![]() |
|
Log-Analyse und Auswertung: Hola Search komplett entfernenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
![]() | #1 |
![]() | ![]() Hola Search komplett entfernen Hallo, ich bin neu hier. Danke, dass ihr hier Hilfe anbietet! Beim Download eines Spiels (Trial-Version) hat sich auf meinem Laptop (Win 7 64bit) Hola Search installiert. Ich habe schon ein wenig nachgelesen und habe bisher folgendes unternommen: - Auf Firefox die Add-ons deinstalliert - Unter Suchmaschine Hola Search gelöscht - alles sichtbare über Systemsteuerung deinstalliert - AdwCleaner Scan durchgeführt - DDS+ Scan durchgeführt Hier die 3 Logs: AdwCleaner Code:
ATTFilter # AdwCleaner v2.305 - Datei am 11/07/2013 um 22:27:04 erstellt # Aktualisiert am 11/07/2013 von Xplode # Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits) # Benutzer : Cyrill Oberholzer - EXTENSA # Bootmodus : Normal # Ausgeführt unter : A:\Users\Cyrill Oberholzer\Desktop\adwcleaner.exe # Option [Löschen] **** [Dienste] **** ***** [Dateien / Ordner] ***** Datei Gelöscht : C:\Users\Cyrill Oberholzer\AppData\Roaming\Mozilla\Firefox\Profiles\6hnt4jt3.default\searchplugins\holasearch.xml Ordner Gelöscht : C:\Program Files (x86)\FreeRIP3 Ordner Gelöscht : C:\ProgramData\Babylon Ordner Gelöscht : C:\ProgramData\FreeRIP Ordner Gelöscht : C:\ProgramData\IBUpdaterService Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeRIP3 Ordner Gelöscht : C:\ProgramData\Partner Ordner Gelöscht : C:\ProgramData\Trymedia Ordner Gelöscht : C:\Users\Cyrill Oberholzer\AppData\Roaming\Babylon Ordner Gelöscht : C:\Users\Cyrill Oberholzer\AppData\Roaming\PerformerSoft Ordner Gelöscht : C:\Users\CYRILL~1\AppData\Local\Temp\boost_interprocess ***** [Registrierungsdatenbank] ***** Schlüssel Gelöscht : HKCU\Software\BabSolution Schlüssel Gelöscht : HKCU\Software\Softonic Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C} Schlüssel Gelöscht : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C} Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785} ***** [Internet Browser] ***** -\\ Internet Explorer v10.0.9200.16635 Ersetzt : [HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.holasearch.com/?babsrc=HP_ss&mntrId=9AC0C80AA94A8D71&affID=121963&tsp=4940 --> hxxp://www.google.com -\\ Mozilla Firefox v21.0 (de) Datei : C:\Users\Cyrill Oberholzer\AppData\Roaming\Mozilla\Firefox\Profiles\6hnt4jt3.default\prefs.js C:\Users\Cyrill Oberholzer\AppData\Roaming\Mozilla\Firefox\Profiles\6hnt4jt3.default\user.js ... Gelöscht ! Gelöscht : user_pref("extensions.holasearch.admin", false); Gelöscht : user_pref("extensions.holasearch.aflt", "babsst"); Gelöscht : user_pref("extensions.holasearch.appId", "{8D5CFE57-B0FD-4396-97A2-DFD0B7DA935B}"); Gelöscht : user_pref("extensions.holasearch.autoRvrt", "false"); Gelöscht : user_pref("extensions.holasearch.dfltLng", "de"); Gelöscht : user_pref("extensions.holasearch.excTlbr", false); Gelöscht : user_pref("extensions.holasearch.ffxUnstlRst", false); Gelöscht : user_pref("extensions.holasearch.id", "9ac004fa000000000000c80aa94a8d71"); Gelöscht : user_pref("extensions.holasearch.instlDay", "15897"); Gelöscht : user_pref("extensions.holasearch.instlRef", "sst"); Gelöscht : user_pref("extensions.holasearch.newTab", false); Gelöscht : user_pref("extensions.holasearch.prdct", "holasearch"); Gelöscht : user_pref("extensions.holasearch.prtnrId", "holasearch"); Gelöscht : user_pref("extensions.holasearch.rvrt", "false"); Gelöscht : user_pref("extensions.holasearch.smplGrp", "none"); Gelöscht : user_pref("extensions.holasearch.tlbrId", "base"); Gelöscht : user_pref("extensions.holasearch.tlbrSrchUrl", ""); Gelöscht : user_pref("extensions.holasearch.vrsn", "1.8.16.16"); Gelöscht : user_pref("extensions.holasearch.vrsnTs", "1.8.16.1617:28:09"); Gelöscht : user_pref("extensions.holasearch.vrsni", "1.8.16.16"); Datei : C:\Users\Mami & Papi\AppData\Roaming\Mozilla\Firefox\Profiles\q76snd8p.default\prefs.js [OK] Die Datei ist sauber. Datei : C:\Users\Papi\AppData\Roaming\Mozilla\Firefox\Profiles\c77yqdn9.default\prefs.js [OK] Die Datei ist sauber. ************************* AdwCleaner[S1].txt - [4152 octets] - [11/07/2013 22:27:04] ########## EOF - C:\AdwCleaner[S1].txt - [4212 octets] ########## DDS Code:
ATTFilter DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16635 BrowserJavaVersion: 10.25.2 Run by Cyrill Oberholzer at 22:35:13 on 2013-07-11 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.41.1031.18.4061.2402 [GMT 2:00] . AV: G Data InternetSecurity 2014 *Enabled/Updated* {39B780B4-63C2-05B0-3B40-8F7A21E4F496} SP: G Data InternetSecurity 2014 *Enabled/Updated* {82D66150-45F8-0A3E-01F0-B4085A63BE2B} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: G Data Personal Firewall *Disabled* {018C0191-29AD-04E8-101F-264FDF37B3ED} . ============== Running Processes =============== . C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\atieclxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe C:\Program Files\Acer\Empowering Technology\Service\ETService.exe C:\Program Files (x86)\Acer\Registration\GregHSRW.exe C:\Windows\system32\svchost.exe -k HsfXAudioService C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\Acer\Acer Updater\UpdaterService.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Windows\PLFSetI.exe C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe C:\Users\CYRILL~1\AppData\Local\Temp\RtkBtMnt.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\Launch Manager\LManager.EXE C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\servicing\TrustedInstaller.exe C:\Program Files (x86)\Common Files\G DATA\AVKProxy\GdBgInx64.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKBap64.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe C:\Windows\system32\sppsvc.exe C:\Windows\explorer.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.com uDefault_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0807&m=extensa_7630g&r=27361210i316l0413z195i5691u925 mWinlogon: Userinit = userinit.exe BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned> BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.EXE mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [G Data AntiVirus Tray] C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe mRun: [GDFirewallTray] C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: An OneNote s&enden - C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: Nach Microsoft E&xcel exportieren - C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll TCP: NameServer = 212.98.37.128 194.230.55.99 TCP: Interfaces\{7BED5AE8-A88C-4166-9466-41EA1523D22E} : DHCPNameServer = 212.98.37.128 194.230.55.99 TCP: Interfaces\{99944344-D00D-4FD7-ACAE-2B278924A03B}\430303030243030303 : DHCPNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL SSODL: WebCheck - <orphaned> x64-mWinlogon: Userinit = C:\Windows\System32\userinit.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [ePower_DMC] C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe x64-Run: [PLFSetI] C:\Windows\PLFSetI.exe x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Cyrill Oberholzer\AppData\Roaming\Mozilla\Firefox\Profiles\6hnt4jt3.default\ FF - prefs.js: browser.startup.homepage - google.ch FF - component: C:\Program Files (x86)\Mozilla Firefox\extensions\{906305f7-aafc-45e9-8bbd-941950a84dad}\components\BanksafeXPCOM.dll FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Cyrill Oberholzer\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1168638.