Guten Abend,

ich habe seit einigen Monaten den Trojaner "getwindowinfo" in meinem Internet Explorer.
Er öffnet sich automatisch beim PC Start und lässt sich nicht schließen.

Anti Virus kann keinen Virus finden.

Ich brauche Hilfe, um das Problem zu beheben.

Liebe Grüße
Julia

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:

• Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
• Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags.
• Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
• Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo.
  Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
• Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
• Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!
  Ich kann Dir niemals eine Garantie geben, dass auch ich alles finde. Eine Formatierung ist meist der schnellere und immer der sicherste Weg.
  Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis dir jemand vom Team sagt, dass Du clean bist.

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

• Starte jetzt FRST.
• Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
• Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
• Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Jullia Tanja Vaio (administrator) on JULLIATANJAVAIO on 18-10-2013 21:14:16
Running from C:\Users\Jullia Tanja Vaio\Downloads
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Windows Net) C:\Users\Jullia Tanja Vaio\AppData\Roaming\Windows Net Data\net.exe
() C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(glindorus) C:\Program Files (x86)\glindorus\updateglindorus.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Plus HD) C:\program files (x86)\plus-hd-1.6\plus-hd-1.6-bg.exe
(Google Inc.) C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Adobe Systems Incorporated) C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_117_ActiveX.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Microsoft Corporation) C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(iMesh Inc) C:\Users\Jullia Tanja Vaio\Downloads\iMeshSetup-r1487-w-bf.exe
(iMesh Inc) C:\Users\Jullia Tanja Vaio\Downloads\iMeshSetup-r1487-w-bf.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [212480 2010-05-31] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [msnmsgr] - "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKCU\...\Run: [MobileDocuments] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKCU\...\Run: [Hoolapp Android] - "C:\Users\JULLIA~1\AppData\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673136 2010-05-31] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [600928 2010-06-01] (Sony Corporation)
HKLM-x32\...\Run: [NBAgent] - C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1234216 2010-03-26] (Nero AG)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-09-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41208 2012-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
AppInit_DLLs-x32: c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll  [2704352 2013-09-23] ()
Startup: C:\Users\Jullia Tanja Vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk
ShortcutTarget: net.lnk -> C:\Users\Jullia Tanja Vaio\AppData\Roaming\Windows Net Data\net.exe (Windows Net)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=EA0590004EF8FEC4&affID=119557&tsp=5039
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE
HKCU\Software\Microsoft\Internet Explorer\Main,ICQ Search = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=EA0590004EF8FEC4&affID=119557&tsp=5039
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus&rlz=1I7SVEE_deDE424
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0E791A27-579B-495A-9A88-9ADF4A22CCFC} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=EA0590004EF8FEC4&affID=119557&tsp=5039
SearchScopes: HKCU - {1DBF24B8-04A7-48C3-B4E5-39C4CF132D86} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms}
SearchScopes: HKCU - {3EEF4B8F-C743-4D31-A030-6CA51B522BE8} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKCU - {6552C7DD-90A4-4387-B795-F8F96747DE19} URL = hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus&rlz=1I7SVEE_deDE424
BHO: Plus-HD-1.6 - {11111111-1111-1111-1111-110311201102} - C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-bho64.dll (Plus HD)
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Plus-HD-1.6 - {11111111-1111-1111-1111-110311201102} - C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-bho.dll (Plus HD)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: glindorus - {9598e82a-7e09-4438-b425-b9e9718c3c73} - C:\Program Files (x86)\glindorus\glindorusbho.dll (glindorus)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.24.6\bh\delta.dll (Delta-search.com)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKLM-x32 - Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.24.6\deltaTlbr.dll (Delta-search.com)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Jullia Tanja Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\wcwbpoxz.default
FF NewTab: hxxp://www.delta-search.com/?babsrc=NT_ss&mntrId=EA0590004EF8FEC4&affID=119557&tsp=5039
FF Homepage: hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=EA0590004EF8FEC4&affID=119557&tsp=5039
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Jullia Tanja Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\wcwbpoxz.default\Extensions\6c937ed6-be66-4f72-9a60-ce5789cc7f09@53ba6712-2cae-46e2-b821-95baea44e049.com
FF Extension: pricealarm - C:\Users\Jullia Tanja Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\wcwbpoxz.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
FF Extension: Delta Toolbar - C:\Users\Jullia Tanja Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\wcwbpoxz.default\Extensions\ffxtlbr@delta.com
FF Extension: firefox - C:\Users\Jullia Tanja Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\wcwbpoxz.default\Extensions\firefox@glindorus.net.xpi
FF Extension: webbooster - C:\Users\Jullia Tanja Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\wcwbpoxz.default\Extensions\webbooster@iminent.com.xpi
FF Extension: No Name - C:\Users\Jullia Tanja Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\wcwbpoxz.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi
FF HKCU\...\Firefox\Extensions: [{652702bb-9ef6-4817-a019-b3abdcfcd40c}] - C:\Program Files (x86)\Lyrics_Monkey\133.xpi

