC795B431}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe

FirewallRules: [{953D920C-56D5-4106-927D-F29E2AABE47D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{3ED98E91-4DF3-4C25-AAE7-84551A641822}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe

FirewallRules: [{A067DEAC-2786-4A1D-8FED-55786BF80DF5}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe

FirewallRules: [{0E1F33F9-FFFC-4EA9-957C-55413CEDBD7D}] => (Allow) C:\Program Files (x86)\Ubisoft\Die Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe

FirewallRules: [{192BCA4F-2430-4ECC-A96A-E46E6EB05CA9}] => (Allow) C:\Program Files (x86)\Ubisoft\Die Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe

FirewallRules: [TCP Query User{B70B6E17-CD33-46E6-A570-EAF636D3C294}C:\program files\java\jre7\bin\java.exe] => (Block) C:\program files\java\jre7\bin\java.exe

FirewallRules: [UDP Query User{45DF2DF0-3B0B-4D43-AFF8-40DE415CDA28}C:\program files\java\jre7\bin\java.exe] => (Block) C:\program files\java\jre7\bin\java.exe

FirewallRules: [{94D83E91-1604-48D8-9EC3-0FDC56418E56}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe

FirewallRules: [{3C994419-F358-45CF-AFDF-46C91CD67A81}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe

FirewallRules: [{ECF686B6-6C0C-4FCC-A4FD-2B0F477EC990}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe

FirewallRules: [{24A2554D-2084-4082-8512-CDA23EED4381}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe

FirewallRules: [TCP Query User{081C2F5B-D6F6-44A4-8176-97E60F4B16D2}C:\users\undertaker\documents\ch@rly's slender ordner\bfheroes.exe] => (Block) C:\users\undertaker\documents\ch@rly's slender ordner\bfheroes.exe

FirewallRules: [UDP Query User{26556202-FEED-4F64-B211-BC94565F68D8}C:\users\undertaker\documents\ch@rly's slender ordner\bfheroes.exe] => (Block) C:\users\undertaker\documents\ch@rly's slender ordner\bfheroes.exe

FirewallRules: [TCP Query User{97900300-DF4D-4EBD-8C1E-AF5E53DFE6B7}C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => (Block) C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe

FirewallRules: [UDP Query User{9F4AE699-B9A0-4A6B-A4A9-B80E9090B895}C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => (Block) C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe

FirewallRules: [{CDD94AB4-D039-499F-AFC9-3E86919EC8BE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{D16186FC-E02D-4A6C-9B52-3A35A4B31C41}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{D35450C6-F433-4A2F-90C5-D5CF46954119}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{8382DF1B-EDAD-4EC1-9026-379B3BCEEF61}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [TCP Query User{8318945D-F0E7-4D0C-BCBC-5CC9346F6BCA}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe

FirewallRules: [UDP Query User{3214A147-E3B8-4F85-99A7-7EDC6841C740}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe

FirewallRules: [TCP Query User{01C1D2AA-8E50-485A-8888-11A54A13AFFC}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe

FirewallRules: [UDP Query User{7D43924B-1C4A-4BB4-9911-8E88B9DEE30D}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe

FirewallRules: [TCP Query User{1F45F5AF-987F-48C5-A065-57E5F524D51F}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe

FirewallRules: [UDP Query User{B435329B-9824-4597-803D-58D26AB856EC}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe

FirewallRules: [{592AF29C-2507-4B9A-BCA4-C4419F86862F}] => (Allow) C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{07624F6D-D913-46F9-B23E-CD69AE0D4B17}] => (Allow) C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{9BD9D9E4-CD8C-4E9A-8D4D-214823E32EF8}] => (Allow) C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{851329BD-31B5-4EFC-BEBD-AF10F18B69B5}] => (Allow) C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{B16AAB12-FADC-4F35-BA9B-E8A71F6F8002}] => (Allow) C:\Users\Undertaker\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe

FirewallRules: [{3962AD47-42E6-48C5-A9F7-D79F3E94422A}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe

FirewallRules: [{5A133F43-F128-4CB3-8D04-B22A974CC9BF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{341B296C-CB62-4911-8DB5-778FF6107847}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{66347507-7ED5-48BB-AF6E-F5A80DBE3B01}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{2B9D989B-FC96-4CBA-8B2B-5629C8EBACD4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{698CA28B-DF46-4053-AEBA-EAA520076E0B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{6FE78FE6-2761-4A32-9691-63E29F53CCC6}] => (Allow) C:\Users\Undertaker\AppData\Local\Chromium\Application\chrome.exe

FirewallRules: [{B3618A9B-394A-4B06-95E6-09648077BCBF}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
 

==================== Faulty Device Manager Devices =============
 

Name: Teredo Tunneling Pseudo-Interface

Description: Microsoft-Teredo-Tunneling-Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (06/06/2015 07:59:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 10515
 

Error: (06/06/2015 07:59:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 10515
 

Error: (06/06/2015 07:59:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (06/06/2015 07:59:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 8752
 

Error: (06/06/2015 07:59:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 8752
 

Error: (06/06/2015 07:59:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (06/06/2015 07:59:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 7176
 

Error: (06/06/2015 07:59:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 7176
 

Error: (06/06/2015 07:59:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (06/06/2015 07:59:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 5585
 
 

System errors:

=============

Error: (06/06/2015 07:31:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "abengine" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
 

Error: (06/06/2015 07:23:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "abengine" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.
 

Error: (06/06/2015 04:28:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1275
 

Error: (06/06/2015 04:28:09 PM) (Source: Application Popup) (EventID: 1060) (User: )

Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\UNDERT~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
 

Error: (06/06/2015 04:28:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1275
 

Error: (06/06/2015 04:28:09 PM) (Source: Application Popup) (EventID: 1060) (User: )

Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\UNDERT~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
 

Error: (06/06/2015 04:28:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1275
 

Error: (06/06/2015 04:28:09 PM) (Source: Application Popup) (EventID: 1060) (User: )

Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\UNDERT~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
 

Error: (06/06/2015 04:28:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1275
 

Error: (06/06/2015 04:28:09 PM) (Source: Application Popup) (EventID: 1060) (User: )

Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\UNDERT~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
 
 

Microsoft Office:

=========================
 

==================== Memory info =========================== 
 

Processor: AMD E-450 APU with Radeon(tm) HD Graphics

Percentage of memory in use: 30%

Total physical RAM: 8171.93 MB

Available physical RAM: 5649.02 MB

Total Pagefile: 16342.03 MB

Available Pagefile: 11401.64 MB

Total Virtual: 8192 MB

Available Virtual: 8191.84 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:365 GB) (Free:122.29 GB) NTFS

Drive d: () (Fixed) (Total:544.44 GB) (Free:0 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (Size: 931.5 GB) (Disk ID: DBCA14F4)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=365 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=544.4 GB) - (Type=OF Extended)

Partition 4: (Not Active) - (Size=22 GB) - (Type=27)
 

==================== End of log ============================

Ich möchte mich jetzt schon für die Hilfe bedanken.

LG Ani73

Ani73

06.06.2015 20:28

2. LOG FRST

[CODE]Additional
FRST Logfile:

Code:

scan result of Farbar Recovery Scan Tool (x64) Version:06-06-2015

Ran by Undertaker at 2015-06-06 21:17:24

Running from C:\Users\Undertaker\Downloads

Boot Mode: Normal

==========================================================
 
 

==================== Accounts: =============================
 

Administrator (S-1-5-21-1335839233-2991384071-368375801-500 - Administrator - Disabled)

Gast (S-1-5-21-1335839233-2991384071-368375801-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-1335839233-2991384071-368375801-1005 - Limited - Enabled)

Shari (S-1-5-21-1335839233-2991384071-368375801-1001 - Limited - Enabled) => C:\Users\Shari

Undertaker (S-1-5-21-1335839233-2991384071-368375801-1000 - Administrator - Enabled) => C:\Users\Undertaker
 

==================== Security Center ========================
 

(If an entry is included in the fixlist, it will be removed.)
 

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installed Programs ======================
 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden

„Windows Live Messenger“ (x32 Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden

„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version:  - )

Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)

Advanced-System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~9338DF9D_is1) (Version: 2.1.1000.15680 - systweak.com) <==== ATTENTION

Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82 - WildTangent) Hidden

AnyProtect (HKLM-x32\...\AnyProtect) (Version: 1.0.0.4 - CMI Limited) <==== ATTENTION

Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)

ATI Catalyst Install Manager (HKLM\...\{2E26B067-B10A-683A-7E84-5813500EE3B0}) (Version: 3.0.820.0 - ATI Technologies, Inc.)

aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 2.9.1390 - DsNET Corp)

Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)

Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden

BatteryLifeExtender (HKLM-x32\...\{FFD0E594-823B-4E2B-B680-720B3C852588}) (Version: 1.0.11 - Samsung)

Battlefield Heroes (HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version:  - EA Digital illusions)

Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.55 - Broadcom Corporation)

BrowserApp3.7 (HKLM-x32\...\BrowserApp3.7) (Version: 1.36.01.22 - Browsr2App)

BrowserV04.06 (HKLM-x32\...\BrowserV04.06) (Version: 1.36.01.22 - BrowserV04.06)

Build-a-lot (x32 Version: 2.2.0.82 - WildTangent) Hidden

Camtasia Studio 8 (HKLM-x32\...\{8F6F7194-0734-4CDA-8C04-6B766F2241A6}) (Version: 8.0.4.1060 - TechSmith Corporation)

Cassiopesa (HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Chromium) (Version: 45.0.2422.0 - Chromium)

Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden

CinemaPlus-3.2cV05.06 (HKLM-x32\...\CinemaPlus-3.2cV05.06) (Version: 1.36.01.22 - Cinema PlusV05.06) <==== ATTENTION

Crossbrowse (HKLM-x32\...\Crossbrowse) (Version: 39.6.2171.95 - The Crossbrowse Authors) <==== ATTENTION!

CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)

CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.)

CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)

CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)

CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)

CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3509 - CyberLink Corp.)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Das gelobte Land (HKLM-x32\...\Das gelobte Land) (Version: 1.0.0.0 - INTENIUM GmbH)

DC Universe Online (HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\SOE-DC Universe Online) (Version: 1.0.3.183 - Sony Online Entertainment)

DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 1.0.0.46 - INTENIUM GmbH)

Die Siedler 7 (HKLM-x32\...\{63860309-DA8A-4BAE-9EAE-CE1D6D79340C}) (Version: 1.12.1396 - Ubisoft)

Die Siedler III Gold Edition (HKLM-x32\...\S3) (Version:  - )

Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden

DriverScanner (HKLM-x32\...\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1) (Version: 4.0.14.0 - Uniblue Systems Ltd)

Dropbox (HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)

DustApps version 1.7 (HKLM-x32\...\{CE9793E8-C305-45AA-AE10-52EE0ADDED4F}_is1) (Version: 1.7 - Microsoft)

Easy Content Share (HKLM-x32\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0 - Samsung Electronics Co., LTD)

Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.2 - Samsung Electronics Co., Ltd.)

Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.)

Easy Network Manager (HKLM-x32\...\{8732818E-CA78-4ACB-B077-22311BF4C0E4}) (Version: 4.4.7 - Samsung)

Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.1.1.1 - Samsung Electronics Co.,Ltd.)

EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung)

EasyFileShare (HKLM-x32\...\{16880765-677F-440B-B16A-BFD9B9C00012}) (Version: 1.0.12 - Samsung)

ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )

ETDWare PS/2-X64 8.0.7.2_WHQL (HKLM\...\Elantech) (Version: 8.0.7.2 - ELAN Microelectronic Corp.)

Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)

Farm Frenzy (x32 Version: 2.2.0.82 - WildTangent) Hidden

Fast Start (HKLM-x32\...\{77F45ECD-FAFC-45A8-8896-CFFB139DAAA3}) (Version: 2.2.0.1 - SAMSUNG)

Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)

Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

GamesDesktop 014.586 (HKLM-x32\...\gmsd_de_586_is1) (Version:  - GAMESDESKTOP) <==== ATTENTION

GamesDesktop 014.592 (HKLM-x32\...\gmsd_de_592_is1) (Version:  - GAMESDESKTOP) <==== ATTENTION

GoHD (HKLM-x32\...\GoHD) (Version: 1.36.01.22 - InstallMoon) <==== ATTENTION

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)

Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden

Iminent (HKLM-x32\...\IMBoosterARP) (Version: 7.48.4.1 - Iminent) <==== ATTENTION

IminentToolbar (HKLM-x32\...\IminentToolbar) (Version: 7.48.4.1 - Iminent) <==== ATTENTION

Infonaut 1.10.0.14 (HKLM-x32\...\Infonaut_1.10.0.14) (Version: 1.10.0.14 - Infonaut)

inminet (HKLM-x32\...\{e20d6e44-c692-4329-d495-57e2996fc3ed}) (Version: 1.0.0 - esties) <==== ATTENTION!

Insaniquarium Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden

inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)

Internet Speed Tracker Internet Explorer Toolbar (HKLM-x32\...\InternetSpeedTracker_9tbar Uninstall Internet Explorer) (Version:  - Mindspark Interactive Network) <==== ATTENTION

iScreeny (HKLM-x32\...\iScreeny) (Version: 1.0 - Altamirsoft LLC)

iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)

Java 7 Update 75 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217075FF}) (Version: 7.0.750 - Oracle)

John Deere Drive Green (x32 Version: 2.2.0.82 - WildTangent) Hidden

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.227 - LogMeIn, Inc.)

LogMeIn Hamachi (x32 Version: 2.2.0.227 - LogMeIn, Inc.) Hidden

MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{6C855B1C-FC55-4A00-9CCB-5ED6DB8770BF}) (Version: 7.0.2.6 - MAGIX AG)

MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden

MAGIX Video deluxe 2014 Plus (HKLM-x32\...\MX.{9E2FEB28-7407-4009-9DC4-203EF2EF6BB7}) (Version: 13.0.0.28 - MAGIX AG)

MAGIX Video deluxe 2014 Plus (Version: 13.0.0.28 - MAGIX AG) Hidden

Malwarebytes Anti-Malware Version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)

MediaPlayerVid2.4 (HKLM-x32\...\MediaPlayerVid2.4) (Version: 1.36.01.22 - NewPlayerVideo+) <==== ATTENTION

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)

Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Movie Color Enhancer (HKLM-x32\...\{7F6F62F0-7884-4CFB-B86C-597A4A6D9C4D}) (Version: 1.0 - Samsung Electronics Co., Ltd.)

MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)

Multimedia POP (HKLM-x32\...\{331ECF61-69AF-4F57-AC35-AFED610231C3}) (Version: 1.0 - )

MyFreeCodec (HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\MyFreeCodec) (Version:  - )

mystartsearch uninstall (HKLM-x32\...\mystartsearch uninstall) (Version:  - mystartsearch) <==== ATTENTION

NAVIGON Fresh 3.4.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.4.1 - NAVIGON)

Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)

Opera Stable 29.0.1795.60 (HKLM-x32\...\Opera 29.0.1795.60) (Version: 29.0.1795.60 - Opera Software ASA)

Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version: 3.3.1.7 - PCUtilities Software Limited) <==== ATTENTION

PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version:  - )

Peggle (x32 Version: 2.2.0.82 - WildTangent) Hidden

Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden

PhoneShare (HKLM-x32\...\{3F50512F-53DF-46B1-8CCB-6C7E638CADD6}) (Version: 9.1.4 - Samsung)

Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden

Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden

Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Project 64 version 2.2.0.3 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.2.0.3 - )

Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.40.126.2011 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6400 - Realtek Semiconductor Corp.)

RegClean-Pro (HKLM-x32\...\RegClean-Pro_is1) (Version: 6.21 - systweak.com) <==== ATTENTION

Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION

Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

Samsung AnyWeb Print (HKLM-x32\...\{318DBE01-1E6B-4243-84B0-210391FE789A}) (Version: 2.0.67.1 - Samsung Electronics Co., Ltd.)

Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.)

Samsung Kies (x32 Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.) Hidden

Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version:  - Samsung Electronics Co., Ltd.)

Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.0.10 - Samsung)

Samsung Support Center 1.0 (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.38 - Samsung)

Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.02.05.00:27 - Samsung Electronics Co., Ltd.)

Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.5.0 - Samsung Electronics Co., Ltd.)

Samsung Update Plus (HKLM-x32\...\{142D8CA7-2C6F-45A7-83E3-099AAFD99133}) (Version: 3.0.0.17 - Samsung Electronics Co., Ltd.)

SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)

Search Protect (HKLM-x32\...\SearchProtect) (Version: 2.23.31.14 - Client Connect LTD) <==== ATTENTION

Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)

Shop and Save Up (HKLM-x32\...\Shop and Save Up) (Version: 1.36.01.22 - InstallMonetizer)

Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)

Sm23mS (HKLM-x32\...\Sm23mS) (Version: 1.36.01.22 - smart-saverplus)

SmartWeb (HKLM-x32\...\SmartWeb) (Version: 8.0.9 - SoftBrain Technologies Ltd.) <==== ATTENTION

Software Version Updater (HKLM-x32\...\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}) (Version: 1.1.4.2 - ) <==== ATTENTION

Solars Abenteuer (HKLM-x32\...\Solars Abenteuer) (Version: 1.0.0.0 - INTENIUM GmbH)

SpeedUpMyPC (HKLM-x32\...\{E55B3271-7CA8-4D0C-AE06-69A24856E996}_is1) (Version: 6.0.9.2 - Uniblue Systems Limited) <==== ATTENTION

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

System NotifierV05.06 (HKLM-x32\...\System NotifierV05.06) (Version: 1.36.01.22 - System NotifierV05.06) <==== ATTENTION!

Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)

Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)

Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)

Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)

Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden

UpdaterService version 1.5 (HKLM-x32\...\{DC866C1E-B796-4BD2-93B8-B5706AC5B5CC}_is1) (Version: 1.5 - Updater Service) <==== ATTENTION

User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.7 - )

VidPlaya Version 1.0.1 (HKLM-x32\...\{6EB5DB54-4B19-4AC9-9AE3-8514709FFCBA}_is1) (Version: 1.0.1 - Playswell, Inc.) <==== ATTENTION

Wajam (HKLM-x32\...\WaInternetEnhancer) (Version: 2.32.2.15 (i2.6) - WaInternetEnhancer) <==== ATTENTION

WEB.DE Desktop Icons (HKLM-x32\...\1&1 Mail & Media GmbH 1und1DesktopIconsInstaller) (Version: 3.0.5.0 - 1&1 Mail & Media GmbH)

WEB.DE MailCheck für Internet Explorer (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar IE8) (Version: 2.6.3.1 - 1&1 Mail & Media GmbH)

WEB.DE Softwareaktualisierung (HKLM-x32\...\1&1 Mail & Media GmbH 1und1Softwareaktualisierung) (Version: 3.0.3.0 - 1&1 Mail & Media GmbH)

WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.1.5 - WildTangent)

WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-samsung) (Version: 4.0.11.14 - WildTangent)

WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames) (Version: 4.0.10.5 - WildTangent)

WindeskWinsearch 1.0 (HKLM-x32\...\WindeskWinsearch) (Version: 1.0 - PCSoftware)

Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)

Word Processor Text Wrap (HKLM-x32\...\wincheck) (Version: 1.0.0.0 - Word Processor Text Wrap) <==== ATTENTION

WordCaptureX Pro (HKLM-x32\...\{139C1D95-9037-3AB3-F5F4-4A79BF6831EC}) (Version: 4.0.0 - Deskperience)

Zombie Invasion (HKLM-x32\...\ZombieInvasion) (Version: 2.7.67 - Time Lapse Solutions) <==== ATTENTION

Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden

Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 

==================== Custom CLSID (Whitelisted): ==========================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\inminet\sencolny.dll No File <==== ATTENTION

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 

==================== Restore Points =========================
 

28-05-2015 15:13:02 Windows Update

29-05-2015 00:04:27 Windows Update

29-05-2015 15:00:43 Windows Update

31-05-2015 19:47:07 Windows Update

31-05-2015 21:38:06 Windows-Sicherung

01-06-2015 15:07:53 Windows Update

01-06-2015 23:21:59 Windows Update

02-06-2015 15:05:18 Windows Update

03-06-2015 00:09:38 Windows Update

03-06-2015 15:01:11 Windows Update

03-06-2015 23:13:41 Windows Update

04-06-2015 15:02:37 Windows Update

04-06-2015 23:58:02 Windows Update

05-06-2015 15:00:33 Windows Update

05-06-2015 23:36:42 Windows Update

06-06-2015 13:21:50 Uniblue SpeedUpMyPC installation

06-06-2015 13:22:08 Uniblue DriverScanner installation

06-06-2015 15:04:17 Windows Update
 

==================== Hosts content: ===============================
 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (Whitelisted) =============
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

Task: {0106FF68-678C-4DC1-9E86-428909CA00AB} - System32\Tasks\StartPoint Updater => C:\Program Files (x86)\StartPoint\startpoint\1.3.23.0\startup.exe

Task: {029E30BF-C130-40FB-A74A-0ED246A2EDFD} - System32\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-3 => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-3.exe <==== ATTENTION

Task: {03B46B81-D603-4C24-B55A-DB0712795E65} - System32\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-10_user => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-10.exe <==== ATTENTION

Task: {0524867D-A169-481C-9A0C-198C6518875D} - System32\Tasks\WifiManager => C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe [2011-01-04] (Samsung Electronics Co., Ltd.)

Task: {0734196F-E6B9-4177-AA24-D7FF71D63EEF} - System32\Tasks\6ed91930-41af-4297-8930-5e8db03633db-1-7 => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-1-7.exe <==== ATTENTION

Task: {078FFB22-9015-49A6-B981-89BC1A8126BA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)

Task: {08889E4D-7DB6-4FD3-AA3C-31AB1ECCD811} - System32\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-5_user => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-5.exe [2015-06-06] (Cinema PlusV05.06) <==== ATTENTION

Task: {0995AE17-7029-48B2-A3FF-C19164C69DB5} - System32\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-11 => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-11.exe <==== ATTENTION

Task: {0B24F555-A496-4416-A87D-2915A103E4A0} - System32\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-1-6 => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-1-6.exe [2015-06-06] (Cinema PlusV05.06) <==== ATTENTION

Task: {0BAA9BE4-9E38-44C2-A618-7F4ADEDA6DEC} - System32\Tasks\Advanced System~Protector => C:\Program Files (x86)\ASP\AspManager.exe [2015-05-25] ()

Task: {0F80DD36-32C6-459D-9D85-B556EC5B9523} - System32\Tasks\Registration 1und1 Task => C:\Program Files (x86)\1und1Softwareaktualisierung\cdsupdclient.exe [2015-01-12] (1&1 Mail & Media GmbH)

Task: {1045A109-2585-4D87-BE18-E96A7111F49F} - System32\Tasks\iren3006 => C:\PROGRA~2\HIGHLI~1\iren3006.exe <==== ATTENTION

Task: {1148457B-9F78-4282-9588-257D7BB254ED} - System32\Tasks\Tny_cassiopesa => C:\Users\Undertaker\AppData\Roaming\Tny_cassiopesa\UpdateProc\UpdateTask.exe [2015-06-06] () <==== ATTENTION

Task: {11AB16B9-224A-4B50-A8A2-0B0F05E26B70} - System32\Tasks\Advanced System~Protector_startup => C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe [2015-05-25] () <==== ATTENTION

Task: {11F49869-7344-4330-B099-A5E2975B523E} - System32\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-10_user => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-10.exe <==== ATTENTION

Task: {13338BA0-0B90-4DFB-A98F-A15036CF5ED3} - System32\Tasks\7bc2aaac-95f2-48a4-b572-c6e2311540f9-7 => C:\Program Files (x86)\Shop and Save Up\7bc2aaac-95f2-48a4-b572-c6e2311540f9-7.exe [2015-06-06] (InstallMonetizer) <==== ATTENTION

Task: {15E8F254-AEFD-4866-83EB-387C256209C9} - System32\Tasks\2Ovhr6lC1 => C:\Users\Undertaker\AppData\Roaming\2Ovhr6lC1.exe <==== ATTENTION

Task: {195CEDED-2B4D-4BD1-859F-F5C54FB45F90} - System32\Tasks\APSnotifierPP3 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-06-06] (AnyProtect.com) <==== ATTENTION

Task: {1C20B52F-0746-4CCA-9841-4BBF9C107340} - System32\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-7 => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-7.exe <==== ATTENTION

Task: {1FBEECA0-FE73-457A-A7B9-C74D1792A1B4} - System32\Tasks\gSyGSmIu0Kf3G => C:\Users\Undertaker\AppData\Roaming\gSyGSmIu0Kf3G.exe <==== ATTENTION

Task: {22AED057-8225-4325-9A00-C0F87F13580F} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-06-06] (AnyProtect.com) <==== ATTENTION

Task: {233A71C2-21F5-4CA9-BF71-C99289A62CA8} - System32\Tasks\6ed91930-41af-4297-8930-5e8db03633db-3 => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-3.exe <==== ATTENTION

Task: {25D1A4DA-9695-4EF7-B6E7-2CD9C9B89E71} - System32\Tasks\Crossbrowse => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION

Task: {288B17BB-063D-4C39-96D0-B19E15D17AC2} - System32\Tasks\6ed91930-41af-4297-8930-5e8db03633db-5 => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-5.exe <==== ATTENTION

Task: {2B7671F8-C360-4B3D-A932-FA79D5A4B8B7} - System32\Tasks\dsmonitor => C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe [2015-02-16] (Uniblue Systems Ltd)

Task: {2C16B50A-96AB-448B-AA14-133B045D4007} - System32\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-6 => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-6.exe <==== ATTENTION

Task: {312A5F15-77B7-4EAD-8125-161455D93614} - System32\Tasks\RegClean Pro_UPDATES => C:\Program Files (x86)\RCP\RegCleanPro.exe [2015-02-19] () <==== ATTENTION

Task: {3186155D-F876-4EC6-BB9C-A6A4D6002EEC} - System32\Tasks\7bc2aaac-95f2-48a4-b572-c6e2311540f9-1-6 => C:\Program Files (x86)\Shop and Save Up\7bc2aaac-95f2-48a4-b572-c6e2311540f9-1-6.exe [2015-06-06] (InstallMonetizer) <==== ATTENTION

Task: {343D0C95-AB99-4052-B3C1-BE765F63AB6C} - System32\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-6 => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-6.exe [2015-06-06] (InstallMoon) <==== ATTENTION

Task: {39BCE7A0-D484-495A-B44E-E60340DE59F1} - System32\Tasks\{97BF6DCC-9FA9-46AE-AB8A-6B23DCEE672D} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.2.59.106/de/abandoninstall?page=tsProgressBar

Task: {3B1F434D-E7AF-4570-9387-0047BC44BCE1} - System32\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-5 => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-5.exe <==== ATTENTION

Task: {3C7D0263-C7C8-41DA-A95A-181929376679} - System32\Tasks\4TKchDi => C:\Users\Undertaker\AppData\Roaming\4TKchDi.exe [2015-04-20] () <==== ATTENTION

Task: {3DEE5779-9B2C-4FFA-B9AF-31AB86CBBA58} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== ATTENTION

Task: {41282ACD-434E-4181-9AAC-D2117EACEA32} - System32\Tasks\6ed91930-41af-4297-8930-5e8db03633db-5_user => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-5.exe <==== ATTENTION

Task: {452D00C0-6296-4B5E-ACA3-5C0178D7089E} - System32\Tasks\7bc2aaac-95f2-48a4-b572-c6e2311540f9-5 => C:\Program Files (x86)\Shop and Save Up\7bc2aaac-95f2-48a4-b572-c6e2311540f9-5.exe [2015-06-06] (InstallMonetizer) <==== ATTENTION

Task: {47DF81C2-E6F9-4921-AAA0-AFD40E04E37B} - System32\Tasks\6ed91930-41af-4297-8930-5e8db03633db-11 => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-11.exe <==== ATTENTION

Task: {49A469C3-8563-4D89-AD28-D133B789308D} - System32\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-10_user => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-10.exe <==== ATTENTION

Task: {49BD6846-64BA-47B8-8F4B-7722319619DC} - System32\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-11 => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-11.exe [2015-06-06] (InstallMoon) <==== ATTENTION

Task: {4BBBFDEA-A4B6-4446-9011-E27435109445} - System32\Tasks\Nropnumipre => C:\ProgramData\Nropnumipre\1.0.1.0\altohria.exe

Task: {4BF86BE3-00BE-4407-B084-9FEE9707A22E} - System32\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-1-7 => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-1-7.exe [2015-06-06] (InstallMoon) <==== ATTENTION

Task: {4C561420-9855-4FE9-AD86-54D66B591061} - System32\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-5 => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-5.exe <==== ATTENTION

Task: {4E488278-C49F-4546-B593-D345A3C4CFF8} - System32\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-1-6 => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-1-6.exe <==== ATTENTION

Task: {4F235196-2FB6-4427-8CD7-E97414AF1BC6} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [2010-11-29] (Samsung Electronics Co., Ltd.)

Task: {52E744F0-7285-441B-9A1E-0DD90F184DA8} - System32\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-1-7 => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-1-7.exe <==== ATTENTION

Task: {53748062-8E77-43D4-B8E2-90174D405BF9} - System32\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-1-7 => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-1-7.exe <==== ATTENTION

Task: {5698F9C1-AB3B-43DC-B9DF-85285797AE4E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1335839233-2991384071-368375801-1000Core => C:\Users\Undertaker\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-25] (Facebook Inc.)

Task: {5916A456-E8AC-4C67-AA81-4087CCA81CBC} - System32\Tasks\d2df547c-f525-4d5b-9dfe-1dc20fbde0e5-10_user => C:\Program Files (x86)\System NotifierV05.06\d2df547c-f525-4d5b-9dfe-1dc20fbde0e5-10.exe <==== ATTENTION

Task: {5B23A2EB-32F1-4969-BBA0-7C130F2B082D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1335839233-2991384071-368375801-1000UA => C:\Users\Undertaker\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-25] (Facebook Inc.)

Task: {5C2A08F4-45A8-4038-A631-14C64CBD25CC} - System32\Tasks\{CFD54570-C1FD-4FD8-A2A8-5AC5940FC6A2} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.3.59.107/de/abandoninstall?page=tsProgressBar

Task: {5E2CE52F-4829-418E-9F0C-CF59E913C1F5} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-06-06] (globalUpdate) <==== ATTENTION

Task: {620895E4-E026-4C11-8E84-3641DB5A85EF} - System32\Tasks\DriverScanner => C:\Program Files (x86)\Uniblue\DriverScanner\driverscanner.exe [2015-02-16] (Uniblue Systems Ltd)

Task: {6681E283-1040-428E-A69C-D57A35C8396C} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2010-08-27] (Samsung Electronics)

Task: {6781603E-58F0-4C02-A068-E46ACA760AEC} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2010-11-10] (CyberLink)

Task: {69861C92-6C94-4313-BD31-4509DCBAE01F} - System32\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-1-7 => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-1-7.exe [2015-06-06] (Cinema PlusV05.06) <==== ATTENTION

Task: {6FB2EC90-A4F3-4283-819A-C1923291AC70} - System32\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-7 => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-7.exe <==== ATTENTION

Task: {6FD85206-4A1D-474A-9989-A89B63F1F304} - System32\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-11 => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-11.exe <==== ATTENTION

Task: {702C8509-0379-4DA2-AB52-66B5F1D28721} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-12225A02\EPM.exe

Task: {70AAB17E-917F-43F3-BE88-B278994DADFB} - System32\Tasks\QmNpb01D3S9 => C:\Users\Undertaker\AppData\Roaming\QmNpb01D3S9.exe <==== ATTENTION

Task: {721C5D0E-4987-4CB8-A981-E4303915D727} - System32\Tasks\StartPoint => C:\Program Files (x86)\StartPoint\startpoint\1.3.23.0\startpoint.exe

Task: {76064839-0993-4963-87E1-CEF7FD08EDDF} - System32\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-1-7 => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-1-7.exe <==== ATTENTION

Task: {76DC9DCF-086C-4A56-84EE-6B3B33B3E369} - System32\Tasks\avabvbyvyc => C:\Users\Undertaker\AppData\Local\avabvbyvyc\avabvbyvyc.exe <==== ATTENTION

Task: {78680EB8-1130-4834-8B75-909B77F2D96F} - System32\Tasks\qYVcguT => C:\Users\Undertaker\AppData\Roaming\qYVcguT.exe <==== ATTENTION

Task: {7B5BEBE6-D21B-4E0F-BB33-B76FFEDE9079} - System32\Tasks\d2df547c-f525-4d5b-9dfe-1dc20fbde0e5-5 => C:\Program Files (x86)\System NotifierV05.06\d2df547c-f525-4d5b-9dfe-1dc20fbde0e5-5.exe <==== ATTENTION

Task: {7E35FD72-4063-4DCB-9EEF-C541EDE9CEB8} - System32\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-3 => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-3.exe [2015-06-06] (Cinema PlusV05.06) <==== ATTENTION

Task: {7EA198A0-82AB-442B-B5E2-43D3187112EF} - System32\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-10_user => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-10.exe [2015-06-06] (InstallMoon) <==== ATTENTION

Task: {81A9A286-D7BD-4317-9A7A-416181BB60F6} - System32\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-6 => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-6.exe <==== ATTENTION

Task: {82C66057-B32C-448C-967C-5A0D0518D2DC} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-07-20] (SAMSUNG Electronics co., LTD.)

Task: {8495CCBF-7A64-430C-9C60-D79F26538DBA} - System32\Tasks\Optimizer Pro Schedule => C:\Program Files (x86)\Optimizer Pro 3.95\OptProLauncher.exe <==== ATTENTION

Task: {8981DE4E-34BB-4C2B-B517-7BEAAB6F224D} - System32\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-6 => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-6.exe <==== ATTENTION

Task: {89F58F8B-4B42-4A1D-A366-AA4839A8D471} - System32\Tasks\7bc2aaac-95f2-48a4-b572-c6e2311540f9-6 => C:\Program Files (x86)\Shop and Save Up\7bc2aaac-95f2-48a4-b572-c6e2311540f9-6.exe [2015-06-06] (InstallMonetizer) <==== ATTENTION

Task: {8A25F2A5-BF76-45D9-B7CA-839AA3469180} - System32\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-7 => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-7.exe <==== ATTENTION

Task: {8F1878C9-BF39-416F-86EA-C6615409388F} - System32\Tasks\ASP => C:\Program Files (x86)\RCP\systweakasp.exe [2015-02-19] (Systweak Inc                                                )

Task: {93318583-D4F0-4A2F-8203-2A3D7307DA32} - System32\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-11 => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-11.exe [2015-06-06] (Cinema PlusV05.06) <==== ATTENTION

Task: {943839E7-E0D1-4E44-9A4D-4D0D8FB30697} - System32\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-5 => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-5.exe [2015-06-06] (Cinema PlusV05.06) <==== ATTENTION

Task: {961ACA20-0E01-4988-98AC-14A6FCECFC92} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe [2010-12-23] (Samsung Electronics)

Task: {A07280E1-6B54-45F6-9862-FFF406179D93} - System32\Tasks\6ed91930-41af-4297-8930-5e8db03633db-1-6 => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-1-6.exe <==== ATTENTION

Task: {A6D3F105-B2D8-4F9C-96FA-D69C09B1FD50} - System32\Tasks\6ed91930-41af-4297-8930-5e8db03633db-7 => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-7.exe <==== ATTENTION

Task: {ACB3427D-F69F-4A6D-B32E-17AB41F8650A} - System32\Tasks\RegClean Pro => C:\Program Files (x86)\RCP\RegCleanPro.exe [2015-02-19] () <==== ATTENTION

Task: {AE32B64F-6B83-4609-B026-C0FFC6733526} - System32\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-1-6 => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-1-6.exe <==== ATTENTION

Task: {B44DE6E1-5102-4CEE-9451-9AF14E2434D1} - System32\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-5_user => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-5.exe <==== ATTENTION

Task: {B5BCBF7A-B8AD-4A89-AE97-E97F7403EF7E} - System32\Tasks\d2df547c-f525-4d5b-9dfe-1dc20fbde0e5-5_user => C:\Program Files (x86)\System NotifierV05.06\d2df547c-f525-4d5b-9dfe-1dc20fbde0e5-5.exe <==== ATTENTION

Task: {B849DBD8-E301-4A41-A5B4-59104FA39CC8} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2011-09-04] (SAMSUNG Electronics)

Task: {B8EE3797-176C-4DD7-8D5F-93A57E50CBAA} - System32\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-7 => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-7.exe [2015-06-06] (Cinema PlusV05.06) <==== ATTENTION

Task: {B9EC978F-E5F4-4913-8C14-555536BC0FED} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)

Task: {BABA9B97-7BE3-468C-A9A5-48890FF536AC} - System32\Tasks\{3675E0E0-9D70-4AFD-BB54-ED930B6B0AC7} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.1.0.129.272/de/abandoninstall?page=tsProgressBar

Task: {BB0886E8-CB1C-4752-BEC5-F59CD522229D} - System32\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-5 => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-5.exe <==== ATTENTION

Task: {BFE3F5FD-FF42-44D4-96A9-63B74E0C6185} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-12-23] (Samsung Electronics Co., Ltd.)

Task: {C2D950CC-4A30-492E-B8C2-DA3B63E7A8EF} - System32\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-1-6 => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-1-6.exe [2015-06-06] (InstallMoon) <==== ATTENTION

Task: {C32150CB-F573-4214-A86C-C7D6F15AB157} - System32\Tasks\RegClean Pro_DEFAULT => C:\Program Files (x86)\RCP\RegCleanPro.exe [2015-02-19] () <==== ATTENTION

Task: {C9A646E4-7858-4023-8BEE-FF47051572AB} - System32\Tasks\7bc2aaac-95f2-48a4-b572-c6e2311540f9-11 => C:\Program Files (x86)\Shop and Save Up\7bc2aaac-95f2-48a4-b572-c6e2311540f9-11.exe [2015-06-06] (InstallMonetizer) <==== ATTENTION

Task: {D40E18CC-F78C-4889-B1EC-FE1EEE779F6B} - System32\Tasks\Opera scheduled Autoupdate 1433586837 => C:\Program Files (x86)\Opera\launcher.exe [2015-05-18] (Opera Software)

Task: {D6C18B2E-F7D3-41CF-9121-0F9F08632AFF} - System32\Tasks\SmartRestarter => C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2010-08-05] (Samsung Electronics Co., Ltd.)

Task: {D7ADED28-34EC-47C7-8AC5-6C159904FB72} - System32\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-7 => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-7.exe [2015-06-06] (InstallMoon) <==== ATTENTION

Task: {D8FE4286-85E6-4453-A9DD-33E13E2B98C7} - System32\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-3 => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-3.exe [2015-06-06] (InstallMoon) <==== ATTENTION

Task: {D92842FC-252C-47C2-A83F-A1B670943B5B} - System32\Tasks\7bc2aaac-95f2-48a4-b572-c6e2311540f9-1-7 => C:\Program Files (x86)\Shop and Save Up\7bc2aaac-95f2-48a4-b572-c6e2311540f9-1-7.exe [2015-06-06] (InstallMonetizer) <==== ATTENTION

Task: {DA52604F-D62E-4A7B-972B-6E5A2AB1AD63} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2015-06-06] (AnyProtect.com) <==== ATTENTION

Task: {DC15ED03-753C-42A7-A9EA-0D22610D8965} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {DEE6CBD1-045A-46CB-97B6-C85EEC4331DF} - System32\Tasks\{3B277F02-A186-4B0D-ADE2-DB67C0D2B029} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.6.0.106/de/abandoninstall?page=tsPlugin

Task: {DF7F79B4-38B5-496B-9386-08743BA41921} - System32\Tasks\6ed91930-41af-4297-8930-5e8db03633db-6 => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-6.exe <==== ATTENTION

Task: {E28C6E1A-A2E7-4705-B9E7-203E113D75D6} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2010-11-17] (SEC)

Task: {EA29D57E-8D8E-4584-81A6-53C32CD1DF32} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-12-18] (Samsung Electronics. Co. Ltd.)

Task: {EB70DF30-9121-430B-9D03-5C31005E7B2E} - System32\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-5 => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-5.exe [2015-06-06] (InstallMoon) <==== ATTENTION

Task: {ED68CDCA-CCEC-4D4A-B673-36987F07B29A} - System32\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-6 => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-6.exe [2015-06-06] (Cinema PlusV05.06) <==== ATTENTION

Task: {EF391FA4-42EA-48C4-ABEA-74159AE528C2} - System32\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-5_user => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-5.exe [2015-06-06] (InstallMoon) <==== ATTENTION

Task: {F131EF3B-7615-4D31-9575-C8CF3EA5218A} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)

Task: {F37D8CB2-CE0E-4ED5-9C93-E048FA6E58B3} - System32\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-1-6 => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-1-6.exe <==== ATTENTION

Task: {F5C79C28-6A04-4153-B394-AD182EF85117} - System32\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-5_user => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-5.exe <==== ATTENTION

Task: {F755F6CE-34C2-49D6-917F-E46874E862B8} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe [2015-06-06] (globalUpdate) <==== ATTENTION

Task: {F8F1156F-876C-4908-AC4A-A4DD87E897F8} - System32\Tasks\7bc2aaac-95f2-48a4-b572-c6e2311540f9-5_user => C:\Program Files (x86)\Shop and Save Up\7bc2aaac-95f2-48a4-b572-c6e2311540f9-5.exe [2015-06-06] (InstallMonetizer) <==== ATTENTION

Task: {F9D0B92F-5E55-45D3-8E3A-DAC729E2FB66} - System32\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-11 => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-11.exe <==== ATTENTION

Task: {FDECA174-6AAC-4A94-BAB2-67687784C3CF} - System32\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-5_user => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-5.exe <==== ATTENTION

Task: {FE1E5E70-F0B6-467D-9500-5543FA8F02D6} - System32\Tasks\pPZCdWJiOzyjMMPjw => C:\Users\Undertaker\AppData\Roaming\pPZCdWJiOzyjMMPjw.exe <==== ATTENTION

Task: {FE3C5875-B082-4EB0-9EB7-411D14C6EC70} - System32\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-10_user => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-10.exe <==== ATTENTION

Task: C:\windows\Tasks\2Ovhr6lC1.job => C:\Users\Undertaker\AppData\Roaming\2Ovhr6lC1.exe <==== ATTENTION

Task: C:\windows\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-1-6.job => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-1-6.exe <==== ATTENTION

Task: C:\windows\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-1-7.job => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-1-7.exe <==== ATTENTION

Task: C:\windows\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-10_user.job => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-10.exe <==== ATTENTION

Task: C:\windows\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-11.job => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-11.exe <==== ATTENTION

Task: C:\windows\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-3.job => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-3.exe <==== ATTENTION

Task: C:\windows\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-5.job => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-5.exe <==== ATTENTION

Task: C:\windows\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-5_user.job => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-5.exe <==== ATTENTION

Task: C:\windows\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-6.job => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-6.exe <==== ATTENTION

Task: C:\windows\Tasks\45e94fd5-0719-45d5-a946-86d037bddd77-7.job => C:\Program Files (x86)\GoHD\45e94fd5-0719-45d5-a946-86d037bddd77-7.exe <==== ATTENTION

Task: C:\windows\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-1-6.job => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-1-6.exe <==== ATTENTION

Task: C:\windows\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-1-7.job => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-1-7.exe <==== ATTENTION

Task: C:\windows\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-10_user.job => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-10.exe <==== ATTENTION

Task: C:\windows\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-11.job => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-11.exe <==== ATTENTION

Task: C:\windows\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-3.job => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-3.exe <==== ATTENTION

Task: C:\windows\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-5.job => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-5.exe <==== ATTENTION

Task: C:\windows\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-5_user.job => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-5.exe <==== ATTENTION

Task: C:\windows\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-6.job => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-6.exe <==== ATTENTION

Task: C:\windows\Tasks\4acdf6a3-65a5-4183-a39b-7753275a47f4-7.job => C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-7.exe <==== ATTENTION

Task: C:\windows\Tasks\4TKchDi.job => C:\Users\Undertaker\AppData\Roaming\4TKchDi.exe <==== ATTENTION

Task: C:\windows\Tasks\6ed91930-41af-4297-8930-5e8db03633db-1-6.job => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-1-6.exe <==== ATTENTION

Task: C:\windows\Tasks\6ed91930-41af-4297-8930-5e8db03633db-1-7.job => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-1-7.exe <==== ATTENTION

Task: C:\windows\Tasks\6ed91930-41af-4297-8930-5e8db03633db-11.job => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-11.exe <==== ATTENTION

Task: C:\windows\Tasks\6ed91930-41af-4297-8930-5e8db03633db-3.job => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-3.exe <==== ATTENTION

Task: C:\windows\Tasks\6ed91930-41af-4297-8930-5e8db03633db-5.job => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-5.exe <==== ATTENTION

Task: C:\windows\Tasks\6ed91930-41af-4297-8930-5e8db03633db-5_user.job => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-5.exe <==== ATTENTION

Task: C:\windows\Tasks\6ed91930-41af-4297-8930-5e8db03633db-6.job => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-6.exe <==== ATTENTION

Task: C:\windows\Tasks\6ed91930-41af-4297-8930-5e8db03633db-7.job => C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-7.exe <==== ATTENTION

Task: C:\windows\Tasks\7bc2aaac-95f2-48a4-b572-c6e2311540f9-1-6.job => C:\Program Files (x86)\Shop and Save Up\7bc2aaac-95f2-48a4-b572-c6e2311540f9-1-6.exe <==== ATTENTION

Task: C:\windows\Tasks\7bc2aaac-95f2-48a4-b572-c6e2311540f9-1-7.job => C:\Program Files (x86)\Shop and Save Up\7bc2aaac-95f2-48a4-b572-c6e2311540f9-1-7.exe <==== ATTENTION

Task: C:\windows\Tasks\7bc2aaac-95f2-48a4-b572-c6e2311540f9-11.job => C:\Program Files (x86)\Shop and Save Up\7bc2aaac-95f2-48a4-b572-c6e2311540f9-11.exe <==== ATTENTION

Task: C:\windows\Tasks\7bc2aaac-95f2-48a4-b572-c6e2311540f9-5.job => C:\Program Files (x86)\Shop and Save Up\7bc2aaac-95f2-48a4-b572-c6e2311540f9-5.exe <==== ATTENTION

Task: C:\windows\Tasks\7bc2aaac-95f2-48a4-b572-c6e2311540f9-5_user.job => C:\Program Files (x86)\Shop and Save Up\7bc2aaac-95f2-48a4-b572-c6e2311540f9-5.exe <==== ATTENTION

Task: C:\windows\Tasks\7bc2aaac-95f2-48a4-b572-c6e2311540f9-6.job => C:\Program Files (x86)\Shop and Save Up\7bc2aaac-95f2-48a4-b572-c6e2311540f9-6.exe <==== ATTENTION

Task: C:\windows\Tasks\7bc2aaac-95f2-48a4-b572-c6e2311540f9-7.job => C:\Program Files (x86)\Shop and Save Up\7bc2aaac-95f2-48a4-b572-c6e2311540f9-7.exe <==== ATTENTION

Task: C:\windows\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-1-6.job => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-1-6.exe <==== ATTENTION

Task: C:\windows\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-1-7.job => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-1-7.exe <==== ATTENTION

Task: C:\windows\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-10_user.job => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-10.exe <==== ATTENTION

Task: C:\windows\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-11.job => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-11.exe <==== ATTENTION

Task: C:\windows\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-5.job => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-5.exe <==== ATTENTION

Task: C:\windows\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-5_user.job => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-5.exe <==== ATTENTION

Task: C:\windows\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-6.job => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-6.exe <==== ATTENTION

Task: C:\windows\Tasks\a0cbec6e-4f75-4f43-a882-1a9edf46b195-7.job => C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-7.exe <==== ATTENTION

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION

Task: C:\windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION

Task: C:\windows\Tasks\APSnotifierPP3.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION

Task: C:\windows\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-1-6.job => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-1-6.exe <==== ATTENTION

Task: C:\windows\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-1-7.job => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-1-7.exe <==== ATTENTION

Task: C:\windows\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-10_user.job => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-10.exe <==== ATTENTION

Task: C:\windows\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-11.job => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-11.exe <==== ATTENTION

Task: C:\windows\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-5.job => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-5.exe <==== ATTENTION

Task: C:\windows\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-5_user.job => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-5.exe <==== ATTENTION

Task: C:\windows\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-6.job => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-6.exe <==== ATTENTION

Task: C:\windows\Tasks\c9a5ce26-662c-40a2-9648-87facc485c97-7.job => C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-7.exe <==== ATTENTION

Task: C:\windows\Tasks\Crossbrowse.job => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe <==== ATTENTION

Task: C:\windows\Tasks\d2df547c-f525-4d5b-9dfe-1dc20fbde0e5-10_user.job => C:\Program Files (x86)\System NotifierV05.06\d2df547c-f525-4d5b-9dfe-1dc20fbde0e5-10.exe <==== ATTENTION

Task: C:\windows\Tasks\d2df547c-f525-4d5b-9dfe-1dc20fbde0e5-5.job => C:\Program Files (x86)\System NotifierV05.06\d2df547c-f525-4d5b-9dfe-1dc20fbde0e5-5.exe <==== ATTENTION

Task: C:\windows\Tasks\d2df547c-f525-4d5b-9dfe-1dc20fbde0e5-5_user.job => C:\Program Files (x86)\System NotifierV05.06\d2df547c-f525-4d5b-9dfe-1dc20fbde0e5-5.exe <==== ATTENTION

Task: C:\windows\Tasks\DriverScanner.job => C:\Program Files (x86)\Uniblue\DriverScanner\driverscanner.exe

Task: C:\windows\Tasks\dsmonitor.job => C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe

Task: C:\windows\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-1-6.job => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-1-6.exe <==== ATTENTION

Task: C:\windows\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-1-7.job => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-1-7.exe <==== ATTENTION

Task: C:\windows\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-10_user.job => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-10.exe <==== ATTENTION

Task: C:\windows\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-11.job => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-11.exe <==== ATTENTION

Task: C:\windows\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-3.job => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-3.exe <==== ATTENTION

Task: C:\windows\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-5.job => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-5.exe <==== ATTENTION

Task: C:\windows\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-5_user.job => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-5.exe <==== ATTENTION

Task: C:\windows\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-6.job => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-6.exe <==== ATTENTION

Task: C:\windows\Tasks\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-7.job => C:\Program Files (x86)\CinemaPlus-3.2cV05.06\e6376e01-7d48-4f3d-9408-3bdb1cdcb450-7.exe <==== ATTENTION

Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1335839233-2991384071-368375801-1000Core.job => C:\Users\Undertaker\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1335839233-2991384071-368375801-1000UA.job => C:\Users\Undertaker\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION

Task: C:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\globalupdate.exe <==== ATTENTION

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\windows\Tasks\gSyGSmIu0Kf3G.job => C:\Users\Undertaker\AppData\Roaming\gSyGSmIu0Kf3G.exe <==== ATTENTION

Task: C:\windows\Tasks\pPZCdWJiOzyjMMPjw.job => C:\Users\Undertaker\AppData\Roaming\pPZCdWJiOzyjMMPjw.exe <==== ATTENTION

Task: C:\windows\Tasks\QmNpb01D3S9.job => C:\Users\Undertaker\AppData\Roaming\QmNpb01D3S9.exe <==== ATTENTION

Task: C:\windows\Tasks\qYVcguT.job => C:\Users\Undertaker\AppData\Roaming\qYVcguT.exe <==== ATTENTION

Task: C:\windows\Tasks\RegClean Pro_DEFAULT.job => C:\Program Files (x86)\RCP\RegCleanPro.exe <==== ATTENTION

Task: C:\windows\Tasks\RegClean Pro_UPDATES.job => C:\Program Files (x86)\RCP\RegCleanPro.exe <==== ATTENTION

Task: C:\windows\Tasks\Tny_cassiopesa.job => C:\Users\UNDERT~1\AppData\Roaming\TNY_CA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
 

==================== Loaded Modules (Whitelisted) ==============
 

2011-10-20 00:34 - 2008-06-05 01:53 - 00027648 _____ () C:\windows\System32\spd__l.dll

2011-03-22 23:23 - 2011-03-22 23:23 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll

2013-03-11 18:10 - 2013-03-11 18:10 - 00075136 _____ () C:\windows\SysWOW64\PnkBstrA.exe

2013-03-11 18:11 - 2013-03-11 18:11 - 00189248 _____ () C:\windows\SysWOW64\PnkBstrB.exe

2011-10-19 10:15 - 2009-12-01 09:21 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

2011-03-22 23:23 - 2011-03-22 23:23 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll

2011-03-17 13:54 - 2011-03-17 13:54 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll

2011-03-22 23:14 - 2011-03-22 23:14 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

2011-10-20 00:34 - 2010-10-21 20:22 - 00709632 _____ () C:\windows\system32\SnMinDrv.dll

2015-05-28 15:53 - 2015-05-28 15:53 - 01073152 _____ () C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\InternetEnhancerService.exe

2015-05-28 15:53 - 2015-05-28 15:53 - 00288256 _____ () C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\InternetEnhancer.exe

2015-06-06 13:08 - 2015-06-06 13:08 - 00003072 _____ () C:\Users\Undertaker\AppData\Local\Temp\isdkAA7uaR9j\ISightHost.exe

2015-06-06 13:30 - 2015-06-06 13:30 - 00161280 _____ () C:\Users\Undertaker\AppData\Roaming\VOPackage\VOsrv.exe

2015-06-05 10:14 - 2015-06-05 10:14 - 00359936 _____ () C:\Users\Undertaker\AppData\Local\C2A6F1A8-1433597562-11E1-B08D-BFCB4EA96E5F\bnsg745.exe

2015-06-06 13:39 - 2015-06-06 13:39 - 00286655 _____ () C:\Users\Undertaker\AppData\Local\Temp\nsw1099.tmp

2015-06-06 13:51 - 2015-06-06 13:51 - 02901504 _____ () C:\Users\Undertaker\AppData\Local\Temp\nsdF15B.tmp

2015-06-06 13:48 - 2015-06-06 13:48 - 02231296 _____ () C:\Users\Undertaker\Downloads\AdwCleaner_4.206.exe

2015-06-06 12:33 - 2015-05-18 09:33 - 00479352 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\opera_crashreporter.exe

2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2011-10-19 10:29 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll

2015-06-06 11:16 - 2015-06-06 11:16 - 00043008 _____ () c:\Users\Undertaker\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmprpl7e2.dll

2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\libGLESv2.dll

2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\libEGL.dll

2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll

2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll

2011-10-19 10:32 - 2010-07-05 12:42 - 00203776 _____ () C:\Program Files (x86)\Samsung\Movie Color Enhancer\WinCRT.dll

2011-10-19 10:37 - 2010-05-07 16:22 - 01636864 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll

2009-11-02 07:20 - 2009-11-02 07:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll

2009-11-02 07:23 - 2009-11-02 07:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

2015-05-28 15:54 - 2015-05-28 15:54 - 00011776 _____ () C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\ApiHandlr.dll

2015-06-06 13:08 - 2015-03-04 11:31 - 00577536 _____ () C:\Users\Undertaker\AppData\Local\Temp\isdkAA7uaR9j\ISightSDK.DLL

2015-06-06 14:54 - 2015-06-06 14:54 - 00131072 _____ () C:\Users\Undertaker\AppData\Local\iScreeny\nfapi.dll

2015-06-06 14:54 - 2015-06-06 14:54 - 00325632 _____ () C:\Users\Undertaker\AppData\Local\iScreeny\ProtocolFilters.dll

2015-06-06 12:33 - 2015-05-18 09:33 - 01576568 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\libglesv2.dll

2015-06-06 12:33 - 2015-05-18 09:33 - 00081016 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\libegl.dll

2015-06-06 13:11 - 2015-05-12 13:01 - 01070592 _____ () C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\libglesv2.dll

2015-06-06 13:11 - 2015-05-12 13:01 - 00204800 _____ () C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\39.6.2171.95\libegl.dll
 

==================== Alternate Data Streams (Whitelisted) =========
 

(If an entry is included in the fixlist, only the ADS will be removed.)
 
 

==================== Safe Mode (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\abengine => ""="service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 

==================== EXE Association (Whitelisted) ===============
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 

==================== Internet Explorer trusted/restricted ===============
 

(If an entry is included in the fixlist, it will be removed from the registry.)
 

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com

IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com

IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com

IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
 
 

==================== Other Areas ============================
 

(Currently there is no automatic fix for this section.)
 

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 192.168.2.1
 

==================== MSCONFIG/TASK MANAGER disabled items ==
 

(Currently there is no automatic fix for this section.)
 

MSCONFIG\startupfolder: C:^Users^Undertaker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk => C:\windows\pss\Facebook Messenger.lnk.Startup

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
 

==================== FirewallRules (Whitelisted) ===============
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

FirewallRules: [{69BDB9F9-4084-4D44-A408-5D5FE40CF854}] => (Allow) C:\Windows\System32\SUPDSvc.exe

FirewallRules: [{FE959C3C-AD73-4AEC-9D6C-0382232E663B}] => (Allow) C:\Windows\System32\SUPDSvc.exe

FirewallRules: [{FC7980E9-4F80-4F36-9466-37B9A18652E6}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe

FirewallRules: [{9AC24AFC-1BF5-4550-A687-2B03E4D5F7EB}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe

FirewallRules: [{AF3C80FD-369B-4DE2-ABCA-934544A40985}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe

FirewallRules: [{B3244C98-C00B-437F-8C3F-A653AAE803C0}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe

FirewallRules: [{D926F69B-70A3-42FD-A82C-C21EA696C819}] => (Allow) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10.exe

FirewallRules: [{36998318-A317-4EE4-8BB0-ED2245DB0DAF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE

FirewallRules: [{0160FD72-79D0-4FE8-B6DB-3181E6E3CBE0}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{8C945DD0-F9BF-4C19-B632-B18CE8FFF439}] => (Allow) LPort=2869

FirewallRules: [{E90973CD-FEBC-4B40-A35A-418E0E6164EE}] => (Allow) LPort=1900

FirewallRules: [{11BE53A1-B067-414F-962B-688BDAEA90FC}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

FirewallRules: [{2351B83C-CD9C-4C31-997C-3E4FC795B431}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe

FirewallRules: [{953D920C-56D5-4106-927D-F29E2AABE47D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{3ED98E91-4DF3-4C25-AAE7-84551A641822}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe

FirewallRules: [{A067DEAC-2786-4A1D-8FED-55786BF80DF5}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe

FirewallRules: [{0E1F33F9-FFFC-4EA9-957C-55413CEDBD7D}] => (Allow) C:\Program Files (x86)\Ubisoft\Die Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe

FirewallRules: [{192BCA4F-2430-4ECC-A96A-E46E6EB05CA9}] => (Allow) C:\Program Files (x86)\Ubisoft\Die Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe

FirewallRules: [TCP Query User{B70B6E17-CD33-46E6-A570-EAF636D3C294}C:\program files\java\jre7\bin\java.exe] => (Block) C:\program files\java\jre7\bin\java.exe

FirewallRules: [UDP Query User{45DF2DF0-3B0B-4D43-AFF8-40DE415CDA28}C:\program files\java\jre7\bin\java.exe] => (Block) C:\program files\java\jre7\bin\java.exe

FirewallRules: [{94D83E91-1604-48D8-9EC3-0FDC56418E56}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe

FirewallRules: [{3C994419-F358-45CF-AFDF-46C91CD67A81}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe

FirewallRules: [{ECF686B6-6C0C-4FCC-A4FD-2B0F477EC990}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe

FirewallRules: [{24A2554D-2084-4082-8512-CDA23EED4381}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe

FirewallRules: [TCP Query User{081C2F5B-D6F6-44A4-8176-97E60F4B16D2}C:\users\undertaker\documents\ch@rly's slender ordner\bfheroes.exe] => (Block) C:\users\undertaker\documents\ch@rly's slender ordner\bfheroes.exe

FirewallRules: [UDP Query User{26556202-FEED-4F64-B211-BC94565F68D8}C:\users\undertaker\documents\ch@rly's slender ordner\bfheroes.exe] => (Block) C:\users\undertaker\documents\ch@rly's slender ordner\bfheroes.exe

FirewallRules: [TCP Query User{97900300-DF4D-4EBD-8C1E-AF5E53DFE6B7}C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => (Block) C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe

FirewallRules: [UDP Query User{9F4AE699-B9A0-4A6B-A4A9-B80E9090B895}C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => (Block) C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe

FirewallRules: [{CDD94AB4-D039-499F-AFC9-3E86919EC8BE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{D16186FC-E02D-4A6C-9B52-3A35A4B31C41}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{D35450C6-F433-4A2F-90C5-D5CF46954119}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{8382DF1B-EDAD-4EC1-9026-379B3BCEEF61}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [TCP Query User{8318945D-F0E7-4D0C-BCBC-5CC9346F6BCA}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe

FirewallRules: [UDP Query User{3214A147-E3B8-4F85-99A7-7EDC6841C740}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe

FirewallRules: [TCP Query User{01C1D2AA-8E50-485A-8888-11A54A13AFFC}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe

FirewallRules: [UDP Query User{7D43924B-1C4A-4BB4-9911-8E88B9DEE30D}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe

FirewallRules: [TCP Query User{1F45F5AF-987F-48C5-A065-57E5F524D51F}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe

FirewallRules: [UDP Query User{B435329B-9824-4597-803D-58D26AB856EC}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe

FirewallRules: [{592AF29C-2507-4B9A-BCA4-C4419F86862F}] => (Allow) C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{07624F6D-D913-46F9-B23E-CD69AE0D4B17}] => (Allow) C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{9BD9D9E4-CD8C-4E9A-8D4D-214823E32EF8}] => (Allow) C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{851329BD-31B5-4EFC-BEBD-AF10F18B69B5}] => (Allow) C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{B16AAB12-FADC-4F35-BA9B-E8A71F6F8002}] => (Allow) C:\Users\Undertaker\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe

FirewallRules: [{3962AD47-42E6-48C5-A9F7-D79F3E94422A}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe

FirewallRules: [{5A133F43-F128-4CB3-8D04-B22A974CC9BF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{341B296C-CB62-4911-8DB5-778FF6107847}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{66347507-7ED5-48BB-AF6E-F5A80DBE3B01}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{2B9D989B-FC96-4CBA-8B2B-5629C8EBACD4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{698CA28B-DF46-4053-AEBA-EAA520076E0B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{6FE78FE6-2761-4A32-9691-63E29F53CCC6}] => (Allow) C:\Users\Undertaker\AppData\Local\Chromium\Application\chrome.exe

FirewallRules: [{B3618A9B-394A-4B06-95E6-09648077BCBF}] => (Allow) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe
 

==================== Faulty Device Manager Devices =============
 

Name: Teredo Tunneling Pseudo-Interface

Description: Microsoft-Teredo-Tunneling-Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (06/06/2015 07:59:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 10515
 

Error: (06/06/2015 07:59:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 10515
 

Error: (06/06/2015 07:59:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (06/06/2015 07:59:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 8752
 

Error: (06/06/2015 07:59:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 8752
 

Error: (06/06/2015 07:59:23 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (06/06/2015 07:59:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 7176
 

Error: (06/06/2015 07:59:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 7176
 

Error: (06/06/2015 07:59:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (06/06/2015 07:59:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 5585
 
 

System errors:

=============

Error: (06/06/2015 07:31:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "abengine" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.
 