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll FF - plugin: C:\Windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\Windows\SysWOW64\npmproxy.dll . ============= SERVICES / DRIVERS =============== . R0 GDBehave;GDBehave;C:\Windows\System32\drivers\GDBehave.sys [2013-6-28 60248] R1 GDMnIcpt;GDMnIcpt;C:\Windows\System32\drivers\MiniIcpt.sys [2013-6-28 130392] R1 gdwfpcd;G Data WFP CD;C:\Windows\System32\drivers\gdwfpcd64.sys [2013-6-28 64856] R1 HookCentre;HookCentre;C:\Windows\System32\drivers\HookCentre.sys [2013-6-28 65368] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2010-1-9 203264] R2 AVKProxy;G Data AntiVirus Proxy;C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [2013-3-22 1957840] R2 AVKService;G Data Scheduler;C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKService.exe [2013-2-25 635344] R2 AVKWCtl;G Data Dateisystem Wächter;C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe [2013-6-21 2555360] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] R2 ETService;Empowering Technology Service;C:\Program Files\Acer\Empowering Technology\Service\ETService.exe [2010-1-9 24576] R2 Greg_Service;GRegService;C:\Program Files (x86)\Acer\Registration\GregHSRW.exe [2009-8-28 1150496] R2 HsfXAudioService;HsfXAudioService;C:\Windows\System32\svchost.exe -k HsfXAudioService [2009-7-14 27136] R2 NTISchedulerSvc;NTI Backup Now 5 Scheduler Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe [2009-6-18 144640] R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-1-9 240160] R3 CAXHWAZL;CAXHWAZL;C:\Windows\System32\drivers\CAXHWAZL.sys [2010-1-9 292864] R3 GDFwSvc;G Data Personal Firewall;C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe [2013-3-22 2926672] R3 GDPkIcpt;GDPkIcpt;C:\Windows\System32\drivers\PktIcpt.sys [2013-6-28 62808] R3 GDScan;G Data Scanner;C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [2013-2-25 696808] R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2010-1-9 143320] R3 NETw5s64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\System32\drivers\NETw5s64.sys [2010-1-9 6952960] S3 GdNetMon;G Data Network Monitor;C:\Windows\System32\drivers\GdNetMon64.sys [2011-8-16 31448] S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368] S3 NTIBackupSvc;NTI Backup Now 5 Backup Service;C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe [2009-6-18 50432] S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440] S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-14 292864] S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-14 1485312] S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-14 740864] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2011-6-8 59392] S3 WatAdminSvc;Windows-Aktivierungstechnologieservice;C:\Windows\System32\Wat\WatAdminSvc.exe [2010-12-24 1255736] . =============== Created Last 30 ================ . 2013-07-11 15:28:06 -------- d-----w- C:\Users\Cyrill Oberholzer\AppData\Roaming\Microsoft Games 2013-07-11 15:27:36 -------- d-----w- C:\Users\Cyrill Oberholzer\AppData\Roaming\SeeSimilar 2013-07-11 15:27:08 19632 ----a-w- C:\Windows\System32\roboot64.exe 2013-07-10 12:13:34 571904 ----a-w- C:\Program Files\Windows Defender\MpClient.dll 2013-07-09 11:30:15 9552976 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D4E0B92B-7CCA-451D-9127-FD2366C0BB7A}\mpengine.dll 2013-06-28 14:04:38 62808 ----a-w- C:\Windows\System32\drivers\PktIcpt.sys 2013-06-28 14:04:13 64856 ----a-w- C:\Windows\System32\drivers\gdwfpcd64.sys 