Chrome: 
=======
CHR HomePage: hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=EA0590004EF8FEC4&affID=119557&tsp=5039
CHR RestoreOnStartup: "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=EA0590004EF8FEC4&affID=119557&tsp=5039"
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\17.0.963.83\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.6.9) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U26) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.0.60531.0\npctrl.dll No File
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\17.0.963.83\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\17.0.963.83\pdf.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.69\npGoogleUpdate3.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Default Plug-in) - default_plugin No File
CHR Extension: (YouTube) - C:\Users\JULLIA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0
CHR Extension: (Google Search) - C:\Users\JULLIA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0
CHR Extension: () - C:\Users\JULLIA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab\background.html
CHR Extension: (Iminent) - C:\Users\JULLIA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl\6.30.3.1_0
CHR Extension: (Plus-HD-1.6) - C:\Users\JULLIA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\jidjhchcblhlapbcpheibgdjkajekhbh\1.25.86_0
CHR Extension: (Skype Click to Call) - C:\Users\JULLIA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0
CHR Extension: (Gmail) - C:\Users\JULLIA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0
CHR HKLM-x32\...\Chrome\Extension: [ammjbfijeglcdlnlnhlkdhgjnlgmpehe] - C:\Program Files (x86)\glindorus\ammjbfijeglcdlnlnhlkdhgjnlgmpehe.crx
CHR HKLM-x32\...\Chrome\Extension: [eooncjejnppfjjklapaamhcdmjbilmde] - C:\Users\Jullia Tanja Vaio\AppData\Roaming\BabSolution\CR\Delta.crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx
CHR HKLM-x32\...\Chrome\Extension: [ofnnlhbgdcabppjmlijllkhekcglbjlg] - C:\Program Files (x86)\Lyrics_Monkey\133.crx