Error: (06/06/2015 07:23:49 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "abengine" wurde unerwartet beendet. Dies ist bereits 2 Mal passiert.
 

Error: (06/06/2015 04:28:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1275
 

Error: (06/06/2015 04:28:09 PM) (Source: Application Popup) (EventID: 1060) (User: )

Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\UNDERT~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
 

Error: (06/06/2015 04:28:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1275
 

Error: (06/06/2015 04:28:09 PM) (Source: Application Popup) (EventID: 1060) (User: )

Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\UNDERT~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
 

Error: (06/06/2015 04:28:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1275
 

Error: (06/06/2015 04:28:09 PM) (Source: Application Popup) (EventID: 1060) (User: )

Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\UNDERT~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
 

Error: (06/06/2015 04:28:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1275
 

Error: (06/06/2015 04:28:09 PM) (Source: Application Popup) (EventID: 1060) (User: )

Description: Aufgrund der Inkompatibilität mit diesem System wurde \??\C:\Users\UNDERT~1\AppData\Local\Temp\ehdrv.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
 
 

Microsoft Office:

=========================
 

==================== Memory info =========================== 
 

Processor: AMD E-450 APU with Radeon(tm) HD Graphics

Percentage of memory in use: 30%

Total physical RAM: 8171.93 MB

Available physical RAM: 5649.02 MB

Total Pagefile: 16342.03 MB

Available Pagefile: 11401.64 MB

Total Virtual: 8192 MB

Available Virtual: 8191.84 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:365 GB) (Free:122.29 GB) NTFS

Drive d: () (Fixed) (Total:544.44 GB) (Free:0 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (Size: 931.5 GB) (Disk ID: DBCA14F4)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=365 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=544.4 GB) - (Type=OF Extended)

Partition 4: (Not Active) - (Size=22 GB) - (Type=27)
 

==================== End of log ============================

--- --- ---

deeprybka

07.06.2015 07:36

:hallo:

Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...:abklatsch:

Bitte arbeite alle Schritte der Reihe nach ab.
Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
Bitte kein Crossposting (posten in mehreren Foren).
Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
Poste die Logfiles direkt in Deinen Thread in Code-Tags.
Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean :daumenhoc bekommst.

Los geht's:

Es fehlt noch die FRST.txt. :)

Schritt 1

http://filepony.de/icon/frst.png http://deeprybka.trojaner-board.de/b...t/frstscan.png

Bitte starte FRST erneut, und drücke auf Scan.
Bitte poste mir den Inhalt des Logs.

Ani73

07.06.2015 18:35

Hallo Jürgen

hier die Logs

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:06-06-2015

Ran by Undertaker (administrator) on UNDERTAKER-PC on 07-06-2015 19:20:25

Running from C:\Users\Undertaker\Downloads

Loaded Profiles: Undertaker &  (Available Profiles: Undertaker & Shari)

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11 (Default browser path: "C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe" -- "%1")

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(AMD) C:\Windows\System32\atiesrxx.exe

(Abengine) C:\Program Files (x86)\HighlightSearches\abengine.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

() C:\Windows\meud.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

() C:\Windows\SysWOW64\PnkBstrB.exe

() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe

(VIS without Co) C:\Windows\Provider\UpdaterToolService.exe

() C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\InternetEnhancerService.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe

(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE

(AMD) C:\Windows\System32\atieclxx.exe

() C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\InternetEnhancer.exe

(Uniblue Systems Ltd) C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe

(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

(Avira Operations GmbH & Co. KG) C:\Windows\Temp\AVSETUP_5572cb47\setup.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe

(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe

(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(Crossbrowse) C:\Program Fi5C...\Run: [iScreeny - Web] => C:\Users\Undertaker\AppData\Local\iScreeny\iWebScreeny.exe [417280 2015-06-06] (iScreeny)

HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [384800 2012-10-16] (Avira Operations GmbH & Co. KG)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Run: [Facebook Update] => C:\Users\Undertaker\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-05-25] (Facebook Inc.)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1565504 2015-01-14] (Samsung)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2015-01-14] (Samsung)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Run: [GoogleChromeAutoLaunch_D07E2B4414D521FD3623DB225D033A32] => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe [637440 2015-05-12] (Crossbrowse)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Run: [GoogleChromeAutoLaunch_DF202E42DFEEF9CE7A049D628287467C] => C:\Users\Undertaker\AppData\Local\Chromium\Application\chrome.exe [659456 2015-06-03] (The Chromium Authors)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Facebook Update] => C:\Users\Undertaker\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-05-25] (Facebook Inc.)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1565504 2015-01-14] (Samsung)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup

HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2015-01-14] (Samsung)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_D07E2B4414D521FD3623DB225D033A32] => C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe [637440 2015-05-12] (Crossbrowse)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GoogleChromeAutoLaunch_DF202E42DFEEF9CE7A049D628287467C] => C:\Users\Undertaker\AppData\Local\Chromium\Application\chrome.exe [659456 2015-06-03] (The Chromium Authors)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)

HKU\S-1-5-21-1335839233-2991384071-368375801-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-1335839233-2991384071-368375801-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

AppInit_DLLs-x32: c:\progra~3\{b37b5~1\1172~1.1\nisi.dll => "c:\progra~3\{b37b5~1\1172~1.1\nisi.dll" File not found

AppInit_DLLs-x32:  _c:\progra~2\search~1\search~1\bin\vc32lo~1.dll => "c:\progra~2\search~1\search~1\bin\vc32lo~1.dll" File not found

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-02-01]

ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)

Startup: C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\crossbrowse.lnk [2015-06-06]

ShortcutTarget: crossbrowse.lnk -> C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe (Crossbrowse)

Startup: C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-07-25]

ShortcutTarget: Dropbox.lnk -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled

ProxyServer: [.DEFAULT] => http=127.0.0.1:51515;https=127.0.0.1:51515

ProxyEnable: [S-1-5-21-1335839233-2991384071-368375801-1000] => Internet Explorer proxy is enabled

ProxyServer: [S-1-5-21-1335839233-2991384071-368375801-1000] => http=127.0.0.1:51515;https=127.0.0.1:51515

ProxyEnable: [S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] => Internet Explorer proxy is enabled

ProxyServer: [S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0] => http=127.0.0.1:51515;https=127.0.0.1:51515

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1433623309&z=9cb5b4d6a9d30b8017c7acdg3zfc8c3q9oac1c8c5o&from=bpr&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478

HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1433623309&z=9cb5b4d6a9d30b8017c7acdg3zfc8c3q9oac1c8c5o&from=bpr&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478

HKU\S-1-5-21-1335839233-2991384071-368375801-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/

SearchScopes: HKLM -> {9143e921-7c9a-4d27-ac43-eaccc78cc55a} URL = 

SearchScopes: HKLM-x32 -> {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^AYY^xdm070^LADEDE^de&si=flvrunner&ptb=A8732476-2165-48AD-A854-9CEC44E6378B&ind=2015041904&n=781b1970&psa=&st=sb&searchfor={searchTerms}

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&ts=1433586767&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&ts=1433586767&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000 -> {0EB8452D-5CC8-4EC9-A8EB-2C88D21E35F4} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&ts=1433586767&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000 -> {1A508217-8DC1-40F6-9D15-8A0EC64BF6A2} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&ts=1433586767&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000 -> {1EC8755B-73D5-4C21-ADD0-099B6E4567B6} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&ts=1433586767&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&ts=1433586767&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000 -> {3405027F-FAE2-47B2-B32D-28FF111D0DB6} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&ts=1433586767&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000 -> {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&ts=1433586767&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&ts=1433586767&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000 -> {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&ts=1433586767&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000 -> {8060BA75-525E-4046-B850-748E8FD0310F} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&ts=1433586767&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000 -> {9143e921-7c9a-4d27-ac43-eaccc78cc55a} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&ts=1433586767&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000 -> {9D1BC582-268A-4954-B09A-E237CF70CDD5} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&ts=1433586767&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000 -> {A94AC31E-7810-432A-A47B-9C437A2B1847} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&ts=1433586767&type=default&q={searchTles (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe

(Dropbox, Inc.) C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Crossbrowse) C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\crossbrowse.exe

(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(1und1 Mail und Media GmbH) C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe

(IScreeny) C:\Users\Undertaker\AppData\Local\iScreeny\iScreeny.exe

(iScreeny) C:\Users\Undertaker\AppData\Local\iScreeny\iWebScreeny.exe

(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe

(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avconfig.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe

() C:\Program Files (x86)\Opera\29.0.1795.60\opera_crashreporter.exe

(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11895400 2011-06-25] (Realtek Semiconductor)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2588968 2010-11-13] (ELAN Microelectronics Corp.)

HKLM\...\Run: [Windesk Winsearch] => C:\Program Files (x86)\WindeskWinsearch\Windesk Winsearch.exe [1061256 2015-04-08] (Windesk Winsearch)

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\qttask.exe [421888 2012-11-18] (Apple Inc.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-22] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-01-14] (Samsung Electronics Co., Ltd.)

HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)

HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)

HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [MailCheck IE Broker] => C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe [2190912 2015-05-06] (1und1 Mail und Media GmbH)

HKLM-x32\...\Run: [WinCheck] => C:\Users\Undertaker\AppData\Local\C2A6F1A8-1433597562-11E1-B08D-BFCB4EA96E5F\bnsg745.exe [359936 2015-06-05] ()

HKLM-x32\...\Run: [iScreeny] => C:\Users\Undertaker\AppData\Local\iScreeny\iScreeny.exe [1353728 2015-04-23] (IScreeny)

HKLM-x32%erms}

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&ts=1433586767&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&ts=1433586767&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&ts=1433586767&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {0EB8452D-5CC8-4EC9-A8EB-2C88D21E35F4} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&ts=1433586767&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {1A508217-8DC1-40F6-9D15-8A0EC64BF6A2} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&ts=1433586767&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {1EC8755B-73D5-4C21-ADD0-099B6E4567B6} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&ts=1433586767&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&ts=1433586767&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {3405027F-FAE2-47B2-B32D-28FF111D0DB6} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&ts=1433586767&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&ts=1433586767&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&ts=1433586767&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {75b4241f-171e-44a3-bf44-23613b6e3e03} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&ts=1433586767&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {8060BA75-525E-4046-B850-748E8FD0310F} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&ts=1433586767&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {9143e921-7c9a-4d27-ac43-eaccc78cc55a} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&ts=1433586767&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {9D1BC582-268A-4954-B09A-E237CF70CDD5} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&ts=1433586767&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {A94AC31E-7810-432A-A47B-9C437A2B1847} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&ts=1433586767&type=default&q={searchTerms}

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.mystartsearch.com/web/?utm_source=b&utm_medium=cor&utm_campaign=install_ie&utm_content=ds&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&ts=1433586767&type=default&q={searchTerms}

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)

BHO: WEB.DE MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2015-05-06] (1und1 Mail und Media GmbH)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-02-01] (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)

BHO-x32: Samsung BHO Class -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll [2010-10-25] ()

BHO-x32: WEB.DE MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2015-05-06] (1und1 Mail und Media GmbH)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-02-01] (Oracle Corporation)

Toolbar: HKLM - WEB.DE MailCheck - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2015-05-06] (1und1 Mail und Media GmbH)

Toolbar: HKLM-x32 - WEB.DE MailCheck - {C424171E-592A-415a-9EB1-DFD6D95D3530} - C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2015-05-06] (1und1 Mail und Media GmbH)

Toolbar: HKU\S-1-5-21-1335839233-2991384071-368375801-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> WEB.DE MailCheck - {C424171E-592A-415A-9EB1-DFD6D95D3530} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2015-05-06] (1und1 Mail und Media GmbH)

Toolbar: HKU\S-1-5-21-1335839233-2991384071-368375801-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File

DPF: HKLM {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

DPF: HKLM {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_x64_5.0.199.0.cab

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2015-05-06] (1und1 Mail und Media GmbH)

Handler-x32: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2015-05-06] (1und1 Mail und Media GmbH)

Winsock: Catalog9 01 C:\windows\SysWOW64\abengine.dll [341952 2015-06-06] (Abengine)

Winsock: Catalog9 02 C:\windows\SysWOW64\abengine.dll [341952 2015-06-06] (Abengine)

Winsock: Catalog9 03 C:\windows\SysWOW64\abengine.dll [341952 2015-06-06] (Abengine)

Winsock: Catalog9 04 C:\windows\SysWOW64\abengine.dll [341952 2015-06-06] (Abengine)

Winsock: Catalog9 16 C:\windows\SysWOW64\abengine.dll [341952 2015-06-06] (Abengine)

Winsock: Catalog9-x64 01 C:\windows\system32\abengine64.dll [409168 2015-06-06] (Abengine)

Winsock: Catalog9-x64 02 C:\windows\system32\abengine64.dll [409168 2015-06-06] (Abengine)

Winsock: Catalog9-x64 03 C:\windows\system32\abengine64.dll [409168 2015-06-06] (Abengine)

Winsock: Catalog9-x64 04 C:\windows\system32\abengine64.dll [409168 2015-06-06] (Abengine)

Winsock: Catalog9-x64 16 C:\windows\system32\abengine64.dll [409168 2015-06-06] (Abengine)

StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 

FireFox:

========

FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\windows\system32\npDeployJava1.dll [2012-11-05] (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)

FF Plugin-x32: @java.com/DTPlugin,version=10.75.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-02-01] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.75.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-02-01] (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)

FF Plugin-x32: @popularscreensavers.com/Plugin -> C:\Program Files (x86)\PopularScreensavers\NPp5Stub.dll No File

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\6\NP_wtapp.dll [2015-04-27] ()

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-1335839233-2991384071-368375801-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Undertaker\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

FF Plugin HKU\S-1-5-21-1335839233-2991384071-368375801-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-10-01] ()

FF Plugin HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Undertaker\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

FF Plugin HKU\S-1-5-21-1335839233-2991384071-368375801-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-10-01] ()
 

Chrome: 

=======

CHR Profile: C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Slides) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-14]

CHR Extension: (Google Docs) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-14]

CHR Extension: (Google Drive) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-14]

CHR Extension: (Shopping Assistant) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf [2015-06-06]

CHR Extension: (YouTube) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-14]

CHR Extension: (Google Search) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-14]

CHR Extension: (Google Sheets) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-14]

CHR Extension: (GoHD) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk [2015-06-06]

CHR Extension: (Avira Browser Safety) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-05-14]

CHR Extension: (Bookmark Manager) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-14]

CHR Extension: (BrowserV04.06) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn [2015-06-06]

CHR Extension: (MediaPlayerVid2.4) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecgbfoconhopjngaaijjgffhokohlac [2015-06-06]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-14]

CHR Extension: (Word CaptureX Extension) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjdepfkicdcciagbigfcmdhknnoaaegf [2015-05-14]

CHR Extension: (Google Wallet) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-15]

CHR Extension: (Iminent NewTab) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn [2015-06-06]

CHR Extension: (CinemaPlus-3.2cV05.06) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp [2015-06-06]

CHR Extension: (Gmail) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-14]

CHR HKLM-x32\...\Chrome\Extension: [adpeheiliennogfclcgmchdfdmafjegc] - https://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

CHR HKLM-x32\...\Chrome\Extension: [mjdepfkicdcciagbigfcmdhknnoaaegf] - C:\Program Files (x86)\Deskperience\Word Capture\wcxChrome.crx [2010-07-23]

CHR HKLM-x32\...\Chrome\Extension: [nociobghckdhokecfeajdpimjeapnopn] - https://clients2.google.com/service/update2/crx

StartMenuInternet: Google Chrome - chrome.exe
 

Opera: 

=======

OPR Extension: (Shop and Save Up) - C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\ablgnpngfaaficpckehadaljnjgjkhbi [2015-06-06]

OPR Extension: (GoHD) - C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk [2015-06-06]

OPR Extension: (BrowserV04.06) - C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\idhkmcfanijhphphomamdkaejjadkhgn [2015-06-06]

OPR Extension: (MediaPlayerVid2.4) - C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\jecgbfoconhopjngaaijjgffhokohlac [2015-06-06]

OPR Extension: (BrowserApp3.7) - C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\mdcoemfeknnmifgkfoncjfoohdljddmp [2015-06-06]

OPR Extension: (CinemaPlus-3.2cV05.06) - C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\papbadoldddalgcjcicnikcfenodpghp [2015-06-06]
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 abengine; C:\Program Files (x86)\HighlightSearches\abengine.exe [2329600 2015-04-22] (Abengine) [File not signed]

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-03-22] (Advanced Micro Devices, Inc.) [File not signed]

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84256 2012-10-16] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108320 2012-10-16] (Avira Operations GmbH & Co. KG)

R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)

R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]

S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]

R2 meud; c:\windows\meud.exe [408576 2015-06-06] () [File not signed]

R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)

R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [75136 2013-03-11] ()

R2 PnkBstrB; C:\windows\SysWOW64\PnkBstrB.exe [189248 2013-03-11] ()

R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [File not signed]

R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)

R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)

R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)

R2 UpdateDustTool; C:\windows\Provider\UpdaterToolService.exe [111616 2015-04-22] (VIS without Co) [File not signed]

R2 WaInternetEnhancer Service; C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\InternetEnhancerService.exe [1073152 2015-05-28] () [File not signed]

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2013-07-28] ()

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [99248 2012-09-13] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [129216 2012-10-04] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27800 2012-09-24] (Avira Operations GmbH & Co. KG)

R1 innfd_1_10_0_14; C:\Windows\System32\drivers\innfd_1_10_0_14.sys [58224 2015-04-10] (Infonaut)

R1 iScreeny; C:\windows\iScreeny.sys [50840 2015-03-11] (Windows (R) Win 7 DDK provider)

R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2013-07-28] ()

R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [136408 2015-06-06] (Malwarebytes Corporation)

R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)

S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-01-16] (Windows (R) 2003 DDK 3790 provider)

S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]

S3 RkHit; \??\C:\windows\system32\drivers\RKHit.sys [X]

S3 taphss6; system32\DRIVERS\taphss6.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 

==================== One Month Created files and folders ========
 

(If an entry is included in the fixlist, the file/folder will be moved.)
 

2015-06-06 23:04 - 2015-06-06 23:04 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\Avira

2015-06-06 22:58 - 2015-06-06 22:58 - 00001954 _____ C:\Users\Public\Desktop\Avira Control Center.lnk

2015-06-06 22:57 - 2012-10-04 12:07 - 00129216 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys

2015-06-06 22:57 - 2012-09-24 09:58 - 00027800 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys

2015-06-06 22:57 - 2012-09-13 15:52 - 00099248 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys

2015-06-06 22:53 - 2015-06-06 22:53 - 00000000 ____D C:\ProgramData\Uniblue

2015-06-06 22:29 - 2015-06-06 22:29 - 00001216 _____ C:\Users\Undertaker\Desktop\mbam.txt

2015-06-06 21:36 - 2015-06-06 23:28 - 00001062 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2015-06-06 21:32 - 2015-06-06 21:34 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Undertaker\Downloads\mbam-setup-2.1.6.1022.exe

2015-06-06 21:26 - 2015-06-06 23:44 - 00000000 ____D C:\ProgramData\Browser

2015-06-06 21:17 - 2015-06-06 21:21 - 00080778 _____ C:\Users\Undertaker\Downloads\Addition.txt

2015-06-06 21:12 - 2015-06-07 19:20 - 00043322 _____ C:\Users\Undertaker\Downloads\FRST.txt

2015-06-06 21:11 - 2015-06-06 21:11 - 02108928 _____ (Farbar) C:\Users\Undertaker\Downloads\FRST64.exe

2015-06-06 19:23 - 2015-06-06 19:23 - 00613255 _____ (CMI Limited) C:\Users\Undertaker\AppData\Local\nsl9347.tmp

2015-06-06 19:23 - 2015-06-06 19:23 - 00000000 ____D C:\ZombieInvasion

2015-06-06 19:22 - 2015-06-06 19:29 - 00000000 ____D C:\AdwCleaner

2015-06-06 19:22 - 2015-06-06 19:22 - 00000000 ____D C:\Program Files (x86)\ff658703-be67-4a41-9d60-d22f009b2b9b

2015-06-06 19:20 - 2015-06-06 19:20 - 00000000 ____D C:\Program Files (x86)\72c3b23c-ddd7-454a-8372-e7ae40829114

2015-06-06 19:19 - 2015-06-06 22:41 - 00000000 ____D C:\ProgramData\Systweak

2015-06-06 19:19 - 2015-06-06 19:19 - 00003704 _____ C:\windows\System32\Tasks\Advanced System~Protector

2015-06-06 19:19 - 2015-06-06 19:19 - 00003076 _____ C:\windows\System32\Tasks\Advanced System~Protector_startup

2015-06-06 19:19 - 2015-06-06 19:19 - 00001001 _____ C:\Users\Public\Desktop\Advanced System~Protector.lnk

2015-06-06 19:19 - 2015-06-06 19:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System~Protector

2015-06-06 19:19 - 2015-05-25 11:48 - 00023336 _____ C:\windows\system32\sasnative64.exe

2015-06-06 19:18 - 2015-06-06 22:41 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\systweak

2015-06-06 19:18 - 2015-06-06 19:18 - 00001068 _____ C:\Users\Public\Desktop\WindeskWinsearch.lnk

2015-06-06 19:18 - 2015-06-06 19:18 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Windesk_Winsearch

2015-06-06 19:18 - 2015-02-19 13:09 - 00020248 _____ () C:\windows\system32\roboot64.exe

2015-06-06 19:17 - 2015-06-06 19:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WindeskWinsearch

2015-06-06 19:17 - 2015-06-06 19:18 - 00000000 ____D C:\Program Files (x86)\WindeskWinsearch

2015-06-06 19:17 - 2015-06-06 19:17 - 00000000 ____D C:\Program Files (x86)\Edu App

2015-06-06 15:00 - 2015-06-06 22:44 - 00000376 _____ C:\windows\Tasks\APSnotifierPP3.job

2015-06-06 15:00 - 2015-06-06 22:44 - 00000376 _____ C:\windows\Tasks\APSnotifierPP2.job

2015-06-06 15:00 - 2015-06-06 21:09 - 00000378 _____ C:\windows\Tasks\APSnotifierPP1.job

2015-06-06 15:00 - 2015-06-06 19:27 - 00002838 _____ C:\windows\System32\Tasks\APSnotifierPP1

2015-06-06 15:00 - 2015-06-06 19:27 - 00002836 _____ C:\windows\System32\Tasks\APSnotifierPP3

2015-06-06 15:00 - 2015-06-06 19:27 - 00002836 _____ C:\windows\System32\Tasks\APSnotifierPP2

2015-06-06 15:00 - 2015-06-06 19:27 - 00001005 _____ C:\Users\Undertaker\Desktop\AnyProtect.lnk

2015-06-06 15:00 - 2015-06-06 15:00 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup

2015-06-06 14:57 - 2015-06-07 19:10 - 00001006 _____ C:\windows\Tasks\4TKchDi.job

2015-06-06 14:57 - 2015-06-06 14:57 - 00004052 _____ C:\windows\System32\Tasks\4TKchDi

2015-06-06 14:56 - 2015-06-06 22:39 - 00000000 ____D C:\Program Files (x86)\4722a9bf-525a-4c06-897e-ac1e3bd46d28

2015-06-06 14:56 - 2015-06-06 15:00 - 00000000 ____D C:\Program Files (x86)\AnyProtectEx

2015-06-06 14:56 - 2015-06-06 14:56 - 00000000 __SHD C:\Users\Undertaker\AppData\Roaming\AnyProtectEx

2015-06-06 14:56 - 2015-06-06 14:55 - 00628688 _____ (CMI Limited) C:\Users\Undertaker\AppData\Local\nsxCD58.tmp

2015-06-06 14:53 - 2015-06-06 14:54 - 00000000 ____D C:\Users\Undertaker\AppData\Local\iScreeny

2015-06-06 13:50 - 2015-06-06 23:54 - 00173056 _____ C:\windows\Provider.dll

2015-06-06 13:50 - 2015-06-06 23:54 - 00000000 ____D C:\windows\Provider32

2015-06-06 13:50 - 2015-06-06 22:06 - 00173056 _____ C:\windows\Provider20150606235357.dll

2015-06-06 13:50 - 2015-06-06 19:55 - 00173056 _____ C:\windows\Provider20150606220627.dll

2015-06-06 13:50 - 2015-06-06 18:06 - 00173056 _____ C:\windows\Provider20150606195541.dll

2015-06-06 13:50 - 2015-06-06 16:53 - 00173056 _____ C:\windows\Provider20150606180602.dll

2015-06-06 13:50 - 2015-06-06 16:16 - 00000000 ____D C:\Users\Undertaker\AppData\Local\SmartWeb

2015-06-06 13:50 - 2015-06-06 16:15 - 00000000 ____D C:\Users\Undertaker\AppData\Local\7721

2015-06-06 13:50 - 2015-06-06 15:52 - 00173056 _____ C:\windows\Provider20150606165333.dll

2015-06-06 13:50 - 2015-06-06 14:51 - 00173056 _____ C:\windows\Provider20150606155257.dll

2015-06-06 13:50 - 2015-06-06 13:50 - 00718497 _____ C:\windows\unins000.exe

2015-06-06 13:50 - 2015-06-06 13:50 - 00010273 _____ C:\windows\unins000.dat

2015-06-06 13:50 - 2015-06-06 13:50 - 00000000 ____D C:\windows\Provider

2015-06-06 13:50 - 2015-06-06 13:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UpdaterService

2015-06-06 13:50 - 2015-06-06 13:50 - 00000000 ____D C:\Program Files (x86)\UpdaterService

2015-06-06 13:50 - 2015-06-06 13:50 - 00000000 ____D C:\Program Files (x86)\Bin

2015-06-06 13:50 - 2015-06-02 18:30 - 00173056 _____ C:\windows\Provider20150606145136.dll

2015-06-06 13:50 - 2015-06-02 18:30 - 00101888 _____ C:\windows\Installer.exe

2015-06-06 13:48 - 2015-06-06 13:48 - 02231296 _____ C:\Users\Undertaker\Downloads\AdwCleaner_4.206.exe

2015-06-06 13:47 - 2015-06-06 13:49 - 00000000 ____D C:\Program Files (x86)\Infonaut_1.10.0.14

2015-06-06 13:42 - 2015-06-06 13:42 - 02870984 _____ (ESET) C:\Users\Undertaker\Downloads\esetsmartinstaller_deu.exe

2015-06-06 13:32 - 2015-06-06 13:33 - 00000000 ____D C:\Users\Undertaker\AppData\Local\C2A6F1A8-1433597562-11E1-B08D-BFCB4EA96E5F

2015-06-06 13:32 - 2015-06-06 13:32 - 00000000 ____D C:\Users\Undertaker\SupTab

2015-06-06 13:31 - 2015-06-06 13:31 - 00000000 ____D C:\ProgramData\4b45dc7c00003306

2015-06-06 13:29 - 2015-06-06 13:29 - 00003284 _____ C:\windows\System32\Tasks\Optimizer Pro Schedule

2015-06-06 13:29 - 2015-06-06 13:29 - 00000000 ____D C:\Users\Undertaker\Documents\Optimizer Pro

2015-06-06 13:29 - 2015-06-06 13:29 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\Optimizer Pro

2015-06-06 13:28 - 2015-06-06 16:13 - 00000000 ____D C:\Program Files (x86)\Optimizer Pro 3.95

2015-06-06 13:28 - 2015-06-06 13:28 - 00003100 _____ C:\windows\System32\Tasks\iren3006

2015-06-06 13:28 - 2015-06-06 13:28 - 00001059 _____ C:\Users\Undertaker\Desktop\Optimizer Pro.lnk

2015-06-06 13:28 - 2015-06-06 13:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2

2015-06-06 13:27 - 2015-06-06 16:15 - 00000000 ____D C:\ProgramData\{274f2602-ce97-2b59-274f-f2602ce9980b}

2015-06-06 13:27 - 2015-04-22 16:51 - 00409168 _____ (Abengine) C:\windows\system32\abengine64.dll

2015-06-06 13:27 - 2015-04-22 16:51 - 00341952 _____ (Abengine) C:\windows\SysWOW64\abengine.dll

2015-06-06 13:26 - 2015-06-06 13:26 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Chromium

2015-06-06 13:25 - 2015-06-06 13:25 - 00003464 _____ C:\windows\System32\Tasks\Nropnumipre

2015-06-06 13:25 - 2015-06-06 13:25 - 00000000 ____D C:\ProgramData\Nropnumipre

2015-06-06 13:23 - 2015-06-07 19:23 - 00000308 _____ C:\windows\Tasks\Tny_cassiopesa.job

2015-06-06 13:23 - 2015-06-06 13:24 - 00003268 _____ C:\windows\System32\Tasks\Tny_cassiopesa

2015-06-06 13:22 - 2015-06-06 22:57 - 00000290 _____ C:\windows\Tasks\DriverScanner.job

2015-06-06 13:22 - 2015-06-06 22:53 - 00000350 _____ C:\windows\Tasks\dsmonitor.job

2015-06-06 13:22 - 2015-06-06 13:22 - 00002542 _____ C:\windows\System32\Tasks\DriverScanner

2015-06-06 13:22 - 2015-06-06 13:22 - 00002534 _____ C:\windows\System32\Tasks\dsmonitor

2015-06-06 13:22 - 2015-06-06 13:22 - 00001149 _____ C:\Users\Public\Desktop\DriverScanner.lnk

2015-06-06 13:22 - 2015-06-06 13:22 - 00001125 _____ C:\Users\Public\Desktop\SpeedUpMyPC.lnk

2015-06-06 13:22 - 2015-06-06 13:22 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\Uniblue

2015-06-06 13:22 - 2015-06-06 13:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue

2015-06-06 13:22 - 2015-06-06 13:22 - 00000000 ____D C:\Program Files (x86)\Uniblue

2015-06-06 13:21 - 2015-06-07 19:09 - 00001014 _____ C:\windows\Tasks\QmNpb01D3S9.job

2015-06-06 13:21 - 2015-06-06 13:21 - 00004060 _____ C:\windows\System32\Tasks\QmNpb01D3S9

2015-06-06 13:21 - 2015-06-06 13:21 - 00004002 _____ C:\windows\System32\Tasks\LaunchPreSignup

2015-06-06 13:20 - 2015-06-07 19:09 - 00001006 _____ C:\windows\Tasks\qYVcguT.job

2015-06-06 13:20 - 2015-06-06 22:43 - 00000000 ____D C:\ProgramData\GrcToTxHhyb

2015-06-06 13:20 - 2015-06-06 16:08 - 00000000 ____D C:\Program Files (x86)\bcd6e4c4-84bf-4654-934b-210101b6db64

2015-06-06 13:20 - 2015-06-06 13:26 - 00000000 ___HD C:\ProgramData\eud

2015-06-06 13:20 - 2015-06-06 13:20 - 00004052 _____ C:\windows\System32\Tasks\qYVcguT

2015-06-06 13:19 - 2015-06-06 23:13 - 00001018 _____ C:\windows\Tasks\gSyGSmIu0Kf3G.job

2015-06-06 13:19 - 2015-06-06 22:44 - 00000000 ____D C:\Program Files (x86)\MediaPlayerVid2.4

2015-06-06 13:19 - 2015-06-06 16:07 - 00000000 ____D C:\Program Files (x86)\66eb7326-d26b-4ed7-8b75-f11540f0061d

2015-06-06 13:19 - 2015-06-06 13:19 - 00004064 _____ C:\windows\System32\Tasks\gSyGSmIu0Kf3G

2015-06-06 13:18 - 2015-06-06 22:19 - 00000004 _____ C:\windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7

2015-06-06 13:17 - 2015-06-06 16:15 - 00000000 ____D C:\ProgramData\{a7e20bb6-0b0d-9564-a7e2-20bb60b02ed8}

2015-06-06 13:16 - 2015-06-06 13:16 - 00631296 _____ C:\windows\eud.dat

2015-06-06 13:16 - 2015-06-06 13:16 - 00408576 _____ C:\windows\meud.exe

2015-06-06 13:13 - 2015-06-07 19:09 - 00001010 _____ C:\windows\Tasks\2Ovhr6lC1.job

2015-06-06 13:13 - 2015-06-06 13:13 - 00004056 _____ C:\windows\System32\Tasks\2Ovhr6lC1

2015-06-06 13:12 - 2015-06-06 22:44 - 00000000 ____D C:\Program Files (x86)\BrowserV04.06

2015-06-06 13:12 - 2015-06-06 16:07 - 00000000 ____D C:\Program Files (x86)\850b14a9-df9b-49e0-86a9-17f782850ec2

2015-06-06 13:11 - 2015-06-07 19:09 - 00001066 _____ C:\windows\Tasks\Crossbrowse.job

2015-06-06 13:11 - 2015-06-07 00:02 - 00001026 _____ C:\windows\Tasks\pPZCdWJiOzyjMMPjw.job

2015-06-06 13:11 - 2015-06-06 14:55 - 00004112 _____ C:\windows\System32\Tasks\Crossbrowse

2015-06-06 13:11 - 2015-06-06 14:55 - 00002346 _____ C:\Users\Public\Desktop\Crossbrowse.lnk

2015-06-06 13:11 - 2015-06-06 14:55 - 00002223 _____ C:\Users\Public\Desktop\YouTube.lnk

2015-06-06 13:11 - 2015-06-06 13:11 - 00004072 _____ C:\windows\System32\Tasks\pPZCdWJiOzyjMMPjw

2015-06-06 13:11 - 2015-06-06 13:11 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Crossbrowse

2015-06-06 13:11 - 2015-06-06 13:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Crossbrowse

2015-06-06 13:10 - 2015-06-06 22:44 - 00000000 ____D C:\Program Files (x86)\BrowserApp3.7

2015-06-06 13:10 - 2015-06-06 22:41 - 00000000 ____D C:\Program Files (x86)\globalUpdate

2015-06-06 13:10 - 2015-06-06 16:07 - 00000000 ____D C:\Program Files (x86)\588c3280-483f-4ff6-b4ca-8a53e94287ce

2015-06-06 13:10 - 2015-06-06 13:10 - 00000000 ____D C:\Users\Undertaker\AppData\Local\globalUpdate

2015-06-06 13:10 - 2015-06-06 13:10 - 00000000 ____D C:\Program Files (x86)\Crossbrowse

2015-06-06 13:08 - 2015-06-06 22:44 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\inminet

2015-06-06 13:06 - 2015-06-06 13:20 - 00000684 _____ C:\Users\Undertaker\Downloads\project64                         .website

2015-06-06 13:06 - 2015-06-06 13:20 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Deployment

2015-06-06 13:06 - 2015-06-06 13:06 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Apps\2.0

2015-06-06 12:53 - 2015-06-06 12:53 - 00001285 _____ C:\Users\Undertaker\Desktop\setup_Project64_2.2.exe - Verknüpfung.lnk

2015-06-06 12:48 - 2015-06-06 12:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer

2015-06-06 12:48 - 2015-06-06 12:48 - 00000000 ____D C:\Program Files (x86)\WaInternetEnhancer

2015-06-06 12:48 - 2015-06-06 12:48 - 00000000 ____D C:\Program Files (x86)\StartPoint

2015-06-06 12:45 - 2015-06-06 12:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.2

2015-06-06 12:45 - 2015-06-06 12:53 - 00000000 ____D C:\Program Files (x86)\Project64 2.2

2015-06-06 12:39 - 2015-06-06 12:39 - 12699289 _____ C:\Users\Undertaker\Downloads\Mario Kart 64 (E).zip

2015-06-06 12:35 - 2015-06-06 12:35 - 08388608 _____ C:\Users\Undertaker\Downloads\Super Mario 64 (D, F, E) (1).v64

2015-06-06 12:34 - 2015-06-06 12:46 - 00001089 _____ C:\Users\Public\Desktop\Opera.lnk

2015-06-06 12:34 - 2015-06-06 12:34 - 00003862 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1433586837

2015-06-06 12:34 - 2015-06-06 12:34 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\Opera Software

2015-06-06 12:34 - 2015-06-06 12:34 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Opera Software

2015-06-06 12:34 - 2015-06-06 12:33 - 00001095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk

2015-06-06 12:33 - 2015-06-06 22:59 - 00000000 ____D C:\Program Files (x86)\Opera

2015-06-06 12:33 - 2015-06-06 12:33 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Pirates

2015-06-06 12:33 - 2015-06-06 12:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip

2015-06-06 12:33 - 2015-06-06 12:33 - 00000000 ____D C:\Program Files (x86)\7-Zip

2015-06-06 12:32 - 2015-06-06 16:12 - 00000000 ____D C:\Program Files (x86)\MiuiTab

2015-06-06 12:32 - 2015-06-06 12:31 - 01200163 _____ C:\Users\Undertaker\Downloads\7zip.exe

2015-06-06 12:21 - 2015-06-06 12:46 - 00001311 _____ C:\Users\Public\Desktop\NAVIGON Fresh.lnk

2015-06-06 12:21 - 2015-06-06 12:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NAVIGON

2015-06-06 12:21 - 2015-06-06 12:21 - 00000000 ____D C:\ProgramData\boost_interprocess

2015-06-05 22:10 - 2015-06-05 22:11 - 01089752 _____ (Unity Technologies ApS) C:\Users\Undertaker\Downloads\UnityWebPlayer (1).exe

2015-06-04 14:56 - 2015-06-04 14:56 - 00983949 _____ C:\Users\Undertaker\Downloads\Super Mario Allstars (E).zip

2015-06-04 14:35 - 2015-06-04 14:36 - 06347644 _____ C:\Users\Undertaker\Downloads\Super Mario 64 (D, F, E) (1).zip

2015-06-04 12:44 - 2015-06-04 12:45 - 06347644 _____ C:\Users\Undertaker\Downloads\Super Mario 64 (D, F, E).zip

2015-06-04 12:39 - 2015-01-30 06:22 - 00000073 ____R C:\Users\Undertaker\Downloads\PokeMMO.sh

2015-06-02 22:00 - 2015-06-04 12:42 - 13171110 _____ C:\Users\Undertaker\Desktop\PokeMMO-Client (2).zip

2015-05-17 16:12 - 2015-05-17 16:12 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Sonic7

2015-05-15 09:45 - 2015-05-15 09:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WEB.DE MailCheck

2015-05-15 09:45 - 2015-05-15 09:45 - 00000000 ____D C:\Program Files\WEB.DE MailCheck

2015-05-15 09:45 - 2015-05-15 09:45 - 00000000 ____D C:\Program Files (x86)\WEB.DE MailCheck

2015-05-14 20:59 - 2015-05-14 20:59 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Steam

2015-05-14 20:50 - 2015-06-06 22:54 - 00000000 ____D C:\Program Files (x86)\Steam

2015-05-14 20:50 - 2015-05-14 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

2015-05-14 20:47 - 2015-05-14 20:47 - 01142128 _____ C:\Users\Undertaker\Downloads\SteamSetup.exe

2015-05-14 19:49 - 2015-05-14 19:49 - 00000000 ____D C:\ProgramData\UUdb

2015-05-14 09:38 - 2015-06-06 13:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
 

==================== One Month Modified files and folders ========
 

(If an entry is included in the fixlist, the file/folder will be moved.)
 

2015-06-07 19:20 - 2014-01-02 17:54 - 00000000 ____D C:\FRST

2015-06-07 19:10 - 2013-04-20 10:22 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-06-07 19:10 - 2012-12-04 14:05 - 00000948 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1335839233-2991384071-368375801-1000UA.job

2015-06-07 19:09 - 2015-04-14 19:11 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job

2015-06-07 19:09 - 2012-11-05 13:32 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\Skype

2015-06-07 00:08 - 2011-10-20 01:52 - 01579169 _____ C:\windows\WindowsUpdate.log

2015-06-06 23:28 - 2014-05-22 19:43 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys

2015-06-06 23:28 - 2014-05-22 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-06-06 23:28 - 2014-05-22 19:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-06-06 23:09 - 2009-07-14 06:45 - 00028624 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-06-06 23:09 - 2009-07-14 06:45 - 00028624 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-06-06 22:58 - 2014-04-11 20:58 - 00000000 ____D C:\Users\Undertaker\AppData\Local\LogMeIn Hamachi

2015-06-06 22:58 - 2012-10-30 16:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

2015-06-06 22:56 - 2014-07-25 18:13 - 00000000 ___RD C:\Users\Undertaker\Dropbox

2015-06-06 22:56 - 2014-07-25 18:11 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\Dropbox

2015-06-06 22:56 - 2012-10-30 16:18 - 00000000 ____D C:\Program Files (x86)\Avira

2015-06-06 22:53 - 2013-04-20 10:22 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-06-06 22:52 - 2013-04-06 00:59 - 00080029 _____ C:\windows\setupact.log

2015-06-06 22:52 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT

2015-06-06 22:44 - 2013-04-06 00:52 - 00807436 _____ C:\windows\PFRO.log

2015-06-06 22:43 - 2012-12-06 16:46 - 00000000 ____D C:\windows\Minidump

2015-06-06 16:28 - 2012-12-04 14:05 - 00000926 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1335839233-2991384071-368375801-1000Core.job

2015-06-06 15:02 - 2013-03-28 23:41 - 00000000 ____D C:\Users\Undertaker\AppData\Local\CrashDumps

2015-06-06 13:32 - 2012-10-30 15:16 - 00000000 ____D C:\Users\Undertaker

2015-06-06 13:28 - 2015-04-17 20:10 - 00000002 _____ C:\END

2015-06-06 13:28 - 2014-05-22 17:16 - 00000306 __RSH C:\ProgramData\ntuser.pol

2015-06-06 13:26 - 2015-01-17 10:51 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Unity

2015-06-06 13:09 - 2009-07-14 05:20 - 00000000 ___HD C:\windows\system32\GroupPolicy

2015-06-06 12:46 - 2015-04-17 20:10 - 00002568 _____ C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online.lnk

2015-06-06 12:46 - 2015-02-01 15:26 - 00001761 _____ C:\Users\Public\Desktop\iTunes.lnk

2015-06-06 12:46 - 2015-01-28 20:02 - 00001242 _____ C:\Users\Undertaker\Desktop\Revo Uninstaller.lnk

2015-06-06 12:46 - 2014-08-14 23:40 - 00001415 _____ C:\Users\Shari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2015-06-06 12:46 - 2014-05-19 11:26 - 00002190 _____ C:\Users\Public\Desktop\Google Earth.lnk

2015-06-06 12:46 - 2013-08-12 21:43 - 00002096 _____ C:\Users\Public\Desktop\Video Search.lnk

2015-06-06 12:46 - 2012-11-24 13:01 - 00001426 _____ C:\Users\Undertaker\Desktop\Registry kostenlos entrümpeln!.lnk

2015-06-06 12:46 - 2012-11-04 12:00 - 00001768 _____ C:\Users\Public\Desktop\Browserwahl.lnk

2015-06-06 11:18 - 2012-11-06 14:44 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\.minecraft

2015-05-24 18:06 - 2011-10-20 01:00 - 00700134 _____ C:\windows\system32\perfh007.dat

2015-05-24 18:06 - 2011-10-20 01:00 - 00149984 _____ C:\windows\system32\perfc007.dat

2015-05-24 18:06 - 2009-07-14 07:13 - 01622236 _____ C:\windows\system32\PerfStringBackup.INI

2015-05-22 20:33 - 2015-02-18 15:50 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\vlc

2015-05-17 15:47 - 2013-04-20 10:22 - 00004106 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA

2015-05-17 15:47 - 2013-04-20 10:22 - 00003854 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore

2015-05-16 13:54 - 2012-10-30 16:02 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\Adobe

2015-05-15 20:08 - 2013-03-14 21:43 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2015-05-15 20:08 - 2013-03-14 21:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2015-05-15 15:41 - 2012-11-08 16:36 - 01649854 _____ C:\windows\SysWOW64\PerfStringBackup.INI

2015-05-15 15:41 - 2012-11-08 16:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client

2015-05-15 15:40 - 2014-07-10 17:17 - 00000000 ____D C:\ProgramData\Microsoft Help

2015-05-15 15:40 - 2013-07-31 20:03 - 00000000 ____D C:\windows\system32\MRT

2015-05-15 15:12 - 2012-11-08 16:16 - 140425016 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

2015-05-15 15:06 - 2013-03-14 21:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2015-05-14 19:49 - 2013-05-10 12:24 - 00003892 _____ C:\windows\System32\Tasks\Registration 1und1 Task

2015-05-14 19:49 - 2013-05-10 12:24 - 00000000 ____D C:\Program Files (x86)\1und1Softwareaktualisierung

2015-05-14 09:38 - 2013-04-20 10:22 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Google

2015-05-14 09:38 - 2013-04-20 10:22 - 00000000 ____D C:\Program Files (x86)\Google

2015-05-13 16:36 - 2014-07-25 18:12 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
 

==================== Files in the root of some directories =======
 

2013-12-14 17:59 - 2013-12-14 17:59 - 49940480 _____ () C:\Program Files (x86)\GUT205F.tmp

2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Undertaker\AppData\Roaming\2Ovhr6lC1

2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Undertaker\AppData\Roaming\4TKchDi

2015-04-20 16:05 - 2015-04-20 16:05 - 1579520 _____ () C:\Users\Undertaker\AppData\Roaming\4TKchDi.exe

2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Undertaker\AppData\Roaming\gSyGSmIu0Kf3G

2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Undertaker\AppData\Roaming\pPZCdWJiOzyjMMPjw

2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Undertaker\AppData\Roaming\QmNpb01D3S9

2015-04-19 14:20 - 2015-04-19 14:20 - 0005872 _____ () C:\Users\Undertaker\AppData\Roaming\qYVcguT

2013-04-05 21:39 - 2013-04-05 21:51 - 0000004 _____ () C:\Users\Undertaker\AppData\Roaming\skype.ini

2013-03-28 23:41 - 2013-03-28 23:41 - 0003584 _____ () C:\Users\Undertaker\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-03-04 22:26 - 2014-03-04 22:26 - 0091848 _____ () C:\Users\Undertaker\AppData\Local\ext_offermosquito_uninst.exe

2015-06-06 19:23 - 2015-06-06 19:23 - 0613255 _____ (CMI Limited) C:\Users\Undertaker\AppData\Local\nsl9347.tmp

2015-06-06 14:56 - 2015-06-06 14:55 - 0628688 _____ (CMI Limited) C:\Users\Undertaker\AppData\Local\nsxCD58.tmp

2013-02-28 21:15 - 2014-03-14 14:34 - 1145382 ____N () C:\Users\Undertaker\AppData\Local\Tempmusic.ogg

2011-10-19 10:21 - 2011-10-19 10:22 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log

2011-10-19 10:07 - 2011-10-19 10:08 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log

2011-10-19 10:15 - 2011-10-19 10:17 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log

2011-10-19 10:09 - 2011-10-19 10:15 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log

2011-10-19 10:17 - 2011-10-19 10:21 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
 

Files to move or delete:

====================

C:\Users\Undertaker\AppData\Roaming\skype.ini
 
 

Some files in TEMP:

====================

C:\Users\Undertaker\AppData\Local\Temp\00E35A2E-3B5A-BD25-0A1E-9E0608E342C2.dll

C:\Users\Undertaker\AppData\Local\Temp\9948.exe

C:\Users\Undertaker\AppData\Local\Temp\AskSLib.dll

C:\Users\Undertaker\AppData\Local\Temp\avgnt.exe

C:\Users\Undertaker\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpi1ymb_.dll

C:\Users\Undertaker\AppData\Local\Temp\Quarantine.exe

C:\Users\Undertaker\AppData\Local\Temp\setup_666.exe

C:\Users\Undertaker\AppData\Local\Temp\Softonic_EN_1-5-11_EN-Production_10_CleanRelease.exe

C:\Users\Undertaker\AppData\Local\Temp\sqlite3.dll

C:\Users\Undertaker\AppData\Local\Temp\Uninstall.exe

C:\Users\Undertaker\AppData\Local\Temp\WEB.DE_Toolbar_IE_Setup.exe
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2015-06-03 22:57
 

==================== End of log ============================

Ich hoff das war die richtige.

Gruß Ani

deeprybka

07.06.2015 18:44

Schritt 1

Bitte deinstalliere folgende Programme:

Advanced-System Protector
AnyProtect
CinemaPlus-3.2cV05.06
Crossbrowse
GamesDesktop 014.586
GamesDesktop 014.592
GoHD
Iminent
IminentToolbar
inminet
Internet Speed Tracker Internet Explorer Toolbar
MediaPlayerVid2.4
mystartsearch uninstall
Optimizer Pro v3.2
RegClean-Pro
Remote Desktop Access
Search Protect
SmartWeb
Software Version Updater
SpeedUpMyPC
System NotifierV05.06
UpdaterService version 1.5
VidPlaya Version 1.0.1
Wajam
Word Processor Text Wrap
Zombie Invasion

Versuche es bei Windows 7 http://deeprybka.trojaner-board.de/b...ne/revo/w7.png zunächst über Systemsteuerung/Programme deinstallieren.

Sollte das nicht gehen, lade Dir bitte Revo Uninstallerhttp://deeprybka.trojaner-board.de/b...ninstaller.png hier herunter. Entpacke die zip-Datei auf den Desktop. Anleitung

Starte die Revouninstaller.exe http://deeprybka.trojaner-board.de/b...o/revoport.PNG
Klicke auf Optionen und wähle als Sprache Deutsch.
Suche im Uninstallerfeld nach den oben angegebenen Programmen und wähle sie einzeln aus.
Klicke jedes Mal auf Uninstall.
Wähle anschließend den Modus "Moderat" aus.
http://deeprybka.trojaner-board.de/b.../uninstall.PNG http://deeprybka.trojaner-board.de/b...o/moderat2.PNG
Reste löschen:
Klicke auf http://deeprybka.trojaner-board.de/b.../selectall.PNG dann auf http://deeprybka.trojaner-board.de/b...evo/delete.PNG und dann auf http://deeprybka.trojaner-board.de/b...evo/weiter.PNG.

Wenn Du ein Programm nicht deinstallieren kannst, mach mit dem nächsten weiter.
Auch wenn am Ende noch Programme übrig geblieben sind, führe den nächsten Schritt aus:

Schritt 2
Downloade Dir bitte

AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
Starte die AdwCleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- "Tracing" Schlüssel löschen
- Winsock Einstellungen zurücksetzen
- Proxy Einstellungen zurücksetzen
- Internet Explorer Richtlinien zurücksetzen
- Chrome Richtlinien zurücksetzen
- Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 3

http://deeprybka.trojaner-board.de/m...mbamlogo4a.png http://deeprybka.trojaner-board.de/m...mbamlogo4b.png

Download und Anleitung
Starte Malwarebytes' Anti-Malware (MBAM).
Sollte die Benutzeroberfläche noch in Englisch sein, klicke auf Settings und wähle bei Language Deutsch aus.
Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
Gehe zurück zum Armaturenbrett und klicke auf "Jetzt scannen".
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben und poste mir das Log.