2013-06-28 14:04:06 65368 ----a-w- C:\Windows\System32\drivers\HookCentre.sys 2013-06-28 14:04:06 60248 ----a-w- C:\Windows\System32\drivers\GDBehave.sys 2013-06-28 14:04:06 130392 ----a-w- C:\Windows\System32\drivers\MiniIcpt.sys 2013-06-28 14:02:37 -------- d-----w- C:\Program Files (x86)\Common Files\G Data 2013-06-28 13:58:20 -------- d-----w- C:\Windows\SysWow64\wbem\Logs 2013-06-24 13:59:23 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll 2013-06-19 11:00:38 -------- d--h--w- C:\Program Files (x86)\Common Files\EAInstaller 2013-06-19 11:00:10 1974616 ----a-w- C:\Windows\SysWow64\D3DCompiler_42.dll 2013-06-19 11:00:09 1892184 ----a-w- C:\Windows\SysWow64\D3DX9_42.dll 2013-06-19 11:00:08 4178264 ----a-w- C:\Windows\SysWow64\D3DX9_41.dll 2013-06-19 11:00:07 4379984 ----a-w- C:\Windows\SysWow64\D3DX9_40.dll 2013-06-19 11:00:07 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll 2013-06-19 11:00:05 3850760 ----a-w- C:\Windows\SysWow64\D3DX9_38.dll 2013-06-19 11:00:05 3786760 ----a-w- C:\Windows\SysWow64\D3DX9_37.dll 2013-06-19 11:00:04 3734536 ----a-w- C:\Windows\SysWow64\d3dx9_36.dll 2013-06-19 11:00:03 3727720 ----a-w- C:\Windows\SysWow64\d3dx9_35.dll 2013-06-19 11:00:03 3497832 ----a-w- C:\Windows\SysWow64\d3dx9_34.dll 2013-06-19 11:00:00 3495784 ----a-w- C:\Windows\SysWow64\d3dx9_33.dll 2013-06-19 10:50:15 -------- d-----w- C:\Users\Cyrill Oberholzer\AppData\Roaming\Origin 2013-06-19 10:50:15 -------- d-----w- C:\Program Files (x86)\Origin Games 2013-06-19 10:49:12 -------- d-----w- C:\Users\Cyrill Oberholzer\AppData\Local\Origin 2013-06-19 10:46:54 -------- d-----w- C:\ProgramData\Origin 2013-06-19 10:46:52 -------- d-----w- C:\ProgramData\Electronic Arts 2013-06-19 10:46:40 -------- d-----w- C:\Program Files (x86)\Origin 2013-06-12 12:55:01 30720 ----a-w- C:\Windows\System32\cryptdlg.dll 2013-06-12 12:55:01 24576 ----a-w- C:\Windows\SysWow64\cryptdlg.dll . ==================== Find3M ==================== . 2013-06-24 13:59:09 867240 ----a-w- C:\Windows\SysWow64\npDeployJava1.dll 2013-06-24 13:59:09 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2013-06-11 23:43:37 1767936 ----a-w- C:\Windows\SysWow64\wininet.dll 2013-06-11 23:43:00 2877440 ----a-w- C:\Windows\SysWow64\jscript9.dll 2013-06-11 23:42:58 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll 2013-06-11 23:42:58 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll 2013-06-11 23:26:20 2241024 ----a-w- C:\Windows\System32\wininet.dll 2013-06-11 23:25:16 3958784 ----a-w- C:\Windows\System32\jscript9.dll 2013-06-11 23:25:13 67072 ----a-w- C:\Windows\System32\iesetup.dll 2013-06-11 23:25:13 136704 ----a-w- C:\Windows\System32\iesysprep.dll 2013-06-11 22:51:45 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe 2013-06-11 22:50:58 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-06-11 20:52:19 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2013-06-11 20:52:19 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2013-06-07 03:22:18 2706432 ----a-w- C:\Windows\System32\mshtml.tlb 2013-06-07 02:37:52 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2013-06-05 03:34:27 3153920 ----a-w- C:\Windows\System32\win32k.sys 2013-06-04 06:00:13 624128 ----a-w- C:\Windows\System32\qedit.dll 2013-06-04 04:53:07 509440 ----a-w- C:\Windows\SysWow64\qedit.dll 2013-05-13 05:51:01 184320 ----a-w- C:\Windows\System32\cryptsvc.dll 2013-05-13 05:51:00 1464320 ----a-w- C:\Windows\System32\crypt32.dll 2013-05-13 05:51:00 139776 ----a-w- C:\Windows\System32\cryptnet.dll 2013-05-13 05:50:40 52224 ----a-w- C:\Windows\System32\certenc.dll 2013-05-13 04:45:55 140288 ----a-w- C:\Windows\SysWow64\cryptsvc.dll 