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-05] (Avira Operations GmbH & Co. KG)
R2 BitGuard; C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [2845664 2013-09-23] ()
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
S2 SystemStoreService; C:\Program Files (x86)\SoftwareUpdater\SystemStore.exe [296448 2013-05-01] ()
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
R2 Update glindorus; C:\Program Files (x86)\glindorus\updateglindorus.exe [65312 2013-10-05] (glindorus)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-04-02] (Avira Operations GmbH & Co. KG)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-18 21:13 - 2013-10-18 21:13 - 00753504 _____ C:\Users\Jullia Tanja Vaio\Downloads\ZipExtractorSetup.exe
2013-10-18 21:11 - 2013-10-18 21:11 - 00000807 _____ C:\Users\Public\Desktop\iMesh.lnk
2013-10-18 21:11 - 2013-10-18 21:11 - 00000000 ____D C:\Program Files (x86)\iMesh
2013-10-18 21:10 - 2013-10-18 21:10 - 01332104 _____ (iMesh Inc) C:\Users\Jullia Tanja Vaio\Downloads\iMeshSetup-r1487-w-bf.exe
2013-10-18 20:20 - 2013-10-18 20:20 - 101813202 _____ C:\Windows\SysWOW64\㈛裍¢
2013-10-18 10:51 - 2013-10-18 10:51 - 00015004 _____ C:\AdwCleaner[S1].txt
2013-10-18 10:51 - 2013-10-18 10:51 - 00000000 ____D C:\Users\Jullia Tanja Vaio\AppData\Local\avgchrome
2013-10-18 10:50 - 2013-10-18 10:50 - 00015933 _____ C:\AdwCleaner[R1].txt
2013-10-18 10:49 - 2013-10-18 20:19 - 00003420 _____ C:\Windows\System32\Tasks\BitGuard
2013-10-18 10:49 - 2013-10-18 20:19 - 00001930 _____ C:\Windows\Tasks\Plus-HD-1.6-chromeinstaller.job
2013-10-18 10:49 - 2013-10-18 20:19 - 00001854 _____ C:\Windows\Tasks\Plus-HD-1.6-firefoxinstaller.job
2013-10-18 10:49 - 2013-10-18 20:19 - 00001320 _____ C:\Windows\Tasks\Plus-HD-1.6-updater.job
2013-10-18 10:49 - 2013-10-18 20:19 - 00001222 _____ C:\Windows\Tasks\Plus-HD-1.6-codedownloader.job
2013-10-18 10:49 - 2013-10-18 20:19 - 00001122 _____ C:\Windows\Tasks\Plus-HD-1.6-enabler.job
2013-10-18 10:49 - 2013-10-18 10:49 - 00581957 _____ C:\Users\Jullia Tanja Vaio\Desktop\adwcleaner-1.606-en.exe
2013-10-18 10:49 - 2013-10-18 10:49 - 00004350 _____ C:\Windows\System32\Tasks\Plus-HD-1.6-updater
2013-10-18 10:49 - 2013-10-18 10:49 - 00004252 _____ C:\Windows\System32\Tasks\Plus-HD-1.6-codedownloader
2013-10-18 10:49 - 2013-10-18 10:49 - 00004152 _____ C:\Windows\System32\Tasks\Plus-HD-1.6-enabler
2013-10-18 10:49 - 2013-10-18 10:49 - 00000000 ____D C:\Users\Jullia Tanja Vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-10-18 10:49 - 2013-10-18 10:49 - 00000000 ____D C:\Program Files (x86)\Plus-HD-1.6
2013-10-18 10:48 - 2013-10-18 10:48 - 00003432 _____ C:\Windows\System32\Tasks\EPUpdater
2013-10-18 10:48 - 2013-10-18 10:48 - 00000000 ____D C:\Users\Jullia Tanja Vaio\AppData\Roaming\Delta
2013-10-18 10:48 - 2013-10-18 10:48 - 00000000 ____D C:\Users\Jullia Tanja Vaio\AppData\Roaming\BabSolution
2013-10-18 10:48 - 2013-10-18 10:48 - 00000000 ____D C:\ProgramData\DSearchLink
2013-10-18 10:48 - 2013-10-18 10:48 - 00000000 ____D C:\ProgramData\BitGuard
2013-10-18 10:48 - 2013-10-18 10:48 - 00000000 ____D C:\Program Files (x86)\glindorus
2013-10-18 10:48 - 2013-10-18 10:48 - 00000000 ____D C:\Program Files (x86)\Delta
2013-10-18 10:47 - 2013-10-18 10:47 - 00169272 _____ (Firseria·s·l·) C:\Users\Jullia Tanja Vaio\Downloads\AdwCleaner.exe
2013-10-18 10:38 - 2013-10-18 11:05 - 00027880 _____ C:\Users\Jullia Tanja Vaio\Downloads\Addition.txt
2013-10-18 10:36 - 2013-10-18 10:36 - 00000000 ____D C:\FRST
2013-10-18 10:35 - 2013-10-18 10:35 - 01954124 _____ (Farbar) C:\Users\Jullia Tanja Vaio\Downloads\FRST64.exe
2013-10-18 10:03 - 2013-10-18 10:03 - 00000000 ____D C:\Users\Jullia Tanja Vaio\AppData\Roaming\Malwarebytes
2013-10-18 10:03 - 2013-10-18 10:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-18 10:02 - 2013-10-18 10:02 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Jullia Tanja Vaio\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-11 18:42 - 2013-10-11 18:42 - 00000000 ____D C:\Users\Jullia Tanja Vaio\AppData\Roaming\SharePod
2013-10-11 18:36 - 2013-10-11 18:36 - 02140631 _____ C:\Users\Jullia Tanja Vaio\Downloads\SharePod_3.99.zip
2013-10-06 20:10 - 2013-10-18 10:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-06 11:35 - 2013-10-06 11:35 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-06 11:34 - 2013-10-06 11:35 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-06 11:34 - 2013-10-06 11:35 - 00000000 ____D C:\Program Files\iTunes
2013-10-06 11:34 - 2013-10-06 11:35 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-06 11:34 - 2013-10-06 11:34 - 00000000 ____D C:\Program Files\iPod