Schritt 4

http://filepony.de/icon/frst.png http://deeprybka.trojaner-board.de/b...t/frstscan.png

Bitte starte FRST erneut, markiere auch die checkbox http://deeprybka.trojaner-board.de/b...t/addition.pngund drücke auf Scan.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

Ani73

07.06.2015 20:23

Hier erst mal die die Adware Datei

Code:

# AdwCleaner v4.206 - Bericht erstellt 07/06/2015 um 21:06:52

# Aktualisiert 01/06/2015 von Xplode

# Datenbank : 2015-06-05.1 [Server]

# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)

# Benutzername : Undertaker - UNDERTAKER-PC

# Gestarted von : C:\Users\Undertaker\Downloads\AdwCleaner_4.206.exe

# Option : Löschen
 

***** [ Dienste ] *****
 

Dienst Gelöscht : abengine

[#] Dienst Gelöscht : innfd_1_10_0_14
 

***** [ Dateien / Ordner ] *****
 

Ordner Gelöscht : C:\ZombieInvasion

Ordner Gelöscht : C:\ProgramData\Browser

Ordner Gelöscht : C:\ProgramData\Systweak

Ordner Gelöscht : C:\ProgramData\Uniblue

Ordner Gelöscht : C:\ProgramData\4b45dc7c00003306

Ordner Gelöscht : C:\ProgramData\{274f2602-ce97-2b59-274f-f2602ce9980b}

Ordner Gelöscht : C:\ProgramData\{a7e20bb6-0b0d-9564-a7e2-20bb60b02ed8}

Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue

Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WindeskWinsearch

Ordner Gelöscht : C:\Program Files (x86)\globalUpdate

Ordner Gelöscht : C:\Program Files (x86)\Uniblue

Ordner Gelöscht : C:\Program Files (x86)\StartPoint

Ordner Gelöscht : C:\Program Files (x86)\Crossbrowse

Ordner Gelöscht : C:\Program Files (x86)\HighlightSearches

Ordner Gelöscht : C:\Program Files (x86)\WindeskWinsearch

Ordner Gelöscht : C:\Program Files (x86)\Edu App

Ordner Gelöscht : C:\Program Files (x86)\Common Files\IMGUpdater

Ordner Gelöscht : C:\Program Files (x86)\Common Files\Umbrella

Ordner Gelöscht : C:\Users\UNDERT~1\AppData\Local\Temp\IScreeny

Ordner Gelöscht : C:\Users\UNDERT~1\AppData\Local\Temp\Edu App

Ordner Gelöscht : C:\windows\SysWOW64\config\systemprofile\AppData\Local\abengine

Ordner Gelöscht : C:\Users\Undertaker\SupTab

Ordner Gelöscht : C:\Users\Undertaker\AppData\Local\globalUpdate

Ordner Gelöscht : C:\Users\Undertaker\AppData\Local\IScreeny

Ordner Gelöscht : C:\Users\Undertaker\AppData\Local\SmartWeb

Ordner Gelöscht : C:\Users\Undertaker\AppData\Local\Crossbrowse

Ordner Gelöscht : C:\Users\Undertaker\AppData\Local\Windesk_Winsearch

Ordner Gelöscht : C:\Users\Undertaker\AppData\Local\C2A6F1A8-1433597562-11E1-B08D-BFCB4EA96E5F

Ordner Gelöscht : C:\Users\Undertaker\AppData\LocalLow\iac

Ordner Gelöscht : C:\Users\Undertaker\AppData\LocalLow\SmartWeb

Ordner Gelöscht : C:\Users\Undertaker\AppData\Roaming\AnyProtectEx

Ordner Gelöscht : C:\Users\Undertaker\AppData\Roaming\Systweak

Ordner Gelöscht : C:\Users\Undertaker\AppData\Roaming\Uniblue

Ordner Gelöscht : C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjdepfkicdcciagbigfcmdhknnoaaegf

Ordner Gelöscht : C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp

Ordner Gelöscht : C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecgbfoconhopjngaaijjgffhokohlac

Ordner Gelöscht : C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Extensions\mjdepfkicdcciagbigfcmdhknnoaaegf

Ordner Gelöscht : C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\papbadoldddalgcjcicnikcfenodpghp

Ordner Gelöscht : C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\jecgbfoconhopjngaaijjgffhokohlac

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jecgbfoconhopjngaaijjgffhokohlac_0.localstorage

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jecgbfoconhopjngaaijjgffhokohlac_0.localstorage-journal

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_jecgbfoconhopjngaaijjgffhokohlac_0

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jecgbfoconhopjngaaijjgffhokohlac

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\chrome-extension_ehhlaekjfiiojlddgndcnefflngfmhen_0.localstorage

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\chrome-extension_jdkokpcldhneihjdhigfjmoeojkdcbmg_0.localstorage

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\chrome-extension_jecgbfoconhopjngaaijjgffhokohlac_0.localstorage

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\chrome-extension_jecgbfoconhopjngaaijjgffhokohlac_0.localstorage-journal

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0.localstorage

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0.localstorage-journal

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\databases\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\papbadoldddalgcjcicnikcfenodpghp

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_jecgbfoconhopjngaaijjgffhokohlac_0.localstorage

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_jecgbfoconhopjngaaijjgffhokohlac_0.localstorage-journal

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\databases\chrome-extension_jecgbfoconhopjngaaijjgffhokohlac_0

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\jecgbfoconhopjngaaijjgffhokohlac

Datei Gelöscht : C:\END

Datei Gelöscht : C:\Users\Public\Desktop\driverscanner.lnk

Datei Gelöscht : C:\Users\Public\Desktop\Youtube.lnk

Datei Gelöscht : C:\Users\Public\Desktop\WindeskWinsearch.lnk

Datei Gelöscht : C:\windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb

Datei Gelöscht : C:\windows\SysWOW64\abengine.dll

Datei Gelöscht : C:\windows\System32\abengine64.dll

Datei Gelöscht : C:\windows\System32\roboot64.exe

Datei Gelöscht : C:\windows\System32\sasnative64.exe

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\2Ovhr6lC1

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\4TKchDi

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\4TKchDi.exe

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\gSyGSmIu0Kf3G

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\pPZCdWJiOzyjMMPjw

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\QmNpb01D3S9

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\qYVcguT

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\driverscanner.lnk

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\crossbrowse.lnk

Datei Gelöscht : C:\Users\Undertaker\Desktop\Optimizer Pro.lnk

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.strtpoint.com_0.localstorage

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.strtpoint.com_0.localstorage-journal

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_search.strtpoint.com_0.localstorage

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_search.strtpoint.com_0.localstorage-journal

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_start.iminent.com_0.localstorage

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_start.iminent.com_0.localstorage-journal

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage-journal

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxps_inst.shoppingate.info_0.localstorage

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
 

***** [ Geplante Tasks ] *****
 

Task Gelöscht : APSnotifierPP1

Task Gelöscht : APSnotifierPP2

Task Gelöscht : APSnotifierPP3

Task Gelöscht : ASP

Task Gelöscht : Crossbrowse

Task Gelöscht : driverscanner

Task Gelöscht : dsmonitor

Task Gelöscht : Optimizer Pro Schedule

Task Gelöscht : RegClean Pro

Task Gelöscht : StartPoint

Task Gelöscht : StartPoint Updater

Task Gelöscht : iren3006

Task Gelöscht : LaunchPreSignup

Task Gelöscht : amiupdaterExd

Task Gelöscht : amiupdaterExi

Task Gelöscht : 2Ovhr6lC1

Task Gelöscht : 4TKchDi

Task Gelöscht : gSyGSmIu0Kf3G

Task Gelöscht : pPZCdWJiOzyjMMPjw

Task Gelöscht : QmNpb01D3S9

Task Gelöscht : qYVcguT
 

***** [ Verknüpfungen ] *****
 

Verknüpfung Desinfiziert : C:\Users\Undertaker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
 

***** [ Registrierungsdatenbank ] *****
 

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mjdepfkicdcciagbigfcmdhknnoaaegf

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc

Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [WinCheck]

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.DataContainer

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.DataContainer.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.DataController

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.DataController.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.DataTable

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.DataTable.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.DataTableFields

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.DataTableFields.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.DataTableHolder

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.DataTableHolder.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.LSPLogic

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.LSPLogic.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.ReadOnlyManager

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.ReadOnlyManager.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Mediaplayer\Shiminclusionlist\crossbrowse.exe

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\abengine.EXE

Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\abengine

Schlüssel Gelöscht : HKLM\SOFTWARE\Clients\StartMenuInternet\Crossbrowse

Wert Gelöscht : HKLM\SOFTWARE\RegisteredApplications [Crossbrowse]

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SDP

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.FeedManager

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.FeedManager.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.HTMLMenu

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.HTMLMenu.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.HTMLPanel

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.HTMLPanel.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.MultipleButton

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.MultipleButton.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.PseudoTransparentPlugin

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.PseudoTransparentPlugin.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.ScriptButton

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.ScriptButton.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.SettingsPlugin

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.SettingsPlugin.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.ThirdPartyInstaller

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.ThirdPartyInstaller.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.ToolbarProtector

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.ToolbarProtector.1

Schlüssel Gelöscht : HKLM\SOFTWARE\09918a6c-a1b1-4682-a176-8b5c329c1e37

Schlüssel Gelöscht : HKLM\SOFTWARE\1dce66f1-eb6a-ba93-93f4-103f3254436b

Schlüssel Gelöscht : HKLM\SOFTWARE\25b74a27-85cd-48a4-8e0a-5cb1163ade69

Schlüssel Gelöscht : HKLM\SOFTWARE\4bd55b85-a18f-4c5e-94ea-74f6cd419f6e

Schlüssel Gelöscht : HKLM\SOFTWARE\718012db-c80d-4a0e-8f05-72fd8f5bef8c

Schlüssel Gelöscht : HKLM\SOFTWARE\9ad3d54d-477b-45c2-a863-7db8e14f598a

Schlüssel Gelöscht : HKLM\SOFTWARE\a0d4f97f-e246-407d-9a5d-5ccb3dbbaa5f

Schlüssel Gelöscht : HKLM\SOFTWARE\bf248b6a-483a-4ab2-8e4e-8a9b59cf9f54

Schlüssel Gelöscht : HKLM\SOFTWARE\d458327e-1b9a-4103-8ee8-0b1e98d6d940

Schlüssel Gelöscht : HKLM\SOFTWARE\dc95329e-dd66-4bbc-b686-2ca4025b4c73

Schlüssel Gelöscht : HKLM\SOFTWARE\e072eb25-924b-4946-8cfa-49bc20028090

Schlüssel Gelöscht : HKLM\SOFTWARE\fa6eee6f-fca6-4082-bf83-62ee23bf65b3

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C424171E-592A-415A-9EB1-DFD6D95D3530}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{028F96B8-C73A-4C60-B82F-3944A19B046E}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{51F7DE65-A990-4213-BDB9-C2657FA7F3F4}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{879F721E-7F23-4B7F-B65B-F5A8F518864A}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A5544F7B-C413-4CAC-8DB4-9A8D1986DD86}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B9EE49F9-62A3-408D-858F-4ED9A23BAA24}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BF6D8439-BAC1-4E73-94FE-9910D098AE00}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D4F14684-336F-44FC-8D9E-8A73DAE003EC}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{22E9CC7A-04B2-4558-A993-763395274E42}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4AEC2270-2E5F-40C8-BE5A-E5A5264714C0}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{52E8E39B-2773-448F-BC20-547CD8DA4685}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{62163814-0C94-4DC3-BA99-5E9E2420C914}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{68AEA825-D48B-4A56-87F0-6FCE988A2C48}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6A0F07D3-F28E-4F45-8D4C-BBF8000F5BB8}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AF435BC-80A9-466E-938B-32E4482EBD65}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{85CEBABD-A775-41E2-8B67-FE06104F06ED}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AE92A5AB-E575-4487-BCC0-96D333E5346C}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C622315B-3049-43D4-9B41-D4B2DC2CD706}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{CDB85458-AE08-4106-B699-B946FF4A61CD}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{025EEF9C-90F5-417E-9196-09FA4AAB4C92}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03F13205-38FF-4361-BECE-EE939A002FA2}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1FAAF6AB-B931-4D05-BA12-B0ECCCCE2D0F}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{506DDB16-455A-4746-AD77-D23228955FD3}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1BCB34DC-BA6D-4B44-B786-4E259598A7C8}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C424171E-592A-415A-9EB1-DFD6D95D3530}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C424171E-592A-415A-9EB1-DFD6D95D3530}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}

Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C424171E-592A-415A-9EB1-DFD6D95D3530}]

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{C424171E-592A-415A-9EB1-DFD6D95D3530}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{22E9CC7A-04B2-4558-A993-763395274E42}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4AEC2270-2E5F-40C8-BE5A-E5A5264714C0}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{52E8E39B-2773-448F-BC20-547CD8DA4685}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{62163814-0C94-4DC3-BA99-5E9E2420C914}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{68AEA825-D48B-4A56-87F0-6FCE988A2C48}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6A0F07D3-F28E-4F45-8D4C-BBF8000F5BB8}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7AF435BC-80A9-466E-938B-32E4482EBD65}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{85CEBABD-A775-41E2-8B67-FE06104F06ED}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AE92A5AB-E575-4487-BCC0-96D333E5346C}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C622315B-3049-43D4-9B41-D4B2DC2CD706}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{CDB85458-AE08-4106-B699-B946FF4A61CD}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{025EEF9C-90F5-417E-9196-09FA4AAB4C92}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03F13205-38FF-4361-BECE-EE939A002FA2}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1FAAF6AB-B931-4D05-BA12-B0ECCCCE2D0F}

Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C424171E-592A-415A-9EB1-DFD6D95D3530}]

Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}

Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0EB8452D-5CC8-4EC9-A8EB-2C88D21E35F4}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1A508217-8DC1-40F6-9D15-8A0EC64BF6A2}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1EC8755B-73D5-4C21-ADD0-099B6E4567B6}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3405027F-FAE2-47B2-B32D-28FF111D0DB6}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8060BA75-525E-4046-B850-748E8FD0310F}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9143e921-7c9a-4d27-ac43-eaccc78cc55a}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9D1BC582-268A-4954-B09A-E237CF70CDD5}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A94AC31E-7810-432A-A47B-9C437A2B1847}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}

Schlüssel Gelöscht : HKCU\Software\AnyProtect

Schlüssel Gelöscht : HKCU\Software\Ask.com.tmp

Schlüssel Gelöscht : HKCU\Software\GlobalUpdate

Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions

Schlüssel Gelöscht : HKCU\Software\IScreeny

Schlüssel Gelöscht : HKCU\Software\Myfree Codec

Schlüssel Gelöscht : HKCU\Software\Optimizer Pro

Schlüssel Gelöscht : HKCU\Software\Softonic

Schlüssel Gelöscht : HKCU\Software\systweak

Schlüssel Gelöscht : HKCU\Software\Tutorials

Schlüssel Gelöscht : HKCU\Software\Super Optimizer

Schlüssel Gelöscht : HKCU\Software\CrossBrowser

Schlüssel Gelöscht : HKCU\Software\YorkNewCin

Schlüssel Gelöscht : HKCU\Software\HighDefAction

Schlüssel Gelöscht : HKCU\Software\ArenaHD

Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartWeb

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\CheckMeUp

Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}

Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}

Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}

Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate

Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions

Schlüssel Gelöscht : HKLM\SOFTWARE\istartsurfSoftware

Schlüssel Gelöscht : HKLM\SOFTWARE\Myfree Codec

Schlüssel Gelöscht : HKLM\SOFTWARE\SupDp

Schlüssel Gelöscht : HKLM\SOFTWARE\systweak

Schlüssel Gelöscht : HKLM\SOFTWARE\Umbrella

Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue

Schlüssel Gelöscht : HKLM\SOFTWARE\SPPDCOM

Schlüssel Gelöscht : HKLM\SOFTWARE\TabNav

Schlüssel Gelöscht : HKLM\SOFTWARE\YorkNewCin

Schlüssel Gelöscht : HKLM\SOFTWARE\HighDefAction

Schlüssel Gelöscht : HKLM\SOFTWARE\ArenaHD

Schlüssel Gelöscht : HKU\.DEFAULT\Software\AskPartnerNetwork

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IScreeny

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wincheck

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\WebBar

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\YorkNewCin

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\HighDefAction

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\ArenaHD

Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - _c:\progra~2\search~1\search~1\bin\vc32lo~1.dll

Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:51515;hxxps=127.0.0.1:51515

Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1

Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>

Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:51515;hxxps=127.0.0.1:51515

Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1

Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
 

***** [ Internetbrowser ] *****
 

-\\ Internet Explorer v11.0.9600.17280
 

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
 

-\\ Google Chrome v43.0.2357.81
 

[C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}

[C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1433586736&z=82181057f5a62a971c1a36dg4zfc1ceweb4q8mcw8b&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&q={searchTerms}

[C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://start.iminent.com/?appId=3136687d-e19e-4733-925c-6a77bc570a24&ref=toolbox&q={searchTerms}

[C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3318522&octid=EB_ORIGINAL_CTID&ISID=M76D4E0DD-ECB2-4199-9DBC-074BA9A1D945&SearchSource=58&CUI=&UM=8&UP=SP675C54C6-E3B5-41FE-8ED6-E5B4660D3294&D=060615&q={searchTerms}&SSPV=

[C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl

[C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb

[C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Extension] : mjdepfkicdcciagbigfcmdhknnoaaegf

[C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Extension] : papbadoldddalgcjcicnikcfenodpghp

[C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Extension] : jecgbfoconhopjngaaijjgffhokohlac

[C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Homepage] : hxxp://www.istartsurf.com/?type=hp&ts=1433623309&z=9cb5b4d6a9d30b8017c7acdg3zfc8c3q9oac1c8c5o&from=bpr&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478

[C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Startup_URLs] : hxxp://www.istartsurf.com/?type=hp&ts=1433623309&z=9cb5b4d6a9d30b8017c7acdg3zfc8c3q9oac1c8c5o&from=bpr&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478
 

-\\ Chromium v45.0.2422.0
 
 

-\\ Opera v29.0.1795.60
 
 

*************************
 

AdwCleaner[R0].txt - [57534 Bytes] - [06/06/2015 19:22:51]

AdwCleaner[R1].txt - [34267 Bytes] - [07/06/2015 21:02:54]

AdwCleaner[S0].txt - [30551 Bytes] - [07/06/2015 21:06:52]
 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [30611  Bytes] ##########

Hier erst mal die Adware datei

Code:

# AdwCleaner v4.206 - Bericht erstellt 07/06/2015 um 21:06:52

# Aktualisiert 01/06/2015 von Xplode

# Datenbank : 2015-06-05.1 [Server]

# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)

# Benutzername : Undertaker - UNDERTAKER-PC

# Gestarted von : C:\Users\Undertaker\Downloads\AdwCleaner_4.206.exe

# Option : Löschen
 

***** [ Dienste ] *****
 

Dienst Gelöscht : abengine

[#] Dienst Gelöscht : innfd_1_10_0_14
 

***** [ Dateien / Ordner ] *****
 

Ordner Gelöscht : C:\ZombieInvasion

Ordner Gelöscht : C:\ProgramData\Browser

Ordner Gelöscht : C:\ProgramData\Systweak

Ordner Gelöscht : C:\ProgramData\Uniblue

Ordner Gelöscht : C:\ProgramData\4b45dc7c00003306

Ordner Gelöscht : C:\ProgramData\{274f2602-ce97-2b59-274f-f2602ce9980b}

Ordner Gelöscht : C:\ProgramData\{a7e20bb6-0b0d-9564-a7e2-20bb60b02ed8}

Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue

Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WindeskWinsearch

Ordner Gelöscht : C:\Program Files (x86)\globalUpdate

Ordner Gelöscht : C:\Program Files (x86)\Uniblue

Ordner Gelöscht : C:\Program Files (x86)\StartPoint

Ordner Gelöscht : C:\Program Files (x86)\Crossbrowse

Ordner Gelöscht : C:\Program Files (x86)\HighlightSearches

Ordner Gelöscht : C:\Program Files (x86)\WindeskWinsearch

Ordner Gelöscht : C:\Program Files (x86)\Edu App

Ordner Gelöscht : C:\Program Files (x86)\Common Files\IMGUpdater

Ordner Gelöscht : C:\Program Files (x86)\Common Files\Umbrella

Ordner Gelöscht : C:\Users\UNDERT~1\AppData\Local\Temp\IScreeny

Ordner Gelöscht : C:\Users\UNDERT~1\AppData\Local\Temp\Edu App

Ordner Gelöscht : C:\windows\SysWOW64\config\systemprofile\AppData\Local\abengine

Ordner Gelöscht : C:\Users\Undertaker\SupTab

Ordner Gelöscht : C:\Users\Undertaker\AppData\Local\globalUpdate

Ordner Gelöscht : C:\Users\Undertaker\AppData\Local\IScreeny

Ordner Gelöscht : C:\Users\Undertaker\AppData\Local\SmartWeb

Ordner Gelöscht : C:\Users\Undertaker\AppData\Local\Crossbrowse

Ordner Gelöscht : C:\Users\Undertaker\AppData\Local\Windesk_Winsearch

Ordner Gelöscht : C:\Users\Undertaker\AppData\Local\C2A6F1A8-1433597562-11E1-B08D-BFCB4EA96E5F

Ordner Gelöscht : C:\Users\Undertaker\AppData\LocalLow\iac

Ordner Gelöscht : C:\Users\Undertaker\AppData\LocalLow\SmartWeb

Ordner Gelöscht : C:\Users\Undertaker\AppData\Roaming\AnyProtectEx

Ordner Gelöscht : C:\Users\Undertaker\AppData\Roaming\Systweak

Ordner Gelöscht : C:\Users\Undertaker\AppData\Roaming\Uniblue

Ordner Gelöscht : C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjdepfkicdcciagbigfcmdhknnoaaegf

Ordner Gelöscht : C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp

Ordner Gelöscht : C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecgbfoconhopjngaaijjgffhokohlac

Ordner Gelöscht : C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Extensions\mjdepfkicdcciagbigfcmdhknnoaaegf

Ordner Gelöscht : C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\papbadoldddalgcjcicnikcfenodpghp

Ordner Gelöscht : C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\jecgbfoconhopjngaaijjgffhokohlac

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jecgbfoconhopjngaaijjgffhokohlac_0.localstorage

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_jecgbfoconhopjngaaijjgffhokohlac_0.localstorage-journal

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_jecgbfoconhopjngaaijjgffhokohlac_0

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jecgbfoconhopjngaaijjgffhokohlac

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\chrome-extension_ehhlaekjfiiojlddgndcnefflngfmhen_0.localstorage

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\chrome-extension_jdkokpcldhneihjdhigfjmoeojkdcbmg_0.localstorage

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\chrome-extension_jecgbfoconhopjngaaijjgffhokohlac_0.localstorage

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\chrome-extension_jecgbfoconhopjngaaijjgffhokohlac_0.localstorage-journal

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0.localstorage

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0.localstorage-journal

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\databases\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\papbadoldddalgcjcicnikcfenodpghp

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_jecgbfoconhopjngaaijjgffhokohlac_0.localstorage

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_jecgbfoconhopjngaaijjgffhokohlac_0.localstorage-journal

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\databases\chrome-extension_jecgbfoconhopjngaaijjgffhokohlac_0

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\jecgbfoconhopjngaaijjgffhokohlac

Datei Gelöscht : C:\END

Datei Gelöscht : C:\Users\Public\Desktop\driverscanner.lnk

Datei Gelöscht : C:\Users\Public\Desktop\Youtube.lnk

Datei Gelöscht : C:\Users\Public\Desktop\WindeskWinsearch.lnk

Datei Gelöscht : C:\windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb

Datei Gelöscht : C:\windows\SysWOW64\abengine.dll

Datei Gelöscht : C:\windows\System32\abengine64.dll

Datei Gelöscht : C:\windows\System32\roboot64.exe

Datei Gelöscht : C:\windows\System32\sasnative64.exe

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\2Ovhr6lC1

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\4TKchDi

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\4TKchDi.exe

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\gSyGSmIu0Kf3G

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\pPZCdWJiOzyjMMPjw

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\QmNpb01D3S9

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\qYVcguT

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\driverscanner.lnk

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\crossbrowse.lnk

Datei Gelöscht : C:\Users\Undertaker\Desktop\Optimizer Pro.lnk

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.strtpoint.com_0.localstorage

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_search.strtpoint.com_0.localstorage-journal

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_search.strtpoint.com_0.localstorage

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_search.strtpoint.com_0.localstorage-journal

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_start.iminent.com_0.localstorage

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_start.iminent.com_0.localstorage-journal

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage

Datei Gelöscht : C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\hxxp_www.mystartsearch.com_0.localstorage-journal

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxps_inst.shoppingate.info_0.localstorage

Datei Gelöscht : C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
 

***** [ Geplante Tasks ] *****
 

Task Gelöscht : APSnotifierPP1

Task Gelöscht : APSnotifierPP2

Task Gelöscht : APSnotifierPP3

Task Gelöscht : ASP

Task Gelöscht : Crossbrowse

Task Gelöscht : driverscanner

Task Gelöscht : dsmonitor

Task Gelöscht : Optimizer Pro Schedule

Task Gelöscht : RegClean Pro

Task Gelöscht : StartPoint

Task Gelöscht : StartPoint Updater

Task Gelöscht : iren3006

Task Gelöscht : LaunchPreSignup

Task Gelöscht : amiupdaterExd

Task Gelöscht : amiupdaterExi

Task Gelöscht : 2Ovhr6lC1

Task Gelöscht : 4TKchDi

Task Gelöscht : gSyGSmIu0Kf3G

Task Gelöscht : pPZCdWJiOzyjMMPjw

Task Gelöscht : QmNpb01D3S9

Task Gelöscht : qYVcguT
 

***** [ Verknüpfungen ] *****
 

Verknüpfung Desinfiziert : C:\Users\Undertaker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
 

***** [ Registrierungsdatenbank ] *****
 

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mjdepfkicdcciagbigfcmdhknnoaaegf

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\driverscanner

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc

Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [WinCheck]

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.DataContainer

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.DataContainer.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.DataController

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.DataController.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.DataTable

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.DataTable.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.DataTableFields

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.DataTableFields.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.DataTableHolder

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.DataTableHolder.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.LSPLogic

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.LSPLogic.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.ReadOnlyManager

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\abengineLib.ReadOnlyManager.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Mediaplayer\Shiminclusionlist\crossbrowse.exe

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\abengine.EXE

Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\abengine

Schlüssel Gelöscht : HKLM\SOFTWARE\Clients\StartMenuInternet\Crossbrowse

Wert Gelöscht : HKLM\SOFTWARE\RegisteredApplications [Crossbrowse]

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\globalupdate.exe

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\SDP

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Allin1Convert_8h.ToolbarProtector.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.FeedManager

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.FeedManager.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.HTMLMenu

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.HTMLMenu.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.HTMLPanel

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.HTMLPanel.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.MultipleButton

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.MultipleButton.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.PseudoTransparentPlugin

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.PseudoTransparentPlugin.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.ScriptButton

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.ScriptButton.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.SettingsPlugin

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.SettingsPlugin.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.ThirdPartyInstaller

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.ThirdPartyInstaller.1

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.ToolbarProtector

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\InternetSpeedTracker_9t.ToolbarProtector.1

Schlüssel Gelöscht : HKLM\SOFTWARE\09918a6c-a1b1-4682-a176-8b5c329c1e37

Schlüssel Gelöscht : HKLM\SOFTWARE\1dce66f1-eb6a-ba93-93f4-103f3254436b

Schlüssel Gelöscht : HKLM\SOFTWARE\25b74a27-85cd-48a4-8e0a-5cb1163ade69

Schlüssel Gelöscht : HKLM\SOFTWARE\4bd55b85-a18f-4c5e-94ea-74f6cd419f6e

Schlüssel Gelöscht : HKLM\SOFTWARE\718012db-c80d-4a0e-8f05-72fd8f5bef8c

Schlüssel Gelöscht : HKLM\SOFTWARE\9ad3d54d-477b-45c2-a863-7db8e14f598a

Schlüssel Gelöscht : HKLM\SOFTWARE\a0d4f97f-e246-407d-9a5d-5ccb3dbbaa5f

Schlüssel Gelöscht : HKLM\SOFTWARE\bf248b6a-483a-4ab2-8e4e-8a9b59cf9f54

Schlüssel Gelöscht : HKLM\SOFTWARE\d458327e-1b9a-4103-8ee8-0b1e98d6d940

Schlüssel Gelöscht : HKLM\SOFTWARE\dc95329e-dd66-4bbc-b686-2ca4025b4c73

Schlüssel Gelöscht : HKLM\SOFTWARE\e072eb25-924b-4946-8cfa-49bc20028090

Schlüssel Gelöscht : HKLM\SOFTWARE\fa6eee6f-fca6-4082-bf83-62ee23bf65b3

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{01994268-3C10-4044-A1EA-7A9C1B739A11}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C424171E-592A-415A-9EB1-DFD6D95D3530}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{028F96B8-C73A-4C60-B82F-3944A19B046E}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{51F7DE65-A990-4213-BDB9-C2657FA7F3F4}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{879F721E-7F23-4B7F-B65B-F5A8F518864A}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{A5544F7B-C413-4CAC-8DB4-9A8D1986DD86}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{B9EE49F9-62A3-408D-858F-4ED9A23BAA24}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{BF6D8439-BAC1-4E73-94FE-9910D098AE00}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{D4F14684-336F-44FC-8D9E-8A73DAE003EC}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{22E9CC7A-04B2-4558-A993-763395274E42}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{4AEC2270-2E5F-40C8-BE5A-E5A5264714C0}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{52E8E39B-2773-448F-BC20-547CD8DA4685}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{62163814-0C94-4DC3-BA99-5E9E2420C914}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{68AEA825-D48B-4A56-87F0-6FCE988A2C48}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{6A0F07D3-F28E-4F45-8D4C-BBF8000F5BB8}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AF435BC-80A9-466E-938B-32E4482EBD65}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{85CEBABD-A775-41E2-8B67-FE06104F06ED}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{AE92A5AB-E575-4487-BCC0-96D333E5346C}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C622315B-3049-43D4-9B41-D4B2DC2CD706}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{CDB85458-AE08-4106-B699-B946FF4A61CD}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{025EEF9C-90F5-417E-9196-09FA4AAB4C92}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{03F13205-38FF-4361-BECE-EE939A002FA2}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1FAAF6AB-B931-4D05-BA12-B0ECCCCE2D0F}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{506DDB16-455A-4746-AD77-D23228955FD3}

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{1BCB34DC-BA6D-4B44-B786-4E259598A7C8}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C424171E-592A-415A-9EB1-DFD6D95D3530}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C424171E-592A-415A-9EB1-DFD6D95D3530}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}

Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C424171E-592A-415A-9EB1-DFD6D95D3530}]

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{C424171E-592A-415A-9EB1-DFD6D95D3530}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{9C4EFBD5-1ADF-41E6-BE26-AF44326E30E4}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{22E9CC7A-04B2-4558-A993-763395274E42}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{4AEC2270-2E5F-40C8-BE5A-E5A5264714C0}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{52E8E39B-2773-448F-BC20-547CD8DA4685}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{62163814-0C94-4DC3-BA99-5E9E2420C914}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{68AEA825-D48B-4A56-87F0-6FCE988A2C48}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{6A0F07D3-F28E-4F45-8D4C-BBF8000F5BB8}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7AF435BC-80A9-466E-938B-32E4482EBD65}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{85CEBABD-A775-41E2-8B67-FE06104F06ED}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{AE92A5AB-E575-4487-BCC0-96D333E5346C}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{C622315B-3049-43D4-9B41-D4B2DC2CD706}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{CDB85458-AE08-4106-B699-B946FF4A61CD}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{025EEF9C-90F5-417E-9196-09FA4AAB4C92}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{03F13205-38FF-4361-BECE-EE939A002FA2}

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1FAAF6AB-B931-4D05-BA12-B0ECCCCE2D0F}

Wert Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{C424171E-592A-415A-9EB1-DFD6D95D3530}]

Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}

Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0EB8452D-5CC8-4EC9-A8EB-2C88D21E35F4}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1A508217-8DC1-40F6-9D15-8A0EC64BF6A2}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1EC8755B-73D5-4C21-ADD0-099B6E4567B6}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{3405027F-FAE2-47B2-B32D-28FF111D0DB6}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{8060BA75-525E-4046-B850-748E8FD0310F}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9143e921-7c9a-4d27-ac43-eaccc78cc55a}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9D1BC582-268A-4954-B09A-E237CF70CDD5}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A94AC31E-7810-432A-A47B-9C437A2B1847}

Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C}

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03}

Schlüssel Gelöscht : HKCU\Software\AnyProtect

Schlüssel Gelöscht : HKCU\Software\Ask.com.tmp

Schlüssel Gelöscht : HKCU\Software\GlobalUpdate

Schlüssel Gelöscht : HKCU\Software\InstalledBrowserExtensions

Schlüssel Gelöscht : HKCU\Software\IScreeny

Schlüssel Gelöscht : HKCU\Software\Myfree Codec

Schlüssel Gelöscht : HKCU\Software\Optimizer Pro

Schlüssel Gelöscht : HKCU\Software\Softonic

Schlüssel Gelöscht : HKCU\Software\systweak

Schlüssel Gelöscht : HKCU\Software\Tutorials

Schlüssel Gelöscht : HKCU\Software\Super Optimizer

Schlüssel Gelöscht : HKCU\Software\CrossBrowser

Schlüssel Gelöscht : HKCU\Software\YorkNewCin

Schlüssel Gelöscht : HKCU\Software\HighDefAction

Schlüssel Gelöscht : HKCU\Software\ArenaHD

Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\SmartWeb

Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\CheckMeUp

Schlüssel Gelöscht : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}

Schlüssel Gelöscht : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}

Schlüssel Gelöscht : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}

Schlüssel Gelöscht : HKLM\SOFTWARE\GlobalUpdate

Schlüssel Gelöscht : HKLM\SOFTWARE\InstalledBrowserExtensions

Schlüssel Gelöscht : HKLM\SOFTWARE\istartsurfSoftware

Schlüssel Gelöscht : HKLM\SOFTWARE\Myfree Codec

Schlüssel Gelöscht : HKLM\SOFTWARE\SupDp

Schlüssel Gelöscht : HKLM\SOFTWARE\systweak

Schlüssel Gelöscht : HKLM\SOFTWARE\Umbrella

Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue

Schlüssel Gelöscht : HKLM\SOFTWARE\SPPDCOM

Schlüssel Gelöscht : HKLM\SOFTWARE\TabNav

Schlüssel Gelöscht : HKLM\SOFTWARE\YorkNewCin

Schlüssel Gelöscht : HKLM\SOFTWARE\HighDefAction

Schlüssel Gelöscht : HKLM\SOFTWARE\ArenaHD

Schlüssel Gelöscht : HKU\.DEFAULT\Software\AskPartnerNetwork

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IScreeny

Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wincheck

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\InstalledBrowserExtensions

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\WebBar

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\YorkNewCin

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\HighDefAction

Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\ArenaHD

Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - _c:\progra~2\search~1\search~1\bin\vc32lo~1.dll

Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:51515;hxxps=127.0.0.1:51515

Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1

Daten Gelöscht : HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>

Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyServer] - hxxp=127.0.0.1:51515;hxxps=127.0.0.1:51515

Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyEnable] - 1

Daten Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>
 

***** [ Internetbrowser ] *****
 

-\\ Internet Explorer v11.0.9600.17280
 

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
 

-\\ Google Chrome v43.0.2357.81
 

[C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}

[C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.mystartsearch.com/web/?type=ds&ts=1433586736&z=82181057f5a62a971c1a36dg4zfc1ceweb4q8mcw8b&from=cor&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478&q={searchTerms}

[C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://start.iminent.com/?appId=3136687d-e19e-4733-925c-6a77bc570a24&ref=toolbox&q={searchTerms}

[C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Gelöscht [Search Provider] : hxxp://www.trovi.com/Results.aspx?gd=&ctid=CT3318522&octid=EB_ORIGINAL_CTID&ISID=M76D4E0DD-ECB2-4199-9DBC-074BA9A1D945&SearchSource=58&CUI=&UM=8&UP=SP675C54C6-E3B5-41FE-8ED6-E5B4660D3294&D=060615&q={searchTerms}&SSPV=

[C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Extension] : booedmolknjekdopkepjjeckmjkdpfgl

[C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Extension] : flpcjncodpafbgdpnkljologafpionhb

[C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Extension] : mjdepfkicdcciagbigfcmdhknnoaaegf

[C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Extension] : papbadoldddalgcjcicnikcfenodpghp

[C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Extension] : jecgbfoconhopjngaaijjgffhokohlac

[C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Homepage] : hxxp://www.istartsurf.com/?type=hp&ts=1433623309&z=9cb5b4d6a9d30b8017c7acdg3zfc8c3q9oac1c8c5o&from=bpr&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478

[C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Gelöscht [Startup_URLs] : hxxp://www.istartsurf.com/?type=hp&ts=1433623309&z=9cb5b4d6a9d30b8017c7acdg3zfc8c3q9oac1c8c5o&from=bpr&uid=SAMSUNGXHN-M101MBB_S2RQJ9ABB30478
 

-\\ Chromium v45.0.2422.0
 
 

-\\ Opera v29.0.1795.60
 
 

*************************
 

AdwCleaner[R0].txt - [57534 Bytes] - [06/06/2015 19:22:51]

AdwCleaner[R1].txt - [34267 Bytes] - [07/06/2015 21:02:54]

AdwCleaner[S0].txt - [30551 Bytes] - [07/06/2015 21:06:52]
 

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [30611  Bytes] ##########

Ani73

07.06.2015 22:13

Hallo Jürgen,
entschuldige die mehrfachen Posts. Aber ich flieg immer wieder raus und dauernd öffnen sich weitere Internetseiten und auf einmal ist wieder alles weg-

Ich habe kein Log erhalten von Malware. Habe aber die Auswahl kopieren können.

Code:

Malwarebytes Anti-Malware

www.malwarebytes.org
 

Suchlauf Datum: 07.06.2015

Suchlauf-Zeit: 21:35:17

Logdatei: auswahl.txt

Administrator: Ja
 

Version: 2.01.6.1022

Malware Datenbank: v2015.06.07.05

Rootkit Datenbank: v2015.06.02.01

Lizenz: Kostenlos

Malware Schutz: Deaktiviert

Bösartiger Webseiten Schutz: Deaktiviert

Selbstschutz: Deaktiviert
 

Betriebssystem: Windows 7 Service Pack 1

CPU: x64

Dateisystem: NTFS

Benutzer: Undertaker
 

Suchlauf-Art: Bedrohungs-Suchlauf

Ergebnis: Abgeschlossen

Durchsuchte Objekte: 460528

Verstrichene Zeit: 1 Std, 9 Min, 40 Sek
 

Speicher: Aktiviert

Autostart: Aktiviert

Dateisystem: Aktiviert

Archive: Aktiviert

Rootkits: Aktiviert

Heuristik: Aktiviert

PUP: Aktiviert

PUM: Aktiviert
 

Prozesse: 3

PUP.Optional.UpdaterToolService.A, C:\Windows\Provider\UpdaterToolService.exe, 2216, , [c41d96218ffbd06654a4fa6ee91925db]

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\InternetEnhancer.exe, 3112, , [16cbb205b6d4e74f0745e206ae5542be]

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\InternetEnhancerService.exe, 2300, , [16cbb205b6d4e74f0745e206ae5542be]
 

Module: 3

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\ApiHandlr.dll, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\FiddlerCore.dll, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\Newtonsoft.Json.dll, , [16cbb205b6d4e74f0745e206ae5542be], 
 

Registrierungsschlüssel: 52

PUP.Optional.UpdaterToolService.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\UpdateDustTool, , [c41d96218ffbd06654a4fa6ee91925db], 

PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}, , [855cc2f55b2f0d2997ceaafbf50e28d8], 

PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}, , [855cc2f55b2f0d2997ceaafbf50e28d8], 

PUP.Optional.Amonetize.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}, , [855cc2f55b2f0d2997ceaafbf50e28d8], 

PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{EAC7DE5C-9520-435D-91AA-4A02E4773CEA}, , [855cc2f55b2f0d2997ceaafbf50e28d8], 

PUP.Optional.Amonetize.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}, , [855cc2f55b2f0d2997ceaafbf50e28d8], 

PUP.Optional.Amonetize.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{B0660298-91AA-421F-BF0D-BFF6BB8BF3AE}, , [855cc2f55b2f0d2997ceaafbf50e28d8], 

PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BrowserV04.06, , [71705d5a8bff68ce849a86effb0bea16], 

PUP.Optional.Wajam.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WaInternetEnhancer Service, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.CrossRider.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\BrowserApp3.7, , [6c7506b16a2046f09d3c8266699a9f61], 

PUP.Optional.BrowserApps.A, HKLM\SOFTWARE\BrowserApp3.7-nv, , [fde4eacd5f2b3df91f9f4f2b3bca0af6], 

PUP.Optional.BrowserApps.A, HKLM\SOFTWARE\BrowserV04.06-nv, , [a938a215a7e36fc75eb16a8050b323dd], 

PUP.Optional.MediaPlayer.A, HKLM\SOFTWARE\MediaPlayerVid2.4-nv, , [15cc7e391872dd593e53ac42af54629e], 

PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32LDR  , , [20c17443a8e2f73f618e0e7639cc0000], 

PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, , [e001eccbc8c2cc6ae4aefa8a867f8878], 

PUP.Optional.BrowserApps.A, HKLM\SOFTWARE\WOW6432NODE\BrowserApp3.7, , [10d12790bdcdc96d724c5525ea1b8878], 

PUP.Optional.BrowserApps.A, HKLM\SOFTWARE\WOW6432NODE\BrowserApp3.7-nv, , [736e0daaacde0d29aa1485f5838202fe], 

PUP.Optional.BrowserApps.A, HKLM\SOFTWARE\WOW6432NODE\BrowserApp3.7-nv-ie, , [0cd5882ff4960a2cf9c57a0054b15ca4], 

PUP.Optional.BrowserApps.A, HKLM\SOFTWARE\WOW6432NODE\BrowserV04.06, , [8061793e2e5c38fe2ae5579310f312ee], 

PUP.Optional.BrowserApps.A, HKLM\SOFTWARE\WOW6432NODE\BrowserV04.06-nv, , [6f72bbfcfc8e95a16da21ad06b98e719], 

PUP.Optional.BrowserApps.A, HKLM\SOFTWARE\WOW6432NODE\BrowserV04.06-nv-ie, , [c61b02b5ff8bd2641ff0bb2f4cb724dc], 

PUP.Optional.Infonaut.A, HKLM\SOFTWARE\WOW6432NODE\Infonaut_1.10.0.14, , [0dd46c4b553587aff1f847a341c2e719], 

PUP.Optional.MediaPlayer.A, HKLM\SOFTWARE\WOW6432NODE\MediaPlayerVid2.4-nv, , [24bd2f882e5cab8b830e08e632d1c838], 

PUP.Optional.MediaPlayer.A, HKLM\SOFTWARE\WOW6432NODE\MediaPlayerVid2.4-nv-ie, , [449d4b6c3456c76f523f47a7c93a03fd], 

PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\WaInternetEnhancer, , [39a801b6f991f93d0bc01173d72e6b95], 

PUP.Optional.CrossRider.C, HKLM\SOFTWARE\WOW6432NODE\APPDATALOW\SOFTWARE\Crossrider, , [756caf08523873c3c3195d8caf54a55b], 

PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\adpeheiliennogfclcgmchdfdmafjegc, , [07da13a4bad038fe8ef3433bb84d8a76], 

PUP.Optional.Iminent.C, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\nociobghckdhokecfeajdpimjeapnopn, , [00e10bac088206306d2d6f7b47bc50b0], 

PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{481DD1D9-2619-4136-BEAD-8766AE46542D}, , [2cb5fcbb8802a49238f5b0d090759070], 

PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{499A1BF0-AFF3-48E8-9333-C4A4567AB59D}, , [994832854644eb4b949995eb13f2dd23], 

PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5E58CDA9-3B21-4611-A859-26EE28950E61}, , [00e17e398a002313200d6e127095a35d], 

PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{63AD0951-229A-4F3B-9E96-B4891811A156}, , [9f428d2a216954e2f33a4838df2617e9], 

PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6874FADE-02C8-4181-831A-FC7486CF1D74}, , [5f82efc899f172c45dd01d6327de956b], 

PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{73643B10-6EE2-48BE-8280-37AA35E0DFA6}, , [bc256552464495a139f4d1afc0455aa6], 

PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{81FDA3B2-1023-4131-8055-29CE1560C12A}, , [1fc231862664b18554d9cfb112f317e9], 

PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{87085AE6-DC1B-4E6B-98A7-6F4AC5F1EB49}, , [4a97d8df1a7057df58d5daa6df269a66], 

PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{93E4AD7F-B2DD-4273-9AD9-E6DE2A2670E8}, , [6a77feb908823bfb5bd23e42ce3737c9], 

PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{968E8731-8549-4289-AD46-B9A9EAC1D302}, , [5e837a3d5832b0862d0097e9e81d768a], 

PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{A0A80369-0C8A-44D9-B7CD-4D9C24DCA4E1}, , [8e53199ecebc181e1b12c0c038cd0ef2], 

PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{D2497C4B-AC5C-45DF-8B83-ADC99791A299}, , [c021b106c3c76ccacd6082fec04556aa], 

PUP.Optional.DustApps.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{CE9793E8-C305-45AA-AE10-52EE0ADDED4F}_IS1, , [08d90aada5e5b284a949e700996a19e7], 

PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, , [5d84d5e2781242f4652d2361b64f7a86], 

PUP.Optional.Crossrider.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\SOFTWARE\_CrossriderRegNamePlaceHolder_, , [855c87300f7b2610e967750a5aaba35d], 

PUP.Optional.BrowserApps.A, HKU\S-1-5-21-1335839233-2991384071-368375801-1000\SOFTWARE\BrowserApp3.7, , [2eb307b058323df9f9c485f5db2a33cd], 

PUP.Optional.BrowserApps.A, HKU\S-1-5-21-1335839233-2991384071-368375801-1000\SOFTWARE\BrowserApp3.7-nv, , [26bb7b3c7f0b9a9cb00dd8a24db857a9], 

PUP.Optional.BrowserApps.A, HKU\S-1-5-21-1335839233-2991384071-368375801-1000\SOFTWARE\BrowserApp3.7-nv-ie, , [36abd4e3deac063002bbaecc46bf8a76], 

PUP.Optional.BrowserApps.A, HKU\S-1-5-21-1335839233-2991384071-368375801-1000\SOFTWARE\BrowserV04.06-nv, , [8e53eacd7218a88e818f5b8fa45f7789], 

PUP.Optional.BrowserApps.A, HKU\S-1-5-21-1335839233-2991384071-368375801-1000\SOFTWARE\BrowserV04.06-nv-ie, , [fbe601b65337b08690809f4bea198977], 

PUP.Optional.MediaPlayer.A, HKU\S-1-5-21-1335839233-2991384071-368375801-1000\SOFTWARE\MediaPlayerVid2.4-nv, , [726f6e490f7b290d137f1cd26f941ee2], 

PUP.Optional.MediaPlayer.A, HKU\S-1-5-21-1335839233-2991384071-368375801-1000\SOFTWARE\MediaPlayerVid2.4-nv-ie, , [05dc25927e0c56e0741eab43966d619f], 

PUP.Optional.Wajam.A, HKU\S-1-5-21-1335839233-2991384071-368375801-1000\SOFTWARE\WaInternetEnhancer, , [9150605727634aec3298087c927328d8], 

PUP.Optional.CrossRider.A, HKU\S-1-5-21-1335839233-2991384071-368375801-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2218E587-EFBB-482A-B8F6-214DCB8EAB91}, , [f7eab9fe91f9d363bdef770a679e0000], 
 

Registrierungswerte: 26

PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\chrome.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130780616823092735, , [3ea3a3143a50ef47a44aa9dbdc2903fd]

PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\explorer.xxx|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130780616823092735, , [6c753780bdcd5adc2cc23f4517ee3ec2]

PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\firefox.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130780616823092735, , [4998dbdc96f4a1957678d0b4a461ed13]

PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\iexplore.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130780616823092735, , [3ca54b6cec9ec76f19d55b299b6a34cc]

PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_removal_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130780616823092735, , [b32e8f287c0e8fa740ae790b0ef7639d]

PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\software_reporter_tool.exe|{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130780616823092735, , [ca17bafd7c0ee0560ae4b4d0c63f12ee]

PUP.Optional.Trovi.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\APPCOMPATFLAGS\CUSTOM\LAYERS\VC32Ldr  |{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb, 130780616823092735, , [20c17443a8e2f73f618e0e7639cc0000]

PUP.Optional.WindeskWinsearch.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Windesk Winsearch, C:\Program Files (x86)\WindeskWinsearch\Windesk Winsearch.exe, , [20c1bbfc6327d36375f0a84001021be5]

PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [e001eccbc8c2cc6ae4aefa8a867f8878]

PUP.Optional.Cassiopesa.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\Tny_Cassiopesa\\, , [37aae2d55931b77f6dc773124bba56aa]

PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{481dd1d9-2619-4136-bead-8766ae46542d}|AppPath, C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin, , [2cb5fcbb8802a49238f5b0d090759070]

PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{499a1bf0-aff3-48e8-9333-c4a4567ab59d}|AppPath, C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin, , [994832854644eb4b949995eb13f2dd23]

PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5e58cda9-3b21-4611-a859-26ee28950e61}|AppPath, C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin, , [00e17e398a002313200d6e127095a35d]

PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{63ad0951-229a-4f3b-9e96-b4891811a156}|AppPath, C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin, , [9f428d2a216954e2f33a4838df2617e9]

PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{6874fade-02c8-4181-831a-fc7486cf1d74}|AppPath, C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin, , [5f82efc899f172c45dd01d6327de956b]

PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{73643b10-6ee2-48be-8280-37aa35e0dfa6}|AppPath, C:\Program Files (x86)\PopularScreensavers_7i\bar\1.bin, , [bc256552464495a139f4d1afc0455aa6]

PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{81fda3b2-1023-4131-8055-29ce1560c12a}|AppPath, C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin, , [1fc231862664b18554d9cfb112f317e9]

PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{87085ae6-dc1b-4e6b-98a7-6f4ac5f1eb49}|AppPath, C:\Program Files (x86)\PopularScreensavers_7i\bar\1.bin, , [4a97d8df1a7057df58d5daa6df269a66]

PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{93e4ad7f-b2dd-4273-9ad9-e6de2a2670e8}|AppPath, C:\Program Files (x86)\PopularScreensavers_7i\bar\1.bin, , [6a77feb908823bfb5bd23e42ce3737c9]

PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{968e8731-8549-4289-ad46-b9a9eac1d302}|AppPath, C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin, , [5e837a3d5832b0862d0097e9e81d768a]

PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{a0a80369-0c8a-44d9-b7cd-4d9c24dca4e1}|AppPath, C:\Program Files (x86)\PopularScreensavers_7i\bar\1.bin, , [8e53199ecebc181e1b12c0c038cd0ef2]

PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{d2497c4b-ac5c-45df-8b83-adc99791a299}|AppPath, C:\Program Files (x86)\PopularScreensavers_7i\bar\1.bin, , [c021b106c3c76ccacd6082fec04556aa]

PUP.Optional.DustApps.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{CE9793E8-C305-45AA-AE10-52EE0ADDED4F}_is1|DisplayName, DustApps version 1.7, , [08d90aada5e5b284a949e700996a19e7]

PUM.Security.Hijack.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [5d84d5e2781242f4652d2361b64f7a86]

PUP.Optional.CrossBrowse.C, HKU\S-1-5-21-1335839233-2991384071-368375801-1000\SOFTWARE\CLIENTS\STARTMENUINTERNET, Crossbrowse, , [7e6352656129c6702d21017ece37b64a]

PUP.Optional.CrossRider.A, HKU\S-1-5-21-1335839233-2991384071-368375801-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{2218E587-EFBB-482A-B8F6-214DCB8EAB91}|AppName, 9b10343d-d111-4cd2-aa57-4aedaef0d29e-2.exe-buttonutil.exe, , [f7eab9fe91f9d363bdef770a679e0000]
 

Registrierungsdaten: 0

(Keine schädliche Elemente gefunden)
 

Ordner: 83

PUP.Optional.UpdaterToolService.A, C:\Windows\Provider, , [538e338496f43df9d22a3fa82cd78977], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.CrossRider.A, C:\Program Files (x86)\BrowserApp3.7, , [6c7506b16a2046f09d3c8266699a9f61], 

PUP.Optional.CrossRider.A, C:\Program Files (x86)\BrowserV04.06, , [f5ecac0b0f7b132335a49256c83baf51], 

PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer, , [99489126b1d97eb809e18d5be81b9967], 

PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer\Explore Social Search, , [99489126b1d97eb809e18d5be81b9967], 

PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer\Explore Social Shopping, , [99489126b1d97eb809e18d5be81b9967], 

PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer\Uninstall Wajam, , [99489126b1d97eb809e18d5be81b9967], 

PUP.Optional.Amonetize.A, C:\ProgramData\Nropnumipre\1.0.1.0, , [5b861d9ab5d572c406b09de6897c867a], 

PUP.Optional.Amonetize.A, C:\ProgramData\Nropnumipre, , [5b861d9ab5d572c406b09de6897c867a], 

PUP.Optional.OptimizerPro.A, C:\Users\Undertaker\Documents\Optimizer Pro, , [bb2671461872b086e138166ee421ce32], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\images, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\scripts, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\scripts\jquery, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\scripts\lib, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\scripts\newtab, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\_locales, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\_locales\de, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\_locales\en, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\_locales\es, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\_locales\fr, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\_locales\it, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\_locales\pt_BR, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\_locales\tr, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\_metadata, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\images, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\jquery, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\lib, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\adapters, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\fx2, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\fx2\off, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\fx2\on, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\bhp, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\ql, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\games, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\menu_page, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_locales, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_locales\de, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_locales\en, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_locales\es, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_locales\fr, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_locales\it, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_locales\pt_BR, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_locales\tr, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_metadata, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.OptimizerPro.A, C:\Users\Undertaker\AppData\Roaming\Optimizer Pro, , [d70ab205206aee48c9a4a1467291cc34], 

PUP.Optional.OptimizerPro.A, C:\Users\Undertaker\AppData\Roaming\Optimizer Pro\Backup, , [d70ab205206aee48c9a4a1467291cc34], 

PUP.Optional.OptimizerPro.A, C:\Users\Undertaker\AppData\Roaming\Optimizer Pro\Log, , [d70ab205206aee48c9a4a1467291cc34], 

PUP.Optional.OptimizerPro.A, C:\Users\Undertaker\AppData\Roaming\Optimizer Pro\Undo, , [d70ab205206aee48c9a4a1467291cc34], 

PUP.Optional.CheckMeUp.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ihknmofljcglpbdiiedebgmgpmikgfnf, , [d20fae0997f32016318fdb0c30d306fa], 

PUP.Optional.PullUpdate.A, C:\ProgramData\GrcToTxHhyb\dat, , [de03cdea7317e84eb8146b0b0afc7a86], 

PUP.Optional.PullUpdate.A, C:\ProgramData\GrcToTxHhyb, , [de03cdea7317e84eb8146b0b0afc7a86], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\api, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\popupResource, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\userCode, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\icons, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\icons\actions, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\api, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\popupResource, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\userCode, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\icons, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\icons\actions, , [60814d6a7713d85e63935421ca3cc23e], 
 

Dateien: 521

PUP.Optional.UpdaterToolService.A, C:\Windows\Provider\UpdaterToolService.exe, , [c41d96218ffbd06654a4fa6ee91925db], 

PUP.Optional.Crossrider, C:\Program Files (x86)\4722a9bf-525a-4c06-897e-ac1e3bd46d28\4722a9bf-525a-4c06-897e-ac1e3bd46d28.dll, , [5e8305b2296123131b004129a75b34cc], 

PUP.Optional.Crossrider, C:\Program Files (x86)\4722a9bf-525a-4c06-897e-ac1e3bd46d28\72c3b23c-ddd7-454a-8372-e7ae40829114.dll, , [af32783f4c3ede5808134e1c0002d828], 

PUP.Optional.Crossrider, C:\Program Files (x86)\4722a9bf-525a-4c06-897e-ac1e3bd46d28\ddce48e7-238f-4643-ba46-bb008e9269c9.dll, , [4e9317a06b1f5dd964b7bcae649e718f], 

PUP.Optional.Crossrider, C:\Program Files (x86)\4722a9bf-525a-4c06-897e-ac1e3bd46d28\ff658703-be67-4a41-9d60-d22f009b2b9b.dll, , [924fd3e4afdb46f058c3eb7fa85a31cf], 

PUP.Optional.Crossrider, C:\Program Files (x86)\588c3280-483f-4ff6-b4ca-8a53e94287ce\588c3280-483f-4ff6-b4ca-8a53e94287ce.dll, , [01e0b5024f3b43f3e13a5e0c51b1827e], 

PUP.Optional.Crossrider, C:\Program Files (x86)\588c3280-483f-4ff6-b4ca-8a53e94287ce\66eb7326-d26b-4ed7-8b75-f11540f0061d.dll, , [1fc27b3c56344ee86cafbbaf40c244bc], 

PUP.Optional.Crossrider, C:\Program Files (x86)\588c3280-483f-4ff6-b4ca-8a53e94287ce\850b14a9-df9b-49e0-86a9-17f782850ec2.dll, , [f9e816a146440f276dae5a102fd39868], 

PUP.Optional.Crossrider, C:\Program Files (x86)\588c3280-483f-4ff6-b4ca-8a53e94287ce\8d574176-b91f-49fb-9859-ac0be5f28176.dll, , [845d5562ccbee94d55c6046605fdfa06], 

PUP.Optional.Crossrider, C:\Program Files (x86)\588c3280-483f-4ff6-b4ca-8a53e94287ce\bcd6e4c4-84bf-4654-934b-210101b6db64.dll, , [d70a991e8802063097843b2f34ce7b85], 

PUP.Optional.Crossrider, C:\Program Files (x86)\66eb7326-d26b-4ed7-8b75-f11540f0061d\82ae5b22-f872-47eb-b359-ebac2be740e2.dll, , [9150506771193204f229d79303ffad53], 

PUP.Optional.Crossrider, C:\Program Files (x86)\72c3b23c-ddd7-454a-8372-e7ae40829114\179ec321-1987-4a92-a802-65623b525aad.dll, , [677ab8ff9cee5cda7ba006647a885da3], 

PUP.Optional.Crossrider, C:\Program Files (x86)\850b14a9-df9b-49e0-86a9-17f782850ec2\c703f7a0-55b7-4050-9cd6-2d32accea0e4.dll, , [6b7611a63f4ba78f1704acbea1613dc3], 

PUP.Optional.Crossrider, C:\Program Files (x86)\ff658703-be67-4a41-9d60-d22f009b2b9b\f9bc0718-50af-4d7e-9323-e81703a22a4c.dll, , [21c0ac0ba4e60b2b5fbc571303ff29d7], 

PUP.Optional.Crossrider, C:\Program Files (x86)\bcd6e4c4-84bf-4654-934b-210101b6db64\01173986-7d9a-4ce8-958a-43a880aed07d.dll, , [9b46c3f4127889ad34e79fcba75b6f91], 

PUP.Optional.Crossrider, C:\Program Files (x86)\BrowserApp3.7\718012db-c80d-4a0e-8f05-72fd8f5bef8c.dll, , [746db007dfab88aed04ba1c9cd35b947], 

PUP.Optional.Crossrider, C:\Program Files (x86)\BrowserV04.06\4bd55b85-a18f-4c5e-94ea-74f6cd419f6e.dll, , [d70ac2f5fd8d6fc715069bcff70bda26], 

PUP.Optional.CrossRider.A, C:\Program Files (x86)\BrowserV04.06\Uninstall.exe, , [71705d5a8bff68ce849a86effb0bea16], 

PUP.Optional.Crossbrowse.C, C:\$Recycle.Bin\S-1-5-21-1335839233-2991384071-368375801-1000\$ROEOLVS.dll, , [6e7325926a207abc817c4c27877f6c94], 

PUP.Optional.Crossbrowse.C, C:\$Recycle.Bin\S-1-5-21-1335839233-2991384071-368375801-1000\$R8KYI1V.exe, , [23be46712b5f241204f9056e2ed848b8], 

PUP.Optional.Crossbrowse.C, C:\$Recycle.Bin\S-1-5-21-1335839233-2991384071-368375801-1000\$RTCVYGT.exe, , [7d64f3c422686fc719e47bf84db9e719], 

PUP.Optional.Crossbrowse.C, C:\$Recycle.Bin\S-1-5-21-1335839233-2991384071-368375801-1000\$R5830GW.exe, , [21c004b3b1d9af8747b6d89bb74f02fe], 

PUP.Optional.Crossbrowse.C, C:\$Recycle.Bin\S-1-5-21-1335839233-2991384071-368375801-1000\$RIWMYOF\chrmstp.exe, , [c1208a2d2c5e89adcd691d57af57ee12], 

PUP.Optional.Crossbrowse.C, C:\$Recycle.Bin\S-1-5-21-1335839233-2991384071-368375801-1000\$RIWMYOF\setup.exe, , [538e5166c4c615219f970d67868046ba], 

PUP.Optional.Crossrider, C:\$Recycle.Bin\S-1-5-21-1335839233-2991384071-368375801-1000\$RVJ4F4S.4\fa6eee6f-fca6-4082-bf83-62ee23bf65b3.dll, , [5b8652656b1f96a0b467ed7d689ac040], 

PUP.Optional.BrowseFox, C:\Users\Undertaker\AppData\Local\Temp\nsjBC57.tmp, , [fae74176c3c779bdd9b3a1c1d62cf20e], 

PUP.Optional.AnyProtect, C:\Users\Undertaker\AppData\Local\Temp\nsxCD58.tmp, , [3ba62c8b1971a393dbc26fefe320d32d], 

PUP.Optional.ModGoog, C:\Users\Undertaker\AppData\Local\Temp\globalupdateBroker.exe.old72ce58, , [756c684fbecc66d064f978d46999ed13], 

PUP.Optional.ModGoog, C:\Users\Undertaker\AppData\Local\Temp\globalupdateBroker.exe.old73f9bb, , [71706f484149bd79fb6270dc010145bb], 

PUP.Optional.CrossBrowse, C:\Users\Undertaker\AppData\Local\Temp\9948.exe, , [ce13d3e4b3d7043258a191c7758d936d], 

PUP.Optional.ModGoog, C:\Users\Undertaker\AppData\Local\Temp\psmachine.dll.old6d6539, , [825fefc8c5c5251172eb133942c08080], 

PUP.Optional.ModGoog, C:\Users\Undertaker\AppData\Local\Temp\psmachine.dll.old73f96d, , [10d1981ffb8f69cdaeaf75d73bc76997], 

PUP.Optional.ModGoog, C:\Users\Undertaker\AppData\Local\Temp\goopdateres_en.dll.old6d651a, , [746d95223258ed495b022923798943bd], 

PUP.Optional.ModGoog, C:\Users\Undertaker\AppData\Local\Temp\globalupdateOnDemand.exe.old72ce58, , [33ae4374276363d386d778d420e25ea2], 

PUP.Optional.ModGoog, C:\Users\Undertaker\AppData\Local\Temp\globalupdateOnDemand.exe.old73f9bb, , [4e934572b6d469cdcb92da72e61c6f91], 

PUP.Optional.ModGoog, C:\Users\Undertaker\AppData\Local\Temp\psuser.dll.old73f96d, , [a53c2c8bbad0ce68aab3a1abca38f709], 

PUP.Optional.ModGoog, C:\Users\Undertaker\AppData\Local\Temp\globalupdateCrashHandler.exe.old6d650b, , [7e6313a4ef9bce68510cf359a85a9c64], 

PUP.Optional.ModGoog, C:\Users\Undertaker\AppData\Local\Temp\goopdate.dll.old6d650b, , [5e837344eaa090a6bca1c686e81a2fd1], 

PUP.Optional.SkyTech.A, C:\Users\Undertaker\AppData\Local\Temp\Miui-tmp\QQBrowserFrame.dll, , [825f8631afdb52e4553b4ebccd35ec14], 

PUP.Optional.Amonentize.A, C:\Users\Undertaker\AppData\Local\Temp\76edea33-947a-4ec6-8ffd-e57911b45f6d\bundle_nuvisiondataremarketer.exe, , [df027c3b91f9ec4a64825c0419e923dd], 

PUP.Optional.RinoReader.A, C:\Users\Undertaker\AppData\Local\Temp\8536525a-fc6b-492a-9256-f915c5ee384e\setup.exe, , [9c4554636f1b9b9b7fd3c9aa5ba5a55b], 

PUP.Optional.Tuto4PC.A, C:\Users\Undertaker\AppData\Local\Temp\is-PQEAV.tmp\gentlemjmp_ieu.exe, , [954ce3d4870350e66144cba9ba4c47b9], 

PUP.Optional.Linkey.A, C:\Users\Undertaker\AppData\Local\Temp\is-TCK51.tmp\package_linkey_pariente_installer_multilang.exe, , [ecf53a7dbecc8fa7a390eb891ceab14f], 

PUP.Optional.WebBar.A, C:\Users\Undertaker\AppData\Local\Temp\584fd494-398d-4078-a68a-0b9d6d697031\web_bar_setup.exe, , [d20f6552c6c40b2b29a884be5ca6a759], 

PUP.Optional.AnyProtect, C:\Users\Undertaker\AppData\Local\nsl9347.tmp, , [8061ded9e1a996a0415db3ab6b98a957], 

PUP.Optional.AnyProtect, C:\Users\Undertaker\AppData\Local\nsxCD58.tmp, , [ae331e990387bc7ae0bd3925798a8d73], 

PUP.Optional.UpdaterToolService.A, C:\Windows\Provider\Downloader.Core.dll, , [538e338496f43df9d22a3fa82cd78977], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\wajam.ico, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\amazon.ico, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\argos.ico, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\ask.ico, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\bestbuy.ico, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\ebay.ico, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\etsy.ico, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\facebook.ico, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\favicon.ico, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\google.ico, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\homedepot.ico, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\ikea.ico, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\imdb.ico, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\lowes.ico, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\mercado.ico, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\mysearchweb.ico, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\myshopping.ico, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\searchresult.ico, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\sears.ico, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\setting.ico, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\settings.ico, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\shopping.ico, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\target.ico, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\tesco.ico, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\tripadvisor.ico, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\twitter.ico, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\walmart.ico, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\wiki.ico, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\yahoo.ico, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\Logos\zalando.ico, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\uninstall.exe, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\007290c6eaab8e3f7a895162dbe596bc, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\27a3e026958775027c50df2378a10264, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\4964c8e9c9414d461cb6267f2b441fb4, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\834b8cda410883eb955090ff0cbbcc93, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\a6ae6d2596b121bf37b260719739349b, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\ApiHandlr.dll, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\ee8d8245c544259408b236f2495f9bf7, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\FiddlerCore.dll, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\HtmlAgilityPack.dll, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\InternetEnhancer.exe, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\InternetEnhancerService.exe, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\lan-proxy-settings.dat, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\makecert.exe, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\Newtonsoft.Json.dll, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\wie, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.Wajam.A, C:\Program Files (x86)\WaInternetEnhancer\WaInternetEnhancer Internet Enhancer\WJManifest, , [16cbb205b6d4e74f0745e206ae5542be], 

PUP.Optional.CrossRider.A, C:\Program Files (x86)\BrowserApp3.7\bgNova.html, , [6c7506b16a2046f09d3c8266699a9f61], 

PUP.Optional.CrossRider.A, C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195.crx, , [6c7506b16a2046f09d3c8266699a9f61], 

PUP.Optional.CrossRider.A, C:\Program Files (x86)\BrowserApp3.7\Uninstall.exe, , [6c7506b16a2046f09d3c8266699a9f61], 

PUP.Optional.CrossRider.A, C:\Program Files (x86)\BrowserV04.06\bgNova.html, , [f5ecac0b0f7b132335a49256c83baf51], 

PUP.Optional.CrossRider.A, C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db.crx, , [f5ecac0b0f7b132335a49256c83baf51], 