2013-05-13 04:45:55 1160192 ----a-w- C:\Windows\SysWow64\crypt32.dll 2013-05-13 04:45:55 103936 ----a-w- C:\Windows\SysWow64\cryptnet.dll 2013-05-13 03:43:55 1192448 ----a-w- C:\Windows\System32\certutil.exe 2013-05-13 03:08:10 903168 ----a-w- C:\Windows\SysWow64\certutil.exe 2013-05-13 03:08:06 43008 ----a-w- C:\Windows\SysWow64\certenc.dll 2013-05-09 12:05:48 16944 ----a-w- C:\Windows\System32\drivers\GdPhyMem.sys 2013-05-08 06:39:01 1910632 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2013-05-06 06:03:49 1887744 ----a-w- C:\Windows\System32\WMVDECOD.DLL 2013-05-06 04:56:35 1620480 ----a-w- C:\Windows\SysWow64\WMVDECOD.DLL 2013-05-02 11:59:45 1059173 ----a-w- C:\Windows\SysWow64\sig.bin 2013-05-02 00:06:08 278800 ------w- C:\Windows\System32\MpSigStub.exe 2013-04-26 05:51:36 751104 ----a-w- C:\Windows\System32\win32spl.dll 2013-04-26 04:55:21 492544 ----a-w- C:\Windows\SysWow64\win32spl.dll 2013-04-25 23:30:32 1505280 ----a-w- C:\Windows\SysWow64\d3d11.dll 2013-04-17 07:02:06 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll 2013-04-17 06:24:46 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll 2013-04-13 05:49:23 135168 ----a-w- C:\Windows\apppatch\AppPatch64\AcXtrnal.dll 2013-04-13 05:49:19 350208 ----a-w- C:\Windows\apppatch\AppPatch64\AcLayers.dll 2013-04-13 05:49:19 308736 ----a-w- C:\Windows\apppatch\AppPatch64\AcGenral.dll 2013-04-13 05:49:19 111104 ----a-w- C:\Windows\apppatch\AppPatch64\acspecfc.dll 2013-04-13 04:45:16 474624 ----a-w- C:\Windows\apppatch\AcSpecfc.dll 2013-04-13 04:45:15 2176512 ----a-w- C:\Windows\apppatch\AcGenral.dll . ============= FINISH: 22:36:46.27 =============== Attach Code:
ATTFilter . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 15.12.2010 14:50:43 System Uptime: 11.07.2013 22:28:41 (0 hours ago) . Motherboard: Acer | | Monserrat Processor: Intel(R) Core(TM)2 Duo CPU T6600 @ 2.20GHz | U2E1 | 2200/200mhz . ==== Disk Partitions ========================= . A: is FIXED (NTFS) - 96 GiB total, 47.708 GiB free. C: is FIXED (NTFS) - 124 GiB total, 68.859 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP270: 02.07.2013 13:41:36 - Windows Update RP271: 09.07.2013 13:29:06 - Windows Update RP272: 11.07.2013 14:07:58 - Windows Update RP273: 11.07.2013 20:31:23 - Windows Update . ==== Installed Programs ====================== . Acer Crystal Eye Webcam Acer Empowering Technology Acer ePower Management Acer eRecovery Management Acer GameZone Console Acer GridVista Acer Registration Acer ScreenSaver Acer Updater Acrobat.com Adobe AIR Adobe Flash Player 10 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.5.5 MUI Adobe Shockwave Player 11.6 Alice Greenfingers Amazonia ATI AVIVO64 Codecs ATI Catalyst Install Manager Catalyst Control Center - Branding Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Vista Catalyst Control Center InstallProxy Catalyst Control Center Localization All ccc-core-static ccc-utility64 CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish CDBurnerXP Chicken Invaders 2 Craften Terminal 3.3.4897.28268 Dairy Dash Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition Dream Day First Home Farm Frenzy 2 First Class Flurry FlightGear v2.6.0.1 Free Mp3 Wma Converter V 1.9 FreeRIP v3.5 G Data InternetSecurity 2014 Granny In Paradise HDAUDIO Soft Data Fax Modem with SmartCP Heroes of Hellas Identity Card ImgBurn Intel® Matrix Storage Manager InterVideo WinDVD 8 Java 7 Update 25 Java Auto Updater JMicron Flash Media Controller Driver Junk Mail filter update Landwirtschafts Simulator 2013 Launch Manager Merriam Websters Spell Jam Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile DEU Language