==================== One Month Modified Files and Folders =======

2013-10-18 21:13 - 2013-10-18 21:13 - 00753504 _____ C:\Users\Jullia Tanja Vaio\Downloads\ZipExtractorSetup.exe
2013-10-18 21:11 - 2013-10-18 21:11 - 00000807 _____ C:\Users\Public\Desktop\iMesh.lnk
2013-10-18 21:11 - 2013-10-18 21:11 - 00000000 ____D C:\Program Files (x86)\iMesh
2013-10-18 21:10 - 2013-10-18 21:10 - 01332104 _____ (iMesh Inc) C:\Users\Jullia Tanja Vaio\Downloads\iMeshSetup-r1487-w-bf.exe
2013-10-18 20:55 - 2013-02-16 16:59 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-18 20:41 - 2011-03-15 04:16 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-18 20:28 - 2009-07-14 06:45 - 00013936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-18 20:28 - 2009-07-14 06:45 - 00013936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-18 20:24 - 2011-03-15 04:07 - 01182903 _____ C:\Windows\WindowsUpdate.log
2013-10-18 20:23 - 2013-02-07 22:42 - 00004274 _____ C:\Windows\System32\Tasks\Software Updater Ui
2013-10-18 20:23 - 2013-02-07 22:41 - 00004208 _____ C:\Windows\System32\Tasks\Software Updater
2013-10-18 20:20 - 2013-10-18 20:20 - 101813202 _____ C:\Windows\SysWOW64\㈛裍¢
2013-10-18 20:19 - 2013-10-18 10:49 - 00003420 _____ C:\Windows\System32\Tasks\BitGuard
2013-10-18 20:19 - 2013-10-18 10:49 - 00001930 _____ C:\Windows\Tasks\Plus-HD-1.6-chromeinstaller.job
2013-10-18 20:19 - 2013-10-18 10:49 - 00001854 _____ C:\Windows\Tasks\Plus-HD-1.6-firefoxinstaller.job
2013-10-18 20:19 - 2013-10-18 10:49 - 00001320 _____ C:\Windows\Tasks\Plus-HD-1.6-updater.job
2013-10-18 20:19 - 2013-10-18 10:49 - 00001222 _____ C:\Windows\Tasks\Plus-HD-1.6-codedownloader.job
2013-10-18 20:19 - 2013-10-18 10:49 - 00001122 _____ C:\Windows\Tasks\Plus-HD-1.6-enabler.job
2013-10-18 20:19 - 2011-03-15 04:16 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-18 20:19 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-18 20:19 - 2009-07-14 06:51 - 00084286 _____ C:\Windows\setupact.log
2013-10-18 11:05 - 2013-10-18 10:38 - 00027880 _____ C:\Users\Jullia Tanja Vaio\Downloads\Addition.txt
2013-10-18 10:51 - 2013-10-18 10:51 - 00015004 _____ C:\AdwCleaner[S1].txt
2013-10-18 10:51 - 2013-10-18 10:51 - 00000000 ____D C:\Users\Jullia Tanja Vaio\AppData\Local\avgchrome
2013-10-18 10:50 - 2013-10-18 10:50 - 00015933 _____ C:\AdwCleaner[R1].txt
2013-10-18 10:49 - 2013-10-18 10:49 - 00581957 _____ C:\Users\Jullia Tanja Vaio\Desktop\adwcleaner-1.606-en.exe
2013-10-18 10:49 - 2013-10-18 10:49 - 00004350 _____ C:\Windows\System32\Tasks\Plus-HD-1.6-updater
2013-10-18 10:49 - 2013-10-18 10:49 - 00004252 _____ C:\Windows\System32\Tasks\Plus-HD-1.6-codedownloader
2013-10-18 10:49 - 2013-10-18 10:49 - 00004152 _____ C:\Windows\System32\Tasks\Plus-HD-1.6-enabler
2013-10-18 10:49 - 2013-10-18 10:49 - 00000000 ____D C:\Users\Jullia Tanja Vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-10-18 10:49 - 2013-10-18 10:49 - 00000000 ____D C:\Program Files (x86)\Plus-HD-1.6
2013-10-18 10:49 - 2013-10-06 20:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-18 10:48 - 2013-10-18 10:48 - 00003432 _____ C:\Windows\System32\Tasks\EPUpdater
2013-10-18 10:48 - 2013-10-18 10:48 - 00000000 ____D C:\Users\Jullia Tanja Vaio\AppData\Roaming\Delta
2013-10-18 10:48 - 2013-10-18 10:48 - 00000000 ____D C:\Users\Jullia Tanja Vaio\AppData\Roaming\BabSolution
2013-10-18 10:48 - 2013-10-18 10:48 - 00000000 ____D C:\ProgramData\DSearchLink
2013-10-18 10:48 - 2013-10-18 10:48 - 00000000 ____D C:\ProgramData\BitGuard
2013-10-18 10:48 - 2013-10-18 10:48 - 00000000 ____D C:\Program Files (x86)\glindorus
2013-10-18 10:48 - 2013-10-18 10:48 - 00000000 ____D C:\Program Files (x86)\Delta
2013-10-18 10:47 - 2013-10-18 10:47 - 00169272 _____ (Firseria·s·l·) C:\Users\Jullia Tanja Vaio\Downloads\AdwCleaner.exe