PUP.Optional.CrossRider.A, C:\Program Files (x86)\BrowserV04.06\e072eb25-924b-4946-8cfa-49bc20028090.crx, , [f5ecac0b0f7b132335a49256c83baf51], 

PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer\Wajam Website.lnk, , [99489126b1d97eb809e18d5be81b9967], 

PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer\Settings.lnk, , [99489126b1d97eb809e18d5be81b9967], 

PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer\SignIn with Facebook.lnk, , [99489126b1d97eb809e18d5be81b9967], 

PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer\SignIn with Twitter.lnk, , [99489126b1d97eb809e18d5be81b9967], 

PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer\Explore Social Search\Ask.lnk, , [99489126b1d97eb809e18d5be81b9967], 

PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer\Explore Social Search\Google.lnk, , [99489126b1d97eb809e18d5be81b9967], 

PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer\Explore Social Search\IMDb.lnk, , [99489126b1d97eb809e18d5be81b9967], 

PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer\Explore Social Search\Shopping.com.lnk, , [99489126b1d97eb809e18d5be81b9967], 

PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer\Explore Social Search\TripAdvisor.lnk, , [99489126b1d97eb809e18d5be81b9967], 

PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer\Explore Social Search\Wikipedia.lnk, , [99489126b1d97eb809e18d5be81b9967], 

PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer\Explore Social Search\Yahoo!.lnk, , [99489126b1d97eb809e18d5be81b9967], 

PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer\Explore Social Shopping\Amazon.lnk, , [99489126b1d97eb809e18d5be81b9967], 

PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer\Explore Social Shopping\Argos.lnk, , [99489126b1d97eb809e18d5be81b9967], 

PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer\Explore Social Shopping\Ebay.lnk, , [99489126b1d97eb809e18d5be81b9967], 

PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer\Explore Social Shopping\Etsy.lnk, , [99489126b1d97eb809e18d5be81b9967], 

PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer\Explore Social Shopping\HomeDepot.lnk, , [99489126b1d97eb809e18d5be81b9967], 

PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer\Explore Social Shopping\Ikea.lnk, , [99489126b1d97eb809e18d5be81b9967], 

PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer\Explore Social Shopping\Lowe's.lnk, , [99489126b1d97eb809e18d5be81b9967], 

PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer\Explore Social Shopping\Mercadolivre.lnk, , [99489126b1d97eb809e18d5be81b9967], 

PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer\Explore Social Shopping\MyShopping.lnk, , [99489126b1d97eb809e18d5be81b9967], 

PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer\Explore Social Shopping\Sears.lnk, , [99489126b1d97eb809e18d5be81b9967], 

PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer\Explore Social Shopping\Target.lnk, , [99489126b1d97eb809e18d5be81b9967], 

PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer\Explore Social Shopping\Tesco.lnk, , [99489126b1d97eb809e18d5be81b9967], 

PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer\Explore Social Shopping\Walmart.lnk, , [99489126b1d97eb809e18d5be81b9967], 

PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer\Explore Social Shopping\Zalando.lnk, , [99489126b1d97eb809e18d5be81b9967], 

PUP.Optional.Wajam.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WaInternetEnhancer\Uninstall Wajam\uninstall.lnk, , [99489126b1d97eb809e18d5be81b9967], 

PUP.Optional.ABEngine.A, C:\Windows\Temp\abengine.log, , [e7fac6f18307e15577a17f78699ade22], 

PUP.Optional.Vitruvian.A, C:\Users\Undertaker\AppData\Local\Temp\vitruvian-installer-uninstall-v0002, , [90518d2a0783e5517a915d1870954cb4], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bgnjggdilcdgekjihmoeplahbfajgacf_0.localstorage, , [12cf981f8dfda78f9ee247376c998e72], 

PUP.Optional.Abengine.A, C:\Users\Undertaker\AppData\Local\Temp\lengine.ini.log, , [9a47981f9eecd75f315f02807a8b0df3], 

PUP.Optional.Cassiopesa.C, C:\Windows\System32\Tasks\Tny_cassiopesa, , [6978eacda3e74cea1d9197ebd2338e72], 

PUP.Optional.Cassiopesa.C, C:\Windows\Tasks\Tny_cassiopesa.job, , [a63b2196ccbea4927f30453d808533cd], 

PUP.Optional.Cassiopesa.A, C:\Users\Undertaker\AppData\Local\Chromium\Application\Cassiopesa.ico, , [f9e846711f6b60d6b1649ae9729319e7], 

PUP.Optional.Amonetize.A, C:\ProgramData\Nropnumipre\1.0.1.0\altohria.exe.config, , [5b861d9ab5d572c406b09de6897c867a], 

PUP.Optional.Amonetize.A, C:\ProgramData\Nropnumipre\1.0.1.0\sqlite3.dll, , [5b861d9ab5d572c406b09de6897c867a], 

PUP.Optional.Amonetize.A, C:\ProgramData\Nropnumipre\1.0.1.0\time.dat, , [5b861d9ab5d572c406b09de6897c867a], 

PUP.Optional.Amonetize.A, C:\ProgramData\Nropnumipre\dat.dat, , [5b861d9ab5d572c406b09de6897c867a], 

PUP.Optional.OptimizerPro.A, C:\Users\Undertaker\Documents\Optimizer Pro\CookiesException.txt, , [bb2671461872b086e138166ee421ce32], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\manifest.json, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\images\icon_19.png, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\images\logo128.png, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\images\logo16.png, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\images\logo48.png, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\scripts\background.js, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\scripts\jquery\jquery.min.js, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\scripts\lib\config.js, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\scripts\lib\context.js, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\scripts\newtab\newTabRedirect.html, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\scripts\newtab\newTabRedirect.js, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\_locales\de\messages.json, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\_locales\en\messages.json, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\_locales\es\messages.json, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\_locales\fr\messages.json, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\_locales\it\messages.json, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\_locales\pt_BR\messages.json, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\_locales\tr\messages.json, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.C, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nociobghckdhokecfeajdpimjeapnopn\2.6.2.1_0\_metadata\verified_contents.json, , [a63bcee92f5bbf77b029786c887baf51], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\manifest.json, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\images\icon_19.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\images\logo128.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\images\logo16.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\images\logo48.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\background.js, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\contentScript.js, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\jquery\jquery-ui-1.10.4.min.js, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\jquery\jquery.min.js, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\lib\base64.js, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\lib\config.js, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\lib\context.js, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\lib\tinifying.js, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\minibar.functions.js, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\minibar.min.js, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\minibar.translations.js, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\minibar.vars.js, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\template.css, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\adapters\aol.js, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\adapters\dailymotion.css, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\adapters\dailymotion.js, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\adapters\default_adapter.css, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\adapters\default_adapter.js, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\adapters\facebook.css, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\adapters\facebook.IL.js, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\adapters\facebook.js, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\adapters\facebook.US.js, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\adapters\google.css, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\adapters\google.js, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\adapters\live.js, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\adapters\meetme.js, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\adapters\skyrock.js, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\adapters\tagged.js, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\adapters\twitter.css, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\adapters\twitter.js, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\adapters\yahoo.css, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\adapters\yahoo.js, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\adapters\youtube.css, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\adapters\youtube.js, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\fx2\led_background.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\fx2\off\blink.gif, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\fx2\off\flip.gif, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\fx2\off\led.gif, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\fx2\off\rainbow.gif, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\fx2\off\typed.gif, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\fx2\off\wave.gif, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\fx2\on\blink.gif, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\fx2\on\flip.gif, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\fx2\on\led.gif, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\fx2\on\rainbow.gif, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\fx2\on\typed.gif, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\fx2\on\wave.gif, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\imbwin1_409daae67f73f4fb84c27d6d70463f2b.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\Line.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\arrow.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\ArrowExpandBar.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\BkgExpandBar.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\btnPinterest.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\close.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\default_icon.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\default_icon_states.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\Expand-26x24.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\fb-bg-sprite.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\fbcoverimage.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\fbimagenotheater.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\fbimageview.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\FB_Share.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\FB_Share_Tiny.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\gifts.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\googleimagesbutton.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\googleimagesbuttonNEW.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\help.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\home.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\imbwin1.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\imbwin_bg.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\imbwin_hf.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\imbwin_vf.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\iminentbutton.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\iminentbutton_bg.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\InviteFriends.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\LeftExpandBar.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\leftTooltip.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\Line2.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\logo48.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\mailfooter.jpg, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\Minibar_buttons.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\new.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\notification.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\ql_popup3.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\RightExpandBar.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\rightTooltip.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\s10.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\search.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\separator.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\social_games.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\TellAFriendBackground.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\toolbarbutton_bg.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\toolbar_bg.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\tooltipArrow.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\ui-check-box-checked.png, , [558c83345634f640e9f06d78d42fce32],

Ani73

07.06.2015 22:16

hier geht es weiter

Code:

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\ui-check-box.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\bhp\iminent-logo.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F90B0.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9299.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\E29ABD.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\E29BB5.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F8C99.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F8C9F.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F8CB9.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F8D80.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F8DBB.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F8E81.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F8E89.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F8EB1.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F8EB6.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F8EB8.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F908D.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F90A7.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F90AC.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F90AE.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F90AF.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F90B1.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F90B4.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F90B6.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F90B7.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F90B9.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F918C.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F918D.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F918E.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F91BD.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9280.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9284.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F928B.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F928D.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F928F.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9293.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9294.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9297.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F929B.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F929C.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F929D.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F92A4.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F92A9.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F92AA.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F93B1.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F94A5.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9881.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9882.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9884.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9889.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F988A.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F988C.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F988D.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9892.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9893.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9894.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9896.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9898.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F989A.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F989C.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F98A1.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F98AD.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F98B2.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F98B3.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9A97.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9ABD.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\ql\add-icon.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\ql\close-icon-white.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\ql\close-icon.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\ql\iminent_bookmark.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\ql\logo.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\ql\star_bookmarks.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\games\gameiframe1.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\games\gameiframe2.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\games\gameiframe3.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\games\gameiframe4.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\games\games.css, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\games\games.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\menu_page\1031.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\menu_page\1033.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\menu_page\1036.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\menu_page\1040.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\menu_page\1048.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\menu_page\1055.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\menu_page\2070.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\menu_page\3082.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\menu_page\ShareMenu.css, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_locales\de\messages.json, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_locales\en\messages.json, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_locales\es\messages.json, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_locales\fr\messages.json, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_locales\it\messages.json, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_locales\pt_BR\messages.json, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_locales\tr\messages.json, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_metadata\computed_hashes.json, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_metadata\verified_contents.json, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.CheckMeUp.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ihknmofljcglpbdiiedebgmgpmikgfnf\000003.log, , [d20fae0997f32016318fdb0c30d306fa], 

PUP.Optional.CheckMeUp.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ihknmofljcglpbdiiedebgmgpmikgfnf\CURRENT, , [d20fae0997f32016318fdb0c30d306fa], 

PUP.Optional.CheckMeUp.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ihknmofljcglpbdiiedebgmgpmikgfnf\LOCK, , [d20fae0997f32016318fdb0c30d306fa], 

PUP.Optional.CheckMeUp.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ihknmofljcglpbdiiedebgmgpmikgfnf\LOG, , [d20fae0997f32016318fdb0c30d306fa], 

PUP.Optional.CheckMeUp.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ihknmofljcglpbdiiedebgmgpmikgfnf\LOG.old, , [d20fae0997f32016318fdb0c30d306fa], 

PUP.Optional.CheckMeUp.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ihknmofljcglpbdiiedebgmgpmikgfnf\MANIFEST-000001, , [d20fae0997f32016318fdb0c30d306fa], 

PUP.Optional.PullUpdate.A, C:\ProgramData\GrcToTxHhyb\dat\bpIjYIlEJJ.exe.config, , [de03cdea7317e84eb8146b0b0afc7a86], 

PUP.Optional.PullUpdate.A, C:\ProgramData\GrcToTxHhyb\dat\sGNjwQhowTs.exe.config, , [de03cdea7317e84eb8146b0b0afc7a86], 

PUP.Optional.PullUpdate.A, C:\ProgramData\GrcToTxHhyb\info.dat, , [de03cdea7317e84eb8146b0b0afc7a86], 

PUP.Optional.PullUpdate.A, C:\ProgramData\GrcToTxHhyb\xBcGKPMoYeq.dat, , [de03cdea7317e84eb8146b0b0afc7a86], 

PUP.Optional.PullUpdate.A, C:\ProgramData\GrcToTxHhyb\xBcGKPMoYeq.exe.config, , [de03cdea7317e84eb8146b0b0afc7a86], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\bb570f4bc2e9c280fa4f90d4b715d31e.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\69021b9ccc032705a737147647a97de9.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\main.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\api\4f8527b7493343b6a9524b84b81bd485.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\api\8f939e26090d2e398545324675a7821e.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\api\9f12537a4935c71d7d3f49878949beb9.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\api\bfda508b8cfb7fa3359c07e3e43327e8.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\api\d9badc81fc67baca8ab010ad451cf94a.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\api\pageAction.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\app_api.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\2ae8271c7299ac5545dd1ebb7cbb177d.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\39991e7847106753456ee057c7717ab5.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\3a73d9efbf8845559d37fa7190c46ede.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\41b594c815cee4c239faf95066e44f8c.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\525a86e2cdca9c33a3775c203b713600.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\753f86b0e8e2ec5a6a661e3affad21c3.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\831fea072ab4f61be79f552f0183cfb4.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\99dd2a60fd9191b0f7a67f743dada274.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\b52cf5f7f07300eb30b7bafcb053d53d.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\c7d641650aa64e032ed989ed72f8b41c.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\d35d2ff409b769b8016e275742048e38.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\ddb552ac4343b1d0cc03ac2c566d538f.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\f58c8e54219db3045cb5fe09c145244f.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\fdbf40491720ac4ac0177485e2dcb780.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\installer.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\popupResource\newPopup.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\popupResource\popup.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\background.html, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\chromeCoreFilesIndex.txt, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\manifest.json, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\popup.html, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\Settings.json, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\manifest.xml, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins.json, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\28.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\1.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\102.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\13.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\14.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\17.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\177.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\180.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\182.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\183.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\19.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\192.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\195.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\200.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\207.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\21.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\22.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\220.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\223.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\242.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\246.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\253.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\273.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\281.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\288.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\300.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\339.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\345.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\354.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\376.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\380.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\390.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\391.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\4.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\47.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\64.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\7.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\72.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\78.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\80.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\9.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\91.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\97.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\userCode\background.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\userCode\extension.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\icons\icon128.png, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\icons\icon16.png, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\icons\icon48.png, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\icons\actions\1.png, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\63287c402c7ff603bec6865b5121b80d.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\5d7f4d24ac6d99849292c938f110ec2d.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\main.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\api\8544e01d61976c38ed6859e30620f87a.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\api\8f5d239a99aac63903e2e5b2828476e2.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\api\abfc473199780f29b888542f6c85247f.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\api\ea36ffa9e8d1e67f0a33952e90b86289.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\api\fb3d4c5b8fab558df93df95281274afa.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\api\pageAction.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\2c8f14492bc86d407d889d665a41f197.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\5a9050fbd83d51342b2f1982f77e9f3e.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\6e78979a5c991cfb9b13cdb5404773e7.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\7566521faaa369785bea549bb044f9e9.js, , [60814d6a7713d85e63935421ca3cc23e], PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\762d8f8ef2b3475ec589093bc232982c.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\81d7389bb0c57aac7a81bbd4af13432e.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\8dad5df89ce4bde3d8f0750476396a64.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\9babf1837f7ec33128b423aa734f9586.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\a919801d9c5ee46a49be2e62e377c6fc.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\app_api.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\c07deb421182e6070b91a70b1ed236d5.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\c387eddc0f25b8e1eaa458a03c361fbe.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\c51bebdcb54138e33b5f12152f503b13.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\c817b082c11ba3282a88a22cc1d4a362.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\e8c432fd7815ca073a7a19743220a46a.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\installer.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\popupResource\newPopup.js, , [60814d6a7713d85e63935421ca3cc23e], PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\popupResource\popup.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\background.html, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\chromeCoreFilesIndex.txt, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\manifest.json, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\popup.html, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\Settings.json, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\manifest.xml, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins.json, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\102.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\119.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\13.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\14.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\17.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\178.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\180.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\184.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\19.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\195.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\200.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\220.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\223.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\242.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\246.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\253.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\273.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\288.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\289.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\335.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\345.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\354.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\356.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\376.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\390.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\391.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\4.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\47.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\64.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\7.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\78.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\80.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\9.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\97.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\userCode\background.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\userCode\extension.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\icons\icon128.png, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\icons\icon16.png, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\icons\icon48.png, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\icons\actions\1.png, , [60814d6a7713d85e63935421ca3cc23e], 
 

Physische Sektoren: 0

(Keine schädliche Elemente gefunden)
 
 

(end)

hier geht es weiter

Code:

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\ui-check-box.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\bhp\iminent-logo.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F90B0.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9299.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\E29ABD.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\E29BB5.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F8C99.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F8C9F.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F8CB9.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F8D80.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F8DBB.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F8E81.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F8E89.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F8EB1.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F8EB6.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F8EB8.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F908D.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F90A7.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F90AC.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F90AE.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F90AF.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F90B1.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F90B4.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F90B6.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F90B7.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F90B9.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F918C.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F918D.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F918E.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F91BD.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9280.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9284.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F928B.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F928D.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F928F.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9293.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9294.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9297.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F929B.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F929C.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F929D.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F92A4.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F92A9.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F92AA.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F93B1.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F94A5.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9881.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9882.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9884.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9889.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F988A.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F988C.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F988D.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9892.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9893.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9894.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9896.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9898.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F989A.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F989C.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F98A1.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F98AD.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F98B2.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F98B3.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9A97.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9ABD.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\ql\add-icon.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\ql\close-icon-white.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\ql\close-icon.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\ql\iminent_bookmark.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\ql\logo.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\ql\star_bookmarks.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\games\gameiframe1.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\games\gameiframe2.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\games\gameiframe3.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\games\gameiframe4.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\games\games.css, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\games\games.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\menu_page\1031.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\menu_page\1033.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\menu_page\1036.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\menu_page\1040.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\menu_page\1048.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\menu_page\1055.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\menu_page\2070.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\menu_page\3082.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\menu_page\ShareMenu.css, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_locales\de\messages.json, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_locales\en\messages.json, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_locales\es\messages.json, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_locales\fr\messages.json, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_locales\it\messages.json, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_locales\pt_BR\messages.json, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_locales\tr\messages.json, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_metadata\computed_hashes.json, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_metadata\verified_contents.json, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.CheckMeUp.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ihknmofljcglpbdiiedebgmgpmikgfnf\000003.log, , [d20fae0997f32016318fdb0c30d306fa], 

PUP.Optional.CheckMeUp.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ihknmofljcglpbdiiedebgmgpmikgfnf\CURRENT, , [d20fae0997f32016318fdb0c30d306fa], 

PUP.Optional.CheckMeUp.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ihknmofljcglpbdiiedebgmgpmikgfnf\LOCK, , [d20fae0997f32016318fdb0c30d306fa], 

PUP.Optional.CheckMeUp.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ihknmofljcglpbdiiedebgmgpmikgfnf\LOG, , [d20fae0997f32016318fdb0c30d306fa], 

PUP.Optional.CheckMeUp.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ihknmofljcglpbdiiedebgmgpmikgfnf\LOG.old, , [d20fae0997f32016318fdb0c30d306fa], 

PUP.Optional.CheckMeUp.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ihknmofljcglpbdiiedebgmgpmikgfnf\MANIFEST-000001, , [d20fae0997f32016318fdb0c30d306fa], 

PUP.Optional.PullUpdate.A, C:\ProgramData\GrcToTxHhyb\dat\bpIjYIlEJJ.exe.config, , [de03cdea7317e84eb8146b0b0afc7a86], 

PUP.Optional.PullUpdate.A, C:\ProgramData\GrcToTxHhyb\dat\sGNjwQhowTs.exe.config, , [de03cdea7317e84eb8146b0b0afc7a86], 

PUP.Optional.PullUpdate.A, C:\ProgramData\GrcToTxHhyb\info.dat, , [de03cdea7317e84eb8146b0b0afc7a86], 

PUP.Optional.PullUpdate.A, C:\ProgramData\GrcToTxHhyb\xBcGKPMoYeq.dat, , [de03cdea7317e84eb8146b0b0afc7a86], 

PUP.Optional.PullUpdate.A, C:\ProgramData\GrcToTxHhyb\xBcGKPMoYeq.exe.config, , [de03cdea7317e84eb8146b0b0afc7a86], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\bb570f4bc2e9c280fa4f90d4b715d31e.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\69021b9ccc032705a737147647a97de9.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\main.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\api\4f8527b7493343b6a9524b84b81bd485.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\api\8f939e26090d2e398545324675a7821e.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\api\9f12537a4935c71d7d3f49878949beb9.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\api\bfda508b8cfb7fa3359c07e3e43327e8.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\api\d9badc81fc67baca8ab010ad451cf94a.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\api\pageAction.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\app_api.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\2ae8271c7299ac5545dd1ebb7cbb177d.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\39991e7847106753456ee057c7717ab5.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\3a73d9efbf8845559d37fa7190c46ede.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\41b594c815cee4c239faf95066e44f8c.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\525a86e2cdca9c33a3775c203b713600.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\753f86b0e8e2ec5a6a661e3affad21c3.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\831fea072ab4f61be79f552f0183cfb4.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\99dd2a60fd9191b0f7a67f743dada274.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\b52cf5f7f07300eb30b7bafcb053d53d.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\c7d641650aa64e032ed989ed72f8b41c.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\d35d2ff409b769b8016e275742048e38.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\ddb552ac4343b1d0cc03ac2c566d538f.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\f58c8e54219db3045cb5fe09c145244f.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\fdbf40491720ac4ac0177485e2dcb780.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\installer.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\popupResource\newPopup.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\popupResource\popup.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\background.html, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\chromeCoreFilesIndex.txt, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\manifest.json, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\popup.html, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\Settings.json, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\manifest.xml, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins.json, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\28.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\1.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\102.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\13.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\14.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\17.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\177.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\180.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\182.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\183.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\19.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\192.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\195.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\200.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\207.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\21.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\22.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\220.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\223.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\242.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\246.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\253.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\273.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\281.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\288.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\300.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\339.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\345.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\354.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\376.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\380.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\390.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\391.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\4.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\47.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\64.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\7.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\72.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\78.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\80.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\9.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\91.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\97.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\userCode\background.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\userCode\extension.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\icons\icon128.png, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\icons\icon16.png, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\icons\icon48.png, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\icons\actions\1.png, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\63287c402c7ff603bec6865b5121b80d.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\5d7f4d24ac6d99849292c938f110ec2d.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\main.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\api\8544e01d61976c38ed6859e30620f87a.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\api\8f5d239a99aac63903e2e5b2828476e2.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\api\abfc473199780f29b888542f6c85247f.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\api\ea36ffa9e8d1e67f0a33952e90b86289.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\api\fb3d4c5b8fab558df93df95281274afa.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\api\pageAction.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\2c8f14492bc86d407d889d665a41f197.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\5a9050fbd83d51342b2f1982f77e9f3e.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\6e78979a5c991cfb9b13cdb5404773e7.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\7566521faaa369785bea549bb044f9e9.js, , [60814d6a7713d85e63935421ca3cc23e], PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\762d8f8ef2b3475ec589093bc232982c.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\81d7389bb0c57aac7a81bbd4af13432e.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\8dad5df89ce4bde3d8f0750476396a64.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\9babf1837f7ec33128b423aa734f9586.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\a919801d9c5ee46a49be2e62e377c6fc.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\app_api.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\c07deb421182e6070b91a70b1ed236d5.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\c387eddc0f25b8e1eaa458a03c361fbe.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\c51bebdcb54138e33b5f12152f503b13.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\c817b082c11ba3282a88a22cc1d4a362.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\e8c432fd7815ca073a7a19743220a46a.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\installer.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\popupResource\newPopup.js, , [60814d6a7713d85e63935421ca3cc23e], PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\popupResource\popup.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\background.html, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\chromeCoreFilesIndex.txt, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\manifest.json, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\popup.html, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\Settings.json, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\manifest.xml, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins.json, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\102.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\119.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\13.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\14.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\17.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\178.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\180.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\184.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\19.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\195.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\200.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\220.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\223.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\242.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\246.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\253.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\273.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\288.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\289.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\335.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\345.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\354.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\356.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\376.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\390.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\391.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\4.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\47.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\64.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\7.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\78.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\80.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\9.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\97.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\userCode\background.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\userCode\extension.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\icons\icon128.png, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\icons\icon16.png, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\icons\icon48.png, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\icons\actions\1.png, , [60814d6a7713d85e63935421ca3cc23e], 
 

Physische Sektoren: 0

(Keine schädliche Elemente gefunden)
 
 

(end)

Ani73

07.06.2015 22:19

hier geht es weiter

Code:

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\ui-check-box.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\bhp\iminent-logo.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F90B0.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9299.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\E29ABD.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\E29BB5.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F8C99.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F8C9F.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F8CB9.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F8D80.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F8DBB.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F8E81.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F8E89.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F8EB1.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F8EB6.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F8EB8.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F908D.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F90A7.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F90AC.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F90AE.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F90AF.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F90B1.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F90B4.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F90B6.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F90B7.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F90B9.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F918C.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F918D.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F918E.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F91BD.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9280.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9284.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F928B.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F928D.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F928F.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9293.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9294.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9297.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F929B.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F929C.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F929D.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F92A4.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F92A9.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F92AA.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F93B1.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F94A5.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9881.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9882.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9884.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9889.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F988A.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F988C.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F988D.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9892.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9893.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9894.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9896.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9898.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F989A.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F989C.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F98A1.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F98AD.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F98B2.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F98B3.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9A97.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\emoji\F09F9ABD.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\ql\add-icon.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\ql\close-icon-white.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\ql\close-icon.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\ql\iminent_bookmark.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\ql\logo.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\content\images\ql\star_bookmarks.png, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\games\gameiframe1.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\games\gameiframe2.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\games\gameiframe3.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\games\gameiframe4.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\games\games.css, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\games\games.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\menu_page\1031.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\menu_page\1033.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\menu_page\1036.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\menu_page\1040.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\menu_page\1048.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\menu_page\1055.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\menu_page\2070.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\menu_page\3082.html, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\scripts\minibar\menu_page\ShareMenu.css, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_locales\de\messages.json, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_locales\en\messages.json, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_locales\es\messages.json, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_locales\fr\messages.json, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_locales\it\messages.json, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_locales\pt_BR\messages.json, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_locales\tr\messages.json, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_metadata\computed_hashes.json, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.Iminent.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnjggdilcdgekjihmoeplahbfajgacf\1.0.0.0_0\_metadata\verified_contents.json, , [558c83345634f640e9f06d78d42fce32], 

PUP.Optional.CheckMeUp.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ihknmofljcglpbdiiedebgmgpmikgfnf\000003.log, , [d20fae0997f32016318fdb0c30d306fa], 

PUP.Optional.CheckMeUp.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ihknmofljcglpbdiiedebgmgpmikgfnf\CURRENT, , [d20fae0997f32016318fdb0c30d306fa], 

PUP.Optional.CheckMeUp.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ihknmofljcglpbdiiedebgmgpmikgfnf\LOCK, , [d20fae0997f32016318fdb0c30d306fa], 

PUP.Optional.CheckMeUp.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ihknmofljcglpbdiiedebgmgpmikgfnf\LOG, , [d20fae0997f32016318fdb0c30d306fa], 

PUP.Optional.CheckMeUp.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ihknmofljcglpbdiiedebgmgpmikgfnf\LOG.old, , [d20fae0997f32016318fdb0c30d306fa], 

PUP.Optional.CheckMeUp.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Sync Extension Settings\ihknmofljcglpbdiiedebgmgpmikgfnf\MANIFEST-000001, , [d20fae0997f32016318fdb0c30d306fa], 

PUP.Optional.PullUpdate.A, C:\ProgramData\GrcToTxHhyb\dat\bpIjYIlEJJ.exe.config, , [de03cdea7317e84eb8146b0b0afc7a86], 

PUP.Optional.PullUpdate.A, C:\ProgramData\GrcToTxHhyb\dat\sGNjwQhowTs.exe.config, , [de03cdea7317e84eb8146b0b0afc7a86], 

PUP.Optional.PullUpdate.A, C:\ProgramData\GrcToTxHhyb\info.dat, , [de03cdea7317e84eb8146b0b0afc7a86], 

PUP.Optional.PullUpdate.A, C:\ProgramData\GrcToTxHhyb\xBcGKPMoYeq.dat, , [de03cdea7317e84eb8146b0b0afc7a86], 

PUP.Optional.PullUpdate.A, C:\ProgramData\GrcToTxHhyb\xBcGKPMoYeq.exe.config, , [de03cdea7317e84eb8146b0b0afc7a86], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\bb570f4bc2e9c280fa4f90d4b715d31e.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\69021b9ccc032705a737147647a97de9.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\main.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\api\4f8527b7493343b6a9524b84b81bd485.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\api\8f939e26090d2e398545324675a7821e.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\api\9f12537a4935c71d7d3f49878949beb9.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\api\bfda508b8cfb7fa3359c07e3e43327e8.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\api\d9badc81fc67baca8ab010ad451cf94a.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\api\pageAction.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\app_api.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\2ae8271c7299ac5545dd1ebb7cbb177d.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\39991e7847106753456ee057c7717ab5.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\3a73d9efbf8845559d37fa7190c46ede.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\41b594c815cee4c239faf95066e44f8c.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\525a86e2cdca9c33a3775c203b713600.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\753f86b0e8e2ec5a6a661e3affad21c3.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\831fea072ab4f61be79f552f0183cfb4.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\99dd2a60fd9191b0f7a67f743dada274.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\b52cf5f7f07300eb30b7bafcb053d53d.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\c7d641650aa64e032ed989ed72f8b41c.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\d35d2ff409b769b8016e275742048e38.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\ddb552ac4343b1d0cc03ac2c566d538f.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\f58c8e54219db3045cb5fe09c145244f.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\fdbf40491720ac4ac0177485e2dcb780.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\installer.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\popupResource\newPopup.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\js\lib\popupResource\popup.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\background.html, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\chromeCoreFilesIndex.txt, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\manifest.json, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\popup.html, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\Settings.json, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\manifest.xml, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins.json, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\28.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\1.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\102.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\13.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\14.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\17.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\177.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\180.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\182.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\183.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\19.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\192.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\195.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\200.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\207.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\21.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\22.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\220.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\223.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\242.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\246.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\253.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\273.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\281.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\288.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\300.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\339.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\345.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\354.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\376.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\380.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\390.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\391.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\4.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\47.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\64.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\7.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\72.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\78.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\80.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\9.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\91.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\97.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\userCode\background.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\userCode\extension.js, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\icons\icon128.png, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\icons\icon16.png, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\icons\icon48.png, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\icons\actions\1.png, , [5b86bbfcb5d5191d4ea8c9ac8a7c0af6], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\63287c402c7ff603bec6865b5121b80d.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\5d7f4d24ac6d99849292c938f110ec2d.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\main.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\api\8544e01d61976c38ed6859e30620f87a.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\api\8f5d239a99aac63903e2e5b2828476e2.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\api\abfc473199780f29b888542f6c85247f.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\api\ea36ffa9e8d1e67f0a33952e90b86289.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\api\fb3d4c5b8fab558df93df95281274afa.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\api\pageAction.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\2c8f14492bc86d407d889d665a41f197.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\5a9050fbd83d51342b2f1982f77e9f3e.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\6e78979a5c991cfb9b13cdb5404773e7.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\7566521faaa369785bea549bb044f9e9.js, , [60814d6a7713d85e63935421ca3cc23e], PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\762d8f8ef2b3475ec589093bc232982c.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\81d7389bb0c57aac7a81bbd4af13432e.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\8dad5df89ce4bde3d8f0750476396a64.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\9babf1837f7ec33128b423aa734f9586.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\a919801d9c5ee46a49be2e62e377c6fc.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\app_api.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\c07deb421182e6070b91a70b1ed236d5.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\c387eddc0f25b8e1eaa458a03c361fbe.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\c51bebdcb54138e33b5f12152f503b13.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\c817b082c11ba3282a88a22cc1d4a362.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\e8c432fd7815ca073a7a19743220a46a.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\installer.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\popupResource\newPopup.js, , [60814d6a7713d85e63935421ca3cc23e], PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\js\lib\popupResource\popup.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\background.html, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\chromeCoreFilesIndex.txt, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\manifest.json, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\popup.html, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\Settings.json, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\manifest.xml, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins.json, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\102.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\119.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\13.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\14.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\17.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\178.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\180.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\184.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\19.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\195.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\200.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\220.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\223.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\242.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\246.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\253.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\273.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\288.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\289.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\335.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\345.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\354.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\356.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\376.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\390.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\391.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\4.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\47.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\64.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\7.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\78.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\80.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\9.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\97.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\userCode\background.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\userCode\extension.js, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\icons\icon128.png, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\icons\icon16.png, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\icons\icon48.png, , [60814d6a7713d85e63935421ca3cc23e], 

PUP.Optional.CrossRider.A, C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\icons\actions\1.png, , [60814d6a7713d85e63935421ca3cc23e], 
 

Physische Sektoren: 0

(Keine schädliche Elemente gefunden)
 
 

(end)

frst

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:06-06-2015

Ran by Undertaker (administrator) on UNDERTAKER-PC on 07-06-2015 22:57:22

Running from C:\Users\Undertaker\Downloads

Loaded Profiles: Undertaker &  (Available Profiles: Undertaker & Shari)

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11 (Default browser not detected!)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

() C:\Windows\meud.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

() C:\Windows\SysWOW64\PnkBstrB.exe

() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe

(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe

(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe

(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

(The Chromium Authors) C:\Users\Undertaker\AppData\Local\Chromium\Application\chrome.exe

(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

(Dropbox, Inc.) C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(The Chromium Authors) C:\Users\Undertaker\AppData\Local\Chromium\Application\chrome.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(1und1 Mail und Media GmbH) C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe

(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe

(The Chromium Authors) C:\Users\Undertaker\AppData\Local\Chromium\Application\chrome.exe

(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe

(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe

(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe

(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe

(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

() C:\Program Files (x86)\Opera\29.0.1795.60\opera_crashreporter.exe

(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11895400 2011-06-25] (Realtek Semiconductor)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2588968 2010-11-13] (ELAN Microelectronics Corp.)

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\qttask.exe [421888 2012-11-18] (Apple Inc.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-22] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-01-14] (Samsung Electronics Co., Ltd.)

HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)

HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)

HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [MailCheck IE Broker] => C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe [2190912 2015-05-06] (1und1 Mail und Media GmbH)

HKLM-x32\...\Run: [iScreeny] => C:\Users\Undertaker\AppData\Local\iScreeny\iScreeny.exe

HKLM-x32\...\Run: [iScreeny - Web] => C:\Users\Undertaker\AppData\Local\iScreeny\iWebScreeny.exe

HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [384800 2012-10-16] (Avira Operations GmbH & Co. KG)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Run: [Facebook Update] => C:\Users\Undertaker\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-05-25] (Facebook Inc.)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1565504 2015-01-14] (Samsung)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2015-01-14] (Samsung)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Run: [GoogleChromeAutoLaunch_DF202E42DFEEF9CE7A049D628287467C] => C:\Users\Undertaker\AppData\Local\Chromium\Application\chrome.exe [659456 2015-06-03] (The Chromium Authors)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)

HKU\S-1-5-21-1335839233-2991384071-368375801-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Policies\system: [LogonHoursAction] 2

HKU\S-1-5-21-1335839233-2991384071-368375801-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\...\Policies\system: [DontDisplayLogonHoursWarnings] 1

AppInit_DLLs-x32: c:\progra~3\{b37b5~1\1172~1.1\nisi.dll => "c:\progra~3\{b37b5~1\1172~1.1\nisi.dll" File not found

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-02-01]

ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)

Startup: C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-07-25]

ShortcutTarget: Dropbox.lnk -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled

ProxyServer: [.DEFAULT] => http=127.0.0.1:51515;https=127.0.0.1:51515

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com

HKU\S-1-5-21-1335839233-2991384071-368375801-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/

SearchScopes: HKLM -> {9143e921-7c9a-4d27-ac43-eaccc78cc55a} URL = 

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)

BHO: WEB.DE MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2015-05-06] (1und1 Mail und Media GmbH)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-02-01] (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)

BHO-x32: Samsung BHO Class -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll [2010-10-25] ()

BHO-x32: WEB.DE MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2015-05-06] (1und1 Mail und Media GmbH)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-02-01] (Oracle Corporation)

Toolbar: HKU\S-1-5-21-1335839233-2991384071-368375801-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> No Name - {C424171E-592A-415A-9EB1-DFD6D95D3530} -  No File

Toolbar: HKU\S-1-5-21-1335839233-2991384071-368375801-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File

DPF: HKLM {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

DPF: HKLM {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_x64_5.0.199.0.cab

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2015-05-06] (1und1 Mail und Media GmbH)

Handler-x32: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2015-05-06] (1und1 Mail und Media GmbH)

StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 

FireFox:

========

FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\windows\system32\npDeployJava1.dll [2012-11-05] (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)

FF Plugin-x32: @java.com/DTPlugin,version=10.75.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-02-01] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.75.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-02-01] (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)

FF Plugin-x32: @popularscreensavers.com/Plugin -> C:\Program Files (x86)\PopularScreensavers\NPp5Stub.dll No File

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\6\NP_wtapp.dll [2015-04-27] ()

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-1335839233-2991384071-368375801-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Undertaker\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

FF Plugin HKU\S-1-5-21-1335839233-2991384071-368375801-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-10-01] ()
 

Chrome: 

=======

CHR Profile: C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Slides) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-14]

CHR Extension: (Google Docs) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-14]

CHR Extension: (Google Drive) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-14]

CHR Extension: (YouTube) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-14]

CHR Extension: (Google Search) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-14]

CHR Extension: (Google Sheets) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-14]

CHR Extension: (No Name) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk [2015-06-06]

CHR Extension: (Avira Browser Safety) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-05-14]

CHR Extension: (Bookmark Manager) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-14]

CHR Extension: (No Name) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn [2015-06-06]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-14]

CHR Extension: (Google Wallet) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-15]

CHR Extension: (Gmail) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-14]

CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

StartMenuInternet: Google Chrome - chrome.exe
 

Opera: 

=======

OPR Extension: (Shop and Save Up) - C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\ablgnpngfaaficpckehadaljnjgjkhbi [2015-06-06]

OPR Extension: (GoHD) - C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk [2015-06-06]

OPR Extension: (BrowserV04.06) - C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\idhkmcfanijhphphomamdkaejjadkhgn [2015-06-06]

OPR Extension: (BrowserApp3.7) - C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\mdcoemfeknnmifgkfoncjfoohdljddmp [2015-06-06]
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-03-22] (Advanced Micro Devices, Inc.) [File not signed]

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84256 2012-10-16] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108320 2012-10-16] (Avira Operations GmbH & Co. KG)

R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)

R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]

S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]

R2 meud; c:\windows\meud.exe [408576 2015-06-06] () [File not signed]

R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)

R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [75136 2013-03-11] ()

R2 PnkBstrB; C:\windows\SysWOW64\PnkBstrB.exe [189248 2013-03-11] ()

R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [File not signed]

R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)

R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)

R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2013-07-28] ()

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [99248 2012-09-13] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [129216 2012-10-04] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27800 2012-09-24] (Avira Operations GmbH & Co. KG)

R1 iScreeny; C:\windows\iScreeny.sys [50840 2015-03-11] (Windows (R) Win 7 DDK provider)

R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2013-07-28] ()

S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)

S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-01-16] (Windows (R) 2003 DDK 3790 provider)

S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]

S3 RkHit; \??\C:\windows\system32\drivers\RKHit.sys [X]

S3 taphss6; system32\DRIVERS\taphss6.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 

==================== One Month Created files and folders ========
 

(If an entry is included in the fixlist, the file/folder will be moved.)
 

2015-06-07 22:46 - 2015-06-07 22:48 - 00135230 _____ C:\Users\Undertaker\Desktop\auswahl.txt

2015-06-07 20:40 - 2015-06-07 20:40 - 00000000 ____D C:\Users\Undertaker\Downloads\RevoUninstallerPortable

2015-06-07 20:39 - 2015-06-07 20:40 - 02785665 _____ (PortableApps.com) C:\Users\Undertaker\Downloads\RevoUninstallerPortable_1.95_Rev_2.paf.exe

2015-06-06 23:04 - 2015-06-06 23:04 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\Avira

2015-06-06 22:58 - 2015-06-06 22:58 - 00001954 _____ C:\Users\Public\Desktop\Avira Control Center.lnk

2015-06-06 22:57 - 2012-10-04 12:07 - 00129216 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys

2015-06-06 22:57 - 2012-09-24 09:58 - 00027800 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys

2015-06-06 22:57 - 2012-09-13 15:52 - 00099248 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys

2015-06-06 21:36 - 2015-06-06 23:28 - 00001062 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2015-06-06 21:32 - 2015-06-06 21:34 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Undertaker\Downloads\mbam-setup-2.1.6.1022.exe

2015-06-06 21:17 - 2015-06-06 21:21 - 00080778 _____ C:\Users\Undertaker\Downloads\Addition.txt

2015-06-06 21:12 - 2015-06-07 22:57 - 00023780 _____ C:\Users\Undertaker\Downloads\FRST.txt

2015-06-06 21:11 - 2015-06-06 21:11 - 02108928 _____ (Farbar) C:\Users\Undertaker\Downloads\FRST64.exe

2015-06-06 19:22 - 2015-06-07 22:48 - 00000000 ____D C:\Program Files (x86)\ff658703-be67-4a41-9d60-d22f009b2b9b

2015-06-06 19:22 - 2015-06-07 21:07 - 00000000 ____D C:\AdwCleaner

2015-06-06 19:20 - 2015-06-07 22:48 - 00000000 ____D C:\Program Files (x86)\72c3b23c-ddd7-454a-8372-e7ae40829114

2015-06-06 19:19 - 2015-06-06 19:19 - 00003704 _____ C:\windows\System32\Tasks\Advanced System~Protector

2015-06-06 19:19 - 2015-06-06 19:19 - 00003076 _____ C:\windows\System32\Tasks\Advanced System~Protector_startup

2015-06-06 19:19 - 2015-06-06 19:19 - 00001001 _____ C:\Users\Public\Desktop\Advanced System~Protector.lnk

2015-06-06 19:19 - 2015-06-06 19:19 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System~Protector

2015-06-06 14:56 - 2015-06-07 22:48 - 00000000 ____D C:\Program Files (x86)\4722a9bf-525a-4c06-897e-ac1e3bd46d28

2015-06-06 13:50 - 2015-06-07 22:10 - 00173056 _____ C:\windows\Provider.dll

2015-06-06 13:50 - 2015-06-07 22:10 - 00000000 ____D C:\windows\Provider32

2015-06-06 13:50 - 2015-06-07 20:51 - 00173056 _____ C:\windows\Provider20150607221036.dll

2015-06-06 13:50 - 2015-06-07 19:50 - 00173056 _____ C:\windows\Provider20150607205118.dll

2015-06-06 13:50 - 2015-06-06 23:54 - 00173056 _____ C:\windows\Provider20150607195041.dll

2015-06-06 13:50 - 2015-06-06 22:06 - 00173056 _____ C:\windows\Provider20150606235357.dll

2015-06-06 13:50 - 2015-06-06 19:55 - 00173056 _____ C:\windows\Provider20150606220627.dll

2015-06-06 13:50 - 2015-06-06 18:06 - 00173056 _____ C:\windows\Provider20150606195541.dll

2015-06-06 13:50 - 2015-06-06 16:53 - 00173056 _____ C:\windows\Provider20150606180602.dll

2015-06-06 13:50 - 2015-06-06 16:15 - 00000000 ____D C:\Users\Undertaker\AppData\Local\7721

2015-06-06 13:50 - 2015-06-06 15:52 - 00173056 _____ C:\windows\Provider20150606165333.dll

2015-06-06 13:50 - 2015-06-06 14:51 - 00173056 _____ C:\windows\Provider20150606155257.dll

2015-06-06 13:50 - 2015-06-06 13:50 - 00718497 _____ C:\windows\unins000.exe

2015-06-06 13:50 - 2015-06-06 13:50 - 00010273 _____ C:\windows\unins000.dat

2015-06-06 13:50 - 2015-06-02 18:30 - 00173056 _____ C:\windows\Provider20150606145136.dll

2015-06-06 13:50 - 2015-06-02 18:30 - 00101888 _____ C:\windows\Installer.exe

2015-06-06 13:48 - 2015-06-06 13:48 - 02231296 _____ C:\Users\Undertaker\Downloads\AdwCleaner_4.206.exe

2015-06-06 13:42 - 2015-06-06 13:42 - 02870984 _____ (ESET) C:\Users\Undertaker\Downloads\esetsmartinstaller_deu.exe

2015-06-06 13:26 - 2015-06-06 13:26 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Chromium

2015-06-06 13:25 - 2015-06-06 13:25 - 00003464 _____ C:\windows\System32\Tasks\Nropnumipre

2015-06-06 13:20 - 2015-06-07 22:48 - 00000000 ____D C:\Program Files (x86)\bcd6e4c4-84bf-4654-934b-210101b6db64

2015-06-06 13:20 - 2015-06-06 13:26 - 00000000 ___HD C:\ProgramData\eud

2015-06-06 13:19 - 2015-06-07 22:48 - 00000000 ____D C:\Program Files (x86)\66eb7326-d26b-4ed7-8b75-f11540f0061d

2015-06-06 13:18 - 2015-06-06 22:19 - 00000004 _____ C:\windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7

2015-06-06 13:16 - 2015-06-06 13:16 - 00631296 _____ C:\windows\eud.dat

2015-06-06 13:16 - 2015-06-06 13:16 - 00408576 _____ C:\windows\meud.exe

2015-06-06 13:12 - 2015-06-07 22:48 - 00000000 ____D C:\Program Files (x86)\850b14a9-df9b-49e0-86a9-17f782850ec2

2015-06-06 13:10 - 2015-06-07 22:48 - 00000000 ____D C:\Program Files (x86)\588c3280-483f-4ff6-b4ca-8a53e94287ce

2015-06-06 13:06 - 2015-06-06 13:20 - 00000684 _____ C:\Users\Undertaker\Downloads\project64                         .website

2015-06-06 13:06 - 2015-06-06 13:20 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Deployment

2015-06-06 13:06 - 2015-06-06 13:06 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Apps\2.0

2015-06-06 12:53 - 2015-06-06 12:53 - 00001285 _____ C:\Users\Undertaker\Desktop\setup_Project64_2.2.exe - Verknüpfung.lnk

2015-06-06 12:45 - 2015-06-06 12:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.2

2015-06-06 12:45 - 2015-06-06 12:53 - 00000000 ____D C:\Program Files (x86)\Project64 2.2

2015-06-06 12:39 - 2015-06-06 12:39 - 12699289 _____ C:\Users\Undertaker\Downloads\Mario Kart 64 (E).zip

2015-06-06 12:35 - 2015-06-06 12:35 - 08388608 _____ C:\Users\Undertaker\Downloads\Super Mario 64 (D, F, E) (1).v64

2015-06-06 12:34 - 2015-06-06 12:46 - 00001089 _____ C:\Users\Public\Desktop\Opera.lnk

2015-06-06 12:34 - 2015-06-06 12:34 - 00003862 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1433586837

2015-06-06 12:34 - 2015-06-06 12:34 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\Opera Software

2015-06-06 12:34 - 2015-06-06 12:34 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Opera Software

2015-06-06 12:34 - 2015-06-06 12:33 - 00001095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk

2015-06-06 12:33 - 2015-06-07 22:57 - 00000000 ____D C:\Program Files (x86)\Opera

2015-06-06 12:33 - 2015-06-06 12:33 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Pirates

2015-06-06 12:33 - 2015-06-06 12:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip

2015-06-06 12:33 - 2015-06-06 12:33 - 00000000 ____D C:\Program Files (x86)\7-Zip

2015-06-06 12:32 - 2015-06-06 16:12 - 00000000 ____D C:\Program Files (x86)\MiuiTab

2015-06-06 12:32 - 2015-06-06 12:31 - 01200163 _____ C:\Users\Undertaker\Downloads\7zip.exe

2015-06-06 12:21 - 2015-06-06 12:46 - 00001311 _____ C:\Users\Public\Desktop\NAVIGON Fresh.lnk

2015-06-06 12:21 - 2015-06-06 12:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NAVIGON

2015-06-06 12:21 - 2015-06-06 12:21 - 00000000 ____D C:\ProgramData\boost_interprocess

2015-06-05 22:10 - 2015-06-05 22:11 - 01089752 _____ (Unity Technologies ApS) C:\Users\Undertaker\Downloads\UnityWebPlayer (1).exe

2015-06-04 14:56 - 2015-06-04 14:56 - 00983949 _____ C:\Users\Undertaker\Downloads\Super Mario Allstars (E).zip

2015-06-04 14:35 - 2015-06-04 14:36 - 06347644 _____ C:\Users\Undertaker\Downloads\Super Mario 64 (D, F, E) (1).zip

2015-06-04 12:44 - 2015-06-04 12:45 - 06347644 _____ C:\Users\Undertaker\Downloads\Super Mario 64 (D, F, E).zip

2015-06-04 12:39 - 2015-01-30 06:22 - 00000073 ____R C:\Users\Undertaker\Downloads\PokeMMO.sh

2015-06-02 22:00 - 2015-06-04 12:42 - 13171110 _____ C:\Users\Undertaker\Desktop\PokeMMO-Client (2).zip

2015-05-17 16:12 - 2015-05-17 16:12 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Sonic7

2015-05-15 09:45 - 2015-05-15 09:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WEB.DE MailCheck

2015-05-15 09:45 - 2015-05-15 09:45 - 00000000 ____D C:\Program Files\WEB.DE MailCheck

2015-05-15 09:45 - 2015-05-15 09:45 - 00000000 ____D C:\Program Files (x86)\WEB.DE MailCheck

2015-05-14 20:59 - 2015-05-14 20:59 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Steam

2015-05-14 20:50 - 2015-06-07 22:53 - 00000000 ____D C:\Program Files (x86)\Steam

2015-05-14 20:50 - 2015-05-14 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

2015-05-14 20:47 - 2015-05-14 20:47 - 01142128 _____ C:\Users\Undertaker\Downloads\SteamSetup.exe

2015-05-14 19:49 - 2015-05-14 19:49 - 00000000 ____D C:\ProgramData\UUdb

2015-05-14 09:38 - 2015-06-06 13:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
 

==================== One Month Modified files and folders ========
 

(If an entry is included in the fixlist, the file/folder will be moved.)
 

2015-06-07 23:02 - 2009-07-14 06:45 - 00028624 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-06-07 23:02 - 2009-07-14 06:45 - 00028624 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-06-07 22:57 - 2014-04-11 20:58 - 00000000 ____D C:\Users\Undertaker\AppData\Local\LogMeIn Hamachi

2015-06-07 22:57 - 2014-01-02 17:54 - 00000000 ____D C:\FRST

2015-06-07 22:55 - 2014-07-25 18:13 - 00000000 ___RD C:\Users\Undertaker\Dropbox

2015-06-07 22:55 - 2014-07-25 18:11 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\Dropbox

2015-06-07 22:52 - 2013-04-20 10:22 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-06-07 22:51 - 2013-04-20 10:22 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-06-07 22:50 - 2013-04-06 00:59 - 00080141 _____ C:\windows\setupact.log

2015-06-07 22:50 - 2013-04-06 00:52 - 01087704 _____ C:\windows\PFRO.log

2015-06-07 22:50 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT

2015-06-07 22:49 - 2013-04-07 15:58 - 00000000 ____D C:\windows\ERUNT

2015-06-07 22:49 - 2011-10-20 01:52 - 01662995 _____ C:\windows\WindowsUpdate.log

2015-06-07 22:34 - 2015-04-14 19:11 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job

2015-06-07 22:28 - 2012-12-04 14:05 - 00000948 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1335839233-2991384071-368375801-1000UA.job

2015-06-07 21:35 - 2014-05-22 19:43 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys

2015-06-07 21:06 - 2012-10-30 15:16 - 00000000 ____D C:\Users\Undertaker

2015-06-07 20:51 - 2013-03-28 23:41 - 00000000 ____D C:\Users\Undertaker\AppData\Local\CrashDumps

2015-06-07 19:09 - 2012-11-05 13:32 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\Skype

2015-06-06 23:28 - 2014-05-22 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-06-06 23:28 - 2014-05-22 19:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-06-06 22:58 - 2012-10-30 16:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

2015-06-06 22:56 - 2012-10-30 16:18 - 00000000 ____D C:\Program Files (x86)\Avira

2015-06-06 22:43 - 2012-12-06 16:46 - 00000000 ____D C:\windows\Minidump

2015-06-06 16:28 - 2012-12-04 14:05 - 00000926 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1335839233-2991384071-368375801-1000Core.job

2015-06-06 13:28 - 2014-05-22 17:16 - 00000306 __RSH C:\ProgramData\ntuser.pol

2015-06-06 13:26 - 2015-01-17 10:51 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Unity

2015-06-06 13:09 - 2009-07-14 05:20 - 00000000 ___HD C:\windows\system32\GroupPolicy

2015-06-06 12:46 - 2015-04-17 20:10 - 00002568 _____ C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online.lnk

2015-06-06 12:46 - 2015-02-01 15:26 - 00001761 _____ C:\Users\Public\Desktop\iTunes.lnk

2015-06-06 12:46 - 2015-01-28 20:02 - 00001242 _____ C:\Users\Undertaker\Desktop\Revo Uninstaller.lnk

2015-06-06 12:46 - 2014-08-14 23:40 - 00001415 _____ C:\Users\Shari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2015-06-06 12:46 - 2014-05-19 11:26 - 00002190 _____ C:\Users\Public\Desktop\Google Earth.lnk

2015-06-06 12:46 - 2013-08-12 21:43 - 00002096 _____ C:\Users\Public\Desktop\Video Search.lnk

2015-06-06 12:46 - 2012-11-24 13:01 - 00001426 _____ C:\Users\Undertaker\Desktop\Registry kostenlos entrümpeln!.lnk

2015-06-06 12:46 - 2012-11-04 12:00 - 00001768 _____ C:\Users\Public\Desktop\Browserwahl.lnk

2015-06-06 11:18 - 2012-11-06 14:44 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\.minecraft

2015-05-24 18:06 - 2011-10-20 01:00 - 00700134 _____ C:\windows\system32\perfh007.dat

2015-05-24 18:06 - 2011-10-20 01:00 - 00149984 _____ C:\windows\system32\perfc007.dat

2015-05-24 18:06 - 2009-07-14 07:13 - 01622236 _____ C:\windows\system32\PerfStringBackup.INI

2015-05-22 20:33 - 2015-02-18 15:50 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\vlc

2015-05-17 15:47 - 2013-04-20 10:22 - 00004106 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA

2015-05-17 15:47 - 2013-04-20 10:22 - 00003854 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore

2015-05-16 13:54 - 2012-10-30 16:02 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\Adobe

2015-05-15 20:08 - 2013-03-14 21:43 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2015-05-15 20:08 - 2013-03-14 21:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2015-05-15 15:41 - 2012-11-08 16:36 - 01649854 _____ C:\windows\SysWOW64\PerfStringBackup.INI

2015-05-15 15:41 - 2012-11-08 16:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client

2015-05-15 15:40 - 2014-07-10 17:17 - 00000000 ____D C:\ProgramData\Microsoft Help

2015-05-15 15:40 - 2013-07-31 20:03 - 00000000 ____D C:\windows\system32\MRT

2015-05-15 15:12 - 2012-11-08 16:16 - 140425016 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

2015-05-15 15:06 - 2013-03-14 21:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2015-05-14 19:49 - 2013-05-10 12:24 - 00003892 _____ C:\windows\System32\Tasks\Registration 1und1 Task

2015-05-14 19:49 - 2013-05-10 12:24 - 00000000 ____D C:\Program Files (x86)\1und1Softwareaktualisierung

2015-05-14 09:38 - 2013-04-20 10:22 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Google

2015-05-14 09:38 - 2013-04-20 10:22 - 00000000 ____D C:\Program Files (x86)\Google

2015-05-13 16:36 - 2014-07-25 18:12 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
 

==================== Files in the root of some directories =======
 

2013-12-14 17:59 - 2013-12-14 17:59 - 49940480 _____ () C:\Program Files (x86)\GUT205F.tmp

2013-04-05 21:39 - 2013-04-05 21:51 - 0000004 _____ () C:\Users\Undertaker\AppData\Roaming\skype.ini

2013-03-28 23:41 - 2013-03-28 23:41 - 0003584 _____ () C:\Users\Undertaker\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-03-04 22:26 - 2014-03-04 22:26 - 0091848 _____ () C:\Users\Undertaker\AppData\Local\ext_offermosquito_uninst.exe

2013-02-28 21:15 - 2014-03-14 14:34 - 1145382 ____N () C:\Users\Undertaker\AppData\Local\Tempmusic.ogg

2011-10-19 10:21 - 2011-10-19 10:22 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log

2011-10-19 10:07 - 2011-10-19 10:08 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log

2011-10-19 10:15 - 2011-10-19 10:17 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log

2011-10-19 10:09 - 2011-10-19 10:15 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log

2011-10-19 10:17 - 2011-10-19 10:21 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
 

Files to move or delete:

====================

C:\Users\Undertaker\AppData\Roaming\skype.ini
 
 

Some files in TEMP:

====================

C:\Users\Undertaker\AppData\Local\Temp\00E35A2E-3B5A-BD25-0A1E-9E0608E342C2.dll

C:\Users\Undertaker\AppData\Local\Temp\AskSLib.dll

C:\Users\Undertaker\AppData\Local\Temp\avgnt.exe

C:\Users\Undertaker\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqz9ale.dll

C:\Users\Undertaker\AppData\Local\Temp\Quarantine.exe

C:\Users\Undertaker\AppData\Local\Temp\setup_666.exe

C:\Users\Undertaker\AppData\Local\Temp\Softonic_EN_1-5-11_EN-Production_10_CleanRelease.exe

C:\Users\Undertaker\AppData\Local\Temp\sqlite3.dll

C:\Users\Undertaker\AppData\Local\Temp\Uninstall.exe

C:\Users\Undertaker\AppData\Local\Temp\WEB.DE_Toolbar_IE_Setup.exe
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2015-06-03 22:57
 

==================== End of log ============================

Ani73

07.06.2015 22:26

frst

additional
[CODE]Additional
FRST Logfile:

Code:

scan result of Farbar Recovery Scan Tool (x64) Version:06-06-2015

Ran by Undertaker at 2015-06-07 23:22:48

Running from C:\Users\Undertaker\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Accounts: =============================

 

Administrator (S-1-5-21-1335839233-2991384071-368375801-500 - Administrator - Disabled)

Gast (S-1-5-21-1335839233-2991384071-368375801-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-1335839233-2991384071-368375801-1005 - Limited - Enabled)

Shari (S-1-5-21-1335839233-2991384071-368375801-1001 - Limited - Enabled) => C:\Users\Shari

Undertaker (S-1-5-21-1335839233-2991384071-368375801-1000 - Administrator - Enabled) => C:\Users\Undertaker

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden

„Windows Live Messenger“ (x32 Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden

„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version:  - )

Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)

Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82 - WildTangent) Hidden

Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)

ATI Catalyst Install Manager (HKLM\...\{2E26B067-B10A-683A-7E84-5813500EE3B0}) (Version: 3.0.820.0 - ATI Technologies, Inc.)

aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 2.9.1390 - DsNET Corp)

Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)

Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden

Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 13.0.0.2735 - Avira)

BatteryLifeExtender (HKLM-x32\...\{FFD0E594-823B-4E2B-B680-720B3C852588}) (Version: 1.0.11 - Samsung)

Battlefield Heroes (HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version:  - EA Digital illusions)

Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.55 - Broadcom Corporation)

Build-a-lot (x32 Version: 2.2.0.82 - WildTangent) Hidden

Camtasia Studio 8 (HKLM-x32\...\{8F6F7194-0734-4CDA-8C04-6B766F2241A6}) (Version: 8.0.4.1060 - TechSmith Corporation)

Cassiopesa (HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Chromium) (Version: 45.0.2422.0 - Chromium)

Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden

CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)

CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.)

CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)

CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)

CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)

CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3509 - CyberLink Corp.)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Das gelobte Land (HKLM-x32\...\Das gelobte Land) (Version: 1.0.0.0 - INTENIUM GmbH)

DC Universe Online (HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\SOE-DC Universe Online) (Version: 1.0.3.183 - Sony Online Entertainment)

DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 1.0.0.46 - INTENIUM GmbH)

Die Siedler 7 (HKLM-x32\...\{63860309-DA8A-4BAE-9EAE-CE1D6D79340C}) (Version: 1.12.1396 - Ubisoft)

Die Siedler III Gold Edition (HKLM-x32\...\S3) (Version:  - )

Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden

Dropbox (HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)

Easy Content Share (HKLM-x32\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0 - Samsung Electronics Co., LTD)

Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.2 - Samsung Electronics Co., Ltd.)

Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.)

Easy Network Manager (HKLM-x32\...\{8732818E-CA78-4ACB-B077-22311BF4C0E4}) (Version: 4.4.7 - Samsung)

Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.1.1.1 - Samsung Electronics Co.,Ltd.)

EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung)

EasyFileShare (HKLM-x32\...\{16880765-677F-440B-B16A-BFD9B9C00012}) (Version: 1.0.12 - Samsung)

ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )

ETDWare PS/2-X64 8.0.7.2_WHQL (HKLM\...\Elantech) (Version: 8.0.7.2 - ELAN Microelectronic Corp.)

Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)

Farm Frenzy (x32 Version: 2.2.0.82 - WildTangent) Hidden

Fast Start (HKLM-x32\...\{77F45ECD-FAFC-45A8-8896-CFFB139DAAA3}) (Version: 2.2.0.1 - SAMSUNG)

Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)

Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)

Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden

Insaniquarium Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden

inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)

iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)

Java 7 Update 75 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217075FF}) (Version: 7.0.750 - Oracle)

John Deere Drive Green (x32 Version: 2.2.0.82 - WildTangent) Hidden

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.227 - LogMeIn, Inc.)

LogMeIn Hamachi (x32 Version: 2.2.0.227 - LogMeIn, Inc.) Hidden

MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{6C855B1C-FC55-4A00-9CCB-5ED6DB8770BF}) (Version: 7.0.2.6 - MAGIX AG)

MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden

MAGIX Video deluxe 2014 Plus (HKLM-x32\...\MX.{9E2FEB28-7407-4009-9DC4-203EF2EF6BB7}) (Version: 13.0.0.28 - MAGIX AG)

MAGIX Video deluxe 2014 Plus (Version: 13.0.0.28 - MAGIX AG) Hidden

Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)

Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Movie Color Enhancer (HKLM-x32\...\{7F6F62F0-7884-4CFB-B86C-597A4A6D9C4D}) (Version: 1.0 - Samsung Electronics Co., Ltd.)

MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)

Multimedia POP (HKLM-x32\...\{331ECF61-69AF-4F57-AC35-AFED610231C3}) (Version: 1.0 - )

MyFreeCodec (HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\MyFreeCodec) (Version:  - )

NAVIGON Fresh 3.4.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.4.1 - NAVIGON)

Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)

Opera Stable 29.0.1795.60 (HKLM-x32\...\Opera 29.0.1795.60) (Version: 29.0.1795.60 - Opera Software ASA)

PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version:  - )

Peggle (x32 Version: 2.2.0.82 - WildTangent) Hidden

Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden

PhoneShare (HKLM-x32\...\{3F50512F-53DF-46B1-8CCB-6C7E638CADD6}) (Version: 9.1.4 - Samsung)

Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden

Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden

Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Project 64 version 2.2.0.3 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.2.0.3 - )

Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.40.126.2011 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6400 - Realtek Semiconductor Corp.)

Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

Samsung AnyWeb Print (HKLM-x32\...\{318DBE01-1E6B-4243-84B0-210391FE789A}) (Version: 2.0.67.1 - Samsung Electronics Co., Ltd.)

Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.)

Samsung Kies (x32 Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.) Hidden

Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version:  - Samsung Electronics Co., Ltd.)

Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.0.10 - Samsung)

Samsung Support Center 1.0 (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.38 - Samsung)

Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.02.05.00:27 - Samsung Electronics Co., Ltd.)

Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.5.0 - Samsung Electronics Co., Ltd.)

Samsung Update Plus (HKLM-x32\...\{142D8CA7-2C6F-45A7-83E3-099AAFD99133}) (Version: 3.0.0.17 - Samsung Electronics Co., Ltd.)

SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)

Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)

Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)

Solars Abenteuer (HKLM-x32\...\Solars Abenteuer) (Version: 1.0.0.0 - INTENIUM GmbH)

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)

Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)

Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)

Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)

Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden

User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.7 - )

WEB.DE Desktop Icons (HKLM-x32\...\1&1 Mail & Media GmbH 1und1DesktopIconsInstaller) (Version: 3.0.5.0 - 1&1 Mail & Media GmbH)

WEB.DE MailCheck für Internet Explorer (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar IE8) (Version: 2.6.3.1 - 1&1 Mail & Media GmbH)

WEB.DE Softwareaktualisierung (HKLM-x32\...\1&1 Mail & Media GmbH 1und1Softwareaktualisierung) (Version: 3.0.3.0 - 1&1 Mail & Media GmbH)

WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.1.5 - WildTangent)

WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-samsung) (Version: 4.0.11.14 - WildTangent)

WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames) (Version: 4.0.10.5 - WildTangent)

WindeskWinsearch 1.0 (HKLM-x32\...\WindeskWinsearch) (Version: 1.0 - PCSoftware)

Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)

WordCaptureX Pro (HKLM-x32\...\{139C1D95-9037-3AB3-F5F4-4A79BF6831EC}) (Version: 4.0.0 - Deskperience)

Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden

Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

 

==================== Custom CLSID (Whitelisted): ==========================

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\inminet\sencolny.dll No File <==== ATTENTION

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

 

==================== Restore Points =========================

 

01-06-2015 23:21:59 Windows Update

02-06-2015 15:05:18 Windows Update

03-06-2015 00:09:38 Windows Update

03-06-2015 15:01:11 Windows Update

03-06-2015 23:13:41 Windows Update

04-06-2015 15:02:37 Windows Update

04-06-2015 23:58:02 Windows Update

05-06-2015 15:00:33 Windows Update

05-06-2015 23:36:42 Windows Update

06-06-2015 13:21:50 Uniblue SpeedUpMyPC installation

06-06-2015 13:22:08 Uniblue DriverScanner installation

06-06-2015 15:04:17 Windows Update

07-06-2015 20:42:44 Revo Uninstaller's restore point - Crossbrowse

07-06-2015 20:49:32 Revo Uninstaller's restore point - Internet Speed Tracker Internet Explorer Toolbar

07-06-2015 20:51:03 Revo Uninstaller's restore point - MediaPlayerVid2.4

07-06-2015 20:59:59 Revo Uninstaller's restore point - Optimizer Pro v3.2

07-06-2015 21:23:00 Windows-Sicherung

 

==================== Hosts content: ===============================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (Whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

Task: {0524867D-A169-481C-9A0C-198C6518875D} - System32\Tasks\WifiManager => C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe [2011-01-04] (Samsung Electronics Co., Ltd.)

Task: {078FFB22-9015-49A6-B981-89BC1A8126BA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)

Task: {0BAA9BE4-9E38-44C2-A618-7F4ADEDA6DEC} - System32\Tasks\Advanced System~Protector => C:\Program Files (x86)\ASP\AspManager.exe

Task: {0F80DD36-32C6-459D-9D85-B556EC5B9523} - System32\Tasks\Registration 1und1 Task => C:\Program Files (x86)\1und1Softwareaktualisierung\cdsupdclient.exe [2015-01-12] (1&1 Mail & Media GmbH)

Task: {11AB16B9-224A-4B50-A8A2-0B0F05E26B70} - System32\Tasks\Advanced System~Protector_startup => C:\Program Files (x86)\ASP\AdvancedSystemProtector.exe <==== ATTENTION

Task: {39BCE7A0-D484-495A-B44E-E60340DE59F1} - System32\Tasks\{97BF6DCC-9FA9-46AE-AB8A-6B23DCEE672D} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.2.59.106/de/abandoninstall?page=tsProgressBar

Task: {4BBBFDEA-A4B6-4446-9011-E27435109445} - System32\Tasks\Nropnumipre => C:\ProgramData\Nropnumipre\1.0.1.0\altohria.exe

Task: {4F235196-2FB6-4427-8CD7-E97414AF1BC6} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [2010-11-29] (Samsung Electronics Co., Ltd.)

Task: {5698F9C1-AB3B-43DC-B9DF-85285797AE4E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1335839233-2991384071-368375801-1000Core => C:\Users\Undertaker\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-25] (Facebook Inc.)

Task: {5B23A2EB-32F1-4969-BBA0-7C130F2B082D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1335839233-2991384071-368375801-1000UA => C:\Users\Undertaker\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-25] (Facebook Inc.)

Task: {5C2A08F4-45A8-4038-A631-14C64CBD25CC} - System32\Tasks\{CFD54570-C1FD-4FD8-A2A8-5AC5940FC6A2} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.3.59.107/de/abandoninstall?page=tsProgressBar

Task: {6681E283-1040-428E-A69C-D57A35C8396C} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2010-08-27] (Samsung Electronics)

Task: {6781603E-58F0-4C02-A068-E46ACA760AEC} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2010-11-10] (CyberLink)

Task: {702C8509-0379-4DA2-AB52-66B5F1D28721} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-12225A02\EPM.exe

Task: {76DC9DCF-086C-4A56-84EE-6B3B33B3E369} - \avabvbyvyc No Task File <==== ATTENTION

Task: {82C66057-B32C-448C-967C-5A0D0518D2DC} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-07-20] (SAMSUNG Electronics co., LTD.)

Task: {961ACA20-0E01-4988-98AC-14A6FCECFC92} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe [2010-12-23] (Samsung Electronics)

Task: {B849DBD8-E301-4A41-A5B4-59104FA39CC8} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2011-09-04] (SAMSUNG Electronics)

Task: {B9EC978F-E5F4-4913-8C14-555536BC0FED} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)

Task: {BABA9B97-7BE3-468C-A9A5-48890FF536AC} - System32\Tasks\{3675E0E0-9D70-4AFD-BB54-ED930B6B0AC7} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.1.0.129.272/de/abandoninstall?page=tsProgressBar

Task: {BFE3F5FD-FF42-44D4-96A9-63B74E0C6185} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-12-23] (Samsung Electronics Co., Ltd.)

Task: {D40E18CC-F78C-4889-B1EC-FE1EEE779F6B} - System32\Tasks\Opera scheduled Autoupdate 1433586837 => C:\Program Files (x86)\Opera\launcher.exe [2015-05-18] (Opera Software)

Task: {D6C18B2E-F7D3-41CF-9121-0F9F08632AFF} - System32\Tasks\SmartRestarter => C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2010-08-05] (Samsung Electronics Co., Ltd.)

Task: {DC15ED03-753C-42A7-A9EA-0D22610D8965} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {DEE6CBD1-045A-46CB-97B6-C85EEC4331DF} - System32\Tasks\{3B277F02-A186-4B0D-ADE2-DB67C0D2B029} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.6.0.106/de/abandoninstall?page=tsPlugin

Task: {E28C6E1A-A2E7-4705-B9E7-203E113D75D6} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2010-11-17] (SEC)

Task: {EA29D57E-8D8E-4584-81A6-53C32CD1DF32} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-12-18] (Samsung Electronics. Co. Ltd.)

Task: {F131EF3B-7615-4D31-9575-C8CF3EA5218A} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1335839233-2991384071-368375801-1000Core.job => C:\Users\Undertaker\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1335839233-2991384071-368375801-1000UA.job => C:\Users\Undertaker\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (Whitelisted) ==============

 

2011-10-20 00:34 - 2008-06-05 01:53 - 00027648 _____ () C:\windows\System32\spd__l.dll

2011-03-22 23:23 - 2011-03-22 23:23 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll

2015-06-06 13:16 - 2015-06-06 13:16 - 00408576 _____ () c:\windows\meud.exe

2013-03-11 18:10 - 2013-03-11 18:10 - 00075136 _____ () C:\windows\SysWOW64\PnkBstrA.exe

2013-03-11 18:11 - 2013-03-11 18:11 - 00189248 _____ () C:\windows\SysWOW64\PnkBstrB.exe

2011-10-19 10:15 - 2009-12-01 09:21 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

2011-03-22 23:23 - 2011-03-22 23:23 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll

2011-03-17 13:54 - 2011-03-17 13:54 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll

2011-03-22 23:14 - 2011-03-22 23:14 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

2011-10-20 00:34 - 2010-10-21 20:22 - 00709632 _____ () C:\windows\system32\SnMinDrv.dll

2015-06-06 12:33 - 2015-05-18 09:33 - 00479352 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\opera_crashreporter.exe

2015-06-06 22:57 - 2012-09-19 19:17 - 00397088 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll

2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2011-10-19 10:29 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll

2011-10-19 10:32 - 2010-07-05 12:42 - 00203776 _____ () C:\Program Files (x86)\Samsung\Movie Color Enhancer\WinCRT.dll

2015-05-14 20:57 - 2015-04-16 19:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll

2015-05-14 20:57 - 2015-04-23 04:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll

2015-05-14 20:57 - 2015-04-23 04:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll

2015-05-14 20:57 - 2015-04-23 04:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll

2015-05-14 20:57 - 2015-06-04 20:56 - 02407104 _____ () C:\Program Files (x86)\Steam\video.dll

2015-05-14 20:57 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll

2015-05-14 20:57 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll

2015-05-14 20:57 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll

2015-05-14 20:57 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll

2015-05-14 20:57 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll

2015-05-14 20:57 - 2015-06-04 20:56 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL

2015-06-07 22:53 - 2015-06-07 22:53 - 00043008 _____ () c:\Users\Undertaker\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqz9ale.dll

2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\libGLESv2.dll

2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\libEGL.dll

2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll

2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll

2015-06-06 13:26 - 2015-06-03 09:34 - 01811456 _____ () C:\Users\Undertaker\AppData\Local\Chromium\Application\45.0.2422.0\libglesv2.dll

2015-06-06 13:26 - 2015-06-03 09:34 - 00075264 _____ () C:\Users\Undertaker\AppData\Local\Chromium\Application\45.0.2422.0\libegl.dll

2011-10-19 10:37 - 2010-05-07 16:22 - 01636864 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll

2009-11-02 07:20 - 2009-11-02 07:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll

2009-11-02 07:23 - 2009-11-02 07:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

2015-05-14 20:57 - 2015-05-11 21:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

2015-06-06 12:33 - 2015-05-18 09:33 - 01576568 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\libglesv2.dll

2015-06-06 12:33 - 2015-05-18 09:33 - 00081016 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\libegl.dll

 

==================== Alternate Data Streams (Whitelisted) =========

 

(If an entry is included in the fixlist, only the ADS will be removed.)

 

 

==================== Safe Mode (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

 

==================== EXE Association (Whitelisted) ===============

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

 

 

==================== Internet Explorer trusted/restricted ===============

 

(If an entry is included in the fixlist, it will be removed from the registry.)

 

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com

IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com

IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com

IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com

 

 

==================== Other Areas ============================

 

(Currently there is no automatic fix for this section.)

 

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

HKU\S-1-5-21-1335839233-2991384071-368375801-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Shari\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 192.168.2.1

 

==================== MSCONFIG/TASK MANAGER disabled items ==

 

(Currently there is no automatic fix for this section.)

 

MSCONFIG\startupfolder: C:^Users^Undertaker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk => C:\windows\pss\Facebook Messenger.lnk.Startup

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

 

==================== FirewallRules (Whitelisted) ===============

 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

 

FirewallRules: [{69BDB9F9-4084-4D44-A408-5D5FE40CF854}] => (Allow) C:\Windows\System32\SUPDSvc.exe

FirewallRules: [{FE959C3C-AD73-4AEC-9D6C-0382232E663B}] => (Allow) C:\Windows\System32\SUPDSvc.exe

FirewallRules: [{FC7980E9-4F80-4F36-9466-37B9A18652E6}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe

FirewallRules: [{9AC24AFC-1BF5-4550-A687-2B03E4D5F7EB}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe

FirewallRules: [{AF3C80FD-369B-4DE2-ABCA-934544A40985}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe

FirewallRules: [{B3244C98-C00B-437F-8C3F-A653AAE803C0}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe

FirewallRules: [{D926F69B-70A3-42FD-A82C-C21EA696C819}] => (Allow) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10.exe

FirewallRules: [{36998318-A317-4EE4-8BB0-ED2245DB0DAF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE

FirewallRules: [{0160FD72-79D0-4FE8-B6DB-3181E6E3CBE0}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{8C945DD0-F9BF-4C19-B632-B18CE8FFF439}] => (Allow) LPort=2869

FirewallRules: [{E90973CD-FEBC-4B40-A35A-418E0E6164EE}] => (Allow) LPort=1900

FirewallRules: [{11BE53A1-B067-414F-962B-688BDAEA90FC}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

FirewallRules: [{2351B83C-CD9C-4C31-997C-3E4FC795B431}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe

FirewallRules: [{953D920C-56D5-4106-927D-F29E2AABE47D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{3ED98E91-4DF3-4C25-AAE7-84551A641822}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe

FirewallRules: [{A067DEAC-2786-4A1D-8FED-55786BF80DF5}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe

FirewallRules: [{0E1F33F9-FFFC-4EA9-957C-55413CEDBD7D}] => (Allow) C:\Program Files (x86)\Ubisoft\Die Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe

FirewallRules: [{192BCA4F-2430-4ECC-A96A-E46E6EB05CA9}] => (Allow) C:\Program Files (x86)\Ubisoft\Die Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe

FirewallRules: [TCP Query User{B70B6E17-CD33-46E6-A570-EAF636D3C294}C:\program files\java\jre7\bin\java.exe] => (Block) C:\program files\java\jre7\bin\java.exe

FirewallRules: [UDP Query User{45DF2DF0-3B0B-4D43-AFF8-40DE415CDA28}C:\program files\java\jre7\bin\java.exe] => (Block) C:\program files\java\jre7\bin\java.exe

FirewallRules: [{94D83E91-1604-48D8-9EC3-0FDC56418E56}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe

FirewallRules: [{3C994419-F358-45CF-AFDF-46C91CD67A81}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe

FirewallRules: [{ECF686B6-6C0C-4FCC-A4FD-2B0F477EC990}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe

FirewallRules: [{24A2554D-2084-4082-8512-CDA23EED4381}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe

FirewallRules: [TCP Query User{081C2F5B-D6F6-44A4-8176-97E60F4B16D2}C:\users\undertaker\documents\ch@rly's slender ordner\bfheroes.exe] => (Block) C:\users\undertaker\documents\ch@rly's slender ordner\bfheroes.exe

FirewallRules: [UDP Query User{26556202-FEED-4F64-B211-BC94565F68D8}C:\users\undertaker\documents\ch@rly's slender ordner\bfheroes.exe] => (Block) C:\users\undertaker\documents\ch@rly's slender ordner\bfheroes.exe

FirewallRules: [TCP Query User{97900300-DF4D-4EBD-8C1E-AF5E53DFE6B7}C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => (Block) C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe

FirewallRules: [UDP Query User{9F4AE699-B9A0-4A6B-A4A9-B80E9090B895}C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => (Block) C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe

FirewallRules: [{CDD94AB4-D039-499F-AFC9-3E86919EC8BE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{D16186FC-E02D-4A6C-9B52-3A35A4B31C41}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{D35450C6-F433-4A2F-90C5-D5CF46954119}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{8382DF1B-EDAD-4EC1-9026-379B3BCEEF61}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [TCP Query User{8318945D-F0E7-4D0C-BCBC-5CC9346F6BCA}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe

FirewallRules: [UDP Query User{3214A147-E3B8-4F85-99A7-7EDC6841C740}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe

FirewallRules: [TCP Query User{01C1D2AA-8E50-485A-8888-11A54A13AFFC}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe

FirewallRules: [UDP Query User{7D43924B-1C4A-4BB4-9911-8E88B9DEE30D}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe

FirewallRules: [TCP Query User{1F45F5AF-987F-48C5-A065-57E5F524D51F}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe

FirewallRules: [UDP Query User{B435329B-9824-4597-803D-58D26AB856EC}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe

FirewallRules: [{592AF29C-2507-4B9A-BCA4-C4419F86862F}] => (Allow) C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{07624F6D-D913-46F9-B23E-CD69AE0D4B17}] => (Allow) C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{9BD9D9E4-CD8C-4E9A-8D4D-214823E32EF8}] => (Allow) C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{851329BD-31B5-4EFC-BEBD-AF10F18B69B5}] => (Allow) C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{B16AAB12-FADC-4F35-BA9B-E8A71F6F8002}] => (Allow) C:\Users\Undertaker\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe

FirewallRules: [{3962AD47-42E6-48C5-A9F7-D79F3E94422A}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe

FirewallRules: [{5A133F43-F128-4CB3-8D04-B22A974CC9BF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{341B296C-CB62-4911-8DB5-778FF6107847}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{66347507-7ED5-48BB-AF6E-F5A80DBE3B01}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{2B9D989B-FC96-4CBA-8B2B-5629C8EBACD4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{698CA28B-DF46-4053-AEBA-EAA520076E0B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{6FE78FE6-2761-4A32-9691-63E29F53CCC6}] => (Allow) C:\Users\Undertaker\AppData\Local\Chromium\Application\chrome.exe

 

==================== Faulty Device Manager Devices =============

 

Name: Teredo Tunneling Pseudo-Interface

Description: Microsoft-Teredo-Tunneling-Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (06/07/2015 10:52:17 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (06/07/2015 09:51:44 PM) (Source: Windows Backup) (EventID: 4104) (User: )

Description: Die Sicherung war nicht erfolgreich. Fehler: "Auf diesem Laufwerk ist nicht genügend Speicherplatz zum Speichern der Sicherung verfügbar. Löschen Sie ältere Sicherungen und nicht benötigte Daten, um Speicherplatz freizugeben, oder ändern Sie die Sicherungseinstellungen. (0x81000005)"

 

Error: (06/07/2015 09:10:16 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (06/07/2015 09:07:22 PM) (Source: .NET Runtime) (EventID: 1026) (User: )

Description: Anwendung: Avira.OE.ServiceHost.exe

Frameworkversion: v4.0.30319

Beschreibung: Der Prozess wurde aufgrund eines Ausnahmefehlers beendet.

Ausnahmeinformationen: System.ComponentModel.Composition.CompositionException

Stapel:

   bei System.ComponentModel.Composition.Hosting.CompositionServices.GetExportedValueFromComposedPart(System.ComponentModel.Composition.Hosting.ImportEngine, System.ComponentModel.Composition.Primitives.ComposablePart, System.ComponentModel.Composition.Primitives.ExportDefinition)

   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider.GetExportedValue(CatalogPart, System.ComponentModel.Composition.Primitives.ExportDefinition, Boolean)

   bei System.ComponentModel.Composition.Hosting.CatalogExportProvider+CatalogExport.GetExportedValueCore()

   bei System.ComponentModel.Composition.Primitives.Export.get_Value()

   bei System.ComponentModel.Composition.ExportServices.GetCastedExportedValue[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.ComponentModel.Composition.Primitives.Export)

   bei System.ComponentModel.Composition.Hosting.ExportProvider.GetExportedValueCore[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.String, System.ComponentModel.Composition.Primitives.ImportCardinality)

   bei Avira.OE.ServiceHost.ServiceHost.Initialize(System.Object)

   bei System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)

   bei System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

   bei System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)

   bei System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()

   bei System.Threading.ThreadPoolWorkQueue.Dispatch()

   bei System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

 

Error: (06/07/2015 09:05:28 PM) (Source: SideBySide) (EventID: 33) (User: )

Description: Fehler beim Generieren des Aktivierungskontextes für "39.6.2171.95,language="*",type="win32",version="39.6.2171.95"1".

Die abhängige Assemblierung "39.6.2171.95,language="*",type="win32",version="39.6.2171.95"" konnte nicht gefunden werden.

Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

 

Error: (06/07/2015 08:51:30 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: Uninstall.exe_unknown, Version: 0.0.0.0, Zeitstempel: 0x55719056

Name des fehlerhaften Moduls: Uninstall.exe, Version: 0.0.0.0, Zeitstempel: 0x55719056

Ausnahmecode: 0xc0000005

Fehleroffset: 0x00006de8

ID des fehlerhaften Prozesses: 0x2380

Startzeit der fehlerhaften Anwendung: 0xUninstall.exe_unknown0

Pfad der fehlerhaften Anwendung: Uninstall.exe_unknown1

Pfad des fehlerhaften Moduls: Uninstall.exe_unknown2

Berichtskennung: Uninstall.exe_unknown3

 

Error: (06/07/2015 08:38:33 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: Uninstall.exe_unknown, Version: 0.0.0.0, Zeitstempel: 0x55719056

Name des fehlerhaften Moduls: Uninstall.exe, Version: 0.0.0.0, Zeitstempel: 0x55719056

Ausnahmecode: 0xc0000005

Fehleroffset: 0x00006de8

ID des fehlerhaften Prozesses: 0xcd8

Startzeit der fehlerhaften Anwendung: 0xUninstall.exe_unknown0

Pfad der fehlerhaften Anwendung: Uninstall.exe_unknown1

Pfad des fehlerhaften Moduls: Uninstall.exe_unknown2

Berichtskennung: Uninstall.exe_unknown3

 

Error: (06/07/2015 08:35:02 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: Uninstall.exe_unknown, Version: 0.0.0.0, Zeitstempel: 0x55719056

Name des fehlerhaften Moduls: Uninstall.exe, Version: 0.0.0.0, Zeitstempel: 0x55719056

Ausnahmecode: 0xc0000005

Fehleroffset: 0x00006de8

ID des fehlerhaften Prozesses: 0x2488

Startzeit der fehlerhaften Anwendung: 0xUninstall.exe_unknown0

Pfad der fehlerhaften Anwendung: Uninstall.exe_unknown1

Pfad des fehlerhaften Moduls: Uninstall.exe_unknown2

Berichtskennung: Uninstall.exe_unknown3

 

Error: (06/07/2015 08:34:58 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: Uninstall.exe_unknown, Version: 0.0.0.0, Zeitstempel: 0x55719056

Name des fehlerhaften Moduls: Uninstall.exe, Version: 0.0.0.0, Zeitstempel: 0x55719056

Ausnahmecode: 0xc0000005

Fehleroffset: 0x00006de8

ID des fehlerhaften Prozesses: 0x14d4

Startzeit der fehlerhaften Anwendung: 0xUninstall.exe_unknown0

Pfad der fehlerhaften Anwendung: Uninstall.exe_unknown1

Pfad des fehlerhaften Moduls: Uninstall.exe_unknown2

Berichtskennung: Uninstall.exe_unknown3

 

Error: (06/07/2015 08:34:50 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: Uninstall.exe_unknown, Version: 0.0.0.0, Zeitstempel: 0x55719056

Name des fehlerhaften Moduls: Uninstall.exe, Version: 0.0.0.0, Zeitstempel: 0x55719056

Ausnahmecode: 0xc0000005

Fehleroffset: 0x00006de8

ID des fehlerhaften Prozesses: 0x2594

Startzeit der fehlerhaften Anwendung: 0xUninstall.exe_unknown0

Pfad der fehlerhaften Anwendung: Uninstall.exe_unknown1

Pfad des fehlerhaften Moduls: Uninstall.exe_unknown2

Berichtskennung: Uninstall.exe_unknown3

 

 

System errors:

=============

Error: (06/07/2015 10:54:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053

 

Error: (06/07/2015 10:54:41 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update-Dienst (gupdate) erreicht.

 

Error: (06/07/2015 10:50:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1275

 

Error: (06/07/2015 10:50:52 PM) (Source: Application Popup) (EventID: 875) (User: )

Description: Treiber atksgt.sys konnte nicht geladen werden.

 

Error: (06/07/2015 09:14:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Steam Client Service" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053

 

Error: (06/07/2015 09:14:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Steam Client Service erreicht.

 

Error: (06/07/2015 09:13:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053

 

Error: (06/07/2015 09:13:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update-Dienst (gupdate) erreicht.

 

Error: (06/07/2015 09:12:56 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053

 

Error: (06/07/2015 09:12:56 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Media Player-Netzwerkfreigabedienst erreicht.

 

 

Microsoft Office:

=========================

 

==================== Memory info =========================== 

 

Processor: AMD E-450 APU with Radeon(tm) HD Graphics

Percentage of memory in use: 37%

Total physical RAM: 8172.05 MB

Available physical RAM: 5102.68 MB

Total Pagefile: 16342.29 MB

Available Pagefile: 12730.16 MB

Total Virtual: 8192 MB

Available Virtual: 8191.85 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:365 GB) (Free:122.81 GB) NTFS

Drive d: () (Fixed) (Total:544.44 GB) (Free:0 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (Size: 931.5 GB) (Disk ID: DBCA14F4)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=365 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=544.4 GB) - (Type=OF Extended)

Partition 4: (Not Active) - (Size=22 GB) - (Type=27)

 

==================== End of log ============================

--- --- ---

Einige Programme konnte ich nicht löschen, da sie nicht aufgeführt waren, auch nicht im Revo.
LG
Ani

deeprybka

08.06.2015 08:11

Die Funde von Malwarebytes hast Du aber in Quarantäne oder gelöscht?

Der Rechner sollte jetzt aber schon besser laufen?

Schritt 1
Echtzeitschutz des Virenscanners abschalten.
http://www.deeprybka.trojaner-board.de/zoek/avira.gif

Schritt 2
Download von https://sites.google.com/site/canned...b27e2-Zoek.png ZOEK (by Smeenk)

Speichere die zoek.exe auf dem Desktop.
Bitte deaktiviere während der Verwendung von Zoek Deinen Virenscanner, da dieser Zoek stören könnte.
Starte die zoek.exe mit einem Doppelklick und warte bis die Programmoberfläche erscheint (ca. 30 Sekunden)
Kopiere den Text der folgenden Box in das Skriptfenster von Zoek:

Code:

systemspecs; filesrcm; emptyfolderscheck;delete iedefaults; CHRdefaults; shortcutfix; autoclean; emptyclsid;

Nun klicke auf "Run script" und sei geduldig bis das Skript durchgelaufen ist.

Zitat:

Zoek.exe is running now.
Do not start any browser windows, they may get closed automatically.
Please wait! This window will close when finished.
A logfile will open afterwards and can also be found on your systemdrive as zoek-results.log

Wenn das Tool fertig ist, wird sich eine Logdatei öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter C:\
Bitte poste mir das zoek-results.log.

Ani73

08.06.2015 12:22

Hallo Jürgen,

also ich lass grad im Moment auf dem Lappi das ZOEK laufen. Aber auch vorher war es immer noch eine Plage auf dem Ding zu arbeiten. Jeder Klick, selbst beim anmelden bei Euch auf dem Board, machte mir eine weitere Internetseite auf. Werbung und anderes "Gruschtel" Zeug. Selbstständiges Zumachen der Seiten obwohl ich nur eine angeklickt habe, besteht weiterhin. Auch noch zig Werbeteile die erscheinen.
Ja ich habe im Malware die Dateien in die Quarantäne verschoben.
Sobald ich das LOG von Zoek habe poste ich es Dir.

Sorry für die doppel gepostete Logs aber das kann ich zur Zeit nicht steuern beim Laptop.

Bin jetzt an meinen Rechner gegangen um zu schreiben, sonst hätte das auch wieder über ne 1/2 Stunde gedauert um zu posten :-(

Viele Grüße
Ani73

deeprybka

08.06.2015 13:08

Ok. Alles klar. :)
Bekommen wir aber schon hin.

Ani73

08.06.2015 15:59

Hier ist die Zoek Datei

Code:

Zoek.exe v5.0.0.0 Updated 04-May-2015

Tool run by Undertaker on 08.06.2015 at 13:06:55,42.

Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Undertaker\Downloads\zoek.exe [Scan all users] [Script inserted] 
 

==== System Restore Info ======================
 

08.06.2015 13:11:12 Zoek.exe System Restore Point Created Successfully.
 

==== Empty Folders Check ======================
 

C:\PROGRA~2\4722a9bf-525a-4c06-897e-ac1e3bd46d28 deleted successfully

C:\PROGRA~2\588c3280-483f-4ff6-b4ca-8a53e94287ce deleted successfully

C:\PROGRA~2\66eb7326-d26b-4ed7-8b75-f11540f0061d deleted successfully

C:\PROGRA~2\72c3b23c-ddd7-454a-8372-e7ae40829114 deleted successfully

C:\PROGRA~2\850b14a9-df9b-49e0-86a9-17f782850ec2 deleted successfully

C:\PROGRA~2\bcd6e4c4-84bf-4654-934b-210101b6db64 deleted successfully

C:\PROGRA~2\ff658703-be67-4a41-9d60-d22f009b2b9b deleted successfully

C:\Program Files\Google deleted successfully

C:\PROGRA~3\Oracle deleted successfully

C:\Users\Undertaker\AppData\Roaming\Common deleted successfully

C:\Users\Undertaker\AppData\Roaming\TP deleted successfully

C:\Users\Shari\AppData\Local\VirtualStore deleted successfully

C:\Users\Undertaker\AppData\Local\Pirates deleted successfully

C:\Users\Undertaker\AppData\Local\Secunia PSI deleted successfully

C:\Users\Undertaker\AppData\Local\Unity deleted successfully
 

==== Deleting CLSID Registry Keys ======================
 

HKEY_USERS\S-1-5-21-1335839233-2991384071-368375801-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15B4D33A-229D-40BF-9D25-E273F417D73B} deleted successfully

HKEY_USERS\S-1-5-21-1335839233-2991384071-368375801-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30A5A5B2-F704-439E-904D-B1EC9A95EE69} deleted successfully

HKEY_USERS\S-1-5-21-1335839233-2991384071-368375801-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3C49B20-3D86-4A48-8BBB-93978877FBD} deleted successfully

HKEY_USERS\S-1-5-21-1335839233-2991384071-368375801-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E84A2918-77C5-4E0D-AF87-C03C41FA6B2} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3BC93E76-92F8-5FDA-B676-5AFEE3735BF1} deleted successfully
 

==== Deleting CLSID Registry Values ======================
 
 

==== Deleting Services ======================
 
 

==== Deleting Files \ Folders ======================
 

C:\PROGRA~2\4722a9bf-525a-4c06-897e-ac1e3bd46d28 not found

C:\PROGRA~2\588c3280-483f-4ff6-b4ca-8a53e94287ce not found

C:\PROGRA~2\66eb7326-d26b-4ed7-8b75-f11540f0061d not found

C:\PROGRA~2\72c3b23c-ddd7-454a-8372-e7ae40829114 not found

C:\PROGRA~2\850b14a9-df9b-49e0-86a9-17f782850ec2 not found

C:\PROGRA~2\bcd6e4c4-84bf-4654-934b-210101b6db64 not found

C:\PROGRA~2\ff658703-be67-4a41-9d60-d22f009b2b9b not found

C:\windows\SysNative\Tasks\Nropnumipre deleted

C:\Users\Undertaker\AppData\Local\7721 deleted

C:\PROGRA~2\GUT205F.tmp deleted

C:\PROGRA~2\GUM205E.tmp deleted

C:\PROGRA~2\SamsungPrinterLiveUpdateInstaller deleted

C:\PROGRA~2\Deskperience deleted

C:\found.000 deleted

C:\Users\Undertaker\AppData\Roaming\dlg deleted

C:\Users\Undertaker\AppData\Roaming\skype.ini deleted

C:\PROGRA~3\1und1DesktopIconsInstaller deleted

C:\PROGRA~3\Package Cache deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System~Protector deleted

C:\windows\SysNative\tasks\Advanced System~Protector deleted

C:\windows\SysNative\tasks\Advanced System~Protector_startup deleted

C:\windows\SysNative\config\systemprofile\Searches deleted

C:\windows\SysNative\GroupPolicy\Machine deleted

C:\windows\SysNative\GroupPolicy\User deleted

C:\windows\SysNative\GroupPolicy\GPT.INI deleted

C:\windows\Syswow64\GroupPolicy\gpt.ini deleted

C:\windows\Syswow64\sho5DCA.tmp deleted

C:\Users\Public\Desktop\Advanced System~Protector.lnk deleted

"C:\Users\Undertaker\AppData\Roaming\.technic" deleted
 

==== System Specs ======================
 

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)

Memory (RAM): 8173 MB

CPU Info: AMD E-450 APU with Radeon(tm) HD Graphics

CPU Speed: 1643,8 MHz

Sound Card: Speakers (Realtek High Definiti | 

Display Adapters: AMD Radeon HD 6470M | AMD Radeon HD 6470M | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver

Monitors: 1x; Generic PnP Monitor | 

Screen Resolution: 1366 X 768 - 32 bit

Network: Network Present

Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Atheros AR9285 Wireless Network Adapter | Realtek PCIe GBE Family Controller | Hamachi Network Interface

CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW SN-208BB

Ports: COM Ports NOT Present. LPT Port NOT Present. 

Mouse: 3 Button Wheel Mouse Present

Hard Disks: C:  365,0GB | D:  544,4GB | Q:  0,0MB

Hard Disks - Free: C:  122,6GB | D:  1,9MB | Q:  0,0MB

Manufacturer *: American Megatrends Inc.

BIOS Info: AT/AT COMPATIBLE | 12/14/11 | SECCSD - 1072009

Time Zone: Mitteleuropäische Zeit

Motherboard *: SAMSUNG ELECTRONICS CO., LTD. RV415/RV415

Country: Deutschland 

Language: DEU 
 

==== System Specs (Software) ======================
 

Anti-Virus: Avira Desktop On-access scanning disabled (Outdated)

Anti-Spyware: Avira Desktop disabled (Outdated)

Anti-Spyware: Windows Defender disabled (Outdated)

Internet Explorer Version: 11.0.9600.17280 

Opera Browser version: 29.0.1795.60

Google Chrome version: 45.0.2422.0

Adobe Reader version: 11.0.10.32

Sun Java version: 1.7.0_75 (32-bit) 
 

==== Files Recently Created / Modified ======================
 

====== C:\windows ====

2015-06-06 11:50:45        8E3499B30A91A90AA1D418F7950A378D        10273        ----a-w-        C:\windows\unins000.dat

2015-06-06 11:50:45        504BC55FF3193096BAB19347B78A7363        173056        ----a-w-        C:\windows\Provider20150607221036.dll

2015-06-06 11:50:45        504BC55FF3193096BAB19347B78A7363        173056        ----a-w-        C:\windows\Provider20150607205118.dll

2015-06-06 11:50:45        504BC55FF3193096BAB19347B78A7363        173056        ----a-w-        C:\windows\Provider20150607195041.dll

2015-06-06 11:50:45        504BC55FF3193096BAB19347B78A7363        173056        ----a-w-        C:\windows\Provider20150606235357.dll

2015-06-06 11:50:45        504BC55FF3193096BAB19347B78A7363        173056        ----a-w-        C:\windows\Provider20150606220627.dll

2015-06-06 11:50:45        504BC55FF3193096BAB19347B78A7363        173056        ----a-w-        C:\windows\Provider20150606195541.dll

2015-06-06 11:50:45        504BC55FF3193096BAB19347B78A7363        173056        ----a-w-        C:\windows\Provider20150606180602.dll

2015-06-06 11:50:45        504BC55FF3193096BAB19347B78A7363        173056        ----a-w-        C:\windows\Provider20150606165333.dll

2015-06-06 11:50:45        504BC55FF3193096BAB19347B78A7363        173056        ----a-w-        C:\windows\Provider20150606155257.dll

2015-06-06 11:50:45        504BC55FF3193096BAB19347B78A7363        173056        ----a-w-        C:\windows\Provider20150606145136.dll

2015-06-06 11:50:45        504BC55FF3193096BAB19347B78A7363        173056        ----a-w-        C:\windows\Provider.dll

2015-06-06 11:50:45        49A0DFC95D221C516EC57006C37F67D8        718497        ----a-w-        C:\windows\unins000.exe

2015-06-06 11:16:44        828AE71F67ACDB05C94F76FE37E55099        631296        ----a-w-        C:\windows\eud.dat

2015-06-06 11:16:42        A054BF51A9358CA92D06D9B6509233B8        408576        ----a-w-        C:\windows\meud.exe

====== C:\Users\UNDERT~1\AppData\Local\Temp ====

2015-06-07 20:53:44        0CFC0308F76EC217C457F54DDFCB3077        43008        ----a-w-        C:\Users\Undertaker\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqz9ale.dll

2015-06-06 12:53:41        36DB15C2A9CF70F6BFE9D726C7FDB312        770626        ----a-w-        C:\Users\Undertaker\AppData\Local\Temp\setup_666.exe

2015-06-06 11:45:09        2A5F246B97D00F77B78D15F72923839B        61981        ----a-w-        C:\Users\Undertaker\AppData\Local\Temp\Uninstall.exe

2015-06-06 11:21:06        1D1E6E2375E97C900857B9C0F3B8A8E8        452772        ----a-w-        C:\Users\Undertaker\AppData\Local\Temp\0b0cde95-9e35-4127-85db-7542941f208c\setup.exe

2015-06-06 11:08:49        765733181F78BB871F6C0F432CF445D9        89088        ----a-w-        C:\Users\Undertaker\AppData\Local\Temp\00E35A2E-3B5A-BD25-0A1E-9E0608E342C2.dll

2015-06-06 11:08:23        F238328BB42A6EA39D4E95EB15A7E446        577536        ----a-w-        C:\Users\Undertaker\AppData\Local\Temp\isdkAA7uaR9j\ISightSDK.dll

2015-06-06 11:08:23        A36C9D94A63E668010E3243F0A111801        3072        ----a-w-        C:\Users\Undertaker\AppData\Local\Temp\isdkAA7uaR9j\ISightHost.exe

2015-06-06 10:32:51        772636F1C27C254FEEDB5D358BC5D468        683648        ----a-w-        C:\Users\Undertaker\AppData\Local\Temp\is1480233727\6F2F75FE_stp.EXE

2015-06-06 09:22:32        50754352847B5E71E11ABF4D30407148        441220        ------w-        C:\Users\Undertaker\AppData\Local\Temp\jna\jna444224111888388900.dll

====== Java Cache =====

====== C:\windows\SysWOW64 =====

2015-06-06 11:18:26        F703D4D21A502C67F6F00CED46D33F43        4        ----a-w-        C:\windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7

====== C:\windows\SysWOW64\drivers =====

====== C:\windows\Sysnative =====

====== C:\windows\Sysnative\drivers =====

2015-06-06 20:57:51        F702D64E64FF3AF7F4D9B7789D00DE27        129216        ----a-w-        C:\windows\Sysnative\drivers\avipbb.sys

2015-06-06 20:57:51        CD0E732347BF09717E0BDDC0C66699AB        27800        ----a-w-        C:\windows\Sysnative\drivers\avkmgr.sys

2015-06-06 20:57:51        25B63A3C24A5E0223A35DE2F0D9E0FAF        99248        ----a-w-        C:\windows\Sysnative\drivers\avgntflt.sys

====== C:\windows\Tasks ======

2015-06-06 10:34:08        0C6BA22EBFDF35CF767018E0C3072FBC        3862        ----a-w-        C:\windows\Sysnative\Tasks\Opera scheduled Autoupdate 1433586837

====== C:\windows\Temp ======

======= C:\Program Files =====

2015-05-15 07:45:50        --------        d-----w-        C:\Program Files\WEB.DE MailCheck

======= C:\PROGRA~2 =====

2015-06-06 10:45:34        --------        d-----w-        C:\PROGRA~2\Project64 2.2

2015-06-06 10:33:37        --------        d-----w-        C:\PROGRA~2\7-Zip

2015-06-06 10:33:07        --------        d-----w-        C:\PROGRA~2\Opera

2015-06-06 10:32:45        --------        d-----w-        C:\PROGRA~2\MiuiTab

2015-05-15 07:45:46        --------        d-----w-        C:\PROGRA~2\WEB.DE MailCheck

2015-05-14 18:50:33        --------        d-----w-        C:\PROGRA~2\COMMON~1\Steam

2015-05-14 18:50:28        --------        d-----w-        C:\PROGRA~2\Steam

======= C: =====

====== C:\Users\Undertaker\AppData\Roaming ======

2015-06-06 21:04:18        --------        d-----w-        C:\Users\Undertaker\AppData\Roaming\Avira

2015-06-06 11:26:23        --------        d-----w-        C:\Users\Undertaker\AppData\Local\Chromium

2015-06-06 11:06:53        --------        d-----w-        C:\Users\Undertaker\AppData\Local\Apps

2015-06-06 11:06:51        --------        d-----w-        C:\Users\Undertaker\AppData\Local\Deployment

2015-06-06 10:34:11        --------        d-----w-        C:\Users\Undertaker\AppData\Roaming\Opera Software

2015-06-06 10:34:11        --------        d-----w-        C:\Users\Undertaker\AppData\Local\Opera Software

2015-05-17 14:12:56        --------        d-----w-        C:\Users\Undertaker\AppData\Local\Sonic7

2015-05-14 18:59:40        --------        d-----w-        C:\Users\Undertaker\AppData\Local\Steam

====== C:\Users\Undertaker ======

2015-06-07 18:39:53        75792D4CBF8A138CEBA044868FDE766D        2785665        ----a-w-        C:\Users\Undertaker\Downloads\RevoUninstallerPortable_1.95_Rev_2.paf.exe

2015-06-06 19:32:26        6CDEAC78E5677E304477FB36351C3195        21546080        ----a-w-        C:\Users\Undertaker\Downloads\mbam-setup-2.1.6.1022.exe

2015-06-06 19:11:45        B5A2C2A16026104DF285A0E5176E0217        2108928        ----a-w-        C:\Users\Undertaker\Downloads\FRST64.exe

2015-06-06 11:48:42        D56605A4F5CE2DBEBA1540304827B394        2231296        ----a-w-        C:\Users\Undertaker\Downloads\AdwCleaner_4.206.exe

2015-06-06 11:42:21        87A629D7463BCEB2A02CA143EB2DEFF8        2870984        ----a-w-        C:\Users\Undertaker\Downloads\esetsmartinstaller_deu.exe

2015-06-06 11:20:04        --------        d--h--w-        C:\ProgramData\eud

2015-06-06 10:45:35        --------        d-----w-        C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.2

2015-06-06 10:33:37        --------        d-----w-        C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip

2015-06-06 10:32:07        BBB7482C658D2A976A0670B628D11658        1200163        ----a-w-        C:\Users\Undertaker\Downloads\7zip.exe

2015-06-06 10:21:28        --------        d-----w-        C:\ProgramData\boost_interprocess

2015-06-06 10:21:23        --------        d-----w-        C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NAVIGON

2015-06-05 20:10:55        A53761C54221EECEA9421AECD225F9D5        1089752        ----a-w-        C:\Users\Undertaker\Downloads\UnityWebPlayer (1).exe

2015-05-15 07:45:50        --------        d-----w-        C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WEB.DE MailCheck

2015-05-14 18:50:29        --------        d-----w-        C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

2015-05-14 17:49:23        --------        d-----w-        C:\ProgramData\UUdb

2015-05-14 07:38:34        --------        d-----w-        C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
 

====== C: exe-files ==

2015-06-07 19:14:41        BA2CCDF5A4EE6FF468FAF2621645E660        17983488        ----a-w-        C:\Program Files (x86)\Secunia\PSI\SUA\a46b2714d82b72fe3f6fd31a724e7926e89447c2\AdobeFlashPlayer_17.0.0.188_ActiveX_SPS.exe

2015-06-07 19:13:59        DBCB853BB313B3DC38EE3DA75ECDCB6E        26259456        ----a-w-        C:\Program Files (x86)\Secunia\PSI\SUA\38ee56da1a3509e2007c0882c8097c20baf1a6da\JavaJRE_7u79_32-bit_PSIonlySPS.exe

2015-06-07 18:45:48        3DADB75456700968C292AE60C5F5C038        544        ----a-w-        C:\$Recycle.Bin\S-1-5-21-1335839233-2991384071-368375801-1000\$I5830GW.exe

2015-06-07 18:45:46        1C41B2A71A686A05C6D963FE191B9F5C        544        ----a-w-        C:\$Recycle.Bin\S-1-5-21-1335839233-2991384071-368375801-1000\$ITCVYGT.exe

2015-06-07 18:45:35        90C8F12F183CC12361C82C3E3B87E439        544        ----a-w-        C:\$Recycle.Bin\S-1-5-21-1335839233-2991384071-368375801-1000\$I8KYI1V.exe

2015-06-06 20:57:55        9238D589D79E62092CC3B181699E53FB        78624        ----a-w-        C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe

2015-06-06 20:57:53        E939C62563C7AFA67FF2D58A0A5DEDC3        790304        ----a-w-        C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe

2015-06-06 20:57:53        AEAFD7E5922C19D3547E0CF8E6996180        46368        ----a-w-        C:\Program Files (x86)\Avira\AntiVir Desktop\updrgui.exe

2015-06-06 20:57:53        A5569C4429D1C5494049FBFE2B2D20FF        84256        ----a-w-        C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

2015-06-06 20:57:53        88F916FAABC64D527D746D4D7801A83C        619808        ----a-w-        C:\Program Files (x86)\Avira\AntiVir Desktop\update.exe

2015-06-06 20:57:53        833078363377DC152D9CD6F3B8C12BE7        83232        ----a-w-        C:\Program Files (x86)\Avira\AntiVir Desktop\ipmgui.exe

2015-06-06 20:57:53        20C0F5D28D4680299713EA489BB39599        169248        ----a-w-        C:\Program Files (x86)\Avira\AntiVir Desktop\inssda64.exe

2015-06-06 20:57:53        09B0157E6CD8240D494B1235A0337F76        106344        ----a-w-        C:\Program Files (x86)\Avira\AntiVir Desktop\licmgr.exe

2015-06-06 20:57:52        8A85BC6241FCCE8CD512C4F4F23DAFBA        480544        ----a-w-        C:\Program Files (x86)\Avira\AntiVir Desktop\fact.exe

2015-06-06 20:57:52        898AEA91C7F64764150855E9C278ED4E        168736        ----a-w-        C:\Program Files (x86)\Avira\AntiVir Desktop\guardgui.exe

2015-06-06 20:57:51        FC837E7FFD3E36F3CD8C34EC994FCD2E        116680        ----a-w-        C:\Program Files (x86)\Avira\AntiVir Desktop\avwsc.exe

2015-06-06 20:57:51        E33477E98806435E3A36F49CDCBB6D1D        459040        ----a-w-        C:\Program Files (x86)\Avira\AntiVir Desktop\avconfig.exe

2015-06-06 20:57:51        CB7EA00A4E70DF6828EBB68633D000D2        108320        ----a-w-        C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

2015-06-06 20:57:51        CADC4000D147C9986B4E7646AE52E240        247584        ----a-w-        C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

2015-06-06 20:57:51        C13E1797741A757859B6BBF6F5096C4B        84256        ----a-w-        C:\Program Files (x86)\Avira\AntiVir Desktop\avadmin.exe

2015-06-06 20:57:51        B60C374083064CA32323A13BC244F47B        232224        ----a-w-        C:\Program Files (x86)\Avira\AntiVir Desktop\avwebloader.exe

2015-06-06 20:57:51        AD74CCA501DA08EF395E520D9C258F81        5655248        ----a-w-        C:\Program Files (x86)\Avira\AntiVir Desktop\apntoolbarinstaller.exe

2015-06-06 20:57:51        A7CB9B3962B595E19D8401C90852298F        57632        ----a-w-        C:\Program Files (x86)\Avira\AntiVir Desktop\avupgsvc.exe

2015-06-06 20:57:51        93A912072351DFEF975F12EFAD18BD9F        145096        ----a-w-        C:\Program Files (x86)\Avira\AntiVir Desktop\apnstub.exe

2015-06-06 20:57:51        84203833C40AF9C6BC436F9862AE2FAA        266528        ----a-w-        C:\Program Files (x86)\Avira\AntiVir Desktop\avnotify.exe

2015-06-06 20:57:51        70F5E6B9D473DBA1E48BBF2F57A522CB        560416        ----a-w-        C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe

2015-06-06 20:57:51        624164E2556DCEE04DFF26006AFBAB9F        637728        ----a-w-        C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe

2015-06-06 20:57:51        528512B6E9F8C9DF8F7FE4AF84D25FB1        181024        ----a-w-        C:\Program Files (x86)\Avira\AntiVir Desktop\avrestart.exe

2015-06-06 20:57:51        419782FAC0350E2784EBAB0113DD7FF4        387360        ----a-w-        C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe

2015-06-06 20:57:51        2FBC1A5A4CB3BDA1938A0A7B3D89A6C1        384800        ----a-w-        C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

2015-06-06 10:53:52        0DE22458CC6258A3ECB25940D53BC2ED        1196995        ----a-w-        C:\Program Files (x86)\Project64 2.2\unins000.exe

2015-06-06 10:45:34        45C559C45ACB7241FDB2E9044D86E260        1298944        ----a-w-        C:\Program Files (x86)\Project64 2.2\Project64.exe

2015-06-06 10:33:58        F5049158094CB12DF71FF54748A60B34        479352        ----a-w-        C:\Program Files (x86)\Opera\29.0.1795.60\opera_crashreporter.exe

2015-06-06 10:33:58        BA0CF7765366521A24D926F4AE3A2A57        1958008        ----a-w-        C:\Program Files (x86)\Opera\29.0.1795.60\opera_autoupdate.exe

2015-06-06 10:33:58        9F1D0CBCBB7DD00F793962872342B107        73336        ----a-w-        C:\Program Files (x86)\Opera\29.0.1795.60\wow_helper.exe

2015-06-06 10:33:58        9765C6373A259BFE07BF281FE70EA66C        888440        ----a-w-        C:\Program Files (x86)\Opera\launcher.exe

2015-06-06 10:33:58        4A143FD710F4CB9D609AEC89D8E56C7D        56025208        ----a-w-        C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe

2015-06-06 10:33:57        239DF27CF3A77B3ADF74F9FA59D8B369        1242232        ----a-w-        C:\Program Files (x86)\Opera\29.0.1795.60\installer.exe

2015-06-06 10:33:38        5F4989AB994B7100C82B284D6D23F5A6        58769        ----a-w-        C:\Program Files (x86)\7-Zip\Uninstall.exe

2015-06-06 10:32:50        B6071B415E5F8CF6934A78BB384D7340        125157        ----a-w-        C:\Program Files (x86)\MiuiTab\uninstall.exe

2015-06-06 10:30:05        9728DE02879CD4FBE0A48AEF2E53176E        544        ----a-w-        C:\$Recycle.Bin\S-1-5-21-1335839233-2991384071-368375801-1000\$IVZV6T8.exe

2015-06-06 10:30:05        39554C059DFE76218A7FD6753982FBE4        544        ----a-w-        C:\$Recycle.Bin\S-1-5-21-1335839233-2991384071-368375801-1000\$IOVTBOK.exe

=== C: other files ==

2015-06-06 20:57:53        E310FCBA8884EEBD9017C3D01B6D0BCF        100680        ----a-w-        C:\Program Files (x86)\Avira\AntiVir Desktop\sweb.zip

2015-06-06 20:41:25        BE02B9E56CD3787E6C6C952A756EF5AB        2228925        ----a-w-        C:\Users\Undertaker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WIWZY0KX\1[1].zip

2015-06-06 11:35:09        3CC931BC304B1A7E9880AB27C4BA090D        820320        ----a-w-        C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\dictionaries\de.zip

2015-06-06 10:39:08        12CFA1E75897AB0720266E681B453C22        12699289        ----a-w-        C:\Users\Undertaker\Downloads\Mario Kart 64 (E).zip

2015-06-04 12:56:55        B2419E3B55A0C9357C16C65453C4C46C        983949        ----a-w-        C:\Users\Undertaker\Downloads\Super Mario Allstars (E).zip

2015-06-04 12:35:48        3A03EAAAA0B5CD0A64D491A35293A6A1        6347644        ----a-w-        C:\Users\Undertaker\Downloads\Super Mario 64 (D, F, E) (1).zip

2015-06-04 10:44:53        3A03EAAAA0B5CD0A64D491A35293A6A1        6347644        ----a-w-        C:\Users\Undertaker\Downloads\Super Mario 64 (D, F, E).zip

2015-06-02 20:00:44        21CB205FB3EFB995DE8D7157AF916AF6        13171110        ----a-w-        C:\Users\Undertaker\Desktop\PokeMMO-Client (2).zip
 

==== Chromium Look ======================
 

Google Chrome Version: 43.0.2357.81
 

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

flliilndjeohchalpbbcdekjklbdgfkk - No path found[]
 

Chrome Hotword Shared Module - Undertaker\AppData\Local\Chromium\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg

Bookmark Manager - Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik

Chrome Hotword Shared Module - Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg

Shop and Save Up - Undertaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\ablgnpngfaaficpckehadaljnjgjkhbi

GoHD - Undertaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk

BrowserV04.06 - Undertaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\idhkmcfanijhphphomamdkaejjadkhgn

BrowserApp3.7 - Undertaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\mdcoemfeknnmifgkfoncjfoohdljddmp
 

==== Chromium Startpages ======================
 

C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Preferences

{"account_tracker_service_last_update":"13078177850710554","bookmark_bar":{"show_on_all_tabs":false},"browser":{"check_default_browser":false,"window_placement":{"bottom":583,"left":282,"maximized":false,"right":1111,"top":216,"work_area_bottom":728,"work_area_left":0,"work_area_right":1366,"work_area_top":0}},"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","2164485","176572"],"daily_original_length_via_data_reduction_proxy":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_original_length_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","2164485","176572"],"daily_received_length_https_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_long_bypass_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_short_bypass_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_unknown_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_via_data_reduction_proxy":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"last_update_date":"13078101600000000"},"default_apps_install_state":3,"distribution":{"auto_launch_chrome":true,"do_not_create_any_shortcuts":true,"do_not_launch_chrome":true,"make_chrome_default":false,"make_chrome_default_for_user":false,"skip_first_run_ui":true,"suppress_first_run_bubble":true},"extensions":{"alerts":{"initialized":true},"autoupdate":{"last_check":"13078234732093000","next_check":"13078254509174000"},"chrome_url_overrides":{"bookmarks":["chrome-extension://eemcgdkfndhakfknompkggombfjjjeno/main.html"]},"commands":{},"last_chrome_version":"45.0.2422.0","toolbar":["flliilndjeohchalpbbcdekjklbdgfkk"]},"first_run_tabs":[""],"gcm":{"check_time":"13078234760001000"},"hotword":{"previous_language":"de"},"http_original_content_length":"2341057","http_received_content_length":"2341057","intl":{"accept_languages":"de-DE,de,en-US,en"},"invalidator":{"client_id":"TYimF5fYj4QWKLR/1VR29Q=="},"media":{"device_id_salt":"I3m8DHeSWfPs7J6qkJ0SYg=="},"net":{"http_server_properties":{"servers":{"chrome.google.com:443":{"supports_spdy":true},"clients2.google.com:443":{"supports_spdy":true},"clients4.google.com:443":{"supports_spdy":true}},"version":3}},"plugins":{"migrated_to_pepper_flash":true,"plugins_list":[],"removed_old_component_pepper_flash_settings":true},"profile":{"avatar_index":26,"content_settings":{"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{},"fullscreen":{},"geolocation":{},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{},"pref_version":1},"exit_type":"Crashed","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"Profil 1","per_host_zoom_levels":{}},"protection":{"macs":{}},"safebrowsing":{"enabled":false},"search_provider_overrides_version":1,"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13078063633059721"},"translate_accepted_count":{"en":0},"translate_blocked_languages":["de"],"translate_denied_count_for_language":{"en":1},"translate_last_denied_time_for_language":{"en":1433590301365.423},"translate_whitelists":{}}