Pack Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (German) 2010 Microsoft Office Excel MUI (German) 2010 Microsoft Office Home and Student 2010 Microsoft Office Office 32-bit Components 2010 Microsoft Office OneNote MUI (German) 2010 Microsoft Office Outlook MUI (German) 2010 Microsoft Office PowerPoint MUI (German) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proof (Italian) 2010 Microsoft Office Proofing (German) 2010 Microsoft Office Publisher MUI (German) 2010 Microsoft Office Shared 32-bit MUI (German) 2010 Microsoft Office Shared MUI (German) 2010 Microsoft Office Single Image 2010 Microsoft Office Word MUI (German) 2010 Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server Native Client Microsoft SQL Server VSS Writer Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Moorhuhn X Mozilla Firefox 21.0 (x86 de) Mozilla Maintenance Service MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) NTI Backup Now 5 NTI Backup Now Standard NTI Media Maker 8 NTI Shadow OpenAL Origin Realtek High Definition Audio Driver Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile DEU Language Pack (KB2518870) Security Update for Microsoft Excel 2010 (KB2597126) 64-Bit Edition Security Update for Microsoft Filter Pack 2.0 (KB2553501) 64-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2760406) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2687276) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 64-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 64-Bit Edition Security Update for Microsoft OneNote 2010 (KB2760600) 64-Bit Edition Security Update for Microsoft Publisher 2010 (KB2553147) 64-Bit Edition Security Update for Microsoft Visio 2010 (KB2810068) 64-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2687505) 64-Bit Edition Security Update for Microsoft Word 2010 (KB2760410) 64-Bit Edition SimCity™ swMSM Synaptics Pointing Device Driver Unity Web Player Unterstützungsdateien für das Microsoft SQL Server-Setup (Englisch) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft Office 2010 (KB2494150) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553181) 64-Bit Edition Update for Microsoft Office 2010 (KB2553267) 64-Bit Edition Update for Microsoft Office 2010 (KB2553270) 64-Bit Edition Update for Microsoft Office 2010 (KB2553310) 64-Bit Edition Update for Microsoft Office 2010 (KB2553378) 64-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2598242) 64-Bit Edition Update for Microsoft Office 2010 (KB2687509) 64-Bit Edition Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition Update for Microsoft Office 2010 (KB2767886) 64-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 64-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 64-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 64-Bit Edition Update for Microsoft PowerPoint 2010 (KB2598240) 64-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 64-Bit Edition VLC media player 1.1.5 Windows Live-Uploadtool Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Fotogalerie Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Sync Windows Live Writer WinRAR . ==== End Of File =========================== Ich hoffe, dass ich nicht schon zuviel unternommen habe und dass mir jemand helfen kann. Bin dankbar für jede Hilfestellung. |
Themen zu Hola Search komplett entfernen |
antivirus, browser, converter, cpu, desktop, entfernen, error, firefox, flash player, home, internet, internet browser, internet explorer, komplett entfernen, monitor, mozilla, mp3, plug-in, realtek, registrierungsdatenbank, scan, security, server, software, suchmaschine, svchost.exe, vista, win 7 64bit, windows, wma |