2013-10-18 10:36 - 2013-10-18 10:36 - 00000000 ____D C:\FRST
2013-10-18 10:35 - 2013-10-18 10:35 - 01954124 _____ (Farbar) C:\Users\Jullia Tanja Vaio\Downloads\FRST64.exe
2013-10-18 10:21 - 2011-03-15 04:05 - 00168118 _____ C:\Windows\PFRO.log
2013-10-18 10:03 - 2013-10-18 10:03 - 00000000 ____D C:\Users\Jullia Tanja Vaio\AppData\Roaming\Malwarebytes
2013-10-18 10:03 - 2013-10-18 10:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-18 10:02 - 2013-10-18 10:02 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Jullia Tanja Vaio\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-18 09:58 - 2011-03-24 22:36 - 00004006 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{098E5DB3-EEDF-4143-BB74-8135FEDC134E}
2013-10-14 18:32 - 2011-03-15 04:16 - 00004120 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-14 18:32 - 2011-03-15 04:16 - 00003868 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-13 22:02 - 2013-02-07 22:41 - 00000000 ____D C:\Program Files (x86)\Freetec
2013-10-13 22:02 - 2013-02-07 22:40 - 00000000 ____D C:\ProgramData\Package Cache
2013-10-13 21:56 - 2013-01-04 00:14 - 00000000 ____D C:\Program Files (x86)\AVS4YOU
2013-10-11 18:42 - 2013-10-11 18:42 - 00000000 ____D C:\Users\Jullia Tanja Vaio\AppData\Roaming\SharePod
2013-10-11 18:36 - 2013-10-11 18:36 - 02140631 _____ C:\Users\Jullia Tanja Vaio\Downloads\SharePod_3.99.zip
2013-10-11 18:29 - 2011-03-15 13:01 - 00654400 _____ C:\Windows\system32\perfh007.dat
2013-10-11 18:29 - 2011-03-15 13:01 - 00130240 _____ C:\Windows\system32\perfc007.dat
2013-10-11 18:29 - 2009-07-14 07:13 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-11 17:26 - 2011-03-24 22:38 - 00000000 ____D C:\Users\Jullia Tanja Vaio\AppData\Local\Google
2013-10-11 17:23 - 2012-11-08 19:22 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-11 17:23 - 2012-11-08 19:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-11 16:42 - 2013-02-07 22:42 - 00000000 ____D C:\Users\Jullia Tanja Vaio\Documents\TubeBox
2013-10-11 15:47 - 2011-04-03 13:44 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-11 15:43 - 2013-08-15 01:16 - 00000000 ____D C:\Windows\system32\MRT
2013-10-11 15:40 - 2011-07-21 16:17 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-10 18:00 - 2013-02-16 16:59 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-10 18:00 - 2012-11-05 21:29 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-10 18:00 - 2011-10-15 17:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 20:48 - 2012-10-11 12:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-07 22:12 - 2012-10-11 12:37 - 00000000 ____D C:\Users\Jullia Tanja Vaio\AppData\Local\Mozilla
2013-10-07 22:10 - 2013-07-08 21:06 - 00000000 ____D C:\Users\Jullia Tanja Vaio\AppData\Roaming\vlc
2013-10-06 15:26 - 2011-03-28 17:53 - 00000000 ____D C:\Users\Jullia Tanja Vaio\Documents\Bewerbungen
2013-10-06 12:22 - 2011-04-26 20:29 - 00648292 _____ C:\test.xml
2013-10-06 11:35 - 2013-10-06 11:35 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-06 11:35 - 2013-10-06 11:34 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-06 11:35 - 2013-10-06 11:34 - 00000000 ____D C:\Program Files\iTunes
2013-10-06 11:35 - 2013-10-06 11:34 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-06 11:34 - 2013-10-06 11:34 - 00000000 ____D C:\Program Files\iPod
2013-09-20 18:12 - 2011-12-25 21:55 - 00000000 ____D C:\Update
2013-09-19 18:43 - 2010-10-12 19:48 - 00000000 ____D C:\ProgramData\Sony Corporation
2013-09-18 23:39 - 2011-05-04 15:04 - 00000000 ____D C:\Users\Jullia Tanja Vaio\AppData\Roaming\Apple Computer
2013-09-18 19:40 - 2011-05-04 15:04 - 00000000 ____D C:\Users\Jullia Tanja Vaio\AppData\Local\Apple Computer