],"version":"1.2.0.1"},"path":"C:\\Users\\Undertaker\\AppData\\Local\\Chromium\\Application\\45.0.2422.0\\resources\\google_now","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false}}},"homepage":"hxxp://www.cassiopesa.com/?f=1&a=csp_tgsam_15_23&cd=2XzuyEtN2Y1L1Qzu0EzztCtCtAtB0E0CyCtBtC0D0FyDzytDtN0D0Tzu0StCtByDtBtN1L2XzutAtFtCtDtFtCtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StAzztC0DtByEtC0BtGyC0F0D0BtGyEyBtDtCtGyCyD0EzztGtByE0BtByBtBtCtCyEyDzztC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0E0AtDyBtD0FtCtGyDtDyD0FtGyEzztC0AtG0ByB0CtBtG0FyBzyyEyCtA0AyDyDzytByC2QtN0A0LzuyE&cr=436201747&ir=&uref=chmm","homepage_is_newtabpage":false,"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"9463DEC4C15E47646D05FD921E0E475249EA15DE77808C4664EF238C54D89FC7"},"default_search_provider":{"keyword":"42142BFC0323D5EF138C9ED2128F1DEB2FD3E3F7AF30AD930F60A1C5B87E5276","name":"D29ED831358AACE7408781A9A65FA083D8CBA1662ED7E0356AEB94734C60D047","search_url":"D02C7D9E52A3893EB51633C2C0CA63BB6AC27B4E406A7C47D6A896AF4042FDDE"},"default_search_provider_data":{"template_url_data":"575D258E47F940C6887685ABA99A5839CBFE4BA30863349DFE0D0C375AAB8816"},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":"452602F26B5FE429038DC87FC03F753AACF57A4C36C9E255C6FA53C96D46C16C","bepbmhgboaologfdajaanbcjmnhjmhfn":"8A21763201BA02BE4B6B57D100F2D16A45163FAF614511683823AC03AC93A582","eemcgdkfndhakfknompkggombfjjjeno":"0C48B08944FF7027A117BD93D3013383AB36E83E3A407CAF913B47E11AD70E42","ennkphjdgehloodpbhlhldgbnhmacadg":"4A3E82CDAF849D88F218D5FEE54495DBCB2F3220EBF4F34A32DE4E7C14B569E2","flliilndjeohchalpbbcdekjklbdgfkk":"2BAA34CF059CCC060E2A14F1C8E377DED87802FCA45E78FCF6F296ED1AD9F181","kmendfapggjehodndflmmgagdbamhnfd":"D579C3A60FD5AD28491F555DCF06209A462F0B3627EC602A6EDB4432F1C2B255","lccekmodgklaepjeofjdjpbminllajkg":"4DEF0CFD4A668CC0A23A7D39AB2A4EF5E55021EA71EAB31045F97A1C42F14687","mfehgcgbbipciphmccgaenjidiccnmng":"0CB0E74F84CE0222DC354E5B9805A472A2CBE6F8FA9F6BA3DD68350A3D767EF1","mgndgikekgjfcpckkfioiadnlibdjbkf":"78C67CDA191ABF3C8F2ABF6F350805330E355E45DE68381139DA0DBCF9DAE1B8","mhjfbmdgcfjbbpaeojofohoefgiehjai":"31A5F1D2885C9E0CE1C02BDAA05C4C450CB9B44B42BB1B09EF8982028BFE7BD2","nbpagnldghgfoolbancepceaanlmhfmd":"AB2D5291FC9789942D866406706DC16DCAC77FCEF892A242A7AC1F74EDDA2288","nmmhkkegccagdldgiimedpiccmgmieda":"62D145AD2725C47A396FF3B61D6A227C52FC36113B359BBBDC9A665886568967","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"9CF3EA5A8604CA22490BB752E0297D1B3AB08AD332313DF97DE4BB9103C82C0D"}},"google":{"services":{"account_id":"E5B4CD7C5FA271A47D07D462465AFD63DBF6A8CDFAFEF4839D13F8F552131486","last_username":"24FCEF9BF7DF12A2935BE143E58951E09DBAA1D3E0E24430C0FF93009F5D6AFD","username":"D26BCA1B2F99EDF1D42826D14541328D9E374F4559553FC3BB7E76405AC31AE2"}},"homepage":"809184551AC478F030B9AF4B31EBC5C78D1703FFDBDFD9B9F2835751F692CA8B","homepage_is_newtabpage":"C77EA32F1872FF78A94FD3CF2AC2625671D07B6EC18468CE474F383FE0BAFEFA","pinned_tabs":"699F1AC92729A024B80605AFC3C63BFB2A35B70C4214581BBE108F851528E9E8","prefs":{"preference_reset_time":"95C909F3D0669D5931907B455F099C510E7770D9F0BA6FF13E4C76101B44F757"},"profile":{"reset_prompt_memento":"D4530CB53DD89D7863C8A6CB3762FD06DE5DBC9965D16D3A72FE1B19AD4A6C8F"},"safebrowsing":{"incidents_sent":"569707D9A4676B72F48BE92B740BE3EF895419C8A646F1AE1BA70BD9C3B41845"},"search_provider_overrides":"F4242BA88C6E3ED72F5C8CE7B7D3EFCE2AD369F845B41418AE09C15C6DDCC11F","session":{"restore_on_startup":"AB59F1A9CB391932F7B6047BDBE08DCCB63050B3A912DE5B810DA12B56F5E9D2","startup_urls":"3994DCC2DE80C5F9B8D6706E95436C0EA50AD031AC735F1E0ADEDA468D76C37B"},"software_reporter":{"prompt_reason":"5A1EEE6610B0E60FAD44D731D9768B67743F2307846BA8C85E4A6884DBA2CC78","prompt_seed":"D12521B12F27ED8D55846D6FE25154BD22242084A3546A89F2435F0D6575A92E","prompt_version":"565C7DC33789AA140A0FFC230B569B2F592F494FD1FE1EF8BAEA97F43DB5B49E"},"sync":{"remaining_rollback_tries":"330199A48C5F90321D74BF4A3B8CAD4B7FF7FA5817F414DCBE4E6C2F52FBDA56"}},"super_mac":"E37085589A4A3C4F40BCBEAEAB002B93F5FE87E90F888739051B2F1F9E7B22DD"},"search_provider_overrides":[{"encoding":"UTF-8","favicon_url":"hxxp://www.cassiopesa.com/favicon.ico","id":1001,"keyword":"Cassiopesa","name":"Cassiopesa","search_url":"hxxp://www.cassiopesa.com/results.php?f=4&q={searchTerms}&a=csp_tgsam_15_23&cd=2XzuyEtN2Y1L1Qzu0EzztCtCtAtB0E0CyCtBtC0D0FyDzytDtN0D0Tzu0StCtByDtBtN1L2XzutAtFtCtDtFtCtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StAzztC0DtByEtC0BtGyC0F0D0BtGyEyBtDtCtGyCyD0EzztGtByE0BtByBtBtCtCyEyDzztC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0E0AtDyBtD0FtCtGyDtDyD0FtGyEzztC0AtG0ByB0CtBtG0FyBzyyEyCtA0AyDyDzytByC2QtN0A0LzuyE&cr=436201747&ir=","suggest_url":""}],"session":{"restore_on_startup":4,"startup_urls":["hxxp://www.cassiopesa.com/?f=1&a=csp_tgsam_15_23&cd=2XzuyEtN2Y1L1Qzu0EzztCtCtAtB0E0CyCtBtC0D0FyDzytDtN0D0Tzu0StCtByDtBtN1L2XzutAtFtCtDtFtCtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StAzztC0DtByEtC0BtGyC0F0D0BtGyEyBtDtCtGyCyD0EzztGtByE0BtByBtBtCtCyEyDzztC2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0F0E0AtDyBtD0FtCtGyDtDyD0FtGyEzztC0AtG0ByB0CtBtG0FyBzyyEyCtA0AyDyDzytByC2QtN0A0LzuyE&cr=436201747&ir=&uref=chmm"]}}
 
 

==== Chromium Fix ======================
 

C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully

C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully

C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully

C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully

C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully

C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully

C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully

C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully

C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_static.select-n-go00.select-n-go.com_0.localstorage deleted successfully

C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_static.select-n-go00.select-n-go.com_0.localstorage-journal deleted successfully

C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_static.boostsaves.com_0.localstorage deleted successfully

C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_static.boostsaves.com_0.localstorage-journal deleted successfully

C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage deleted successfully

C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal deleted successfully

C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage deleted successfully

C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage-journal deleted successfully

C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\ablgnpngfaaficpckehadaljnjgjkhbi deleted successfully

C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk deleted successfully

C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\fijhlnmmmgflacagjecncpmpnhjieggk deleted successfully

C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn deleted successfully

C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\idhkmcfanijhphphomamdkaejjadkhgn deleted successfully

C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\chrome-extension_idhkmcfanijhphphomamdkaejjadkhgn_0.localstorage deleted successfully

C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Local Storage\chrome-extension_idhkmcfanijhphphomamdkaejjadkhgn_0.localstorage-journal deleted successfully

C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_idhkmcfanijhphphomamdkaejjadkhgn_0.localstorage deleted successfully

C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_idhkmcfanijhphphomamdkaejjadkhgn_0.localstorage-journal deleted successfully

C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_idhkmcfanijhphphomamdkaejjadkhgn_0 deleted successfully

C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\idhkmcfanijhphphomamdkaejjadkhgn deleted successfully

C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\mdcoemfeknnmifgkfoncjfoohdljddmp deleted successfully
 

==== Set IE to Default ======================
 

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="hxxp://www.google.com"
 

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="hxxp://www.google.com"
 

==== All HKCU SearchScopes ======================
 

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="hxxp://www.google.com/search?q={searchTerms}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
 

==== Reset Google Chrome ======================
 

C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Preferences was reset successfully

C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Secure Preferences was reset successfully

C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully

C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully

C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Web Data was reset successfully

C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Web Data-journal was reset successfully

C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Web Data will be reset at reboot

C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Web Data-journal will be reset at reboot
 

==== shortcuts on Users Desktops ======================
 

C:\Users\Undertaker\Desktop\Registry kostenlos entrümpeln.lnk -  

C:\Users\Undertaker\Desktop\Revo Uninstaller.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe 

C:\Users\Undertaker\Desktop\setup_Project64_2.2.exe - Verknüpfung.lnk -  
 

==== shortcuts on All Users Desktop ======================
 

C:\Users\Public\Desktop\Avira Control Center.lnk - C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe 

C:\Users\Public\Desktop\Browserwahl.lnk - C:\Windows\System32\browserchoice.exe /launch

C:\Users\Public\Desktop\Google Earth.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe 

C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe 

C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe 

C:\Users\Public\Desktop\NAVIGON Fresh.lnk - C:\Program Files (x86)\NAVIGON\NAVIGON Fresh\bin\Fresh.exe C:\Program Files (x86)\NAVIGON\NAVIGON Fresh\bin

C:\Users\Public\Desktop\Opera.lnk - C:\Program Files (x86)\Opera\launcher.exe 

C:\Users\Public\Desktop\Video Search.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe  /VIDEOSEARCH
 

==== shortcuts in Users Start Menu ======================
 

C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk - C:\windows\system32\cmd.exe 

C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk - C:\windows\system32\notepad.exe 

C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk -  

C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk - C:\windows\explorer.exe 

C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk - C:\windows\system32\control.exe /name Microsoft.EaseOfAccessCenter

C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk - C:\windows\system32\magnify.exe 

C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -  

C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk - C:\windows\system32\osk.exe 

C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk -  

C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk -  

C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk - C:\windows\system32\eudcedit.exe 

C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk -  

C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk - C:\windows\system32\cmd.exe 

C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk - C:\windows\system32\notepad.exe 

C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk -  

C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk - C:\windows\explorer.exe 

C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk - C:\windows\system32\control.exe /name Microsoft.EaseOfAccessCenter

C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk - C:\windows\system32\magnify.exe 

C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -  

C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk - C:\windows\system32\osk.exe 

C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk -  

C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk -  

C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk - C:\windows\system32\eudcedit.exe 

C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk -  

C:\Users\Shari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe 

C:\Users\Shari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk - C:\windows\system32\cmd.exe 

C:\Users\Shari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk - C:\windows\system32\notepad.exe 

C:\Users\Shari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk -  

C:\Users\Shari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk - C:\windows\explorer.exe 

C:\Users\Shari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk - C:\windows\system32\control.exe /name Microsoft.EaseOfAccessCenter

C:\Users\Shari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk - C:\windows\system32\magnify.exe 

C:\Users\Shari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -  

C:\Users\Shari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk - C:\windows\system32\osk.exe 

C:\Users\Shari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk -  

C:\Users\Shari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk -  

C:\Users\Shari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe 

C:\Users\Shari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk - C:\windows\system32\eudcedit.exe 

C:\Users\Shari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk -  

C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online.lnk - C:\Users\Public\Sony Online Entertainment\Installed Games\DC Universe Online\LaunchPad.exe 

C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Command Prompt.lnk - C:\windows\system32\cmd.exe 

C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Notepad.lnk - C:\windows\system32\notepad.exe 

C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Run.lnk -  

C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Windows Explorer.lnk - C:\windows\explorer.exe 

C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Ease of Access.lnk - C:\windows\system32\control.exe /name Microsoft.EaseOfAccessCenter

C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Magnify.lnk - C:\windows\system32\magnify.exe 

C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\Narrator.lnk -  

C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\Accessibility\On-Screen Keyboard.lnk - C:\windows\system32\osk.exe 

C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\computer.lnk -  

C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Control Panel.lnk -  

C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Private Character Editor.lnk - C:\windows\system32\eudcedit.exe 

C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center\Voreinstellungen\Air Traveler.lnk - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe Start Load profilename="Air Traveler"

C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center\Voreinstellungen\Battery Saver.lnk - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe Start Load profilename="Battery Saver"

C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center\Voreinstellungen\Gaming.lnk - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe Start Load profilename="Gaming"

C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center\Voreinstellungen\Movie.lnk - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe Start Load profilename="Movie"

C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD VISION Engine Control Center\Voreinstellungen\Web Browsing.lnk - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.exe Start Load profilename="Web Browsing"

C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\Dropbox.exe /home

C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk - C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe 

C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games\Settlers 3™.lnk -  

C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance\Help.lnk -  

C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Revo Uninstaller.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe 

C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Run Hunter Mode.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe -hunter

C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Uninstall.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\uninst.exe 

C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller\Website.lnk - C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revo Uninstaller.url 

C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup
 

==== shortcuts in All Users Start Menu ======================
 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk - C:\Program Files (x86)\Opera\launcher.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip File Manager.lnk - C:\Program Files (x86)\7-Zip\7zFM.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip\7-Zip Help.lnk - C:\Program Files (x86)\7-Zip\7-zip.chm 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira.lnk - C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe /showMiniGui

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Avira Free Antivirus Hilfe.lnk - C:\Program Files (x86)\Avira\AntiVir Desktop\avwin.chm 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Avira Free Antivirus starten.lnk - C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Avira im Internet.lnk - C:\Program Files (x86)\Avira\AntiVir Desktop\weblink.url 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira\Avira Desktop\Readme anzeigen.lnk - C:\Program Files (x86)\Avira\AntiVir Desktop\readme.txt 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games\WildTangent Games App - samsung.lnk - C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe /src gamesmenu /dp samsung

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware entfernen.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\Silverlight.Configuration.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NAVIGON\NAVIGON Fresh\Deinstallieren.lnk - C:\Program Files (x86)\NAVIGON\NAVIGON Fresh\uninst.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NAVIGON\NAVIGON Fresh\NAVIGON Fresh.lnk - C:\Program Files (x86)\NAVIGON\NAVIGON Fresh\bin\Fresh.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.2\Project 64.lnk - C:\Program Files (x86)\Project64 2.2\Project64.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.2\Uninstall Project64 2.2.lnk - C:\Program Files (x86)\Project64 2.2\unins000.exe /LOG

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam\Steam.lnk - C:\Program Files (x86)\Steam\Steam.exe 

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WEB.DE MailCheck\MailCheck Reparaturassistent.lnk - C:\ProgramData\1&1 Mail & Media GmbH\MailCheck IE\WEB.DE_MailCheck_Repair.exe /REPAIR=1 /IT=9 /ID=10 /IM=5 /IY=2013 /IC=29 /IK=0 /IJ=1 /LOCALE=de_DE /SEARCH=0 /DEFSEARCH=0 /STARTPAGE=0 /BUNDLE=0
 

==== shortcuts in Quick Launch ======================
 

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

C:\Users\Shari\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe 

C:\Users\Shari\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  

C:\Users\Shari\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

C:\Users\Shari\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe 

C:\Users\Shari\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\WEB.DE MailCheck Suche.lnk - C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Suche.exe 

C:\Users\Shari\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\windows\explorer.exe 

C:\Users\Shari\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Live Messenger.lnk - C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe 

C:\Users\Shari\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1

C:\Users\Undertaker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 

C:\Users\Undertaker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite

C:\Users\Undertaker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe 

C:\Users\Undertaker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  

C:\Users\Undertaker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\WildTangent Games App - wildgames.lnk - C:\Program Files (x86)\WildTangent Games\App\GameConsole-wt.exe /src quicklaunch /dp samsung

C:\Users\Undertaker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

C:\Users\Undertaker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\windows\system32\control.exe 

C:\Users\Undertaker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Video Search.lnk - C:\Program Files (x86)\DsNET Corp\aTube Catcher 2.0\yct.exe  /VIDEOSEARCH

C:\Users\Undertaker\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\windows\explorer.exe 
 

==== Deleting Registry Keys ======================
 

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7F6F62F0-7884-4CFB-B86C-597A4A6D9C4D} deleted successfully
 

==== Empty IE Cache ======================
 

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Undertaker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Undertaker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y9Y3YUFA will be deleted at reboot
 

==== Empty FireFox Cache ======================
 

No FireFox Profiles found
 

==== Empty Chrome Cache ======================
 

C:\Users\Undertaker\AppData\Local\Opera Software\Opera Stable\Cache will be emptied at reboot

C:\Users\Undertaker\AppData\Local\Chromium\User Data\Default\Cache emptied successfully

C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
 

==== Empty All Flash Cache ======================
 

Flash Cache Emptied Successfully
 

==== Empty All Java Cache ======================
 

Java Cache cleared successfully
 

==== C:\zoek_backup content ======================
 

C:\zoek_backup (files=18757 folders=1883 103621003543 bytes)
 

==== Empty Temp Folders ======================
 

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\Shari\AppData\Local\Temp emptied successfully

C:\Users\Undertaker\AppData\Local\Temp will be emptied at reboot

C:\windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot

C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\windows\Temp will be emptied at reboot
 

==== After Reboot ======================
 

==== Empty Temp Folders ======================
 

C:\windows\Temp successfully emptied

C:\Users\UNDERT~1\AppData\Local\Temp successfully emptied
 

==== Empty Recycle Bin ======================
 

C:\$RECYCLE.BIN successfully emptied
 

==== Deleting Files / Folders ======================
 

"C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Web Data" not found

"C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Web Data-journal" not found

"C:\Users\Undertaker\AppData\Local\Opera Software\Opera Stable\Cache\data_0" deleted

"C:\Users\Undertaker\AppData\Local\Opera Software\Opera Stable\Cache\data_1" deleted

"C:\Users\Undertaker\AppData\Local\Opera Software\Opera Stable\Cache\data_2" deleted

"C:\Users\Undertaker\AppData\Local\Opera Software\Opera Stable\Cache\data_3" deleted

"C:\Users\Undertaker\AppData\Local\Opera Software\Opera Stable\Cache\index" deleted

"C:\windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found

"C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_inst.shoppingate.info_0.localstorage" not deleted

"C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_inst.shoppingate.info_0.localstorage-journal" not deleted

"C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_ablgnpngfaaficpckehadaljnjgjkhbi_0.localstorage" not deleted

"C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_ablgnpngfaaficpckehadaljnjgjkhbi_0.localstorage-journal" not deleted

"C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\databases\chrome-extension_ablgnpngfaaficpckehadaljnjgjkhbi_0" deleted

"C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\ablgnpngfaaficpckehadaljnjgjkhbi" deleted

"C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_idhkmcfanijhphphomamdkaejjadkhgn_0.localstorage" not deleted

"C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_idhkmcfanijhphphomamdkaejjadkhgn_0.localstorage-journal" not deleted

"C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\databases\chrome-extension_idhkmcfanijhphphomamdkaejjadkhgn_0" deleted

"C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\idhkmcfanijhphphomamdkaejjadkhgn" deleted

"C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_mdcoemfeknnmifgkfoncjfoohdljddmp_0.localstorage" not deleted

"C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Storage\chrome-extension_mdcoemfeknnmifgkfoncjfoohdljddmp_0.localstorage-journal" not deleted

"C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\databases\chrome-extension_mdcoemfeknnmifgkfoncjfoohdljddmp_0" deleted

"C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\mdcoemfeknnmifgkfoncjfoohdljddmp" deleted

"C:\Users\Undertaker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y9Y3YUFA" not found
 

==== EOF on 08.06.2015 at 16:51:16,35 ======================

Viele Grüße
Ani

deeprybka

08.06.2015 20:14

OK, jetzt bitte nochmal frische FRST-Logs.

Schritt 1

http://filepony.de/icon/frst.png http://deeprybka.trojaner-board.de/b...t/frstscan.png

Bitte starte FRST erneut, markiere auch die checkbox http://deeprybka.trojaner-board.de/b...t/addition.pngund drücke auf Scan.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.

Ani73

08.06.2015 21:36

Hier die FRST logs

FRST Logfile:

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:06-06-2015

Ran by Undertaker (administrator) on UNDERTAKER-PC on 08-06-2015 22:31:08

Running from C:\Users\Undertaker\Downloads

Loaded Profiles: Undertaker (Available Profiles: Undertaker & Shari)

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11 (Default browser not detected!)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(AMD) C:\Windows\System32\atiesrxx.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

() C:\Windows\meud.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

() C:\Windows\SysWOW64\PnkBstrB.exe

() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe

(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe

(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe

(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe

(Dropbox, Inc.) C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\Dropbox.exe

(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe

(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(1und1 Mail und Media GmbH) C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe

(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe

(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe

(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe

() C:\Program Files (x86)\Opera\29.0.1795.60\opera_crashreporter.exe

(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11895400 2011-06-25] (Realtek Semiconductor)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2588968 2010-11-13] (ELAN Microelectronics Corp.)

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\qttask.exe [421888 2012-11-18] (Apple Inc.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-22] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-01-14] (Samsung Electronics Co., Ltd.)

HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)

HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)

HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [MailCheck IE Broker] => C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe [2190912 2015-05-06] (1und1 Mail und Media GmbH)

HKLM-x32\...\Run: [iScreeny] => C:\Users\Undertaker\AppData\Local\iScreeny\iScreeny.exe

HKLM-x32\...\Run: [iScreeny - Web] => C:\Users\Undertaker\AppData\Local\iScreeny\iWebScreeny.exe

HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [384800 2012-10-16] (Avira Operations GmbH & Co. KG)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Run: [Facebook Update] => C:\Users\Undertaker\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-05-25] (Facebook Inc.)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1565504 2015-01-14] (Samsung)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2015-01-14] (Samsung)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Run: [GoogleChromeAutoLaunch_DF202E42DFEEF9CE7A049D628287467C] => C:\Users\Undertaker\AppData\Local\Chromium\Application\chrome.exe [659456 2015-06-03] (The Chromium Authors)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)

AppInit_DLLs-x32: c:\progra~3\{b37b5~1\1172~1.1\nisi.dll => "c:\progra~3\{b37b5~1\1172~1.1\nisi.dll" File not found

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-02-01]

ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)

Startup: C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-07-25]

ShortcutTarget: Dropbox.lnk -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION

ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled

ProxyServer: [.DEFAULT] => http=127.0.0.1:51515;https=127.0.0.1:51515

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com

SearchScopes: HKLM -> {9143e921-7c9a-4d27-ac43-eaccc78cc55a} URL = 

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)

BHO: WEB.DE MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2015-05-06] (1und1 Mail und Media GmbH)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-02-01] (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)

BHO-x32: Samsung BHO Class -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll [2010-10-25] ()

BHO-x32: WEB.DE MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2015-05-06] (1und1 Mail und Media GmbH)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-02-01] (Oracle Corporation)

DPF: HKLM {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

DPF: HKLM {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_x64_5.0.199.0.cab

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2015-05-06] (1und1 Mail und Media GmbH)

Handler-x32: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2015-05-06] (1und1 Mail und Media GmbH)

StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 

FireFox:

========

FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\windows\system32\npDeployJava1.dll [2012-11-05] (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)

FF Plugin-x32: @java.com/DTPlugin,version=10.75.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-02-01] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.75.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-02-01] (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)

FF Plugin-x32: @popularscreensavers.com/Plugin -> C:\Program Files (x86)\PopularScreensavers\NPp5Stub.dll No File

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\6\NP_wtapp.dll [2015-04-27] ()

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-1335839233-2991384071-368375801-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Undertaker\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

FF Plugin HKU\S-1-5-21-1335839233-2991384071-368375801-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-10-01] ()
 

Chrome: 

=======

CHR Profile: C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Slides) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-14]

CHR Extension: (Google Docs) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-14]

CHR Extension: (Google Drive) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-14]

CHR Extension: (YouTube) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-14]

CHR Extension: (Google Search) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-14]

CHR Extension: (Google Sheets) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-14]

CHR Extension: (Avira Browser Safety) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-05-14]

CHR Extension: (Bookmark Manager) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-14]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-14]

CHR Extension: (Google Wallet) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-15]

CHR Extension: (Gmail) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-14]

CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

StartMenuInternet: Google Chrome - chrome.exe
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-03-22] (Advanced Micro Devices, Inc.) [File not signed]

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84256 2012-10-16] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108320 2012-10-16] (Avira Operations GmbH & Co. KG)

R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)

R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]

S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]

R2 meud; c:\windows\meud.exe [408576 2015-06-06] () [File not signed]

R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)

R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [75136 2013-03-11] ()

R2 PnkBstrB; C:\windows\SysWOW64\PnkBstrB.exe [189248 2013-03-11] ()

R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [File not signed]

R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)

R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)

R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2013-07-28] ()

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [99248 2012-09-13] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [129216 2012-10-04] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27800 2012-09-24] (Avira Operations GmbH & Co. KG)

R1 iScreeny; C:\windows\iScreeny.sys [50840 2015-03-11] (Windows (R) Win 7 DDK provider)

R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2013-07-28] ()

S3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)

S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-01-16] (Windows (R) 2003 DDK 3790 provider)

S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]

S3 RkHit; \??\C:\windows\system32\drivers\RKHit.sys [X]

S3 taphss6; system32\DRIVERS\taphss6.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 

==================== One Month Created files and folders ========
 

(If an entry is included in the fixlist, the file/folder will be moved.)
 

2015-06-08 17:21 - 2015-06-08 17:21 - 00243592 _____ C:\Users\Undertaker\Downloads\Firefox Setup Stub 38.0.5 (1).exe

2015-06-08 17:16 - 2015-06-08 17:16 - 00243592 _____ C:\Users\Undertaker\Downloads\Firefox Setup Stub 38.0.5.exe

2015-06-08 16:28 - 2015-06-08 13:06 - 00024064 _____ C:\windows\zoek-delete.exe

2015-06-08 15:04 - 2015-06-08 15:04 - 00000000 ___SD C:\windows\SysWOW64\GWX

2015-06-08 15:04 - 2015-06-08 15:04 - 00000000 ___SD C:\windows\system32\GWX

2015-06-08 13:58 - 2015-06-08 16:51 - 00000000 ____D C:\zoek

2015-06-08 13:10 - 2015-06-08 16:51 - 00059803 _____ C:\zoek-results.log

2015-06-08 13:06 - 2015-06-08 16:08 - 00000000 ____D C:\zoek_backup

2015-06-08 13:05 - 2015-06-08 13:06 - 01308672 _____ C:\Users\Undertaker\Downloads\zoek.exe

2015-06-07 23:20 - 2015-06-07 23:20 - 00041826 _____ C:\Users\Undertaker\Desktop\FRST.txt

2015-06-07 22:46 - 2015-06-07 22:48 - 00135230 _____ C:\Users\Undertaker\Desktop\auswahl.txt

2015-06-07 20:40 - 2015-06-07 20:40 - 00000000 ____D C:\Users\Undertaker\Downloads\RevoUninstallerPortable

2015-06-07 20:39 - 2015-06-07 20:40 - 02785665 _____ (PortableApps.com) C:\Users\Undertaker\Downloads\RevoUninstallerPortable_1.95_Rev_2.paf.exe

2015-06-06 23:04 - 2015-06-06 23:04 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\Avira

2015-06-06 22:58 - 2015-06-06 22:58 - 00001954 _____ C:\Users\Public\Desktop\Avira Control Center.lnk

2015-06-06 22:57 - 2012-10-04 12:07 - 00129216 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys

2015-06-06 22:57 - 2012-09-24 09:58 - 00027800 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys

2015-06-06 22:57 - 2012-09-13 15:52 - 00099248 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys

2015-06-06 21:36 - 2015-06-06 23:28 - 00001062 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2015-06-06 21:32 - 2015-06-06 21:34 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Undertaker\Downloads\mbam-setup-2.1.6.1022.exe

2015-06-06 21:17 - 2015-06-07 23:25 - 00052477 _____ C:\Users\Undertaker\Downloads\Addition.txt

2015-06-06 21:12 - 2015-06-08 22:31 - 00021611 _____ C:\Users\Undertaker\Downloads\FRST.txt

2015-06-06 21:11 - 2015-06-06 21:11 - 02108928 _____ (Farbar) C:\Users\Undertaker\Downloads\FRST64.exe

2015-06-06 19:22 - 2015-06-07 21:07 - 00000000 ____D C:\AdwCleaner

2015-06-06 13:50 - 2015-06-07 22:10 - 00173056 _____ C:\windows\Provider.dll

2015-06-06 13:50 - 2015-06-07 22:10 - 00000000 ____D C:\windows\Provider32

2015-06-06 13:50 - 2015-06-07 20:51 - 00173056 _____ C:\windows\Provider20150607221036.dll

2015-06-06 13:50 - 2015-06-07 19:50 - 00173056 _____ C:\windows\Provider20150607205118.dll

2015-06-06 13:50 - 2015-06-06 23:54 - 00173056 _____ C:\windows\Provider20150607195041.dll

2015-06-06 13:50 - 2015-06-06 22:06 - 00173056 _____ C:\windows\Provider20150606235357.dll

2015-06-06 13:50 - 2015-06-06 19:55 - 00173056 _____ C:\windows\Provider20150606220627.dll

2015-06-06 13:50 - 2015-06-06 18:06 - 00173056 _____ C:\windows\Provider20150606195541.dll

2015-06-06 13:50 - 2015-06-06 16:53 - 00173056 _____ C:\windows\Provider20150606180602.dll

2015-06-06 13:50 - 2015-06-06 15:52 - 00173056 _____ C:\windows\Provider20150606165333.dll

2015-06-06 13:50 - 2015-06-06 14:51 - 00173056 _____ C:\windows\Provider20150606155257.dll

2015-06-06 13:50 - 2015-06-06 13:50 - 00718497 _____ C:\windows\unins000.exe

2015-06-06 13:50 - 2015-06-06 13:50 - 00010273 _____ C:\windows\unins000.dat

2015-06-06 13:50 - 2015-06-02 18:30 - 00173056 _____ C:\windows\Provider20150606145136.dll

2015-06-06 13:50 - 2015-06-02 18:30 - 00101888 _____ C:\windows\Installer.exe

2015-06-06 13:48 - 2015-06-06 13:48 - 02231296 _____ C:\Users\Undertaker\Downloads\AdwCleaner_4.206.exe

2015-06-06 13:42 - 2015-06-06 13:42 - 02870984 _____ (ESET) C:\Users\Undertaker\Downloads\esetsmartinstaller_deu.exe

2015-06-06 13:26 - 2015-06-06 13:26 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Chromium

2015-06-06 13:20 - 2015-06-06 13:26 - 00000000 ___HD C:\ProgramData\eud

2015-06-06 13:18 - 2015-06-06 22:19 - 00000004 _____ C:\windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7

2015-06-06 13:16 - 2015-06-06 13:16 - 00631296 _____ C:\windows\eud.dat

2015-06-06 13:16 - 2015-06-06 13:16 - 00408576 _____ C:\windows\meud.exe

2015-06-06 13:06 - 2015-06-06 13:20 - 00000684 _____ C:\Users\Undertaker\Downloads\project64                         .website

2015-06-06 13:06 - 2015-06-06 13:20 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Deployment

2015-06-06 13:06 - 2015-06-06 13:06 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Apps\2.0

2015-06-06 12:53 - 2015-06-06 12:53 - 00001285 _____ C:\Users\Undertaker\Desktop\setup_Project64_2.2.exe - Verknüpfung.lnk

2015-06-06 12:45 - 2015-06-06 12:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.2

2015-06-06 12:45 - 2015-06-06 12:53 - 00000000 ____D C:\Program Files (x86)\Project64 2.2

2015-06-06 12:39 - 2015-06-06 12:39 - 12699289 _____ C:\Users\Undertaker\Downloads\Mario Kart 64 (E).zip

2015-06-06 12:35 - 2015-06-06 12:35 - 08388608 _____ C:\Users\Undertaker\Downloads\Super Mario 64 (D, F, E) (1).v64

2015-06-06 12:34 - 2015-06-06 12:46 - 00001089 _____ C:\Users\Public\Desktop\Opera.lnk

2015-06-06 12:34 - 2015-06-06 12:34 - 00003862 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1433586837

2015-06-06 12:34 - 2015-06-06 12:34 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\Opera Software

2015-06-06 12:34 - 2015-06-06 12:34 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Opera Software

2015-06-06 12:34 - 2015-06-06 12:33 - 00001095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk

2015-06-06 12:33 - 2015-06-08 16:56 - 00000000 ____D C:\Program Files (x86)\Opera

2015-06-06 12:33 - 2015-06-06 12:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip

2015-06-06 12:33 - 2015-06-06 12:33 - 00000000 ____D C:\Program Files (x86)\7-Zip

2015-06-06 12:32 - 2015-06-06 16:12 - 00000000 ____D C:\Program Files (x86)\MiuiTab

2015-06-06 12:32 - 2015-06-06 12:31 - 01200163 _____ C:\Users\Undertaker\Downloads\7zip.exe

2015-06-06 12:21 - 2015-06-06 12:46 - 00001311 _____ C:\Users\Public\Desktop\NAVIGON Fresh.lnk

2015-06-06 12:21 - 2015-06-06 12:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NAVIGON

2015-06-06 12:21 - 2015-06-06 12:21 - 00000000 ____D C:\ProgramData\boost_interprocess

2015-06-05 22:10 - 2015-06-05 22:11 - 01089752 _____ (Unity Technologies ApS) C:\Users\Undertaker\Downloads\UnityWebPlayer (1).exe

2015-06-04 14:56 - 2015-06-04 14:56 - 00983949 _____ C:\Users\Undertaker\Downloads\Super Mario Allstars (E).zip

2015-06-04 14:35 - 2015-06-04 14:36 - 06347644 _____ C:\Users\Undertaker\Downloads\Super Mario 64 (D, F, E) (1).zip

2015-06-04 12:44 - 2015-06-04 12:45 - 06347644 _____ C:\Users\Undertaker\Downloads\Super Mario 64 (D, F, E).zip

2015-06-04 12:39 - 2015-01-30 06:22 - 00000073 ____R C:\Users\Undertaker\Downloads\PokeMMO.sh

2015-06-02 22:00 - 2015-06-04 12:42 - 13171110 _____ C:\Users\Undertaker\Desktop\PokeMMO-Client (2).zip

2015-05-17 16:12 - 2015-05-17 16:12 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Sonic7

2015-05-15 09:45 - 2015-05-15 09:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WEB.DE MailCheck

2015-05-15 09:45 - 2015-05-15 09:45 - 00000000 ____D C:\Program Files\WEB.DE MailCheck

2015-05-15 09:45 - 2015-05-15 09:45 - 00000000 ____D C:\Program Files (x86)\WEB.DE MailCheck

2015-05-14 20:59 - 2015-05-14 20:59 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Steam

2015-05-14 20:50 - 2015-06-08 16:51 - 00000000 ____D C:\Program Files (x86)\Steam

2015-05-14 20:50 - 2015-05-14 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

2015-05-14 20:47 - 2015-05-14 20:47 - 01142128 _____ C:\Users\Undertaker\Downloads\SteamSetup.exe

2015-05-14 19:49 - 2015-05-14 19:49 - 00000000 ____D C:\ProgramData\UUdb

2015-05-14 09:38 - 2015-06-06 13:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
 

==================== One Month Modified files and folders ========
 

(If an entry is included in the fixlist, the file/folder will be moved.)
 

2015-06-08 22:31 - 2014-01-02 17:54 - 00000000 ____D C:\FRST

2015-06-08 22:30 - 2015-04-14 19:11 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job

2015-06-08 22:30 - 2013-04-20 10:22 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-06-08 22:30 - 2012-12-04 14:05 - 00000948 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1335839233-2991384071-368375801-1000UA.job

2015-06-08 22:30 - 2011-10-20 01:52 - 01271534 _____ C:\windows\WindowsUpdate.log

2015-06-08 17:02 - 2009-07-14 06:45 - 00028624 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-06-08 17:02 - 2009-07-14 06:45 - 00028624 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-06-08 16:56 - 2014-04-11 20:58 - 00000000 ____D C:\Users\Undertaker\AppData\Local\LogMeIn Hamachi

2015-06-08 16:55 - 2014-07-25 18:13 - 00000000 ___RD C:\Users\Undertaker\Dropbox

2015-06-08 16:55 - 2014-07-25 18:11 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\Dropbox

2015-06-08 16:50 - 2014-05-22 17:16 - 00000008 __RSH C:\ProgramData\ntuser.pol

2015-06-08 16:50 - 2013-04-20 10:22 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-06-08 16:50 - 2013-04-06 00:59 - 00080197 _____ C:\windows\setupact.log

2015-06-08 16:50 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT

2015-06-08 16:49 - 2013-04-06 00:52 - 01088286 _____ C:\windows\PFRO.log

2015-06-08 16:28 - 2012-12-04 14:05 - 00000926 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1335839233-2991384071-368375801-1000Core.job

2015-06-08 15:58 - 2009-07-14 05:20 - 00000000 ___HD C:\windows\system32\GroupPolicy

2015-06-08 15:58 - 2009-07-14 05:20 - 00000000 ____D C:\windows\SysWOW64\GroupPolicy

2015-06-07 22:50 - 2013-04-07 15:58 - 00000000 ____D C:\windows\ERUNT

2015-06-07 21:35 - 2014-05-22 19:43 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys

2015-06-07 21:06 - 2012-10-30 15:16 - 00000000 ____D C:\Users\Undertaker

2015-06-07 20:51 - 2013-03-28 23:41 - 00000000 ____D C:\Users\Undertaker\AppData\Local\CrashDumps

2015-06-07 19:09 - 2012-11-05 13:32 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\Skype

2015-06-06 23:28 - 2014-05-22 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-06-06 23:28 - 2014-05-22 19:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-06-06 22:58 - 2012-10-30 16:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

2015-06-06 22:56 - 2012-10-30 16:18 - 00000000 ____D C:\Program Files (x86)\Avira

2015-06-06 22:44 - 2012-10-30 16:18 - 00000000 ____D C:\ProgramData\Avira

2015-06-06 22:43 - 2012-12-06 16:46 - 00000000 ____D C:\windows\Minidump

2015-06-06 12:46 - 2015-04-17 20:10 - 00002568 _____ C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online.lnk

2015-06-06 12:46 - 2015-02-01 15:26 - 00001761 _____ C:\Users\Public\Desktop\iTunes.lnk

2015-06-06 12:46 - 2015-01-28 20:02 - 00001242 _____ C:\Users\Undertaker\Desktop\Revo Uninstaller.lnk

2015-06-06 12:46 - 2014-08-14 23:40 - 00001415 _____ C:\Users\Shari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2015-06-06 12:46 - 2014-05-19 11:26 - 00002190 _____ C:\Users\Public\Desktop\Google Earth.lnk

2015-06-06 12:46 - 2013-08-12 21:43 - 00002096 _____ C:\Users\Public\Desktop\Video Search.lnk

2015-06-06 12:46 - 2012-11-24 13:01 - 00001426 _____ C:\Users\Undertaker\Desktop\Registry kostenlos entrümpeln!.lnk

2015-06-06 12:46 - 2012-11-04 12:00 - 00001768 _____ C:\Users\Public\Desktop\Browserwahl.lnk

2015-06-06 11:18 - 2012-11-06 14:44 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\.minecraft

2015-05-24 18:06 - 2011-10-20 01:00 - 00700134 _____ C:\windows\system32\perfh007.dat

2015-05-24 18:06 - 2011-10-20 01:00 - 00149984 _____ C:\windows\system32\perfc007.dat

2015-05-24 18:06 - 2009-07-14 07:13 - 01622236 _____ C:\windows\system32\PerfStringBackup.INI

2015-05-22 20:33 - 2015-02-18 15:50 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\vlc

2015-05-17 15:47 - 2013-04-20 10:22 - 00004106 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA

2015-05-17 15:47 - 2013-04-20 10:22 - 00003854 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore

2015-05-16 13:54 - 2012-10-30 16:02 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\Adobe

2015-05-15 20:08 - 2013-03-14 21:43 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2015-05-15 20:08 - 2013-03-14 21:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2015-05-15 15:41 - 2012-11-08 16:36 - 01649854 _____ C:\windows\SysWOW64\PerfStringBackup.INI

2015-05-15 15:41 - 2012-11-08 16:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client

2015-05-15 15:40 - 2014-07-10 17:17 - 00000000 ____D C:\ProgramData\Microsoft Help

2015-05-15 15:40 - 2013-07-31 20:03 - 00000000 ____D C:\windows\system32\MRT

2015-05-15 15:12 - 2012-11-08 16:16 - 140425016 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

2015-05-15 15:06 - 2013-03-14 21:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2015-05-14 19:49 - 2013-05-10 12:24 - 00003892 _____ C:\windows\System32\Tasks\Registration 1und1 Task

2015-05-14 19:49 - 2013-05-10 12:24 - 00000000 ____D C:\Program Files (x86)\1und1Softwareaktualisierung

2015-05-14 09:38 - 2013-04-20 10:22 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Google

2015-05-14 09:38 - 2013-04-20 10:22 - 00000000 ____D C:\Program Files (x86)\Google

2015-05-13 16:36 - 2014-07-25 18:12 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
 

==================== Files in the root of some directories =======
 

2013-03-28 23:41 - 2013-03-28 23:41 - 0003584 _____ () C:\Users\Undertaker\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-03-04 22:26 - 2014-03-04 22:26 - 0091848 _____ () C:\Users\Undertaker\AppData\Local\ext_offermosquito_uninst.exe

2013-02-28 21:15 - 2014-03-14 14:34 - 1145382 ____N () C:\Users\Undertaker\AppData\Local\Tempmusic.ogg

2011-10-19 10:21 - 2011-10-19 10:22 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log

2011-10-19 10:07 - 2011-10-19 10:08 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log

2011-10-19 10:15 - 2011-10-19 10:17 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log

2011-10-19 10:09 - 2011-10-19 10:15 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log

2011-10-19 10:17 - 2011-10-19 10:21 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
 

Some files in TEMP:

====================

C:\Users\Undertaker\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxjwbg_.dll
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2015-06-03 22:57
 

==================== End of log ============================

--- --- ---

[CODE]Additional
FRST Logfile:

Code:

scan result of Farbar Recovery Scan Tool (x64) Version:06-06-2015

Ran by Undertaker at 2015-06-08 22:32:32

Running from C:\Users\Undertaker\Downloads

Boot Mode: Normal

==========================================================
 
 

==================== Accounts: =============================
 

Administrator (S-1-5-21-1335839233-2991384071-368375801-500 - Administrator - Disabled)

Gast (S-1-5-21-1335839233-2991384071-368375801-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-1335839233-2991384071-368375801-1005 - Limited - Enabled)

Shari (S-1-5-21-1335839233-2991384071-368375801-1001 - Limited - Enabled) => C:\Users\Shari

Undertaker (S-1-5-21-1335839233-2991384071-368375801-1000 - Administrator - Enabled) => C:\Users\Undertaker
 

==================== Security Center ========================
 

(If an entry is included in the fixlist, it will be removed.)
 

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}

AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installed Programs ======================
 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 

„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden

„Windows Live Messenger“ (x32 Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden

„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

7-Zip 9.38 beta (HKLM-x32\...\7-Zip) (Version:  - )

Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)

Agatha Christie - Death on the Nile (x32 Version: 2.2.0.82 - WildTangent) Hidden

Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)

ATI Catalyst Install Manager (HKLM\...\{2E26B067-B10A-683A-7E84-5813500EE3B0}) (Version: 3.0.820.0 - ATI Technologies, Inc.)

aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 2.9.1390 - DsNET Corp)

Avira (HKLM-x32\...\{b5675cc4-ab8b-4945-8c1d-4c5479556d6a}) (Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG)

Avira (x32 Version: 1.1.34.19732 - Avira Operations GmbH & Co. KG) Hidden

Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 13.0.0.2735 - Avira)

BatteryLifeExtender (HKLM-x32\...\{FFD0E594-823B-4E2B-B680-720B3C852588}) (Version: 1.0.11 - Samsung)

Battlefield Heroes (HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version:  - EA Digital illusions)

Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.55 - Broadcom Corporation)

Build-a-lot (x32 Version: 2.2.0.82 - WildTangent) Hidden

Camtasia Studio 8 (HKLM-x32\...\{8F6F7194-0734-4CDA-8C04-6B766F2241A6}) (Version: 8.0.4.1060 - TechSmith Corporation)

Cassiopesa (HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Chromium) (Version: 45.0.2422.0 - Chromium)

Chuzzle Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden

CyberLink Media Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 8.0.2227 - CyberLink Corp.)

CyberLink Media+ Player10 (HKLM-x32\...\InstallShield_{34FBC7C4-CD31-4D93-A428-0E524EAC4586}) (Version: 10.0.1110.00 - CyberLink Corp.)

CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 5.0.1130a - CyberLink Corp.)

CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3802 - CyberLink Corp.)

CyberLink PowerDirector (HKLM-x32\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 8.0.3306 - CyberLink Corp.)

CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.3509 - CyberLink Corp.)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Das gelobte Land (HKLM-x32\...\Das gelobte Land) (Version: 1.0.0.0 - INTENIUM GmbH)

DC Universe Online (HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\SOE-DC Universe Online) (Version: 1.0.3.183 - Sony Online Entertainment)

DEUTSCHLAND SPIELT GAME CENTER (HKLM-x32\...\DSGPlayer) (Version: 1.0.0.46 - INTENIUM GmbH)

Die Siedler 7 (HKLM-x32\...\{63860309-DA8A-4BAE-9EAE-CE1D6D79340C}) (Version: 1.12.1396 - Ubisoft)

Die Siedler III Gold Edition (HKLM-x32\...\S3) (Version:  - )

Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.82 - WildTangent) Hidden

Dropbox (HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Dropbox) (Version: 3.4.6 - Dropbox, Inc.)

Easy Content Share (HKLM-x32\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0 - Samsung Electronics Co., LTD)

Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.2 - Samsung Electronics Co., Ltd.)

Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0 - Samsung Electronics Co., Ltd.)

Easy Network Manager (HKLM-x32\...\{8732818E-CA78-4ACB-B077-22311BF4C0E4}) (Version: 4.4.7 - Samsung)

Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.1.1.1 - Samsung Electronics Co.,Ltd.)

EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung)

EasyFileShare (HKLM-x32\...\{16880765-677F-440B-B16A-BFD9B9C00012}) (Version: 1.0.12 - Samsung)

ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )

ETDWare PS/2-X64 8.0.7.2_WHQL (HKLM\...\Elantech) (Version: 8.0.7.2 - ELAN Microelectronic Corp.)

Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)

Farm Frenzy (x32 Version: 2.2.0.82 - WildTangent) Hidden

Fast Start (HKLM-x32\...\{77F45ECD-FAFC-45A8-8896-CFFB139DAAA3}) (Version: 2.2.0.1 - SAMSUNG)

Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)

Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)

Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden

Insaniquarium Deluxe (x32 Version: 2.2.0.82 - WildTangent) Hidden

inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)

iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)

Java 7 Update 75 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217075FF}) (Version: 7.0.750 - Oracle)

John Deere Drive Green (x32 Version: 2.2.0.82 - WildTangent) Hidden

Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.227 - LogMeIn, Inc.)

LogMeIn Hamachi (x32 Version: 2.2.0.227 - LogMeIn, Inc.) Hidden

MAGIX Speed burnR (MSI) (HKLM-x32\...\MAGIX_{6C855B1C-FC55-4A00-9CCB-5ED6DB8770BF}) (Version: 7.0.2.6 - MAGIX AG)

MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX AG) Hidden

MAGIX Video deluxe 2014 Plus (HKLM-x32\...\MX.{9E2FEB28-7407-4009-9DC4-203EF2EF6BB7}) (Version: 13.0.0.28 - MAGIX AG)

MAGIX Video deluxe 2014 Plus (Version: 13.0.0.28 - MAGIX AG) Hidden

Malwarebytes Anti-Malware Version 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)

Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Klick-und-Los 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)

Microsoft Office Starter 2010 - Deutsch (HKLM-x32\...\{90140011-0066-0407-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)

MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)

Multimedia POP (HKLM-x32\...\{331ECF61-69AF-4F57-AC35-AFED610231C3}) (Version: 1.0 - )

MyFreeCodec (HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\MyFreeCodec) (Version:  - )

NAVIGON Fresh 3.4.1 (HKLM-x32\...\NAVIGON Fresh) (Version: 3.4.1 - NAVIGON)

Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)

Opera Stable 29.0.1795.60 (HKLM-x32\...\Opera 29.0.1795.60) (Version: 29.0.1795.60 - Opera Software ASA)

PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version:  - )

Peggle (x32 Version: 2.2.0.82 - WildTangent) Hidden

Penguins! (x32 Version: 2.2.0.82 - WildTangent) Hidden

PhoneShare (HKLM-x32\...\{3F50512F-53DF-46B1-8CCB-6C7E638CADD6}) (Version: 9.1.4 - Samsung)

Plants vs. Zombies (x32 Version: 2.2.0.82 - WildTangent) Hidden

Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Polar Golfer (x32 Version: 2.2.0.82 - WildTangent) Hidden

Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Project 64 version 2.2.0.3 (HKLM-x32\...\{BEB5FB69-4080-466F-96C4-F15DF271718B}_is1) (Version: 2.2.0.3 - )

Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.40.126.2011 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6400 - Realtek Semiconductor Corp.)

Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

Samsung AnyWeb Print (HKLM-x32\...\{318DBE01-1E6B-4243-84B0-210391FE789A}) (Version: 2.0.67.1 - Samsung Electronics Co., Ltd.)

Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.)

Samsung Kies (x32 Version: 2.5.2.13021_10 - Samsung Electronics Co., Ltd.) Hidden

Samsung Printer Live Update (HKLM-x32\...\Samsung Printer Live Update) (Version:  - Samsung Electronics Co., Ltd.)

Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.0.10 - Samsung)

Samsung Support Center 1.0 (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.38 - Samsung)

Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.02.05.00:27 - Samsung Electronics Co., Ltd.)

Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.5.0 - Samsung Electronics Co., Ltd.)

Samsung Update Plus (HKLM-x32\...\{142D8CA7-2C6F-45A7-83E3-099AAFD99133}) (Version: 3.0.0.17 - Samsung Electronics Co., Ltd.)

SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)

Secunia PSI (3.0.0.10004) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.10004 - Secunia)

Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)

Solars Abenteuer (HKLM-x32\...\Solars Abenteuer) (Version: 1.0.0.0 - INTENIUM GmbH)

Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)

Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)

Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)

Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)

Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)

Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden

User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.7 - )

WEB.DE Desktop Icons (HKLM-x32\...\1&1 Mail & Media GmbH 1und1DesktopIconsInstaller) (Version: 3.0.5.0 - 1&1 Mail & Media GmbH)

WEB.DE MailCheck für Internet Explorer (HKLM-x32\...\1&1 Mail & Media GmbH Toolbar IE8) (Version: 2.6.3.1 - 1&1 Mail & Media GmbH)

WEB.DE Softwareaktualisierung (HKLM-x32\...\1&1 Mail & Media GmbH 1und1Softwareaktualisierung) (Version: 3.0.3.0 - 1&1 Mail & Media GmbH)

WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.1.5 - WildTangent)

WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-samsung) (Version: 4.0.11.14 - WildTangent)

WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-wildgames) (Version: 4.0.10.5 - WildTangent)

WindeskWinsearch 1.0 (HKLM-x32\...\WindeskWinsearch) (Version: 1.0 - PCSoftware)

Windows Live 程式集 (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)

WordCaptureX Pro (HKLM-x32\...\{139C1D95-9037-3AB3-F5F4-4A79BF6831EC}) (Version: 4.0.0 - Deskperience)

Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden

Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
 

==================== Custom CLSID (Whitelisted): ==========================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\inminet\sencolny.dll No File <==== ATTENTION

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 

==================== Restore Points =========================
 

04-06-2015 23:58:02 Windows Update

05-06-2015 15:00:33 Windows Update

05-06-2015 23:36:42 Windows Update

06-06-2015 13:21:50 Uniblue SpeedUpMyPC installation

06-06-2015 13:22:08 Uniblue DriverScanner installation

06-06-2015 15:04:17 Windows Update

07-06-2015 20:42:44 Revo Uninstaller's restore point - Crossbrowse

07-06-2015 20:49:32 Revo Uninstaller's restore point - Internet Speed Tracker Internet Explorer Toolbar

07-06-2015 20:51:03 Revo Uninstaller's restore point - MediaPlayerVid2.4

07-06-2015 20:59:59 Revo Uninstaller's restore point - Optimizer Pro v3.2

07-06-2015 21:23:00 Windows-Sicherung

08-06-2015 13:10:24 zoek.exe restore point

08-06-2015 15:02:30 Windows Update
 

==================== Hosts content: ===============================
 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
 

==================== Scheduled Tasks (Whitelisted) =============
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

Task: {0524867D-A169-481C-9A0C-198C6518875D} - System32\Tasks\WifiManager => C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe [2011-01-04] (Samsung Electronics Co., Ltd.)

Task: {078FFB22-9015-49A6-B981-89BC1A8126BA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)

Task: {0BAA9BE4-9E38-44C2-A618-7F4ADEDA6DEC} - \Advanced System~Protector No Task File <==== ATTENTION

Task: {0F80DD36-32C6-459D-9D85-B556EC5B9523} - System32\Tasks\Registration 1und1 Task => C:\Program Files (x86)\1und1Softwareaktualisierung\cdsupdclient.exe [2015-01-12] (1&1 Mail & Media GmbH)

Task: {11AB16B9-224A-4B50-A8A2-0B0F05E26B70} - \Advanced System~Protector_startup No Task File <==== ATTENTION

Task: {39BCE7A0-D484-495A-B44E-E60340DE59F1} - System32\Tasks\{97BF6DCC-9FA9-46AE-AB8A-6B23DCEE672D} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.2.59.106/de/abandoninstall?page=tsProgressBar

Task: {4BBBFDEA-A4B6-4446-9011-E27435109445} - \Nropnumipre No Task File <==== ATTENTION

Task: {4F235196-2FB6-4427-8CD7-E97414AF1BC6} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [2010-11-29] (Samsung Electronics Co., Ltd.)

Task: {5698F9C1-AB3B-43DC-B9DF-85285797AE4E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1335839233-2991384071-368375801-1000Core => C:\Users\Undertaker\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-25] (Facebook Inc.)

Task: {5B23A2EB-32F1-4969-BBA0-7C130F2B082D} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1335839233-2991384071-368375801-1000UA => C:\Users\Undertaker\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-05-25] (Facebook Inc.)

Task: {5C2A08F4-45A8-4038-A631-14C64CBD25CC} - System32\Tasks\{CFD54570-C1FD-4FD8-A2A8-5AC5940FC6A2} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.3.59.107/de/abandoninstall?page=tsProgressBar

Task: {6681E283-1040-428E-A69C-D57A35C8396C} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2010-08-27] (Samsung Electronics)

Task: {6781603E-58F0-4C02-A068-E46ACA760AEC} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2010-11-10] (CyberLink)

Task: {702C8509-0379-4DA2-AB52-66B5F1D28721} - System32\Tasks\EasyPartitionManager => C:\Windows\MSetup\BA46-12225A02\EPM.exe

Task: {76DC9DCF-086C-4A56-84EE-6B3B33B3E369} - \avabvbyvyc No Task File <==== ATTENTION

Task: {82C66057-B32C-448C-967C-5A0D0518D2DC} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-07-20] (SAMSUNG Electronics co., LTD.)

Task: {961ACA20-0E01-4988-98AC-14A6FCECFC92} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe [2010-12-23] (Samsung Electronics)

Task: {B849DBD8-E301-4A41-A5B4-59104FA39CC8} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2011-09-04] (SAMSUNG Electronics)

Task: {B9EC978F-E5F4-4913-8C14-555536BC0FED} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-23] (Google Inc.)

Task: {BABA9B97-7BE3-468C-A9A5-48890FF536AC} - System32\Tasks\{3675E0E0-9D70-4AFD-BB54-ED930B6B0AC7} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.1.0.129.272/de/abandoninstall?page=tsProgressBar

Task: {BFE3F5FD-FF42-44D4-96A9-63B74E0C6185} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-12-23] (Samsung Electronics Co., Ltd.)

Task: {D40E18CC-F78C-4889-B1EC-FE1EEE779F6B} - System32\Tasks\Opera scheduled Autoupdate 1433586837 => C:\Program Files (x86)\Opera\launcher.exe [2015-05-18] (Opera Software)

Task: {D6C18B2E-F7D3-41CF-9121-0F9F08632AFF} - System32\Tasks\SmartRestarter => C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2010-08-05] (Samsung Electronics Co., Ltd.)

Task: {DC15ED03-753C-42A7-A9EA-0D22610D8965} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {DEE6CBD1-045A-46CB-97B6-C85EEC4331DF} - System32\Tasks\{3B277F02-A186-4B0D-ADE2-DB67C0D2B029} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.6.0.106/de/abandoninstall?page=tsPlugin

Task: {E28C6E1A-A2E7-4705-B9E7-203E113D75D6} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2010-11-17] (SEC)

Task: {EA29D57E-8D8E-4584-81A6-53C32CD1DF32} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-12-18] (Samsung Electronics. Co. Ltd.)

Task: {F131EF3B-7615-4D31-9575-C8CF3EA5218A} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)

Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1335839233-2991384071-368375801-1000Core.job => C:\Users\Undertaker\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1335839233-2991384071-368375801-1000UA.job => C:\Users\Undertaker\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 

==================== Loaded Modules (Whitelisted) ==============
 

2011-10-20 00:34 - 2008-06-05 01:53 - 00027648 _____ () C:\windows\System32\spd__l.dll

2011-03-22 23:23 - 2011-03-22 23:23 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll

2015-06-06 13:16 - 2015-06-06 13:16 - 00408576 _____ () c:\windows\meud.exe

2013-03-11 18:10 - 2013-03-11 18:10 - 00075136 _____ () C:\windows\SysWOW64\PnkBstrA.exe

2013-03-11 18:11 - 2013-03-11 18:11 - 00189248 _____ () C:\windows\SysWOW64\PnkBstrB.exe

2011-10-19 10:15 - 2009-12-01 09:21 - 00244904 ____N () C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

2011-03-22 23:23 - 2011-03-22 23:23 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll

2011-03-17 13:54 - 2011-03-17 13:54 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll

2011-03-22 23:14 - 2011-03-22 23:14 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll

2011-10-20 00:34 - 2010-10-21 20:22 - 00709632 _____ () C:\windows\system32\SnMinDrv.dll

2015-06-06 12:33 - 2015-05-18 09:33 - 00479352 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\opera_crashreporter.exe

2015-06-06 22:57 - 2012-09-19 19:17 - 00397088 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll

2014-10-11 14:06 - 2014-10-11 14:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-10-11 14:05 - 2014-10-11 14:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2011-10-19 10:29 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll

2011-10-19 10:32 - 2010-07-05 12:42 - 00203776 _____ () C:\Program Files (x86)\Samsung\Movie Color Enhancer\WinCRT.dll

2015-05-14 20:57 - 2015-04-16 19:40 - 00776192 _____ () C:\Program Files (x86)\Steam\SDL2.dll

2015-05-14 20:57 - 2015-04-23 04:16 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll

2015-05-14 20:57 - 2015-04-23 04:16 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll

2015-05-14 20:57 - 2015-04-23 04:16 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll

2015-05-14 20:57 - 2015-06-04 20:56 - 02407104 _____ () C:\Program Files (x86)\Steam\video.dll

2015-05-14 20:57 - 2014-12-01 23:31 - 02396672 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll

2015-05-14 20:57 - 2014-12-01 23:31 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll

2015-05-14 20:57 - 2014-12-01 23:31 - 00479744 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll

2015-05-14 20:57 - 2014-12-01 23:31 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll

2015-05-14 20:57 - 2014-12-01 23:31 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll

2015-05-14 20:57 - 2015-06-04 20:56 - 00703168 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL

2015-06-08 16:52 - 2015-06-08 16:52 - 00043008 _____ () c:\Users\Undertaker\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxjwbg_.dll

2015-03-04 23:45 - 2015-03-04 23:45 - 00750080 _____ () C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\libGLESv2.dll

2015-03-04 23:45 - 2015-03-04 23:45 - 00047616 _____ () C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\libEGL.dll

2015-03-04 23:45 - 2015-03-04 23:45 - 00865280 _____ () C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll

2015-03-04 23:45 - 2015-03-04 23:45 - 00200704 _____ () C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll

2011-10-19 10:37 - 2010-05-07 16:22 - 01636864 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll

2009-11-02 07:20 - 2009-11-02 07:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll

2009-11-02 07:23 - 2009-11-02 07:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll

2015-05-14 20:57 - 2015-05-11 21:01 - 36302728 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

2015-06-06 12:33 - 2015-05-18 09:33 - 01576568 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\libglesv2.dll

2015-06-06 12:33 - 2015-05-18 09:33 - 00081016 _____ () C:\Program Files (x86)\Opera\29.0.1795.60\libegl.dll
 

==================== Alternate Data Streams (Whitelisted) =========
 

(If an entry is included in the fixlist, only the ADS will be removed.)
 
