Ach verdammt,
Nein es war nicht beabsichtigt, das gutscheinfinder auf meinem Pc ist!!!!!
Code:
Alles auswählen Aufklappen ATTFilter
Zoek.exe Version 4.0.0.2 Updated 06-May-2013
Tool run by Yannick on 11.05.2013 at 12:19:56,53.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
==== Older Logs ======================
C:\zoek-results11.05.2013-1022.log 212 bytes
C:\zoek-results11.05.2013-1047.log 69032 bytes
==== Possible Rootkit Infection ======================
C:\Windows\assembly\GAC_32\Desktop.ini
C:\Windows\assembly\GAC_64\Desktop.ini
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1753359733-455865676-2801917362-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Registry Fix Code x64 ======================
Windows Registry Editor Version 5.00
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sweetpacks Communicator]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SweetIM]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Ocs_SM]
==== Deleting Files \ Folders ======================
"C:\Program Files (x86)\SmartPCFix" not found
"C:\Program Files (x86)\Common Files\Wondershare" not found
"C:\Windows\wininit.ini" deleted
"C:\Windows\tasks\SmartPCFix Task.job" deleted
"C:\Users\Yannick\Downloads\SoftonicDownloader_fuer_vegas-pro.exe" deleted
"C:\Users\Yannick\Downloads\fl11.exe" deleted
"C:\users\Yannick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker" deleted
"C:\Users\Yannick\AppData\Local\DownloadGuide" deleted
"C:\Users\Yannick\Local Settings\Application Data\Bundled software uninstaller" deleted
"C:\users\Yannick\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}" deleted
"C:\users\Yannick\AppData\Local\Wondershare" deleted
"C:\Program Files (x86)\Wondershare" deleted
"C:\users\Yannick\AppData\Roaming\SimplyTech" deleted
"C:\users\Yannick\AppData\Roaming\HomeTab" deleted
"C:\users\Yannick\AppData\Locallow\HomeTab" deleted
==== Firefox Extensions ======================
ProfilePath: C:\Users\Yannick\AppData\Roaming\Mozilla\Firefox\Profiles\5tuanbyy.default
- DealPly Shopping - %ProfilePath%\extensions\amo@dealplyshopping.com
- Battlefield Heroes Updater - %ProfilePath%\extensions\battlefieldheroespatcher@ea.com
- Battlefield Play4Free - %ProfilePath%\extensions\battlefieldplay4free@ea.com
- GutscheinCodes.de GutscheinFinder - %ProfilePath%\extensions\jid0-hjoQNmABq6jg91jHpQyvgJUouUPjetpack
- Better Battlelog BBLog - %ProfilePath%\extensions\jid1-qQSMEVsYTOjgYA@jetpack
- Flagfox - %ProfilePath%\extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}
- HomeTab - %ProfilePath%\extensions\{aa9cc3fa-a5e4-449b-aab5-1ebdbc7314ee}
- Personas Plus - %ProfilePath%\extensions\personas@christopher.beard.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
- FoxTab - %ProfilePath%\extensions\{ef4e370e-d9f0-4e00-b93e-a4f274cfdd5a}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Yannick\AppData\Roaming\Mozilla\Firefox\Profiles\5tuanbyy.default
F7E72D3A281F922BACEC1A71A826D4C2 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_169.dll - Shockwave Flash
7D35CB60201CED2F01AE06F1816231E2 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.100.18
FEF9ECECFA177AEC0F7564A08394D2C8 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit)
0ABF093757E9C827E30EC652868E5FAC - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit)
06E140A567B8DC7900173197FD059EE5 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit)
558270B968CB82196CB8D045D13B0FF6 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin
7C0C6F7B9C0CD4162D33276FDEBC86F7 - C:\Users\Yannick\AppData\Roaming\Mozilla\Firefox\Profiles\5tuanbyy.default\extensions\battlefieldheroespatcher@ea.com\plugins\npBFHUpdater.dll - EA Battlefield Heroes Updater
2B737A92C7C327E48C735B3060DB85A8 - C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll - PDF-XChange Viewer
6846D2CA7E1D5937AEE3F99BB7F5464B - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll - Shockwave for Director / Shockwave for Director
BF6273472DCAD201B029131D4AC6DDE3 - C:\Users\Yannick\AppData\Roaming\Mozilla\Firefox\Profiles\5tuanbyy.default\extensions\battlefieldplay4free@ea.com\plugins\npBP4FUpdater.dll - Battlefield Play4Free Updater
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System
==== Deleting Files \ Folders ======================
"C:\Users\Yannick\AppData\Roaming\Mozilla\Firefox\Profiles\5tuanbyy.default\extensions\amo@dealplyshopping.com" deleted
"C:\Users\Yannick\AppData\Roaming\Mozilla\Firefox\Profiles\5tuanbyy.default\extensions\{aa9cc3fa-a5e4-449b-aab5-1ebdbc7314ee}" deleted
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
didlmjkkjfegblmkekbhgpefajgikncm - C:\Program Files (x86)\GutscheinFinder\gutscheincodes.crx[19.03.2013 18:07]
djbdlklldbflagkkpaljamjfbpefcbpf - C:\Program Files (x86)\HomeTab\chrome\HomeTab.crx[24.03.2013 05:22]
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[29.11.2012 21:35]
pgafcinpmmpklohkojmllohdhomoefph - C:\ProgramData\BrowserProtect\2.6.1125.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.crx[]
Google Drive - Yannick - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Yannick - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Yannick - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Kaspersky URL Advisor - Yannick - Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj
GutscheinCodes.de GutscheinFinder - Yannick - Default\Extensions\didlmjkkjfegblmkekbhgpefajgikncm
HomeTab - Yannick - Default\Extensions\djbdlklldbflagkkpaljamjfbpefcbpf
Delta Toolbar - Yannick - Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Safe Money - Yannick - Default\Extensions\hakdifolhalapjijoafobooafbilfakh
Content Blocker - Yannick - Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail
RealDownloader - Yannick - Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji
Virtual Keyboard - Yannick - Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh
SmallringFX DarkBlue Theme - Yannick - Default\Extensions\kbfijmgohofmpjlcgmjplbpmkpchdhpk
BrowserProtect - Yannick - Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Gmail - Yannick - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Anti-Banner - Yannick - Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman
==== Chrome Fix ======================
C:\Users\Yannick\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully
C:\Users\Yannick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgafcinpmmpklohkojmllohdhomoefph deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1753359733-455865676-2801917362-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{96edaac7-6183-4cb5-8823-b8b12d94f967} deleted successfully
HKEY_USERS\S-1-5-21-1753359733-455865676-2801917362-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{96edaac7-6183-4cb5-8823-b8b12d94f967} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{96edaac7-6183-4cb5-8823-b8b12d94f967} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96edaac7-6183-4cb5-8823-b8b12d94f967} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{96edaac7-6183-4cb5-8823-b8b12d94f967} deleted successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph deleted successfully
11.05.2013, 11:32
Hybrid-Darstellung