Some content of TEMP:
====================
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\0a50e25a83046228c11dcaa7eeed09bb.exe
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\AskSLib.dll
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\IcqUpdater.exe
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\install_flashplayer11x64ax_gtbp_chrd_aih.exe
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\jre-6u24-windows-i586-iftw-rv.exe
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\MsgPlusUninstall.exe
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\tmp18CD.tmp.exe
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\tmp6183.tmp.exe
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\tmp7D2B.tmp.exe
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\tmp9233.tmp.exe
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\tmp95BD.tmp.exe
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\tmpE227.tmp.exe
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\TubeBox_Setup.exe
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\Update_2909.exe
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\Update_544f.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-14 18:20

==================== End Of Log ============================
         

--- --- ---

--- --- ---

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by Jullia Tanja Vaio at 2013-10-18 11:04:10
Running from C:\Users\Jullia Tanja Vaio\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (x32)
Adobe AIR (x32 Version: 1.5.3.9130)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader 9.5.3 - Deutsch (x32 Version: 9.5.3)
Alps Pointing-device for VAIO
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
ArcSoft Magic-i Visual Effects 2 (x32 Version: 2.0.1.115)
ArcSoft WebCam Companion 3 (x32 Version: 3.0.21.368)
ATI Catalyst Install Manager (Version: 3.0.769.0)
Avira Free Antivirus (x32 Version: 13.0.0.4052)
BitGuard (x32)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Core Implementation (x32 Version: 2010.0920.2143.37117)
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0920.2143.37117)
Catalyst Control Center Graphics Full New (x32 Version: 2010.0920.2143.37117)
Catalyst Control Center Graphics Light (x32 Version: 2010.0920.2143.37117)
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0920.2143.37117)
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0920.2143.37117)
Catalyst Control Center InstallProxy (x32 Version: 2010.0209.16.306)
Catalyst Control Center InstallProxy (x32 Version: 2010.0920.2143.37117)
Catalyst Control Center Localization All (x32 Version: 2010.0920.2143.37117)
CCC Help Chinese Standard (x32 Version: 2010.0920.2142.37117)
CCC Help Chinese Traditional (x32 Version: 2010.0920.2142.37117)
CCC Help Czech (x32 Version: 2010.0920.2142.37117)
CCC Help Danish (x32 Version: 2010.0920.2142.37117)
CCC Help Dutch (x32 Version: 2010.0920.2142.37117)
CCC Help English (x32 Version: 2010.0920.2142.37117)
CCC Help Finnish (x32 Version: 2010.0920.2142.37117)
CCC Help French (x32 Version: 2010.0920.2142.37117)
CCC Help German (x32 Version: 2010.0920.2142.37117)
CCC Help Greek (x32 Version: 2010.0920.2142.37117)
CCC Help Hungarian (x32 Version: 2010.0920.2142.37117)
CCC Help Italian (x32 Version: 2010.0920.2142.37117)
CCC Help Japanese (x32 Version: 2010.0920.2142.37117)
CCC Help Korean (x32 Version: 2010.0920.2142.37117)
CCC Help Norwegian (x32 Version: 2010.0920.2142.37117)
CCC Help Polish (x32 Version: 2010.0920.2142.37117)
CCC Help Portuguese (x32 Version: 2010.0920.2142.37117)
CCC Help Russian (x32 Version: 2010.0920.2142.37117)
CCC Help Spanish (x32 Version: 2010.0920.2142.37117)
CCC Help Swedish (x32 Version: 2010.0920.2142.37117)
CCC Help Thai (x32 Version: 2010.0920.2142.37117)
CCC Help Turkish (x32 Version: 2010.0920.2142.37117)
ccc-core-static (x32 Version: 2010.0920.2143.37117)
ccc-utility64 (Version: 2010.0920.2143.37117)
Delta Chrome Toolbar (x32)
Delta toolbar   (x32 Version: 1.8.24.6)
glindorus 1.0.0 (Version: 1.0.0)
Google Chrome (x32 Version: 30.0.1599.69)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4601.54)
Google Update Helper (x32 Version: 1.3.21.165)
High-Definition Video Playback 10 (x32 Version: 7.0.11400.29.0)
iCloud (Version: 3.0.2.163)
Iminent (x32 Version: 6.27.21.0)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179)
Intel(R) Rapid Storage Technology (x32 Version: 9.6.0.1014)