 

==================== Safe Mode (Whitelisted) ===================
 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 

==================== EXE Association (Whitelisted) ===============
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 

==================== Internet Explorer trusted/restricted ===============
 

(If an entry is included in the fixlist, it will be removed from the registry.)
 

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com

IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com

IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com

IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
 
 

==================== Other Areas ============================
 

(Currently there is no automatic fix for this section.)
 

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 192.168.2.1
 

==================== MSCONFIG/TASK MANAGER disabled items ==
 

(Currently there is no automatic fix for this section.)
 

MSCONFIG\startupfolder: C:^Users^Undertaker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Facebook Messenger.lnk => C:\windows\pss\Facebook Messenger.lnk.Startup

MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"

MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
 

==================== FirewallRules (Whitelisted) ===============
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

FirewallRules: [{69BDB9F9-4084-4D44-A408-5D5FE40CF854}] => (Allow) C:\Windows\System32\SUPDSvc.exe

FirewallRules: [{FE959C3C-AD73-4AEC-9D6C-0382232E663B}] => (Allow) C:\Windows\System32\SUPDSvc.exe

FirewallRules: [{FC7980E9-4F80-4F36-9466-37B9A18652E6}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe

FirewallRules: [{9AC24AFC-1BF5-4550-A687-2B03E4D5F7EB}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe

FirewallRules: [{AF3C80FD-369B-4DE2-ABCA-934544A40985}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe

FirewallRules: [{B3244C98-C00B-437F-8C3F-A653AAE803C0}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe

FirewallRules: [{D926F69B-70A3-42FD-A82C-C21EA696C819}] => (Allow) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10.exe

FirewallRules: [{36998318-A317-4EE4-8BB0-ED2245DB0DAF}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDirector\PDR8.EXE

FirewallRules: [{0160FD72-79D0-4FE8-B6DB-3181E6E3CBE0}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe

FirewallRules: [{8C945DD0-F9BF-4C19-B632-B18CE8FFF439}] => (Allow) LPort=2869

FirewallRules: [{E90973CD-FEBC-4B40-A35A-418E0E6164EE}] => (Allow) LPort=1900

FirewallRules: [{11BE53A1-B067-414F-962B-688BDAEA90FC}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

FirewallRules: [{2351B83C-CD9C-4C31-997C-3E4FC795B431}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe

FirewallRules: [{953D920C-56D5-4106-927D-F29E2AABE47D}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{3ED98E91-4DF3-4C25-AAE7-84551A641822}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe

FirewallRules: [{A067DEAC-2786-4A1D-8FED-55786BF80DF5}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe

FirewallRules: [{0E1F33F9-FFFC-4EA9-957C-55413CEDBD7D}] => (Allow) C:\Program Files (x86)\Ubisoft\Die Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe

FirewallRules: [{192BCA4F-2430-4ECC-A96A-E46E6EB05CA9}] => (Allow) C:\Program Files (x86)\Ubisoft\Die Siedler 7\Data\Base\_Dbg\Bin\Release\Settlers7R.exe

FirewallRules: [TCP Query User{B70B6E17-CD33-46E6-A570-EAF636D3C294}C:\program files\java\jre7\bin\java.exe] => (Block) C:\program files\java\jre7\bin\java.exe

FirewallRules: [UDP Query User{45DF2DF0-3B0B-4D43-AFF8-40DE415CDA28}C:\program files\java\jre7\bin\java.exe] => (Block) C:\program files\java\jre7\bin\java.exe

FirewallRules: [{94D83E91-1604-48D8-9EC3-0FDC56418E56}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe

FirewallRules: [{3C994419-F358-45CF-AFDF-46C91CD67A81}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe

FirewallRules: [{ECF686B6-6C0C-4FCC-A4FD-2B0F477EC990}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe

FirewallRules: [{24A2554D-2084-4082-8512-CDA23EED4381}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe

FirewallRules: [TCP Query User{081C2F5B-D6F6-44A4-8176-97E60F4B16D2}C:\users\undertaker\documents\ch@rly's slender ordner\bfheroes.exe] => (Block) C:\users\undertaker\documents\ch@rly's slender ordner\bfheroes.exe

FirewallRules: [UDP Query User{26556202-FEED-4F64-B211-BC94565F68D8}C:\users\undertaker\documents\ch@rly's slender ordner\bfheroes.exe] => (Block) C:\users\undertaker\documents\ch@rly's slender ordner\bfheroes.exe

FirewallRules: [TCP Query User{97900300-DF4D-4EBD-8C1E-AF5E53DFE6B7}C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => (Block) C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe

FirewallRules: [UDP Query User{9F4AE699-B9A0-4A6B-A4A9-B80E9090B895}C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe] => (Block) C:\program files (x86)\ubisoft\die siedler 7\data\base\_dbg\bin\release\settlers7r.exe

FirewallRules: [{CDD94AB4-D039-499F-AFC9-3E86919EC8BE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{D16186FC-E02D-4A6C-9B52-3A35A4B31C41}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe

FirewallRules: [{D35450C6-F433-4A2F-90C5-D5CF46954119}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [{8382DF1B-EDAD-4EC1-9026-379B3BCEEF61}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe

FirewallRules: [TCP Query User{8318945D-F0E7-4D0C-BCBC-5CC9346F6BCA}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe

FirewallRules: [UDP Query User{3214A147-E3B8-4F85-99A7-7EDC6841C740}C:\program files (x86)\java\jre7\bin\java.exe] => (Allow) C:\program files (x86)\java\jre7\bin\java.exe

FirewallRules: [TCP Query User{01C1D2AA-8E50-485A-8888-11A54A13AFFC}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe

FirewallRules: [UDP Query User{7D43924B-1C4A-4BB4-9911-8E88B9DEE30D}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe

FirewallRules: [TCP Query User{1F45F5AF-987F-48C5-A065-57E5F524D51F}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe

FirewallRules: [UDP Query User{B435329B-9824-4597-803D-58D26AB856EC}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe

FirewallRules: [{592AF29C-2507-4B9A-BCA4-C4419F86862F}] => (Allow) C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{07624F6D-D913-46F9-B23E-CD69AE0D4B17}] => (Allow) C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{9BD9D9E4-CD8C-4E9A-8D4D-214823E32EF8}] => (Allow) C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{851329BD-31B5-4EFC-BEBD-AF10F18B69B5}] => (Allow) C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{B16AAB12-FADC-4F35-BA9B-E8A71F6F8002}] => (Allow) C:\Users\Undertaker\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe

FirewallRules: [{3962AD47-42E6-48C5-A9F7-D79F3E94422A}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe

FirewallRules: [{5A133F43-F128-4CB3-8D04-B22A974CC9BF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{341B296C-CB62-4911-8DB5-778FF6107847}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{66347507-7ED5-48BB-AF6E-F5A80DBE3B01}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{2B9D989B-FC96-4CBA-8B2B-5629C8EBACD4}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{698CA28B-DF46-4053-AEBA-EAA520076E0B}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{6FE78FE6-2761-4A32-9691-63E29F53CCC6}] => (Allow) C:\Users\Undertaker\AppData\Local\Chromium\Application\chrome.exe
 

==================== Faulty Device Manager Devices =============
 

Name: Teredo Tunneling Pseudo-Interface

Description: Microsoft-Teredo-Tunneling-Adapter

Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}

Manufacturer: Microsoft

Service: tunnel

Problem: : This device cannot start. (Code10)

Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.

On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 

==================== Event log errors: =========================
 

Application errors:

==================

Error: (06/08/2015 08:34:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 8206
 

Error: (06/08/2015 08:34:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 8206
 

Error: (06/08/2015 08:34:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (06/08/2015 06:08:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 7753
 

Error: (06/08/2015 06:08:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 7753
 

Error: (06/08/2015 06:08:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (06/08/2015 04:51:30 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 

Error: (06/08/2015 01:07:58 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts für "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in

Manifest- oder Richtliniendatei "C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit

einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Komponente 2: C:\windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 

Error: (06/07/2015 11:29:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 13400
 

Error: (06/07/2015 11:29:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 13400
 
 

System errors:

=============

Error: (06/08/2015 04:55:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Google Update-Dienst (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053
 

Error: (06/08/2015 04:55:09 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Google Update-Dienst (gupdate) erreicht.
 

Error: (06/08/2015 04:53:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1053
 

Error: (06/08/2015 04:53:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Windows Media Player-Netzwerkfreigabedienst erreicht.
 

Error: (06/08/2015 04:50:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "atksgt" wurde aufgrund folgenden Fehlers nicht gestartet: 

%%1275
 

Error: (06/08/2015 04:50:06 PM) (Source: Application Popup) (EventID: 875) (User: )

Description: Treiber atksgt.sys konnte nicht geladen werden.
 

Error: (06/08/2015 03:37:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)

Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80070bc9 fehlgeschlagen: Update für Windows 7 für x64-basierte Systeme (KB3006137)
 

Error: (06/08/2015 03:09:42 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)

Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x8007054f fehlgeschlagen: Update für Windows 7 für x64-basierte Systeme (KB3035583)
 

Error: (06/08/2015 02:01:37 PM) (Source: Service Control Manager) (EventID: 7030) (User: )

Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
 

Error: (06/08/2015 02:01:37 PM) (Source: Service Control Manager) (EventID: 7030) (User: )

Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.
 
 

Microsoft Office:

=========================
 

==================== Memory info =========================== 
 

Processor: AMD E-450 APU with Radeon(tm) HD Graphics

Percentage of memory in use: 17%

Total physical RAM: 8172.05 MB

Available physical RAM: 6749.74 MB

Total Pagefile: 16342.29 MB

Available Pagefile: 13519.98 MB

Total Virtual: 8192 MB

Available Virtual: 8191.85 MB
 

==================== Drives ================================
 

Drive c: () (Fixed) (Total:365 GB) (Free:123.73 GB) NTFS

Drive d: () (Fixed) (Total:544.44 GB) (Free:0 GB) NTFS
 

==================== MBR & Partition Table ==================
 

========================================================

Disk: 0 (Size: 931.5 GB) (Disk ID: DBCA14F4)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=365 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=544.4 GB) - (Type=OF Extended)

Partition 4: (Not Active) - (Size=22 GB) - (Type=27)
 

==================== End of log ============================

--- --- ---

Ich habe mir vorher Mozilla runtergezogen, aber moch nicht installiert, da ich mit dem Opera nicht so ganz klar komme. Ich hoffe, dass das kein Problem war bzw. ist.

Gruß Ani

deeprybka

08.06.2015 22:09

Wie läuft der Rechner nach diesem Fix:

Schritt 1

http://filepony.de/icon/frst.png http://deeprybka.trojaner-board.de/b...st/frstfix.png

Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:

Code:

CloseProcesses:

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}\InprocServer32 -> 

Task: {0BAA9BE4-9E38-44C2-A618-7F4ADEDA6DEC} - \Advanced System~Protector No Task File 

Task: {11AB16B9-224A-4B50-A8A2-0B0F05E26B70} - \Advanced System~Protector_startup No Task File 

Task: {4BBBFDEA-A4B6-4446-9011-E27435109445} - \Nropnumipre No Task File 

Task: {76DC9DCF-086C-4A56-84EE-6B3B33B3E369} - \avabvbyvyc No Task File 

HKLM-x32\...\Run: [iScreeny] => C:\Users\Undertaker\AppData\Local\iScreeny\iScreeny.exe

C:\Users\Undertaker\AppData\Local\iScreeny

HKLM-x32\...\Run: [iScreeny - Web] => C:\Users\Undertaker\AppData\Local\iScreeny\iWebScreeny.exe

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Run: [GoogleChromeAutoLaunch_DF202E42DFEEF9CE7A049D628287467C] => 

AppInit_DLLs-x32: c:\progra~3\{b37b5~1\1172~1.1\nisi.dll => "c:\progra~3\{b37b5~1\1172~1.1\nisi.dll" File not found

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction 

RemoveProxy:

SearchScopes: HKLM -> {9143e921-7c9a-4d27-ac43-eaccc78cc55a} URL = 

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

R2 meud; c:\windows\meud.exe [408576 2015-06-06] () [File not signed]

c:\windows\meud.exe 

R1 iScreeny; C:\windows\iScreeny.sys [50840 2015-03-11] (Windows (R) Win 7 DDK provider)

C:\windows\iScreeny.sys 

CreateRestorePoint:

EmptyTemp:

Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet.

Starte FRST und drücke auf den Fix-Button.
Das Tool erstellt eine "Fixlog.txt" -Datei.
Poste mir bitte deren Inhalt.

Ani73

08.06.2015 22:42

Hier habe ich das Fixlog

Code:

Fix result of Farbar Recovery Scan Tool (x64) Version:06-06-2015

Ran by Undertaker at 2015-06-08 23:17:38 Run:2

Running from C:\Users\Undertaker\Downloads

Loaded Profiles: Undertaker (Available Profiles: Undertaker & Shari)

Boot Mode: Normal

==============================================
 

fixlist content:

*****************

CloseProcesses:

CustomCLSID: HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}\InprocServer32 -> 

Task: {0BAA9BE4-9E38-44C2-A618-7F4ADEDA6DEC} - \Advanced System~Protector No Task File 

Task: {11AB16B9-224A-4B50-A8A2-0B0F05E26B70} - \Advanced System~Protector_startup No Task File 

Task: {4BBBFDEA-A4B6-4446-9011-E27435109445} - \Nropnumipre No Task File 

Task: {76DC9DCF-086C-4A56-84EE-6B3B33B3E369} - \avabvbyvyc No Task File 

HKLM-x32\...\Run: [iScreeny] => C:\Users\Undertaker\AppData\Local\iScreeny\iScreeny.exe

C:\Users\Undertaker\AppData\Local\iScreeny

HKLM-x32\...\Run: [iScreeny - Web] => C:\Users\Undertaker\AppData\Local\iScreeny\iWebScreeny.exe

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Run: [GoogleChromeAutoLaunch_DF202E42DFEEF9CE7A049D628287467C] => 

AppInit_DLLs-x32: c:\progra~3\{b37b5~1\1172~1.1\nisi.dll => "c:\progra~3\{b37b5~1\1172~1.1\nisi.dll" File not found

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction 

RemoveProxy:

SearchScopes: HKLM -> {9143e921-7c9a-4d27-ac43-eaccc78cc55a} URL = 

SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

R2 meud; c:\windows\meud.exe [408576 2015-06-06] () [File not signed]

c:\windows\meud.exe 

R1 iScreeny; C:\windows\iScreeny.sys [50840 2015-03-11] (Windows (R) Win 7 DDK provider)

C:\windows\iScreeny.sys 

CreateRestorePoint:

EmptyTemp:

*****************
 

Processes closed successfully.

"HKU\S-1-5-21-1335839233-2991384071-368375801-1000_Classes\CLSID\{56FDF344-FD6D-11d0-958A-006097C9A090}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0BAA9BE4-9E38-44C2-A618-7F4ADEDA6DEC}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0BAA9BE4-9E38-44C2-A618-7F4ADEDA6DEC}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Advanced System~Protector" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{11AB16B9-224A-4B50-A8A2-0B0F05E26B70}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11AB16B9-224A-4B50-A8A2-0B0F05E26B70}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Advanced System~Protector_startup" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{4BBBFDEA-A4B6-4446-9011-E27435109445}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4BBBFDEA-A4B6-4446-9011-E27435109445}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Nropnumipre" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{76DC9DCF-086C-4A56-84EE-6B3B33B3E369}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{76DC9DCF-086C-4A56-84EE-6B3B33B3E369}" => key removed successfully

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\avabvbyvyc" => key removed successfully

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iScreeny => value removed successfully

"C:\Users\Undertaker\AppData\Local\iScreeny" => File/Folder not found.

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\iScreeny - Web => value removed successfully

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_DF202E42DFEEF9CE7A049D628287467C => value removed successfully

"c:\progra~3\{b37b5~1\1172~1.1\nisi.dll" => value data removed successfully.

"HKU\S-1-5-21-1335839233-2991384071-368375801-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
 

========= RemoveProxy: =========
 

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully

HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully

HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyEnable => value removed successfully

HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully

HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully

HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
 
 

========= End of RemoveProxy: =========
 

"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9143e921-7c9a-4d27-ac43-eaccc78cc55a}" => key removed successfully

HKCR\CLSID\{9143e921-7c9a-4d27-ac43-eaccc78cc55a} => key not found. 

HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully

HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully

HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully

meud => Service removed successfully

c:\windows\meud.exe => moved successfully.

iScreeny => Service stopped successfully.

iScreeny => Service removed successfully

C:\windows\iScreeny.sys => moved successfully.

Restore point was successfully created.

EmptyTemp: => 119 MB temporary data Removed.
 
 

The system needed a reboot.. 
 

==== End of Fixlog 23:18:29 ====

Nachdem ich den Scan laufen hab lassen, wurde der Lappi heruntergefahren. Beim Hochfahren hat er sich mehrmals wieder ausgeschalten mit dem Vermerk (sinngemäß) dass Windows updates nicht laufen würden und auf den Ausgangspunkt zurückgestellt werden.

Grüße Ani

deeprybka

08.06.2015 22:47

Ja, ich meinte aber Browser usw. ob die wieder funktionieren...

Schritt 1

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 2

http://filepony.de/icon/frst.png http://deeprybka.trojaner-board.de/b...t/frstscan.png

Bitte starte FRST erneut, und drücke auf Scan.
Bitte poste mir den Inhalt des Logs.

Ani73

09.06.2015 18:31

Hallo Jürgen,

kurze Zwischenmeldung. Also es läuft weitaus besser als vorher, aber noch nicht so rund wie es mal war. Das ständig Öffnen div. Internetseiten ist weg. Es arbeitete auch generell wieder bisle schneller.

Eset läuft noch hat aber wieder Dateien gefunden. Sobald es fertig ist schicke ich Dir das Logfile.

Grüße Ani

deeprybka

09.06.2015 18:58

OK. :)

Ani73

09.06.2015 20:14

hier das Eset Logfile

Code:

ESETSmartInstaller@High as downloader log:

all ok

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.7623

# api_version=3.0.2

# EOSSerial=3443acd88fc8674dac7167902eb27d02

# engine=22242

# end=stopped

# remove_checked=false

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2015-01-31 03:39:11

# local_time=2015-01-31 04:39:11 (+0100, Mitteleuropäische Zeit)

# country="Germany"

# lang=1031

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode_1='Avira Desktop'

# compatibility_mode=1810 16777213 100 100 8639 288138441 0 0

# compatibility_mode_1=''

# compatibility_mode=5893 16776573 100 94 93226 174348601 0 0

# scanned=13

# found=0

# cleaned=0

# scan_time=0

ESETSmartInstaller@High as downloader log:

all ok

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.7623

# api_version=3.0.2

# EOSSerial=3443acd88fc8674dac7167902eb27d02

# engine=22242

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2015-01-31 05:33:21

# local_time=2015-01-31 06:33:21 (+0100, Mitteleuropäische Zeit)

# country="Germany"

# lang=1031

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode_1='Avira Desktop'

# compatibility_mode=1810 16777213 100 100 15489 288145291 0 0

# compatibility_mode_1=''

# compatibility_mode=5893 16776573 100 94 100076 174355451 0 0

# scanned=299520

# found=26

# cleaned=26

# scan_time=6603

sh=6D2D5521F8C15D587F05119C714F0A431D053BE9 ft=1 fh=374f94ddfd2f4cb1 vn="Variante von Win32/Toolbar.MyWebSearch.AH evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PopularScreensavers\NPp5Stub.dll.vir"

sh=394D5B32C42AD951A2F1BA6E22A3DA2E754ABE98 ft=1 fh=bc9d2deedbf2e121 vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PopularScreensavers\p5cjpeg.dll.vir"

sh=A358B67DA39C616383A7B0847E642BC54A63ACA0 ft=1 fh=8b6f4c896e14b7f9 vn="Variante von Win32/Toolbar.MyWebSearch.F evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PopularScreensavers\p5Html.dll.vir"

sh=3F81A47E189813D42F31DE4BABF42C68CA88F84E ft=1 fh=28f702c6787729c7 vn="Win32/Toolbar.MyWebSearch.AN evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PopularScreensavers\p5MedInt.exe.vir"

sh=A872BACD7502C7D8AC5FDED7543D5B948C852545 ft=1 fh=4b9ccd882c594a66 vn="Variante von Win32/Toolbar.MyWebSearch evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PopularScreensavers\p5Plugin.dll.vir"

sh=20A2E417F1D8E36A536364AEE3ADD8102BA5D8AF ft=1 fh=494d20b369828d7b vn="Win32/Toolbar.MyWebSearch evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PopularScreensavers\p5PSSavr.scr.vir"

sh=F9CFC856EE6AE11EED88CE6998B1A576DC23E1EF ft=1 fh=a977d5a1b63af9b9 vn="Variante von Win32/Toolbar.MyWebSearch.P evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PopularScreensavers\p5ScrCtr.dll.vir"

sh=DCD600E86218597D57F09717CF881D4C7CAE0BB8 ft=1 fh=051f941197fd4707 vn="Win32/Toolbar.MyWebSearch.AN evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PopularScreensavers\p5svc.exe.vir"

sh=A186269377566984B96F190DDEF31C8E7055FDEB ft=1 fh=8a7557b9ae51b8a9 vn="Win32/Toolbar.MyWebSearch.AN evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PopularScreensavers\p5wphook.dll.vir"

sh=BEC6B95D047100118D70D9504479C36A797B9B06 ft=1 fh=e155e3de02881385 vn="Variante von Win32/ELEX.BF evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WinZipper\TrayDownloader.exe.vir"

sh=BEFC0099864AA52ABB0A3B99793A5A1BF525401D ft=1 fh=64b34719c3735e0d vn="Variante von Win32/ELEX.Y evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WinZipper\winzipersvc.exe.vir"

sh=E3F8B8FE0BBC22CBB743C688ED79E0BF73FCCFE5 ft=1 fh=a81abe411291deb5 vn="Variante von Win32/Somoto.D evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Undertaker\AppData\Local\FilesFrog Update Checker\update_checker.exe.vir"

sh=3A6B895DC791135C7B424D6A3AB327EB59ED2462 ft=1 fh=f63cb4459345e5cd vn="Win32/AdWare.Snoozer.A Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Undertaker\AppData\Roaming\SCheck\ntdllinst.exe.vir"

sh=2BFAB9A9CA8BA01F9DF0E7BDA6758B7376C9D4F2 ft=1 fh=5eaeac4ca4c59724 vn="Win32/AdWare.Snoozer.A Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Undertaker\AppData\Roaming\Snz\Snz.exe.vir"

sh=568B7040522AE31BE5FF0BD450B7D0B7A218E7A1 ft=1 fh=bb7982953e0dc058 vn="Variante von Win32/ELEX.BF evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\UNDERT~1\AppData\Local\Temp\Desk365\eInstall\eInstall.exe.vir"

sh=C940F4029FE46A5F7B471214AC683B5FEBB26831 ft=1 fh=e14799081e7d1361 vn="Variante von Win64/Systweak.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\windows\System32\roboot64.exe.vir"

sh=AAA29097B1E5A7098E19A38F1200E636EE1C3A1E ft=1 fh=6b75069f13c3f94c vn="Win64/AdvancedSystemProtector.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\windows\System32\sasnative64.exe.vir"

sh=20A2E417F1D8E36A536364AEE3ADD8102BA5D8AF ft=1 fh=494d20b369828d7b vn="Win32/Toolbar.MyWebSearch evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\windows\SysWOW64\p5PSSavr.scr.vir"

sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\nsbAC51.exe"

sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\nsc8D10.exe"

sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\nsg9B0.exe"

sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\nsqB8DF.exe"

sh=FA61F495558B294EB796B8D6C44F75631FA57E7D ft=1 fh=b733a64984fbe467 vn="Win32/Conduit.SearchProtect.R evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\nsr122A.exe"

sh=AF92022A73E072242A8B95BC42475BDB244E0A30 ft=1 fh=0f1d648c9e10fd22 vn="Variante von Win32/ELEX.Q evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\fullpackage_temp1388606446\tmp\desk365.exe"

sh=C7241007662586F5DE3A9F9927CFBD9D52A52AC9 ft=1 fh=a7692001af61d921 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\nsv619A\SpSetup.exe"

sh=B1BDB5FB986F06CD3D267F2CC9AE1DF56CB72604 ft=1 fh=e1fd281970e36a4a vn="Variante von Win32/SoftPulse.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="C:\Users\Undertaker\Downloads\New player.exe"

ESETSmartInstaller@High as downloader log:

all ok

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# EOSSerial=3443acd88fc8674dac7167902eb27d02

# end=init

# utc_time=2015-06-06 11:49:52

# local_time=2015-06-06 01:49:52 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# osver=6.1.7601 NT Service Pack 1

Update Init

Update Download

Update Finalize

Updated modules version: 24200

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# EOSSerial=3443acd88fc8674dac7167902eb27d02

# end=updated

# utc_time=2015-06-06 11:53:45

# local_time=2015-06-06 01:53:45 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# osver=6.1.7601 NT Service Pack 1

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.7777

# api_version=3.1.1

# EOSSerial=3443acd88fc8674dac7167902eb27d02

# engine=24200

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2015-06-06 02:28:07

# local_time=2015-06-06 04:28:07 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# lang=1031

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode_1=''

# compatibility_mode=5893 16776573 100 94 14262 185230737 0 0

# scanned=281012

# found=261

# cleaned=251

# scan_time=9262

sh=3ADED111BA4C362714DD914AF2875D25390F9141 ft=1 fh=960d55973837187f vn="Variante von Win32/Adware.ConvertAd.KZ.gen Anwendung" ac=I fn="C:\Users\All Users\eud\68AF2947C1C44DD293728E1BD02FFCBB\setup.exe"

sh=F5107D4315C28F6E6A0F94CAD8414D0EE4B1B1E5 ft=1 fh=36723e1fa1633655 vn="Variante von Win32/Amonetize.BQ evtl. unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\All Users\eud\8A2D122CC0E547C9B2D0CDBC8A110E13\setup.exe"

sh=DD2277D66E16DCBB318C28D67EAB24716CC149CC ft=1 fh=4e67ba056e2d11ad vn="Variante von Win32/Adware.SpeedingUpMyPC.Y Anwendung" ac=I fn="C:\Users\All Users\eud\C5B5185A661540D0BCCB74956D7A231B\setup.exe"

sh=E7864F0EE835B0E9BBBAC4848D77C14AD868FE7F ft=1 fh=b2f90e20e2c55da2 vn="Variante von MSIL/Adware.PullUpdate.G.gen Anwendung" ac=I fn="C:\Users\All Users\GrcToTxHhyb\xBcGKPMoYeq.exe"

sh=C4E57DAEF690333727FCE6BB1662A8318BCE933E ft=1 fh=5d0cf4788eaffe6b vn="Variante von MSIL/Adware.PullUpdate.P Anwendung" ac=I fn="C:\Users\All Users\Nropnumipre\1.0.1.0\altohria.exe"

sh=DD2277D66E16DCBB318C28D67EAB24716CC149CC ft=1 fh=4e67ba056e2d11ad vn="Variante von Win32/Adware.SpeedingUpMyPC.Y Anwendung" ac=I fn="C:\Users\All Users\{274f2602-ce97-2b59-274f-f2602ce9980b}\hqghumeaylnlf.exe"

sh=AFF2FDF60083C588EF8CBC8349DD35EC2A5069E3 ft=1 fh=19efcee151207436 vn="Variante von Win32/Adware.SpeedingUpMyPC.Y Anwendung" ac=I fn="C:\Users\All Users\{a7e20bb6-0b0d-9564-a7e2-20bb60b02ed8}\hqghumeaylnlf.exe"

sh=AC597FF4CDB2DDBF589DF3B167DB49829DF30F81 ft=1 fh=3993e54b2ba8c468 vn="Variante von Win32/Adware.ConvertAd.RU Anwendung" ac=I fn="C:\Users\Undertaker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VOUY1GGG\SearchUpdater[1].exe"

sh=EE2B47CD226597EBCD65966869530E6697CB0F5A ft=1 fh=dfba533877d5a86f vn="Variante von Win32/Adware.EoRezo.AZ Anwendung" ac=I fn="C:\Users\Undertaker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WIWZY0KX\setup_gmsd_de[1].exe"

sh=3705670AF8CD8741D870A62B421EC5696A97BEFC ft=1 fh=097437150c7024d4 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Undertaker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y9Y3YUFA\SmartWebInstaller[1].exe"

sh=5B95315844B22672C2E867D8E3D45D9F05ED2016 ft=1 fh=6e4c94e41237e20f vn="Win32/Somoto.Q evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht - in QuarantÃ¤ne kopiert)" ac=C fn="C:\$Recycle.Bin\S-1-5-21-1335839233-2991384071-368375801-1000\$ROVTBOK.exe"

sh=5B95315844B22672C2E867D8E3D45D9F05ED2016 ft=1 fh=6e4c94e41237e20f vn="Win32/Somoto.Q evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht - in QuarantÃ¤ne kopiert)" ac=C fn="C:\$Recycle.Bin\S-1-5-21-1335839233-2991384071-368375801-1000\$RVZV6T8.exe"

sh=E2C833EEE68FDD07D916E2EE74A9C4A23BE37DEE ft=1 fh=9e162fcde915f174 vn="Variante von Win32/Toolbar.MyWebSearch.AS evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\8hUninstall Allin1Convert.dll"

sh=1AC7049A62CACCF4E8A6D9D1C4E34A94653B1139 ft=1 fh=c71c00115e1ca870 vn="Variante von Win32/Toolbar.CrossRider.CG evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\588c3280-483f-4ff6-b4ca-8a53e94287ce\6d0d0443-afb0-43a9-82fe-b0e8cd520bf5.dll"

sh=6FE6BF52A63C5B4C81D7CAE588BA9262A4C18ADA ft=1 fh=ec4a48e12e3e07e8 vn="Variante von Win32/Toolbar.CrossRider.CG evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\588c3280-483f-4ff6-b4ca-8a53e94287ce\836316b1-706d-42d3-a5c0-8dece58f9bae.dll"

sh=1AC7049A62CACCF4E8A6D9D1C4E34A94653B1139 ft=1 fh=c71c00115e1ca870 vn="Variante von Win32/Toolbar.CrossRider.CG evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\588c3280-483f-4ff6-b4ca-8a53e94287ce\90bb36f8-7662-4aa2-bea7-8de0b6ad1b0b.dll"

sh=CEED135E7F1F511AFD6E9B782FDF35B0026C872D ft=1 fh=c71c001131777565 vn="Variante von Win32/Toolbar.CrossRider.CG evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\588c3280-483f-4ff6-b4ca-8a53e94287ce\c9740ebb-633b-4061-b991-a34c9d1fb410.dll"

sh=6291A7A68A0EBF8778F0E85FF95F6E52D1416F66 ft=1 fh=c71c0011881e7530 vn="Variante von Win32/Toolbar.CrossRider.CG evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\588c3280-483f-4ff6-b4ca-8a53e94287ce\da03763f-77f8-424f-9b27-69994d02e853.dll"

sh=CEED135E7F1F511AFD6E9B782FDF35B0026C872D ft=1 fh=c71c001131777565 vn="Variante von Win32/Toolbar.CrossRider.CG evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\66eb7326-d26b-4ed7-8b75-f11540f0061d\5dd3134a-bd10-462f-8eb6-ae1099b30090.dll"

sh=6FE6BF52A63C5B4C81D7CAE588BA9262A4C18ADA ft=1 fh=ec4a48e12e3e07e8 vn="Variante von Win32/Toolbar.CrossRider.CG evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\850b14a9-df9b-49e0-86a9-17f782850ec2\2f93031a-0ea8-485f-9e78-d327f9a56056.dll"

sh=E2C833EEE68FDD07D916E2EE74A9C4A23BE37DEE ft=1 fh=9e162fcde915f174 vn="Variante von Win32/Toolbar.MyWebSearch.AS evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbar.dll"

sh=47588E8E5A2034DA062CD6E61D7072809C265366 ft=1 fh=bd6b7f873a46cf67 vn="Variante von Win32/Toolbar.MyWebSearch.AE evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\8hbarsvc.exe"

sh=4CA4CF526BAB3ACF1E6A649F6AAA232D2AC41868 ft=1 fh=bdd8282939c97a30 vn="Variante von Win32/Toolbar.MyWebSearch.AM evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen (nach dem nÃ¤chsten Neustart) - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\APPINTEGRATORSTUB.DLL"

sh=D07B6FD168B29CE7BC7DDEC0EEEBA0E005EB9431 ft=1 fh=d76e053361562658 vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen (nach dem nÃ¤chsten Neustart) - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\Allin1Convert_8h\bar\1.bin\AppIntegratorStub64.dll"

sh=6291A7A68A0EBF8778F0E85FF95F6E52D1416F66 ft=1 fh=c71c0011881e7530 vn="Variante von Win32/Toolbar.CrossRider.CG evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\bcd6e4c4-84bf-4654-934b-210101b6db64\8683a6bd-3a72-4bb7-bb47-48d57993f06d.dll"

sh=4EC929D6BE7D06CB6281EBF70FCE5BE03DDB309C ft=1 fh=c71c0011a7cb1c10 vn="Variante von Win32/Toolbar.CrossRider.CD evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen (nach dem nÃ¤chsten Neustart) - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-1-6.exe"

sh=C20DC31DEEAFC3E32F3835A436364ED12D129259 ft=1 fh=c0004d1523bd152c vn="Variante von Win32/Toolbar.CrossRider.CD evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-1-7.exe"

sh=A5DF65AE0903C89CC67F496AA6547B03D5A3381F ft=1 fh=c71c001193cfd791 vn="Variante von Win32/Toolbar.CrossRider.CD evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-10.exe"

sh=232F19FE4050FB5BCF779B1DF00F8B1A983C2635 ft=1 fh=dc698ee1853e4aff vn="Variante von Win32/Toolbar.CrossRider.CH evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-11.exe"

sh=6F156A9DE89A1123345D0F677F284EA96C850560 ft=1 fh=d858145b45a041ce vn="Variante von Win32/Toolbar.CrossRider.CC evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-5.exe"

sh=B3768E9F106C3D146B8353F174B5B478C4871858 ft=1 fh=c71c0011c34419d0 vn="Variante von Win32/Toolbar.CrossRider.CD evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-6.exe"

sh=4B96FCF8156DA318F26F91DD4A2672D97567E6ED ft=1 fh=c71c00110938d088 vn="Variante von Win64/Toolbar.Crossrider.N evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen (nach dem nÃ¤chsten Neustart) - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-64.exe"

sh=C20DC31DEEAFC3E32F3835A436364ED12D129259 ft=1 fh=c0004d1523bd152c vn="Variante von Win32/Toolbar.CrossRider.CD evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\BrowserApp3.7\a0cbec6e-4f75-4f43-a882-1a9edf46b195-7.exe"

sh=1AC7049A62CACCF4E8A6D9D1C4E34A94653B1139 ft=1 fh=c71c00115e1ca870 vn="Variante von Win32/Toolbar.CrossRider.CG evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\BrowserApp3.7\bf248b6a-483a-4ab2-8e4e-8a9b59cf9f54.dll"

sh=A5DF65AE0903C89CC67F496AA6547B03D5A3381F ft=1 fh=c71c001193cfd791 vn="Variante von Win32/Toolbar.CrossRider.CD evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\BrowserApp3.7\UninstallBrw.exe"

sh=5420CB4321794E61E5E9546B94E5080D64E84328 ft=1 fh=bad1f37e5afe25ac vn="Variante von Win32/Toolbar.CrossRider.CM evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\BrowserApp3.7\utils.exe"

sh=555BB7FF6B3882DF297BFC79630BF4E72985E8A3 ft=1 fh=20854e81e19fb965 vn="Variante von Win32/Toolbar.CrossRider.CD evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen (nach dem nÃ¤chsten Neustart) - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-1-6.exe"

sh=71F08CE80DF58FC854052E420AB2E8DFB90863A3 ft=1 fh=7158980c03886419 vn="Variante von Win32/Toolbar.CrossRider.CD evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-1-7.exe"

sh=A8FB537498A8E1540071F23D8164D2D548106E24 ft=1 fh=6c64c6fc753e4a4b vn="Variante von Win32/Toolbar.CrossRider.CH evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-11.exe"

sh=A8FB537498A8E1540071F23D8164D2D548106E24 ft=1 fh=6c64c6fc753e4a4b vn="Variante von Win32/Toolbar.CrossRider.CH evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-3.exe"

sh=C52937D614A2765FCA8DD369957FA0D7ECBD0A7E ft=1 fh=fea6144196165d79 vn="Variante von Win32/Toolbar.CrossRider.CC evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-5.exe"

sh=F5F0D5934076971C6AF22DF209FBDDA08008185F ft=1 fh=567c64e8421bcceb vn="Variante von Win32/Toolbar.CrossRider.CD evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-6.exe"

sh=B81442BFDC18B0EB001492325C5AAEB1AC7C1EF5 ft=1 fh=a748035b0d25eb19 vn="Variante von Win64/Toolbar.Crossrider.N evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen (nach dem nÃ¤chsten Neustart) - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-64.exe"

sh=71F08CE80DF58FC854052E420AB2E8DFB90863A3 ft=1 fh=7158980c03886419 vn="Variante von Win32/Toolbar.CrossRider.CD evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\BrowserV04.06\6ed91930-41af-4297-8930-5e8db03633db-7.exe"

sh=6FE6BF52A63C5B4C81D7CAE588BA9262A4C18ADA ft=1 fh=ec4a48e12e3e07e8 vn="Variante von Win32/Toolbar.CrossRider.CG evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\BrowserV04.06\e072eb25-924b-4946-8cfa-49bc20028090.dll"

sh=DCEE285BC4E45E63BF35EE0DA0AA1D3506013B0C ft=1 fh=d736e88561590461 vn="Variante von Win32/Toolbar.CrossRider.CD evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\BrowserV04.06\UninstallBrw.exe"

sh=31BFC7B2C2D20CEA848EB4CC1A526FBD6F512882 ft=1 fh=8ba551090ae4bb69 vn="Variante von Win32/Toolbar.CrossRider.CM evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\BrowserV04.06\utils.exe"

sh=7502B48484E2E0FEC6CF2CDB3342E2F31F6BA58B ft=1 fh=92d319fc306ceca1 vn="Variante von Win32/Toolbar.CrossRider.CN evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\Crossbrowse\Crossbrowse\Application\utility.exe"

sh=776F41599C9EBE28C07489680EEBDB727E1BFE5A ft=1 fh=c71c00119a74eb7c vn="Variante von Win32/AlteredSoftware.E evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npglobalupdateUpdate4.dll"

sh=AA088E332A04E0DA5F642F1DCAF1A7AE5504AE32 ft=1 fh=d57b73a769c2ed5d vn="Variante von Win32/AdWare.EoRezo.AU Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\gmsd_de_586\gamesdesktop_widget.exe"

sh=AEF28FDD7E1BD4890C30865E3778387DCD603F7A ft=1 fh=75592af96d7955cf vn="Variante von Win32/AdWare.EoRezo.AU Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\gmsd_de_586\gmsd_de_586.exe"

sh=FB9155497AFABD1D6E056B22523315F8128A8B1A ft=1 fh=65f70e9c8673894e vn="Variante von Win32/Adware.EoRezo.AZ Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\gmsd_de_586\predm.exe"

sh=2E8E1D4BBA2C0E5AA7CEBA830B571AABB9D564AA ft=1 fh=4945052ca92a18ad vn="Variante von Win32/AdWare.EoRezo.AU Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\gmsd_de_592\gamesdesktop_widget.exe"

sh=5297148365BE8A4E908EEEF0AF3FE85ACCC0B993 ft=1 fh=1313b653cee940ef vn="Variante von Win32/AdWare.EoRezo.AU Anwendung (GesÃ¤ubert durch LÃ¶schen (nach dem nÃ¤chsten Neustart) - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\gmsd_de_592\gmsd_de_592.exe"

sh=0C51F709CA885624F4BF37CA639A9FFCFF248A89 ft=1 fh=b68934cf7505ed02 vn="Variante von Win32/Adware.EoRezo.AZ Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\gmsd_de_592\predm.exe"

sh=6AA0E22699B2E8D6C644F2CAAED9561DD6229362 ft=1 fh=9e53404adbf6d918 vn="Variante von Win32/Packed.Komodia.A verdÃ¤chtige Datei (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\HighlightSearches\ABDLL.dll"

sh=59CAF453F6EB81A5436F4426C08219E4696B8FCB ft=1 fh=95ae5d39d3ca602c vn="Variante von Win32/Packed.Komodia.A verdÃ¤chtige Datei (GesÃ¤ubert durch LÃ¶schen (nach dem nÃ¤chsten Neustart) - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\HighlightSearches\abenginecert.dll"

sh=754B75E6B64D6B01129361DD40BBD3B61EB4D1C6 ft=1 fh=5515f5076d96fb29 vn="Variante von Win32/Packed.Komodia.A verdÃ¤chtige Datei (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\HighlightSearches\abenginewd.dll"

sh=0119B4C28815D7986DA549D5F7DCA0718A9E3FD8 ft=1 fh=4311010adafd499b vn="Win32/Adware.Flinject.A Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\HighlightSearches\iren3006.exe"

sh=E0359B12A990BB29A0DB03E0FEDD5D84FB760EB3 ft=1 fh=600949467ccd7b6e vn="Variante von Win32/Adware.Vitruvian.F Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\Infonaut_1.10.0.14\Service\insvc.exe"

sh=E2C833EEE68FDD07D916E2EE74A9C4A23BE37DEE ft=1 fh=9e162fcde915f174 vn="Variante von Win32/Toolbar.MyWebSearch.AS evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\9tbar.dll"

sh=47588E8E5A2034DA062CD6E61D7072809C265366 ft=1 fh=bd6b7f873a46cf67 vn="Variante von Win32/Toolbar.MyWebSearch.AE evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\9tbarsvc.exe"

sh=9F5A321AE114FC1A18879D9020B858F38D2B3E89 ft=1 fh=bf44e0c89f37d168 vn="Variante von Win32/Toolbar.MyWebSearch.AS evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\9tbprtct.dll"

sh=F099D51F0AD47D96B5A590BCDFC1CC1F8749DD65 ft=1 fh=a780294ee5143a96 vn="Variante von Win32/Toolbar.MyWebSearch.AS evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\9tdatact.dll"

sh=21D7D87AD8231E253747555C0EF523281B301731 ft=1 fh=1ccff04835db7f03 vn="Variante von Win32/Toolbar.MyWebSearch.AS evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen (nach dem nÃ¤chsten Neustart) - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\9tdlghk.dll"

sh=B53F3279B1FD544923C76A3DD70A1491C6C771C0 ft=1 fh=f6c7d42c7e589fa1 vn="Variante von Win64/Toolbar.MyWebSearch.B evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\9tdlghk64.dll"

sh=A70939B7F5D70B3362AF7E409FE5694CD0332F42 ft=1 fh=52cbc77cb56ac7b3 vn="Variante von Win32/Toolbar.MyWebSearch.AS evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\9tfeedmg.dll"

sh=7A0D74B0F762389FC64212073902C53BAB06EF93 ft=1 fh=45fa6db7aba0514d vn="Variante von Win32/Toolbar.MyWebSearch.AJ evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\9thighin.exe"

sh=3E6A3D2F7BED9458A6463483C84B5455EB6FD001 ft=1 fh=3d34a9c7920b0ace vn="Variante von Win32/Toolbar.MyWebSearch.AM evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\9thkstub.dll"

sh=9EB7640F7FB0B699C6DF75E66C7E8C0D9E21F3CC ft=1 fh=38be5ef24383a5d0 vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\9thtmlmu.dll"

sh=BDADBCED025A8A20B40049CC17414E198FEF4E81 ft=1 fh=f9bdd3e0e43cc208 vn="Variante von Win32/Toolbar.MyWebSearch.AS evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\9thttpct.dll"

sh=4CD512C5942F1DEEE5ACB26559BB9FC6B4A8204E ft=1 fh=a878d59d734b935e vn="Variante von Win32/Toolbar.MyWebSearch.AE evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\9tidle.dll"

sh=60906D0380A0B29D67B153784C4F78432FC99986 ft=1 fh=34ae1a71b9c6839b vn="Variante von Win32/Toolbar.MyWebSearch.AJ evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\9tmedint.exe"

sh=76657B4BFF0FD6BD949A0E15337FBABEFD8AB326 ft=1 fh=cac4f013d6372fb6 vn="Win32/Toolbar.MyWebSearch.AS evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\9tmlbtn.dll"

sh=1F72EFEF3BCA27FFF74DBEF4C08762B2D9BA3E15 ft=1 fh=fd2482e65b8791ab vn="Variante von Win32/Toolbar.MyWebSearch.AJ evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\9tPlugin.dll"

sh=99E81D983023608B908F7A8390CE995C253030D7 ft=1 fh=d2071bce09b9bac6 vn="Variante von Win32/Toolbar.MyWebSearch.AK evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\9treghk.dll"

sh=4BA5E4C514C254C7248F6FA6B540A9ABC2805565 ft=1 fh=273cb58db048e71e vn="Variante von Win32/Toolbar.MyWebSearch.AS evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\9tregiet.dll"

sh=EDC6F99BCAC6616FC160FE0240F5101580F528D0 ft=1 fh=5f6023e1200c1318 vn="Variante von Win32/Toolbar.MyWebSearch.AS evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\9tscript.dll"

sh=CA89F61D9A80272F560256F312A537F777A87AEF ft=1 fh=d92df48e556aedca vn="Variante von Win32/Toolbar.MyWebSearch.P evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\9tskin.dll"

sh=77D0C33BAC54A50FB83438215C73F493CD7BBF9E ft=1 fh=d15ef7d26608f47d vn="Variante von Win32/Toolbar.MyWebSearch.AJ evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\9tskplay.exe"

sh=E7A14A77EAAE6CB9FC6CC487B1CE1CB70C063502 ft=1 fh=a479c3fc682024f1 vn="Variante von Win32/Toolbar.MyWebSearch.AS evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen (nach dem nÃ¤chsten Neustart) - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\9tSrcAs.dll"

sh=72489280930F183E34FE5AF817F207A5EB65F8D4 ft=1 fh=033eb58713fd33d4 vn="Variante von Win32/Toolbar.MyWebSearch.AA evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\9ttpinst.dll"

sh=9736DD448F1751787A8457AFE3D789543A327C9C ft=1 fh=ea966f1845a5c441 vn="Variante von Win32/Toolbar.MyWebSearch.AJ evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\APPINTEGRATOR.EXE"

sh=A526A314F90D61F8132D8E2DB5982ABBFE022C1D ft=1 fh=3c4a262bc57b3aff vn="Win64/Toolbar.MyWebSearch.D evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\AppIntegrator64.exe"

sh=4CA4CF526BAB3ACF1E6A649F6AAA232D2AC41868 ft=1 fh=bdd8282939c97a30 vn="Variante von Win32/Toolbar.MyWebSearch.AM evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen (nach dem nÃ¤chsten Neustart) - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\APPINTEGRATORSTUB.DLL"

sh=D07B6FD168B29CE7BC7DDEC0EEEBA0E005EB9431 ft=1 fh=d76e053361562658 vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen (nach dem nÃ¤chsten Neustart) - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\AppIntegratorStub64.dll"

sh=BAB6681DE94799B603E62C40D171D74C7842FB17 ft=1 fh=33cf14314fda0344 vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\ASSISTMONITOR.DLL"

sh=899D23DE4C2379EDFBD2E9FE7F09550771D038D4 ft=1 fh=c3e98bbd9f35c6ba vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\ASSISTMONITOR64.DLL"

sh=2AFE6690FA1CF56D287C31A9857578363F5A2D67 ft=1 fh=027fcd1b6271324d vn="Variante von Win32/Toolbar.MyWebSearch.Z evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\CREXT.DLL"

sh=DF8A6BBA205666A6F7C0ACBDF09BF6E8EB136EA0 ft=1 fh=8cd7f253e514d7ea vn="Win32/Toolbar.MyWebSearch.AR evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\CrExtP9t.exe"

sh=94BC264068D497F6D2042E171E4D044B77028C7B ft=1 fh=93c4f6f450d54597 vn="Win32/Toolbar.MyWebSearch.AR evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\DPNMNGR.DLL"

sh=73FCC496487920A14146D46A787454F89B5F793E ft=1 fh=5386ecf351ab8164 vn="Variante von Win32/Toolbar.MyWebSearch.AO evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\FF-NativeMessagingDispatcher.dll"

sh=811ECD5DF9B0E23850C4204A6DDFB245873559B2 ft=1 fh=eca32475fc9beef3 vn="Win32/Toolbar.MyWebSearch.AR evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\HKFXMGR.DLL"

sh=A6DE9AF875A9AD9D97330755826C48C2B332EA74 ft=1 fh=335223835e132def vn="Win64/Toolbar.MyWebSearch.E evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\HKFXMGR64.DLL"

sh=C4E4F01CA5F0B4ED10F796C102FF8BDEF6B6B678 ft=1 fh=fba9786493da4386 vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\HPG.DLL"

sh=75A91B8490235724542C34E4EA62D4DB8443B7D8 ft=1 fh=02c55ebfd7926ce0 vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\Hpg64.dll"

sh=FB594A15D77C57A0E0BB41FB17383D80877E6CEE ft=1 fh=ffe6c0c499ffa4e3 vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\T8EPMSUP.DLL"

sh=6DA69E00DCB0DA9D648EB5D63F895ED020447618 ft=1 fh=43b4b1abba357bad vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\T8EXTEX.DLL"

sh=388DD4FF1E3CF6BFCF34DED0C86E154C1D3EE73E ft=1 fh=35048c9d01a08485 vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\T8EXTPEX.DLL"

sh=139FBF5145FB3A0FEDA5EE93DF36BE7E00B90817 ft=1 fh=b2180dc33cd50010 vn="Variante von Win32/Toolbar.MyWebSearch.AS evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\T8HTML.DLL"

sh=A187B0341C1444615B4E0D4A6B8BED3F4599CA3A ft=1 fh=b7685368d5405ed9 vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\T8TICKER.DLL"

sh=0EB06DF026A32B1CA4B335088948B66247506EAF ft=1 fh=4f153c8941af29df vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\TOOLBARGUARD.DLL"

sh=48873B11EC917BD1358D544DF131C74D0DFAE052 ft=1 fh=38dee7cd1cd56751 vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\TOOLBARGUARD64.DLL"

sh=2D869BF4DADFCE0CC46A67F701673D40E9A4AA6F ft=1 fh=56c6eeed92f2e3bb vn="Win32/Toolbar.MyWebSearch.AI evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\TPIMANAGERCONSOLE.EXE"

sh=E5EF5447933372B3B7237635F12D5CD1BE4EF5CC ft=1 fh=b94dd24e0709c2a4 vn="Variante von Win32/Toolbar.MyWebSearch.AC evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\VERIFY.DLL"

sh=A6C707660A23BF1CA6AB60D4DE4E60C2BA794976 ft=1 fh=b653663677980fb3 vn="Variante von Win32/Toolbar.MyWebSearch.AM evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\assists\ie_default_search_provider\ARBITER.DLL"

sh=A66AA13DA54773B2408FF28A24456E959EAFE46D ft=1 fh=86e6eee54614f6c8 vn="Variante von Win64/Toolbar.MyWebSearch.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\assists\ie_default_search_provider\ARBITER64.DLL"

sh=1F5CB72E95336B2FE932CB549E75A2C523D1001C ft=1 fh=560481649e2dfeec vn="Variante von Win32/Toolbar.MyWebSearch.AF evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\assists\ie_default_search_provider\ASSIST.EXE"

sh=0A8E345E03D2DA368C1792B4F619F64100BCF6AE ft=1 fh=4d6f7278f0aca2ee vn="Variante von Win32/Toolbar.MyWebSearch.AR evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\assists\ie_enable\ARBITER.DLL"

sh=B5451BCDA721D129822FBB7A40997418F374EB72 ft=1 fh=fc7d835392c3df3e vn="Variante von Win32/Toolbar.MyWebSearch.AR evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\InternetSpeedTracker_9t\bar\1.bin\assists\ie_enable\ARBITER64.DLL"

sh=228BC6939045E3838E94C4BA6DEA1389AE3157DB ft=1 fh=c71c0011f3027171 vn="Variante von Win32/Toolbar.CrossRider.CD evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen (nach dem nÃ¤chsten Neustart) - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-1-6.exe"

sh=23546BA52D425D88CC2BEF2FDC9071B527E65F2C ft=1 fh=9c89dd7fd2dc94b7 vn="Variante von Win32/Toolbar.CrossRider.CD evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-1-7.exe"

sh=B8DD22B2DCFABFA525311208431C82E1230A1B8F ft=1 fh=c71c0011a44a5513 vn="Variante von Win32/Toolbar.CrossRider.CO evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-10.exe"

sh=8DE229683D100878ADA7945FA2DF6D8FE3FAF8B3 ft=1 fh=d4df386475425c90 vn="Variante von Win32/Toolbar.CrossRider.CH evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-11.exe"

sh=8DE229683D100878ADA7945FA2DF6D8FE3FAF8B3 ft=1 fh=d4df386475425c90 vn="Variante von Win32/Toolbar.CrossRider.CH evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-3.exe"

sh=2275DA2EFA6C448E741D251C45B021CA28612325 ft=1 fh=9ff5ab0ab27e3bc3 vn="Variante von Win32/Toolbar.CrossRider.CC evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-5.exe"

sh=E7584B41B14D8F972AB84E0D175F103354937CFD ft=1 fh=c71c00111fa9f3b3 vn="Variante von Win32/Toolbar.CrossRider.BZ evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-6.exe"

sh=D5129FD3BCC7CB2A1298D607AD8B1034C9CAF21C ft=1 fh=c71c00114a8ee9ef vn="Variante von Win64/Toolbar.Crossrider.N evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen (nach dem nÃ¤chsten Neustart) - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-64.exe"

sh=23546BA52D425D88CC2BEF2FDC9071B527E65F2C ft=1 fh=9c89dd7fd2dc94b7 vn="Variante von Win32/Toolbar.CrossRider.CD evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\MediaPlayerVid2.4\4acdf6a3-65a5-4183-a39b-7753275a47f4-7.exe"

sh=6291A7A68A0EBF8778F0E85FF95F6E52D1416F66 ft=1 fh=c71c0011881e7530 vn="Variante von Win32/Toolbar.CrossRider.CG evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\MediaPlayerVid2.4\a0d4f97f-e246-407d-9a5d-5ccb3dbbaa5f.dll"

sh=C9710DF61C380BBEFAC3F24832F9D69475514098 ft=1 fh=2ec9ed37c69f3be0 vn="Variante von Win32/Toolbar.CrossRider.CM evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\MediaPlayerVid2.4\utils.exe"

sh=C3DEFA5E775E1CE7EEA8FAE67FA3E504A513DF4F ft=1 fh=eb3ef09612dbcc7f vn="Win32/ELEX.BM evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\MiuiTab\BrowerWatchCH.dll"

sh=7F80338F92F336DF2F747EE304EA99F98733D7EF ft=1 fh=a20bcc0e72d988a6 vn="Win32/ELEX.BM evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\MiuiTab\BrowerWatchFF.dll"

sh=5D628376391A827A818B0A079B64EE457AE9B82A ft=1 fh=c71c0011e2e7a7a5 vn="Variante von Win32/ELEX.DH evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\MiuiTab\BrowserAction.dll"

sh=34560DDE92CC541AE16932D02887F5CE880DC4C8 ft=1 fh=e95166d450b773b3 vn="Variante von Win32/ELEX.CY evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\MiuiTab\CmdShell.exe"

sh=A71D8EBDBF6DB1BF2092D520DBD79481F74F141C ft=1 fh=e8458438005d3d26 vn="Variante von Win32/ELEX.DK evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\MiuiTab\HPNotify.exe"

sh=948691DF20AD5F76AEBE6CE8DBA1F967C8B6BD0F ft=1 fh=fe4bd6b5ea25d889 vn="Win32/ELEX.BM evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\MiuiTab\IeWatchDog.dll"

sh=AD657A3DC5DBF10DF06ED9F94DEF410FCC9429F9 ft=1 fh=ae00004d8419e992 vn="Variante von Win32/Thinknice.B evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\MiuiTab\SupTab.dll"

sh=D5B50C0B56701CBB4406604706306FC548030192 ft=1 fh=ec0e8afeda570a30 vn="Variante von Win32/Adware.SpeedingUpMyPC.AG Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\Optimizer Pro 3.95\OptimizerPro.exe"

sh=0A515DA6F7C0CADF80716E444B1ED2A2681BF35B ft=1 fh=359901d5daddbd2f vn="Variante von Win32/Adware.SpeedingUpMyPC.AD Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\Optimizer Pro 3.95\OptProGuard.exe"

sh=5D01C8785EBEEE4CBEECCA5CA54E9A6AA16EF5D4 ft=1 fh=d622c00b87743adf vn="Variante von Win32/OptimizerPro.B evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\Optimizer Pro 3.95\OptProHelper.dll"

sh=73ACC29929B4149908218C35013C69D6FD423647 ft=1 fh=e36c240e99ee56b1 vn="Variante von Win32/Adware.SpeedingUpMyPC.AC Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\Optimizer Pro 3.95\OptProLauncher.exe"

sh=619E1E0E060F79389D8DE26FF9C6E9C871B5A988 ft=1 fh=066910ac89cd5f93 vn="Variante von Win32/Adware.MultiPlug.IX Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\Optimizer Pro 3.95\OptProMon.dll"

sh=221EDF8BD77C962A40F74949275D8F5BF3C9E36A ft=1 fh=6ae2997102109d0c vn="Variante von Win32/Adware.SpeedingUpMyPC.AE Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\Optimizer Pro 3.95\OptProReminder.exe"

sh=5F1B01599D243FABD4684F230CBD67FAE67A1F8D ft=1 fh=054d731785d682cb vn="Variante von Win32/Adware.SpeedingUpMyPC.AG Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\Optimizer Pro 3.95\OptProSchedule.exe"

sh=B482F7A880EAA47FCB467E2C727B7379FB746F7D ft=1 fh=76b7eab4c96c7ab8 vn="Variante von Win32/Adware.SpeedingUpMyPC.AG Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\Optimizer Pro 3.95\OptProSmartScan.exe"

sh=C92B61FDA5A2D79DBDB6BEF38EBD8DA24779209B ft=1 fh=508c896cd91f6bd9 vn="Win32/Adware.SpeedingUpMyPC.AG Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\Optimizer Pro 3.95\OptProStart.exe"

sh=E6648C7DB90623C3F0244410426ED831FBF2E2EF ft=1 fh=41f9d845935f8e31 vn="Variante von Win32/Adware.SpeedingUpMyPC.AG Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\Optimizer Pro 3.95\OptProUninstaller.exe"

sh=34219B422AAABCDE6D35FEFED1741C06C93A0663 ft=1 fh=4bed8d9997982404 vn="Variante von Win32/ClientConnect.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\SearchProtect\Main\bin\uninstall.pun"

sh=CEED135E7F1F511AFD6E9B782FDF35B0026C872D ft=1 fh=c71c001131777565 vn="Variante von Win32/Toolbar.CrossRider.CG evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\Sm23mS\25b74a27-85cd-48a4-8e0a-5cb1163ade69.dll"

sh=D7975DF2EBC2A6299D3FF13483A642092D9B9D20 ft=1 fh=c71c00116f793630 vn="Variante von Win32/Toolbar.CrossRider.CD evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen (nach dem nÃ¤chsten Neustart) - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-1-6.exe"

sh=8FD6E610E5F64283F8A263BAF43E78DA2243E7EA ft=1 fh=782b185a0a829073 vn="Variante von Win32/Toolbar.CrossRider.CD evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-1-7.exe"

sh=03A12FECCEDC98AAF1AA4E67A75382FCD64F942C ft=1 fh=c71c00116622a638 vn="Variante von Win32/Toolbar.CrossRider.CD evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-10.exe"

sh=59A1FFFE0BA24F57C623FD11C8DDE76909AE7342 ft=1 fh=222cd515fc5fbe76 vn="Variante von Win32/Toolbar.CrossRider.BV evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-11.exe"

sh=EA3A99D2E5F31D64759F74E69E07A4B3A6B0586D ft=1 fh=03b0f8174074b76c vn="Variante von Win32/Toolbar.CrossRider.CC evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-5.exe"

sh=7E864202B17E579E79ED2B9C59C76A8EB7B3F54D ft=1 fh=c71c001155f398de vn="Variante von Win32/Toolbar.CrossRider.CD evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-6.exe"