Intel(R) Turbo Boost Technology Driver (x32 Version: 01.02.00.1002)
iTunes (Version: 11.1.1.11)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Java(TM) 6 Update 20 (64-bit) (Version: 6.0.200)
Java(TM) 6 Update 33 (x32 Version: 6.0.330)
Media Gallery (Version: 1.3.0)
Media Gallery (x32 Version: 1.3.0.06230)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Primary Interoperability Assemblies 2005 (x32 Version: 8.0.50727.42)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Nero 10 Menu TemplatePack Basic (x32 Version: 10.0.10600.6.0)
Nero 10 Movie ThemePack Basic (x32 Version: 10.0.10600.6.0)
Nero BackItUp 10 (x32 Version: 5.4.11600.19.100)
Nero BackItUp 10 Help (CHM) (x32 Version: 1.0.10700)
Nero Burning ROM 10 (x32 Version: 10.0.11100.10.100)
Nero BurningROM 10 Help (CHM) (x32 Version: 1.0.10700)
Nero BurnRights 10 (x32 Version: 4.0.11000.12.100)
Nero BurnRights 10 Help (CHM) (x32 Version: 1.0.10600)
Nero Control Center 10 (x32 Version: 10.0.12000.1.4)
Nero ControlCenter 10 Help (CHM) (x32 Version: 1.0.10700)
Nero Core Components 10 (x32 Version: 2.0.13700.0.1)
Nero CoverDesigner 10 (x32 Version: 5.0.10900.11.100)
Nero CoverDesigner 10 Help (CHM) (x32 Version: 1.0.10600)
Nero DiscSpeed 10 (x32 Version: 6.0.10800.7.100)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 1.0.10600)
Nero Dolby Files 10 (x32 Version: 2.0.11000.0.10)
Nero Express 10 (x32 Version: 10.0.11000.10.100)
Nero Express 10 Help (CHM) (x32 Version: 1.0.10700)
Nero InfoTool 10 (x32 Version: 7.0.10800.8.100)
Nero InfoTool 10 Help (CHM) (x32 Version: 1.0.10600)
Nero MediaHub 10 (x32 Version: 1.0.13400.11.100)
Nero MediaHub 10 Help (CHM) (x32 Version: 1.0.10700)
Nero Multimedia Suite 10 (x32 Version: 10.0.13100)
Nero Recode 10 (x32 Version: 4.6.10900.4.100)
Nero Recode 10 Help (CHM) (x32 Version: 1.0.10600)
Nero RescueAgent 10 (x32 Version: 3.0.10900.9.100)
Nero RescueAgent 10 Help (CHM) (x32 Version: 1.0.10700)
Nero SoundTrax 10 (x32 Version: 4.6.10600.2.100)
Nero SoundTrax 10 Help (CHM) (x32 Version: 1.0.10600)
Nero StartSmart 10 (x32 Version: 10.0.11200.12.100)
Nero StartSmart 10 Help (CHM) (x32 Version: 1.0.10700)
Nero Update (x32 Version: 1.0.0017)
Nero Vision 10 (x32 Version: 7.0.11100.8.100)
Nero Vision 10 Help (CHM) (x32 Version: 1.0.10600)
Nero WaveEditor 10 (x32 Version: 5.6.10600.2.100)
Nero WaveEditor 10 Help (CHM) (x32 Version: 1.0.10600)
Plus-HD-1.6 (x32 Version: 1.29.153.0)
PMB (x32 Version: 5.3.00.06040)
PMB VAIO Edition Plug-in (Version: 1.5.10.05300)
PMB VAIO Edition Plug-in (x32 Version: 1.5.10.06150)
Quick Web Access (x32 Version: 1.4.7.0)
QuickTime (x32 Version: 7.74.80.86)
Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.6034)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6098)
Remote Play mit PlayStation®3 (x32 Version: 1.0.2.06210)
Remote Play with PlayStation 3 (x32 Version: 1.0.2.06210)
Remote-Tastatur mit PlayStation 3 (x32 Version: 1.0.2.06170)
Safari (x32 Version: 5.34.57.2)
Skype Click to Call (x32 Version: 5.9.9216)
Skype™ 5.10 (x32 Version: 5.10.116)
TubeBox (x32 Version: 4.1.1.0)
TubeBox! (x32 Version: 3.4.9)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2827325) 32-Bit Edition (x32)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update für Microsoft Office Word 2007 Help (KB963665) (x32)
VAIO - Media Gallery (x32 Version: 1.3.0.06230)
VAIO - PMB VAIO Edition Guide (x32 Version: 1.5.00.03020)
VAIO - PMB VAIO Edition Plug-in (x32 Version: 1.6.10.11160)
VAIO Care (x32 Version: 6.4.2.11150)
VAIO Control Center (x32 Version: 4.3.0.05310)
VAIO Data Restore Tool (x32 Version: 1.4.0.05240)
VAIO DVD Menu Data (x32 Version: 2.4.00.05300)
VAIO Gate (x32 Version: 2.4.1.09230)
VAIO Gate Default (x32 Version: 2.2.0.07020)
VAIO Hardware Diagnostics (x32 Version: 4.0.0.06230)
VAIO Media plus (Version: 2.1.0)
VAIO Media plus (x32 Version: 2.1.0.18210)
VAIO Media plus Opening Movie (x32 Version: 2.1.0.13220)
VAIO Movie Story Template Data (x32 Version: 2.3.00.06040)
VAIO Movie Story Template Data (x32 Version: 2.5.00.05300)
VAIO Sample Contents (x32 Version: 1.3.0.06041)
VAIO screensaver (x32 Version: 1.0.0.0)
VAIO Smart Network (x32 Version: 3.3.0.06080)
VAIO Update (x32 Version: 6.3.0.08010)
VAIO-Handbuch (x32 Version: 1.1.0.05280)
VAIO-Support für Übertragungen (x32 Version: 1.2.0.06230)
VLC media player 2.0.7 (x32 Version: 2.0.7)
VU5x64 (Version: 1.1.0)
VU5x86 (x32 Version: 1.0.0)
VU5x86 (x32 Version: 1.1.0)
WIDCOMM Bluetooth Software (Version: 6.3.0.5600)
Windows Utils (x32)