sh=922956A124D7F4FE344181D90E9FEF98A058342D ft=1 fh=c71c001145b328a0 vn="Variante von Win64/Toolbar.Crossrider.N evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen (nach dem nÃ¤chsten Neustart) - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-64.exe"

sh=8FD6E610E5F64283F8A263BAF43E78DA2243E7EA ft=1 fh=782b185a0a829073 vn="Variante von Win32/Toolbar.CrossRider.CD evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\Sm23mS\c9a5ce26-662c-40a2-9648-87facc485c97-7.exe"

sh=03A12FECCEDC98AAF1AA4E67A75382FCD64F942C ft=1 fh=c71c00116622a638 vn="Variante von Win32/Toolbar.CrossRider.CD evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\Sm23mS\UninstallBrw.exe"

sh=ADA170FD986DFABCC0058D0498717E99DAA3CB25 ft=1 fh=cc8dae8c4c38f072 vn="Variante von Win32/Toolbar.CrossRider.CM evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\Sm23mS\utils.exe"

sh=B3D876F6D7D40E26610D9CFFC6D18928F4644A72 ft=1 fh=c71c0011de18eb58 vn="Variante von Win32/Toolbar.Montiera.Y evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen (nach dem nÃ¤chsten Neustart) - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\StartPoint\startpoint\1.3.23.0\napdgpoh.dll"

sh=68183CB2C0AD0AC1DACCA86F562E488EDC1433C5 ft=1 fh=c71c0011a880fe32 vn="Variante von Win32/Toolbar.Montiera.AD evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\StartPoint\startpoint\1.3.23.0\poieidjC.dll"

sh=17BCF17053CE423F45EB12B08BAEAAF36B2A8D8D ft=1 fh=e574ffa8cd40d853 vn="Variante von Win32/Toolbar.Montiera.AB evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\StartPoint\startpoint\1.3.23.0\res.dll"

sh=90435ADBE3A15F9FB079404737A0E209F879B25E ft=1 fh=f3f20b89feab9800 vn="Variante von Win32/Toolbar.Montiera.Q evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\StartPoint\startpoint\1.3.23.0\startpoint.exe"

sh=7C59CA8FDFB68DAF50C3D291465446AC1D4FE4FF ft=1 fh=488f608aa4a29396 vn="Variante von Win32/Toolbar.Montiera.R evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\StartPoint\startpoint\1.3.23.0\startup.exe"

sh=E09CFC697BAB4933BDEFF42401B13C2AF509DFBF ft=1 fh=c71c001115c400b1 vn="Variante von Win32/Toolbar.CrossRider.CD evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\System NotifierV05.06\d2df547c-f525-4d5b-9dfe-1dc20fbde0e5-10.exe"

sh=33194DE23FDC0061414036A60A5029605B3A11C1 ft=1 fh=e206c117e920fd0a vn="Variante von Win32/Toolbar.CrossRider.CC evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\System NotifierV05.06\d2df547c-f525-4d5b-9dfe-1dc20fbde0e5-5.exe"

sh=E09CFC697BAB4933BDEFF42401B13C2AF509DFBF ft=1 fh=c71c001115c400b1 vn="Variante von Win32/Toolbar.CrossRider.CD evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\System NotifierV05.06\UninstallBrw.exe"

sh=148983444308484E79DC3A80765B7D29BB4CF23F ft=1 fh=75c5d5481f3cba99 vn="Variante von Win32/Toolbar.CrossRider.CM evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\System NotifierV05.06\utils.exe"

sh=2C9EAC868877425E8707995A96140F6521DCAA64 ft=1 fh=c458c560ec55c6a0 vn="Win32/SpeedUpMyPC evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\Uniblue\SpeedUpMyPC\speedupmypc.exe"

sh=77E4E1AE908F954E5282E14AAFF6BC24218A87FF ft=1 fh=774bc0e6f98522b2 vn="Win32/UniBlue.D evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Program Files (x86)\Uniblue\SpeedUpMyPC\thirdpartyinstaller.exe"

sh=3ADED111BA4C362714DD914AF2875D25390F9141 ft=1 fh=960d55973837187f vn="Variante von Win32/Adware.ConvertAd.KZ.gen Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\ProgramData\eud\68AF2947C1C44DD293728E1BD02FFCBB\setup.exe"

sh=F5107D4315C28F6E6A0F94CAD8414D0EE4B1B1E5 ft=1 fh=36723e1fa1633655 vn="Variante von Win32/Amonetize.BQ evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\ProgramData\eud\8A2D122CC0E547C9B2D0CDBC8A110E13\setup.exe"

sh=DD2277D66E16DCBB318C28D67EAB24716CC149CC ft=1 fh=4e67ba056e2d11ad vn="Variante von Win32/Adware.SpeedingUpMyPC.Y Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\ProgramData\eud\C5B5185A661540D0BCCB74956D7A231B\setup.exe"

sh=E7864F0EE835B0E9BBBAC4848D77C14AD868FE7F ft=1 fh=b2f90e20e2c55da2 vn="Variante von MSIL/Adware.PullUpdate.G.gen Anwendung (GesÃ¤ubert durch LÃ¶schen (nach dem nÃ¤chsten Neustart) - in QuarantÃ¤ne kopiert)" ac=C fn="C:\ProgramData\GrcToTxHhyb\xBcGKPMoYeq.exe"

sh=54F597960E46135214CCB1574125D4A9FD2F6D57 ft=1 fh=d090186774b9114a vn="Variante von MSIL/Adware.PullUpdate.G.gen Anwendung (GesÃ¤ubert durch LÃ¶schen (nach dem nÃ¤chsten Neustart) - in QuarantÃ¤ne kopiert)" ac=C fn="C:\ProgramData\GrcToTxHhyb\dat\bpIjYIlEJJ.exe"

sh=CFA726C451DD815F9C491059C16DD7FEAE62E8AB ft=1 fh=0868c8abd765084f vn="Variante von MSIL/Adware.PullUpdate.K.gen Anwendung (GesÃ¤ubert durch LÃ¶schen (nach dem nÃ¤chsten Neustart) - in QuarantÃ¤ne kopiert)" ac=C fn="C:\ProgramData\GrcToTxHhyb\dat\HonlOJg.dll"

sh=B2B9394D7F7B7E70750B4190EA0CC78DA7183941 ft=1 fh=34c925a9fd8b1320 vn="Variante von MSIL/Adware.PullUpdate.G.gen Anwendung (GesÃ¤ubert durch LÃ¶schen (nach dem nÃ¤chsten Neustart) - in QuarantÃ¤ne kopiert)" ac=C fn="C:\ProgramData\GrcToTxHhyb\dat\sGNjwQhowTs.exe"

sh=69D79009DF2853C067B182E77776E042D9A6F808 ft=1 fh=32f8e63a48089df9 vn="Variante von MSIL/Adware.PullUpdate.K.gen Anwendung (GesÃ¤ubert durch LÃ¶schen (nach dem nÃ¤chsten Neustart) - in QuarantÃ¤ne kopiert)" ac=C fn="C:\ProgramData\GrcToTxHhyb\dat\XPpqelmwZ.dll"

sh=C4E57DAEF690333727FCE6BB1662A8318BCE933E ft=1 fh=5d0cf4788eaffe6b vn="Variante von MSIL/Adware.PullUpdate.P Anwendung (GesÃ¤ubert durch LÃ¶schen (nach dem nÃ¤chsten Neustart) - in QuarantÃ¤ne kopiert)" ac=C fn="C:\ProgramData\Nropnumipre\1.0.1.0\altohria.exe"

sh=DD2277D66E16DCBB318C28D67EAB24716CC149CC ft=1 fh=4e67ba056e2d11ad vn="Variante von Win32/Adware.SpeedingUpMyPC.Y Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\ProgramData\{274f2602-ce97-2b59-274f-f2602ce9980b}\hqghumeaylnlf.exe"

sh=AFF2FDF60083C588EF8CBC8349DD35EC2A5069E3 ft=1 fh=19efcee151207436 vn="Variante von Win32/Adware.SpeedingUpMyPC.Y Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\ProgramData\{a7e20bb6-0b0d-9564-a7e2-20bb60b02ed8}\hqghumeaylnlf.exe"

sh=54F597960E46135214CCB1574125D4A9FD2F6D57 ft=1 fh=d090186774b9114a vn="Variante von MSIL/Adware.PullUpdate.G.gen Anwendung (GesÃ¤ubert durch LÃ¶schen (nach dem nÃ¤chsten Neustart) - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\All Users\GrcToTxHhyb\dat\bpIjYIlEJJ.exe"

sh=CFA726C451DD815F9C491059C16DD7FEAE62E8AB ft=1 fh=0868c8abd765084f vn="Variante von MSIL/Adware.PullUpdate.K.gen Anwendung (GesÃ¤ubert durch LÃ¶schen (nach dem nÃ¤chsten Neustart) - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\All Users\GrcToTxHhyb\dat\HonlOJg.dll"

sh=B2B9394D7F7B7E70750B4190EA0CC78DA7183941 ft=1 fh=34c925a9fd8b1320 vn="Variante von MSIL/Adware.PullUpdate.G.gen Anwendung (GesÃ¤ubert durch LÃ¶schen (nach dem nÃ¤chsten Neustart) - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\All Users\GrcToTxHhyb\dat\sGNjwQhowTs.exe"

sh=69D79009DF2853C067B182E77776E042D9A6F808 ft=1 fh=32f8e63a48089df9 vn="Variante von MSIL/Adware.PullUpdate.K.gen Anwendung (GesÃ¤ubert durch LÃ¶schen (nach dem nÃ¤chsten Neustart) - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\All Users\GrcToTxHhyb\dat\XPpqelmwZ.dll"

sh=637F778178623B6520BFC2232E74EC1695A45311 ft=1 fh=82c7277898e5f077 vn="Variante von Win32/Amonetize.ET evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\7721\Updater.exe"

sh=39EFB4F1FB078E913A962E257CF5BB37EA8B09DE ft=1 fh=548fd630e13b1bd4 vn="Variante von Win32/Toolbar.CrossRider.BX evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Apps\2.0\ZJ4DRMMZ.JTG\EQTECP39.6XR\setu...app_a304de035277f5b8_0000.0002_4484a0edd4274667\7.exe"

sh=DA201942334E863767B2BAEF85C6558083F51907 ft=1 fh=8f7c0dd18879a3d0 vn="Variante von Win32/Toolbar.CrossRider.BX evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Apps\2.0\ZJ4DRMMZ.JTG\EQTECP39.6XR\setu...app_a304de035277f5b8_0000.0002_4484a0edd4274667\7db.exe"

sh=2ECA6C5CE0CFE9BC9D0B373EC0DEA71648F22F79 ft=1 fh=7d3d244d2ef632a9 vn="Variante von Win32/SoftPulse.AG evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Apps\2.0\ZJ4DRMMZ.JTG\EQTECP39.6XR\setu...app_a304de035277f5b8_0000.0002_4484a0edd4274667\SetupWizard.exe"

sh=2ECA6C5CE0CFE9BC9D0B373EC0DEA71648F22F79 ft=1 fh=7d3d244d2ef632a9 vn="Variante von Win32/SoftPulse.AG evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Apps\2.0\ZJ4DRMMZ.JTG\EQTECP39.6XR\setup.exe_a304de035277f5b8_0000.0002_none_21804ebbb9399cd3\SetupWizard.exe"

sh=FB15C7C9B14C6DBD2DCE0B4A760869CB4D1F833D ft=1 fh=b7caddf2abd65f22 vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\avabvbyvyc\avabvbyvyc.exe"

sh=5FB62DCDE51B16CDA29184FB277B3B3A0E942AAD ft=1 fh=dd69925897059ae7 vn="Variante von Win32/ClientConnect.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\avabvbyvyc\pbqrmvbub"

sh=8EF70124B55B9ACE24CD7D97D7A09304CE893F55 ft=1 fh=6a7f77f8846ed93c vn="Variante von Win32/Adware.EoRezo.AJ Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\gmsd_de_586\upgmsd_de_586.exe"

sh=A17F293F50E44E58B5E05A227627BB34A02D3E09 ft=1 fh=854009827ef6268b vn="Variante von Win32/Adware.EoRezo.AJ Anwendung (GesÃ¤ubert durch LÃ¶schen (nach dem nÃ¤chsten Neustart) - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\gmsd_de_592\upgmsd_de_592.exe"

sh=FDE9F4F014512E0C786BD5EACD3DD5CD8941F860 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\91.js"

sh=FDE9F4F014512E0C786BD5EACD3DD5CD8941F860 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\jecgbfoconhopjngaaijjgffhokohlac\1.26.78_0\extensionData\plugins\91.js"

sh=5F0AEF7F21118E78D601DCD7310379880A34A782 ft=1 fh=0b745618ce20a8c9 vn="Variante von Win32/Adware.ConvertAd.RU Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VOUY1GGG\dawr[1].exe"

sh=458D93ACB54C46BEC9F2AE459D4074736E414035 ft=1 fh=360861b198e36f2b vn="Variante von Win32/Adware.Vitruvian.F Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WIWZY0KX\infonaut-setup-1.10.0.14[1].exe"

sh=276654DF113ADAB3BC02D86BFED35A4EA9999696 ft=1 fh=6b2b8cc544551537 vn="Variante von MSIL/Adware.Imali.A Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y9Y3YUFA\FinalInstaller_dotnet4[1].exe"

sh=6142578CD21CF27FD3C1B3A4F0626DE9FC6DF275 ft=1 fh=a0b7e9a9340cf144 vn="Variante von Win32/PriceGong.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\SmartWeb\SmartWebApp.exe"

sh=AA2BA9D6607589A3C93D1C760E3512EC8E61F968 ft=1 fh=f770637cdb111250 vn="Win32/Adware.ConvertAd.RC Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\SmartWeb\SmartWebHelper.exe"

sh=080016256C564232771ED8D6EFFC94ECAECAD316 ft=1 fh=bfc1d533ef10baf8 vn="Variante von Win32/PriceGong.C evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\SmartWeb\swhk.dll"

sh=32BE00C9B8BD83BF621E433EC87DE21B08F82098 ft=1 fh=a4fbdca8e8e73dc7 vn="Variante von Win32/PriceGong.C evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\SmartWeb\__u.exe"

sh=B253BF86450F621FDC9201CDAD4A55DA96017963 ft=1 fh=c71c00114a630ed5 vn="Variante von Win32/Adware.AddLyrics.EB Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\00E35A2E-3B5A-BD25-0A1E-9E0608E342C2.exe"

sh=75AEA67991FB7D648B76D175EE1470F9E9196CF5 ft=1 fh=5edd4c3530b7ec84 vn="Variante von Win32/Toolbar.CrossRider.CN evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\2329.exe"

sh=BA69863A06DEC1E50A9CAB3E1C9110395916E1DD ft=1 fh=4a75c7c1672e5db7 vn="MSIL/MyPCBackup.G evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\7978850eae7c485da5eaa3983f21c276362934.exe"

sh=FC303F1BAEA7921AB38347354597F4B246DF378F ft=1 fh=f2a3c0226c04b131 vn="Variante von Win32/Packed.ScrambleWrapper.O evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\9577.exe"

sh=74007051A43C26DEF9A55CD3F2411935EC272EDA ft=1 fh=c71c0011d46ebcbc vn="Variante von Win32/Adware.AddLyrics.EB Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\C430378F-9825-863D-B65C-DF593C22CCD4.exe"

sh=0FCE37322332ABBD64BB09FF43EFD365D99C43E2 ft=1 fh=3ae6a14ff9b7bde5 vn="Variante von Win32/Amonetize.EX evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\Launcher__10272.exe"

sh=776F41599C9EBE28C07489680EEBDB727E1BFE5A ft=1 fh=c71c00119a74eb7c vn="Variante von Win32/AlteredSoftware.E evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\npglobalupdateUpdate4.dll.old6d65c6"

sh=776F41599C9EBE28C07489680EEBDB727E1BFE5A ft=1 fh=c71c00119a74eb7c vn="Variante von Win32/AlteredSoftware.E evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\npglobalupdateUpdate4.dll.old72ce58"

sh=776F41599C9EBE28C07489680EEBDB727E1BFE5A ft=1 fh=c71c00119a74eb7c vn="Variante von Win32/AlteredSoftware.E evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\npglobalupdateUpdate4.dll.old73f9bb"

sh=D68EE7FF15C185692D231C2252B5F2A60BF3434B ft=1 fh=37c42276c7e5e86c vn="Variante von Win32/Adware.ConvertAd.RU Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\nsr7386.tmp"

sh=0E8C60C946A762CF1966E77D30A3120F164C916F ft=1 fh=848af645ba02d5de vn="Mehrere Bedrohungen (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\optprosetup.exe"

sh=17BCF17053CE423F45EB12B08BAEAAF36B2A8D8D ft=1 fh=e574ffa8cd40d853 vn="Variante von Win32/Toolbar.Montiera.AB evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\res.dll"

sh=276654DF113ADAB3BC02D86BFED35A4EA9999696 ft=1 fh=6b2b8cc544551537 vn="Variante von MSIL/Adware.Imali.A Anwendung (GesÃ¤ubert durch LÃ¶schen (nach dem nÃ¤chsten Neustart) - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\sdf17C6.exe"

sh=F468E5973CE8739246CF2D69770EA006CD6455A6 ft=1 fh=a54f9f106924b16d vn="Variante von Win32/Adware.EoRezo.AZ Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\setup_gmsd_de.exe"

sh=8EEEA0BAFF588CE7767C1AEB585C3CEC2C91A2C1 ft=1 fh=53e569f094787791 vn="Win32/Toolbar.Conduit.U evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\sp-downloader.exe"

sh=22382617DB4646AF8E8FABB82B9C6806C1EE69AF ft=1 fh=ce4f9555655f62e9 vn="Variante von Win32/Toolbar.Montiera.Z evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\startpoint_1.exe"

sh=7C59CA8FDFB68DAF50C3D291465446AC1D4FE4FF ft=1 fh=488f608aa4a29396 vn="Variante von Win32/Toolbar.Montiera.R evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\startup.exe"

sh=84F883BAF5554D8EB81D684D158E5A6E474F57DE ft=1 fh=bcc928928aeafc50 vn="Mehrere Bedrohungen (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\supoptsetup.exe"

sh=F2251A7A386675FE43902ADC0525D33672C8BB84 ft=1 fh=e069b17bc5bd2e6a vn="Variante von Win32/Adware.ConvertAd.KZ.gen Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\VOPackage_1712.exe"

sh=04E7997F9E3F54C4096F6EFA419255DF103E02C2 ft=1 fh=c299b02826b3aabc vn="Variante von Win32/Adware.MultiPlug.IX Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\__tmp_14c8c197"

sh=0D6B2D3643639F9EC66C70D1A7722245667ECFD1 ft=1 fh=e84e3080d857d3e0 vn="Variante von Win32/TrojanDropper.Addrop.A Trojaner (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\18dee22d-696a-42b5-af70-d4b43aba95ba\setup.exe"

sh=82C521854E6CA1E7E0BD705C3D14B86FE573449D ft=1 fh=9ac5482a2a938eb0 vn="Win32/MyPCBackup.E evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\29df34a9-d7a6-473f-a79e-e913025dee08\aff_setup.exe"

sh=DDEF8A30CA0234DDCCF55D962D5FA5D2AC69FF7F ft=1 fh=a5703f9a0977c112 vn="Variante von Win32/TrojanDropper.Addrop.A Trojaner (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\5700eee2-c2ac-4178-af5a-ac07652e79ba\setup.exe"

sh=83EAC6DBE1FAFF6EB3ED28CC1B8649DA0957E3F2 ft=1 fh=f7e973f0bce1b407 vn="Variante von Win32/Adware.AddLyrics.EA Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\6eeb9639-3564-4e66-afd8-cfa1231633c1\5555-1007_checkmeup.exe"

sh=75AEA67991FB7D648B76D175EE1470F9E9196CF5 ft=1 fh=5edd4c3530b7ec84 vn="Variante von Win32/Toolbar.CrossRider.CN evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\7852253b-3f69-4e78-b736-a48f7fa9df65\installer.exe"

sh=3BC912E6FE1D4D55143FADE94C37B9EC9848F3E7 ft=1 fh=d3cf5ab729158244 vn="Variante von Win32/DealPly.AC evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\8b4a2d26-152c-4b7e-aad7-cb7ce7065044\pfinst.exe"

sh=09219936CA587BEDA7F7F6822F4A04677D654A67 ft=1 fh=26012f658a8f2f4d vn="Win32/SpeedUpMyPC.A evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\8bde2600-2839-4a70-8dc0-7baf6032f5c4\speedupmypc.exe"

sh=C02ADEDC3558F497047BCDA26868704EA5F0A74A ft=1 fh=2c6fb0c3e3cf0927 vn="Variante von Win32/UniBlue.F evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\8f6db47d-825c-4f46-b513-0d551ff4d66e\driverscanner.exe"

sh=AFF2FDF60083C588EF8CBC8349DD35EC2A5069E3 ft=1 fh=19efcee151207436 vn="Variante von Win32/Adware.SpeedingUpMyPC.Y Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\96ecc2d4-5f35-4a5a-8158-691a3ede5835\superoptimizersetup.exe"

sh=776F41599C9EBE28C07489680EEBDB727E1BFE5A ft=1 fh=c71c00119a74eb7c vn="Variante von Win32/AlteredSoftware.E evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\comh.175841\npglobalupdateUpdate4.dll"

sh=776F41599C9EBE28C07489680EEBDB727E1BFE5A ft=1 fh=c71c00119a74eb7c vn="Variante von Win32/AlteredSoftware.E evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\comh.283105\npglobalupdateUpdate4.dll"

sh=776F41599C9EBE28C07489680EEBDB727E1BFE5A ft=1 fh=c71c00119a74eb7c vn="Variante von Win32/AlteredSoftware.E evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\comh.287132\npglobalupdateUpdate4.dll"

sh=776F41599C9EBE28C07489680EEBDB727E1BFE5A ft=1 fh=c71c00119a74eb7c vn="Variante von Win32/AlteredSoftware.E evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\comh.414634\npglobalupdateUpdate4.dll"

sh=776F41599C9EBE28C07489680EEBDB727E1BFE5A ft=1 fh=c71c00119a74eb7c vn="Variante von Win32/AlteredSoftware.E evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\comh.43039\npglobalupdateUpdate4.dll"

sh=DF28E75AC8B16247ED808EC675AE3AAC90FB0A75 ft=1 fh=d28c05e7d0dc64b6 vn="Variante von Win32/Packed.ScrambleWrapper.O evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\d77197fd-cfe5-4a6b-b88f-3c1f5f4f3fa8\mini_installer.exe"

sh=7F957E33EC8C36FEFA323AA53F6AEEF7DF6F392C ft=1 fh=b1fc0c915d6e3f25 vn="Win32/ELEX.BM evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\E592A50D-87A9-437F-9F9B-31AA642D3A9Bmp\tmp\XTab_Setup(2521).exe"

sh=D0033C082AB4324079D445FC192FD6E8768BD14F ft=1 fh=ef238d643c94d7fe vn="Variante von MSIL/Adware.Imali.A Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\f9626892-7a78-3199-abd2-97bbce96297b\OfferInstaller.exe"

sh=EB87326A84DFDC99667B774F835B0D5600C2A763 ft=1 fh=704fbe3ee9c75a9a vn="Variante von Win32/Packed.ScrambleWrapper.O evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\fba20fff-f392-4e32-9cf0-2e8ff409dcbd\smarts23.exe"

sh=3C32EDAB74289123017109748703BD9F40D49E77 ft=1 fh=4a8bc0dddcf98733 vn="Win32/SpeedUpMyPC evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\is-JJ9NO.tmp\sp-standalone-setup.exe"

sh=3D54E50558FF95716445E744582D45670CA343D5 ft=1 fh=32bd0438717e7272 vn="Variante von MSIL/Adware.PullUpdate.A Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\nsc4D29.tmp\Helper.dll"

sh=807E17AB1B98177E135D30941B45081960D1E866 ft=1 fh=211e050d94f6a57b vn="Variante von Win32/Somoto.G evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\nseC04.tmp\install37376.exe"

sh=6191FE26E7E1D24C0466D72A86DFA62F859F4AE3 ft=1 fh=e607585d368752f5 vn="Variante von Win32/Conduit.SearchProtect.Y evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\nss99E2.tmp\SPtool.dll"

sh=807E17AB1B98177E135D30941B45081960D1E866 ft=1 fh=211e050d94f6a57b vn="Variante von Win32/Somoto.G evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\nsx3095.tmp\install55541.exe"

sh=807E17AB1B98177E135D30941B45081960D1E866 ft=1 fh=211e050d94f6a57b vn="Variante von Win32/Somoto.G evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\nsz9743.tmp\install28203.exe"

sh=DAD15D6F626AB7F5851FCC4B50A0F92191D815C9 ft=1 fh=47ba3de07316b200 vn="Variante von Win32/BrowseFox.AI evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Local\Temp\~nsu.tmp\Au_.exe"

sh=C2CDF8F5CF8F8E7082898326B1937499DEFA5C63 ft=1 fh=4dce2de995a2d99e vn="Variante von Win32/Toolbar.CrossRider.CB evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Roaming\2Ovhr6lC1.exe"

sh=C2CDF8F5CF8F8E7082898326B1937499DEFA5C63 ft=1 fh=4dce2de995a2d99e vn="Variante von Win32/Toolbar.CrossRider.CB evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Roaming\gSyGSmIu0Kf3G.exe"

sh=C2CDF8F5CF8F8E7082898326B1937499DEFA5C63 ft=1 fh=4dce2de995a2d99e vn="Variante von Win32/Toolbar.CrossRider.CB evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Roaming\pPZCdWJiOzyjMMPjw.exe"

sh=C2CDF8F5CF8F8E7082898326B1937499DEFA5C63 ft=1 fh=4dce2de995a2d99e vn="Variante von Win32/Toolbar.CrossRider.CB evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Roaming\QmNpb01D3S9.exe"

sh=C2CDF8F5CF8F8E7082898326B1937499DEFA5C63 ft=1 fh=4dce2de995a2d99e vn="Variante von Win32/Toolbar.CrossRider.CB evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Roaming\qYVcguT.exe"

sh=B2007EDC886AA67707E5FC33B67A5DBDB2A5B46A ft=1 fh=076abd41a3ae762f vn="Variante von Win32/Adware.Hicosmea.F Anwendung (GesÃ¤ubert durch LÃ¶schen (nach dem nÃ¤chsten Neustart) - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Roaming\inminet\forvercu.dll"

sh=F146943C7C494247ED9874C9A2A05C520DC4218A ft=1 fh=6a46a12ee6b9eab3 vn="Variante von Win64/Adware.Hicosmea.F Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Roaming\inminet\sencolny.dll"

sh=0229DB0DE638CE84AA0A86AC3DB43BCD8080058B ft=1 fh=c71c001139045390 vn="Variante von Win32/ELEX.CP evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Roaming\mystartsearch\UninstallManager.exe"

sh=00F24F2A81D016556083E9D60918A0A98F54CDF6 ft=1 fh=03dd67ab78e93074 vn="Variante von Win32/BrowseFox.AI evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Roaming\OpenCandy\C9A23D2F0CA54C19A9A68C83D4AFBC73\setup0213.exe"

sh=FDE9F4F014512E0C786BD5EACD3DD5CD8941F860 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\idhkmcfanijhphphomamdkaejjadkhgn\1.26.69_0\extensionData\plugins\91.js"

sh=FDE9F4F014512E0C786BD5EACD3DD5CD8941F860 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\jecgbfoconhopjngaaijjgffhokohlac\1.26.78_0\extensionData\plugins\91.js"

sh=FDE9F4F014512E0C786BD5EACD3DD5CD8941F860 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\mdcoemfeknnmifgkfoncjfoohdljddmp\1.26.43_0\extensionData\plugins\91.js"

sh=5352255EEC0A36DD703B32226CC7F65D70F65475 ft=0 fh=0000000000000000 vn="VBS/Kryptik.DY Trojaner (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Roaming\Tny_cassiopesa\UpdateProc\bkup.dat"

sh=05FC70FCA7CCDB54CE3D6778AEADB58A32431BB2 ft=1 fh=704d2e4b074cd8f4 vn="Win32/Adware.ConvertAd.AQ Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Roaming\VOPackage\Uninstall.exe"

sh=F2251A7A386675FE43902ADC0525D33672C8BB84 ft=1 fh=e069b17bc5bd2e6a vn="Variante von Win32/Adware.ConvertAd.KZ.gen Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\AppData\Roaming\VOPackage\VOPackage.exe"

sh=5B95315844B22672C2E867D8E3D45D9F05ED2016 ft=1 fh=6e4c94e41237e20f vn="Win32/Somoto.Q evtl. unerwÃ¼nschte Anwendung (gelÃ¶scht - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\Downloads\setup_Project64_2.2.exe"

sh=A8F7603007D8A682B8FBD4E13860656019F2B9ED ft=1 fh=899932df795582a7 vn="Variante von Win32/InstallCore.ZM evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\Downloads\zipinstall (1).exe"

sh=A8F7603007D8A682B8FBD4E13860656019F2B9ED ft=1 fh=899932df795582a7 vn="Variante von Win32/InstallCore.ZM evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Users\Undertaker\Downloads\zipinstall.exe"

sh=0EC30DF742984EA79C49703698D5777B1BCC6F42 ft=1 fh=e77459d120c26c8f vn="Variante von Win32/TrojanDownloader.Adcurl.A Trojaner (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Windows\eud.exe"

sh=3765E3E87C40F1C09307F4830E0949A69A478516 ft=1 fh=1debd3177207603f vn="Variante von Win32/ClientConnect.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Windows\AppPatch\AppPatch64\VCLdr64.dll"

sh=040A9305A597029A3F386ADBA2FAFBB51A5ECCB7 ft=1 fh=70d6beee8c110f8f vn="Variante von Win32/ClientConnect.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\Windows\AppPatch\nbin\VC32Loader.dll"

sh=0000000000000000000000000000000000000000 ft=- fh=0000000000000000 vn="Mehrere Bedrohungen (Enthielt infizierte Datei(en))" ac=C fn="${Memory}"

ESETSmartInstaller@High as downloader log:

all ok

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# EOSSerial=3443acd88fc8674dac7167902eb27d02

# end=init

# utc_time=2015-06-09 04:31:09

# local_time=2015-06-09 06:31:09 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# osver=6.1.7601 NT Service Pack 1

Update Init

Update Download

Update Finalize

Updated modules version: 24248

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# EOSSerial=3443acd88fc8674dac7167902eb27d02

# end=updated

# utc_time=2015-06-09 04:32:58

# local_time=2015-06-09 06:32:58 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# osver=6.1.7601 NT Service Pack 1

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.7777

# api_version=3.1.1

# EOSSerial=3443acd88fc8674dac7167902eb27d02

# engine=24248

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2015-06-09 06:56:47

# local_time=2015-06-09 08:56:47 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# lang=1031

# osver=6.1.7601 NT Service Pack 1

# compatibility_mode_1='Avira Desktop'

# compatibility_mode=1804 16775165 100 96 251918 299299497 171931 0

# compatibility_mode_1=''

# compatibility_mode=5893 16776573 100 94 101260 185506057 0 0

# scanned=284715

# found=8

# cleaned=8

# scan_time=8628

sh=FDE9F4F014512E0C786BD5EACD3DD5CD8941F860 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.82_0\extensionData\plugins\91.js.vir"

sh=C2CDF8F5CF8F8E7082898326B1937499DEFA5C63 ft=1 fh=4dce2de995a2d99e vn="Variante von Win32/Toolbar.CrossRider.CB evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Undertaker\AppData\Roaming\4TKchDi.exe.vir"

sh=FDE9F4F014512E0C786BD5EACD3DD5CD8941F860 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\Users\Undertaker\AppData\Roaming\Opera Software\Opera Stable\Extensions\papbadoldddalgcjcicnikcfenodpghp\1.26.82_0\extensionData\plugins\91.js.vir"

sh=2AAB40288A33E431480E904BD7A9A9C6D065B3D0 ft=1 fh=b484f4b7f98c653e vn="Variante von Win64/Systweak.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\windows\System32\roboot64.exe.vir"

sh=925C6299BED0F09E398A3E00E7A04C2DE949C169 ft=1 fh=2cb424d9f7c23c92 vn="Win64/AdvancedSystemProtector.A evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\AdwCleaner\Quarantine\C\windows\System32\sasnative64.exe.vir"

sh=C10B86D92672390E8650D4FDD918DBDC92F94841 ft=1 fh=a7217baf7e13087b vn="Win32/TrojanDownloader.Adcurl.D Trojaner (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\FRST\Quarantine\C\windows\meud.exe.xBAD"

sh=FDE9F4F014512E0C786BD5EACD3DD5CD8941F860 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\zoek_backup\C_Users_Undertaker_AppData_Roaming_Opera Software_Opera Stable_Extensions_ablgnpngfaaficpckehadaljnjgjkhbi\1.26.55_0\extensionData\plugins\91.js"

sh=FDE9F4F014512E0C786BD5EACD3DD5CD8941F860 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwÃ¼nschte Anwendung (GesÃ¤ubert durch LÃ¶schen - in QuarantÃ¤ne kopiert)" ac=C fn="C:\zoek_backup\C_Users_Undertaker_AppData_Roaming_Opera Software_Opera Stable_Extensions_fijhlnmmmgflacagjecncpmpnhjieggk\1.26.47_0\extensionData\plugins\91.js"

Ani73

09.06.2015 20:15

hier noch das FRST

Code:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:06-06-2015

Ran by Undertaker (administrator) on UNDERTAKER-PC on 09-06-2015 21:06:30

Running from C:\Users\Undertaker\Downloads

Loaded Profiles: Undertaker (Available Profiles: Undertaker & Shari)

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)

Internet Explorer Version 11 (Default browser not detected!)

Boot Mode: Normal

Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Processes (Whitelisted) =================
 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 

(AMD) C:\Windows\System32\atiesrxx.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe

(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

() C:\Windows\SysWOW64\PnkBstrB.exe

() C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe

(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe

(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe

(AMD) C:\Windows\System32\atieclxx.exe

(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler.exe

(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.27.5\GoogleCrashHandler64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe

(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe

(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe

(Dropbox, Inc.) C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\Dropbox.exe

(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

(1und1 Mail und Media GmbH) C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe

(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe

(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe

(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe

(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe

(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe

(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe

(CyberLink Corp.) C:\Program Files (x86)\CyberLink\Media+Player10\Media+Player10Serv.exe

(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe

() C:\Program Files (x86)\Opera\29.0.1795.60\opera_crashreporter.exe

(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\29.0.1795.60\opera.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 

==================== Registry (Whitelisted) ==================
 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11895400 2011-06-25] (Realtek Semiconductor)

HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2588968 2010-11-13] (ELAN Microelectronics Corp.)

HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\qttask.exe [421888 2012-11-18] (Apple Inc.)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-22] (Advanced Micro Devices, Inc.)

HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2015-01-14] (Samsung Electronics Co., Ltd.)

HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)

HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)

HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [129272 2015-03-16] (Avira Operations GmbH & Co. KG)

HKLM-x32\...\Run: [MailCheck IE Broker] => C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe [2190912 2015-05-06] (1und1 Mail und Media GmbH)

HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [384800 2012-10-16] (Avira Operations GmbH & Co. KG)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Run: [Facebook Update] => C:\Users\Undertaker\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-05-25] (Facebook Inc.)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1565504 2015-01-14] (Samsung)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2015-01-14] (Samsung)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30877280 2014-12-11] (Skype Technologies S.A.)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2892992 2015-06-04] (Valve Corporation)

HKU\S-1-5-21-1335839233-2991384071-368375801-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\windows\system32\Bubbles.scr [899584 2010-11-21] (Microsoft Corporation)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2015-02-01]

ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)

Startup: C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2014-07-25]

ShortcutTarget: Dropbox.lnk -> C:\Users\Undertaker\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
 

==================== Internet (Whitelisted) ====================
 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com

HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com

SearchScopes: HKU\S-1-5-21-1335839233-2991384071-368375801-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)

BHO: WEB.DE MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2015-05-06] (1und1 Mail und Media GmbH)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2015-02-01] (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)

BHO-x32: Samsung BHO Class -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll [2010-10-25] ()

BHO-x32: WEB.DE MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2015-05-06] (1und1 Mail und Media GmbH)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2015-02-01] (Oracle Corporation)

DPF: HKLM {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab

DPF: HKLM {784797A8-342D-4072-9486-03C8D0F2F0A1} hxxp://www.battlefieldheroes.com/static/updater/BFHUpdater_x64_5.0.199.0.cab

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2015-05-06] (1und1 Mail und Media GmbH)

Handler-x32: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files (x86)\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2015-05-06] (1und1 Mail und Media GmbH)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 

FireFox:

========

FF Plugin: @java.com/DTPlugin,version=10.9.2 -> C:\windows\system32\npDeployJava1.dll [2012-11-05] (Oracle Corporation)

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-02-18] ()

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)

FF Plugin-x32: @java.com/DTPlugin,version=10.75.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2015-02-01] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.75.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2015-02-01] (Oracle Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)

FF Plugin-x32: @popularscreensavers.com/Plugin -> C:\Program Files (x86)\PopularScreensavers\NPp5Stub.dll No File

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\6\NP_wtapp.dll [2015-04-27] ()

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)

FF Plugin HKU\S-1-5-21-1335839233-2991384071-368375801-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Undertaker\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)

FF Plugin HKU\S-1-5-21-1335839233-2991384071-368375801-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2013-10-01] ()
 

Chrome: 

=======

CHR Profile: C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Slides) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-05-14]

CHR Extension: (Google Docs) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-14]

CHR Extension: (Google Drive) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-14]

CHR Extension: (YouTube) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-14]

CHR Extension: (Google Search) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-14]

CHR Extension: (Google Sheets) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-05-14]

CHR Extension: (Avira Browser Safety) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-05-14]

CHR Extension: (Bookmark Manager) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-05-14]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-14]

CHR Extension: (Google Wallet) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-15]

CHR Extension: (Gmail) - C:\Users\Undertaker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-14]

CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx

StartMenuInternet: Google Chrome - chrome.exe
 

==================== Services (Whitelisted) =================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [365568 2011-03-22] (Advanced Micro Devices, Inc.) [File not signed]

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84256 2012-10-16] (Avira Operations GmbH & Co. KG)

R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108320 2012-10-16] (Avira Operations GmbH & Co. KG)

R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [201008 2015-03-16] (Avira Operations GmbH & Co. KG)

R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [File not signed]

S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]

R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)

R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [75136 2013-03-11] ()

R2 PnkBstrB; C:\windows\SysWOW64\PnkBstrB.exe [189248 2013-03-11] ()

R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-12-01] () [File not signed]

R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1363160 2014-11-28] (Secunia)

R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [765144 2014-11-28] (Secunia)

R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.)

R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
 

==================== Drivers (Whitelisted) ====================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 

S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310984 2013-07-28] ()

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [99248 2012-09-13] (Avira Operations GmbH & Co. KG)

R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [129216 2012-10-04] (Avira Operations GmbH & Co. KG)

R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27800 2012-09-24] (Avira Operations GmbH & Co. KG)

R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [42696 2013-07-28] ()

R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2014-11-28] (Secunia)

S3 rtport; C:\windows\SysWOW64\drivers\rtport.sys [15144 2012-01-16] (Windows (R) 2003 DDK 3790 provider)

S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]

S3 RkHit; \??\C:\windows\system32\drivers\RKHit.sys [X]

S3 taphss6; system32\DRIVERS\taphss6.sys [X]
 

==================== NetSvcs (Whitelisted) ===================
 

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 

==================== One Month Created files and folders ========
 

(If an entry is included in the fixlist, the file/folder will be moved.)
 

2015-06-08 17:21 - 2015-06-08 17:21 - 00243592 _____ C:\Users\Undertaker\Downloads\Firefox Setup Stub 38.0.5 (1).exe

2015-06-08 17:16 - 2015-06-08 17:16 - 00243592 _____ C:\Users\Undertaker\Downloads\Firefox Setup Stub 38.0.5.exe

2015-06-08 16:28 - 2015-06-08 13:06 - 00024064 _____ C:\windows\zoek-delete.exe

2015-06-08 13:58 - 2015-06-08 16:51 - 00000000 ____D C:\zoek

2015-06-08 13:10 - 2015-06-08 16:51 - 00059803 _____ C:\zoek-results.log

2015-06-08 13:06 - 2015-06-08 16:08 - 00000000 ____D C:\zoek_backup

2015-06-08 13:05 - 2015-06-08 13:06 - 01308672 _____ C:\Users\Undertaker\Downloads\zoek.exe

2015-06-07 23:20 - 2015-06-07 23:20 - 00041826 _____ C:\Users\Undertaker\Desktop\FRST.txt

2015-06-07 22:46 - 2015-06-07 22:48 - 00135230 _____ C:\Users\Undertaker\Desktop\auswahl.txt

2015-06-07 20:40 - 2015-06-07 20:40 - 00000000 ____D C:\Users\Undertaker\Downloads\RevoUninstallerPortable

2015-06-07 20:39 - 2015-06-07 20:40 - 02785665 _____ (PortableApps.com) C:\Users\Undertaker\Downloads\RevoUninstallerPortable_1.95_Rev_2.paf.exe

2015-06-06 23:04 - 2015-06-06 23:04 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\Avira

2015-06-06 22:58 - 2015-06-06 22:58 - 00001954 _____ C:\Users\Public\Desktop\Avira Control Center.lnk

2015-06-06 22:57 - 2012-10-04 12:07 - 00129216 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys

2015-06-06 22:57 - 2012-09-24 09:58 - 00027800 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avkmgr.sys

2015-06-06 22:57 - 2012-09-13 15:52 - 00099248 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys

2015-06-06 21:36 - 2015-06-06 23:28 - 00001062 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

2015-06-06 21:32 - 2015-06-06 21:34 - 21546080 _____ (Malwarebytes Corporation ) C:\Users\Undertaker\Downloads\mbam-setup-2.1.6.1022.exe

2015-06-06 21:17 - 2015-06-08 22:34 - 00048165 _____ C:\Users\Undertaker\Downloads\Addition.txt

2015-06-06 21:12 - 2015-06-09 21:06 - 00020235 _____ C:\Users\Undertaker\Downloads\FRST.txt

2015-06-06 21:11 - 2015-06-06 21:11 - 02108928 _____ (Farbar) C:\Users\Undertaker\Downloads\FRST64.exe

2015-06-06 19:22 - 2015-06-07 21:07 - 00000000 ____D C:\AdwCleaner

2015-06-06 13:50 - 2015-06-07 22:10 - 00173056 _____ C:\windows\Provider.dll

2015-06-06 13:50 - 2015-06-07 22:10 - 00000000 ____D C:\windows\Provider32

2015-06-06 13:50 - 2015-06-07 20:51 - 00173056 _____ C:\windows\Provider20150607221036.dll

2015-06-06 13:50 - 2015-06-07 19:50 - 00173056 _____ C:\windows\Provider20150607205118.dll

2015-06-06 13:50 - 2015-06-06 23:54 - 00173056 _____ C:\windows\Provider20150607195041.dll

2015-06-06 13:50 - 2015-06-06 22:06 - 00173056 _____ C:\windows\Provider20150606235357.dll

2015-06-06 13:50 - 2015-06-06 19:55 - 00173056 _____ C:\windows\Provider20150606220627.dll

2015-06-06 13:50 - 2015-06-06 18:06 - 00173056 _____ C:\windows\Provider20150606195541.dll

2015-06-06 13:50 - 2015-06-06 16:53 - 00173056 _____ C:\windows\Provider20150606180602.dll

2015-06-06 13:50 - 2015-06-06 15:52 - 00173056 _____ C:\windows\Provider20150606165333.dll

2015-06-06 13:50 - 2015-06-06 14:51 - 00173056 _____ C:\windows\Provider20150606155257.dll

2015-06-06 13:50 - 2015-06-06 13:50 - 00718497 _____ C:\windows\unins000.exe

2015-06-06 13:50 - 2015-06-06 13:50 - 00010273 _____ C:\windows\unins000.dat

2015-06-06 13:50 - 2015-06-02 18:30 - 00173056 _____ C:\windows\Provider20150606145136.dll

2015-06-06 13:50 - 2015-06-02 18:30 - 00101888 _____ C:\windows\Installer.exe

2015-06-06 13:48 - 2015-06-06 13:48 - 02231296 _____ C:\Users\Undertaker\Downloads\AdwCleaner_4.206.exe

2015-06-06 13:42 - 2015-06-06 13:42 - 02870984 _____ (ESET) C:\Users\Undertaker\Downloads\esetsmartinstaller_deu.exe

2015-06-06 13:26 - 2015-06-06 13:26 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Chromium

2015-06-06 13:20 - 2015-06-06 13:26 - 00000000 ___HD C:\ProgramData\eud

2015-06-06 13:18 - 2015-06-06 22:19 - 00000004 _____ C:\windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7

2015-06-06 13:16 - 2015-06-06 13:16 - 00631296 _____ C:\windows\eud.dat

2015-06-06 13:06 - 2015-06-06 13:20 - 00000684 _____ C:\Users\Undertaker\Downloads\project64                         .website

2015-06-06 13:06 - 2015-06-06 13:20 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Deployment

2015-06-06 13:06 - 2015-06-06 13:06 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Apps\2.0

2015-06-06 12:53 - 2015-06-06 12:53 - 00001285 _____ C:\Users\Undertaker\Desktop\setup_Project64_2.2.exe - Verknüpfung.lnk

2015-06-06 12:45 - 2015-06-06 12:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Project 64 2.2

2015-06-06 12:45 - 2015-06-06 12:53 - 00000000 ____D C:\Program Files (x86)\Project64 2.2

2015-06-06 12:39 - 2015-06-06 12:39 - 12699289 _____ C:\Users\Undertaker\Downloads\Mario Kart 64 (E).zip

2015-06-06 12:35 - 2015-06-06 12:35 - 08388608 _____ C:\Users\Undertaker\Downloads\Super Mario 64 (D, F, E) (1).v64

2015-06-06 12:34 - 2015-06-06 12:46 - 00001089 _____ C:\Users\Public\Desktop\Opera.lnk

2015-06-06 12:34 - 2015-06-06 12:34 - 00003862 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1433586837

2015-06-06 12:34 - 2015-06-06 12:34 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\Opera Software

2015-06-06 12:34 - 2015-06-06 12:34 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Opera Software

2015-06-06 12:34 - 2015-06-06 12:33 - 00001095 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk

2015-06-06 12:33 - 2015-06-08 23:38 - 00000000 ____D C:\Program Files (x86)\Opera

2015-06-06 12:33 - 2015-06-06 12:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip

2015-06-06 12:33 - 2015-06-06 12:33 - 00000000 ____D C:\Program Files (x86)\7-Zip

2015-06-06 12:32 - 2015-06-06 16:12 - 00000000 ____D C:\Program Files (x86)\MiuiTab

2015-06-06 12:32 - 2015-06-06 12:31 - 01200163 _____ C:\Users\Undertaker\Downloads\7zip.exe

2015-06-06 12:21 - 2015-06-06 12:46 - 00001311 _____ C:\Users\Public\Desktop\NAVIGON Fresh.lnk

2015-06-06 12:21 - 2015-06-06 12:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NAVIGON

2015-06-06 12:21 - 2015-06-06 12:21 - 00000000 ____D C:\ProgramData\boost_interprocess

2015-06-05 22:10 - 2015-06-05 22:11 - 01089752 _____ (Unity Technologies ApS) C:\Users\Undertaker\Downloads\UnityWebPlayer (1).exe

2015-06-04 14:56 - 2015-06-04 14:56 - 00983949 _____ C:\Users\Undertaker\Downloads\Super Mario Allstars (E).zip

2015-06-04 14:35 - 2015-06-04 14:36 - 06347644 _____ C:\Users\Undertaker\Downloads\Super Mario 64 (D, F, E) (1).zip

2015-06-04 12:44 - 2015-06-04 12:45 - 06347644 _____ C:\Users\Undertaker\Downloads\Super Mario 64 (D, F, E).zip

2015-06-04 12:39 - 2015-01-30 06:22 - 00000073 ____R C:\Users\Undertaker\Downloads\PokeMMO.sh

2015-06-02 22:00 - 2015-06-04 12:42 - 13171110 _____ C:\Users\Undertaker\Desktop\PokeMMO-Client (2).zip

2015-05-17 16:12 - 2015-05-17 16:12 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Sonic7

2015-05-15 09:45 - 2015-05-15 09:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WEB.DE MailCheck

2015-05-15 09:45 - 2015-05-15 09:45 - 00000000 ____D C:\Program Files\WEB.DE MailCheck

2015-05-15 09:45 - 2015-05-15 09:45 - 00000000 ____D C:\Program Files (x86)\WEB.DE MailCheck

2015-05-14 20:59 - 2015-05-14 20:59 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Steam

2015-05-14 20:50 - 2015-06-08 23:34 - 00000000 ____D C:\Program Files (x86)\Steam

2015-05-14 20:50 - 2015-05-14 20:50 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

2015-05-14 20:47 - 2015-05-14 20:47 - 01142128 _____ C:\Users\Undertaker\Downloads\SteamSetup.exe

2015-05-14 19:49 - 2015-05-14 19:49 - 00000000 ____D C:\ProgramData\UUdb

2015-05-14 09:38 - 2015-06-06 13:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
 

==================== One Month Modified files and folders ========
 

(If an entry is included in the fixlist, the file/folder will be moved.)
 

2015-06-09 21:06 - 2014-01-02 17:54 - 00000000 ____D C:\FRST

2015-06-09 20:52 - 2013-04-20 10:22 - 00001110 _____ C:\windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-06-09 20:34 - 2015-04-14 19:11 - 00778416 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe

2015-06-09 20:34 - 2015-04-14 19:11 - 00142512 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl

2015-06-09 20:34 - 2015-04-14 19:11 - 00003822 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater

2015-06-09 20:34 - 2015-04-14 19:11 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job

2015-06-09 20:15 - 2011-10-20 01:52 - 01469342 _____ C:\windows\WindowsUpdate.log

2015-06-09 19:28 - 2012-12-04 14:05 - 00000948 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1335839233-2991384071-368375801-1000UA.job

2015-06-09 18:40 - 2012-12-04 14:05 - 00000926 _____ C:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1335839233-2991384071-368375801-1000Core.job

2015-06-09 18:30 - 2009-07-14 06:45 - 00028624 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-06-09 18:30 - 2009-07-14 06:45 - 00028624 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-06-09 18:29 - 2013-04-20 10:22 - 00001106 _____ C:\windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-06-08 23:39 - 2014-04-11 20:58 - 00000000 ____D C:\Users\Undertaker\AppData\Local\LogMeIn Hamachi

2015-06-08 23:37 - 2014-07-25 18:13 - 00000000 ___RD C:\Users\Undertaker\Dropbox

2015-06-08 23:37 - 2014-07-25 18:11 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\Dropbox

2015-06-08 23:33 - 2013-04-06 00:59 - 00080477 _____ C:\windows\setupact.log

2015-06-08 23:33 - 2009-07-14 07:08 - 00000006 ____H C:\windows\Tasks\SA.DAT

2015-06-08 16:50 - 2014-05-22 17:16 - 00000008 __RSH C:\ProgramData\ntuser.pol

2015-06-08 16:49 - 2013-04-06 00:52 - 01088286 _____ C:\windows\PFRO.log

2015-06-08 15:58 - 2009-07-14 05:20 - 00000000 ___HD C:\windows\system32\GroupPolicy

2015-06-08 15:58 - 2009-07-14 05:20 - 00000000 ____D C:\windows\SysWOW64\GroupPolicy

2015-06-07 22:50 - 2013-04-07 15:58 - 00000000 ____D C:\windows\ERUNT

2015-06-07 21:35 - 2014-05-22 19:43 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys

2015-06-07 21:06 - 2012-10-30 15:16 - 00000000 ____D C:\Users\Undertaker

2015-06-07 20:51 - 2013-03-28 23:41 - 00000000 ____D C:\Users\Undertaker\AppData\Local\CrashDumps

2015-06-07 19:09 - 2012-11-05 13:32 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\Skype

2015-06-06 23:28 - 2014-05-22 19:42 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-06-06 23:28 - 2014-05-22 19:42 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-06-06 22:58 - 2012-10-30 16:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira

2015-06-06 22:56 - 2012-10-30 16:18 - 00000000 ____D C:\Program Files (x86)\Avira

2015-06-06 22:44 - 2012-10-30 16:18 - 00000000 ____D C:\ProgramData\Avira

2015-06-06 22:43 - 2012-12-06 16:46 - 00000000 ____D C:\windows\Minidump

2015-06-06 12:46 - 2015-04-17 20:10 - 00002568 _____ C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DC Universe Online.lnk

2015-06-06 12:46 - 2015-02-01 15:26 - 00001761 _____ C:\Users\Public\Desktop\iTunes.lnk

2015-06-06 12:46 - 2015-01-28 20:02 - 00001242 _____ C:\Users\Undertaker\Desktop\Revo Uninstaller.lnk

2015-06-06 12:46 - 2014-08-14 23:40 - 00001415 _____ C:\Users\Shari\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

2015-06-06 12:46 - 2014-05-19 11:26 - 00002190 _____ C:\Users\Public\Desktop\Google Earth.lnk

2015-06-06 12:46 - 2013-08-12 21:43 - 00002096 _____ C:\Users\Public\Desktop\Video Search.lnk

2015-06-06 12:46 - 2012-11-24 13:01 - 00001426 _____ C:\Users\Undertaker\Desktop\Registry kostenlos entrümpeln!.lnk

2015-06-06 12:46 - 2012-11-04 12:00 - 00001768 _____ C:\Users\Public\Desktop\Browserwahl.lnk

2015-06-06 11:18 - 2012-11-06 14:44 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\.minecraft

2015-05-24 18:06 - 2011-10-20 01:00 - 00700134 _____ C:\windows\system32\perfh007.dat

2015-05-24 18:06 - 2011-10-20 01:00 - 00149984 _____ C:\windows\system32\perfc007.dat

2015-05-24 18:06 - 2009-07-14 07:13 - 01622236 _____ C:\windows\system32\PerfStringBackup.INI

2015-05-22 20:33 - 2015-02-18 15:50 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\vlc

2015-05-17 15:47 - 2013-04-20 10:22 - 00004106 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA

2015-05-17 15:47 - 2013-04-20 10:22 - 00003854 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore

2015-05-16 13:54 - 2012-10-30 16:02 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\Adobe

2015-05-15 20:08 - 2013-03-14 21:43 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2015-05-15 20:08 - 2013-03-14 21:43 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2015-05-15 15:41 - 2012-11-08 16:36 - 01649854 _____ C:\windows\SysWOW64\PerfStringBackup.INI

2015-05-15 15:41 - 2012-11-08 16:36 - 00000000 ____D C:\Program Files (x86)\Microsoft Application Virtualization Client

2015-05-15 15:40 - 2014-07-10 17:17 - 00000000 ____D C:\ProgramData\Microsoft Help

2015-05-15 15:40 - 2013-07-31 20:03 - 00000000 ____D C:\windows\system32\MRT

2015-05-15 15:12 - 2012-11-08 16:16 - 140425016 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

2015-05-15 15:06 - 2013-03-14 21:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2015-05-14 19:49 - 2013-05-10 12:24 - 00003892 _____ C:\windows\System32\Tasks\Registration 1und1 Task

2015-05-14 19:49 - 2013-05-10 12:24 - 00000000 ____D C:\Program Files (x86)\1und1Softwareaktualisierung

2015-05-14 09:38 - 2013-04-20 10:22 - 00000000 ____D C:\Users\Undertaker\AppData\Local\Google

2015-05-14 09:38 - 2013-04-20 10:22 - 00000000 ____D C:\Program Files (x86)\Google

2015-05-13 16:36 - 2014-07-25 18:12 - 00000000 ____D C:\Users\Undertaker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
 

==================== Files in the root of some directories =======
 

2013-03-28 23:41 - 2013-03-28 23:41 - 0003584 _____ () C:\Users\Undertaker\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2014-03-04 22:26 - 2014-03-04 22:26 - 0091848 _____ () C:\Users\Undertaker\AppData\Local\ext_offermosquito_uninst.exe

2013-02-28 21:15 - 2014-03-14 14:34 - 1145382 ____N () C:\Users\Undertaker\AppData\Local\Tempmusic.ogg

2011-10-19 10:21 - 2011-10-19 10:22 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log

2011-10-19 10:07 - 2011-10-19 10:08 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log

2011-10-19 10:15 - 2011-10-19 10:17 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log

2011-10-19 10:09 - 2011-10-19 10:15 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log

2011-10-19 10:17 - 2011-10-19 10:21 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
 

Some files in TEMP:

====================

C:\Users\Undertaker\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwmh6wl.dll
 
 

==================== Bamital & volsnap Check =================
 

(There is no automatic fix for files that do not pass verification.)
 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 

LastRegBack: 2015-06-03 22:57
 

==================== End of log ============================

LG Ani

deeprybka

10.06.2015 08:08

http://www.trojaner-board.de/extra/lesestoff.pngGibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

Ani73

10.06.2015 11:04

Hallo Jürgen,
soweit arbeitet der Lappi wieder ganz normal.
Ich danke Dir recht herzlich für die Hilfe.
Ich habe allerdings noch eine weitere kurze Frage. Ich habe hier auf einem
Laufwerk sehr viele Backup Dateien. Kann ich die einfach so löschen und
immer die Neueste behalten? Denn das Laufwerk ist proppenvoll.

Danke und lg
Ani

deeprybka

10.06.2015 13:17

Melde mich heute abend ausführlicher. ;)

Ani73

14.06.2015 21:18

Hallo
Ich dachte ich melde mich nochmal weil in den letzten Tagen nichts mehr kam. Muss ich noch die Programme bereinigen?
LG Ani

deeprybka

14.06.2015 21:26

Hallo,
Du hättest nach 24 Stunden eine PN schicken sollen, steht in meinem 1. Posting. Hab das übersehen, weil ich ja schon geantwortet hatte. ;)

Java 7 Update 75 das bitte deinstallieren und bei Bedarf mit der aktuellen Version ersetzen.

Nach der Ausführung von DelFix kannst Du ein neues Systembackup machen. Wie das geht ist weiter unten verlinkt.

>>clean<<
Wir haben es geschafft! :abklatsch:
Die Logs sehen für mich im Moment sauber aus.

Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:
Es bleibt mir nur noch, Dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen. ;)

http://deeprybka.trojaner-board.de/b...cleanupneu.png
Cleanup:
(Die Reihenfolge ist hier entscheidend)

Falls Defogger verwendet wurde: Erneut starten und auf Re-enable klicken.

Falls Combofix verwendet wurde:
http://deeprybka.trojaner-board.de/b.../combofix2.pngCombofix deinstallieren

Wichtig: Bitte Antivirus-Programm, evtl. vorhandenes Skript-Blocking und Anti-Malware Programme deaktivieren.
Drücke bitte die http://deeprybka.trojaner-board.de/b...ne/revo/w7.png + R Taste und schreibe Combofix /Uninstall in das Ausführen-Fenster.
Klicke auf OK.
Damit wird Combofix komplett entfernt und der Cache der Systemwiederherstellung geleert.
Nun die eben deaktivierten Programme wieder aktivieren.

Alle Logs gepostet? Dann lade Dir bitte http://filepony.de/icon/tiny/delfix.pngDelFix herunter.

Schließe alle offenen Programme.
Starte die delfix.exe mit einem Doppelklick.
Setze vor jede Funktion ein Häkchen.
Klicke auf Start.

Hinweis: DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner abschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.

http://deeprybka.trojaner-board.de/b...ast/schild.png
Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:

Browser
Java
Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.

Verwende ein Antivirusprogramm mit Echtzeitscanner und stets aktueller Signaturendatenbank.

Meine Kauf-Empfehlung:

http://deeprybka.trojaner-board.de/eset/ESS.png
ESET Smart Security

Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware scannen.

Optional:
http://filepony.de/icon/noscript.png NoScript verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.
http://filepony.de/icon/malwarebytes_anti_exploit.pngMalwarebytes Anti Exploit: Schützt die Anwendungen des Computers vor der Ausnutzung bekannter Schwachstellen.

Lade Software von einem sauberen Portal wie http://filepony.de/images/microbanner.gif.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .

Abschließend noch ein paar grundsätzliche Bemerkungen:
Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.

Ani73

15.06.2015 17:31

Hallo,
so jetzt hab ich alles drüberlaufen lassen und auch das delfix. Läuft alles wie geschmiert.

Vielen lieben Dank

LG
Ani

deeprybka

15.06.2015 17:57

Gerne. Machs gut! ;)

Alle Zeitangaben in WEZ +1. Es ist jetzt 09:41 Uhr.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55