==================== Restore Points  =========================

12-09-2013 20:54:00 Windows Update
14-09-2013 08:22:02 Windows Update
14-09-2013 09:25:13 Windows Update
17-09-2013 19:58:17 Windows Update
19-09-2013 16:42:27 Installiert VAIO Update
24-09-2013 17:15:22 Windows Update
29-09-2013 09:17:06 Windows Update
06-10-2013 09:23:03 Windows Update
10-10-2013 15:28:52 Windows Update
11-10-2013 13:38:03 Windows Update
13-10-2013 20:00:55 Windows Defender Checkpoint
13-10-2013 20:01:46 Free YouTube Download Manager
13-10-2013 20:09:22 No23 Recorder wird entfernt
15-10-2013 15:51:30 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {06AB5330-CD86-45E7-B989-A6F321A49F0F} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation)
Task: {142B67C7-D67D-4A5E-9E20-0B38C8BA67B5} - System32\Tasks\BitGuard => Sc.exe start BitGuard
Task: {1B617208-8D26-47B3-837D-54B7B180FE17} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-08-01] (Sony Corporation)
Task: {3BE171B7-B437-43E0-9615-C69CD03D47A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-15] (Google Inc.)
Task: {423A0F0B-AC7A-4DCC-B156-17A57DBEAD0A} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-08-01] (Sony Corporation)
Task: {5A3467C0-8139-4BC0-BE25-ACCEF215840D} - System32\Tasks\Plus-HD-1.6-chromeinstaller => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-chromeinstaller.exe [2013-10-18] (Plus HD)
Task: {60EBC42A-4075-40B6-8D2A-E44CDAD017AD} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation)
Task: {63614B1D-B9B7-42A6-9FD4-B87DF895429A} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {64207460-E195-49D0-A655-6B85E4DFEDE8} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-09-23] (Sony Corporation)
Task: {648B9371-B1AB-45BD-B696-98D8657E66B5} - System32\Tasks\Plus-HD-1.6-enabler => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-enabler.exe [2013-10-18] (Plus HD)
Task: {6A51A238-DE2B-4304-B995-5AEA55A18E34} - System32\Tasks\EPUpdater => C:\Users\Jullia Tanja Vaio\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-10-08] ()
Task: {6A64E718-404C-4198-B241-AE6006FB59B1} - System32\Tasks\Hoolapp Init => C:\Users\JULLIA~1\AppData\Roaming\HOOLAP~1\Hoolapp.exe
Task: {74246D89-10E0-4714-A3AD-B9BDD6638FB5} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {7669778B-2454-4AF4-8C2B-2BEDC93C4DB5} - System32\Tasks\Software Updater => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Bootstrapper.exe [2013-07-08] ()
Task: {7F15EFB0-9E08-4B75-9CBD-197F39AA81BA} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {90ABA0FD-9171-46D4-85E6-EBB1CB3F5474} - System32\Tasks\Plus-HD-1.6-updater => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-updater.exe [2013-10-18] (Plus HD)
Task: {A716A205-AA97-4132-B207-836D3F32FE01} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation)
Task: {ABCE7353-26C0-45BF-84D1-A7E1C0CF6524} - System32\Tasks\Plus-HD-1.6-firefoxinstaller => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-firefoxinstaller.exe [2013-10-18] (Plus HD)
Task: {AC5022C6-3E71-4101-9264-89072CB38BE6} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation)
Task: {B14CAE38-257E-4C6E-A25E-4F36BD3DF0F3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10] (Adobe Systems Incorporated)
Task: {BCFE7F42-DAC6-45A4-AF8B-B914A0F4C79D} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-09-23] (Sony Corporation)
Task: {CBD4DB0B-22A4-4CAF-9CB4-95CDC6376B70} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe
Task: {CD009A48-A859-4664-8641-3ACA129FFE97} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {D087F9E2-21AC-4807-BBDC-F6AB1D4733F5} - System32\Tasks\DealPly => C:\Users\JULLIA~1\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE
Task: {D420A439-4FF8-4C02-A98E-87F2F97781FA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-15] (Google Inc.)
Task: {D49A4A13-9620-4E8A-BE96-2D0C2835662B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E1308E0B-079F-4564-AEFC-8149B6B93CBC} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-09-23] (Sony Corporation)
Task: {E513AA39-EA3C-4CCD-8E87-C9DBD0C71AAD} - System32\Tasks\Plus-HD-1.6-codedownloader => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-codedownloader.exe [2013-10-18] (Plus HD)
Task: {E649C448-A4AE-4415-835D-BC33E8FB6FCB} - System32\Tasks\SONY\Remote Keyboard with PlayStation 3\Remote Keyboard with PlayStation 3 => C:\Program Files\Sony\Remote Keyboard with PlayStation 3\VBTKBUtil.exe [2010-06-17] (Sony Corporation)
Task: {F2D4FCE2-9CBC-4FC7-B68F-D923F490FBD0} - System32\Tasks\Software Updater Ui => C:\Program Files (x86)\SoftwareUpdater\SoftwareUpdater.Ui.exe [2013-09-12] ()
Task: {FDB2472B-3B3F-4718-9A00-BC53460CE2C0} - System32\Tasks\Hoolapp For Android => C:\Users\JULLIA~1\AppData\Roaming\HOOLAP~1\UPDATE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Plus-HD-1.6-chromeinstaller.job => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-chromeinstaller.exe
Task: C:\Windows\Tasks\Plus-HD-1.6-codedownloader.job => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-codedownloader.exe
Task: C:\Windows\Tasks\Plus-HD-1.6-enabler.job => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-enabler.exe
Task: C:\Windows\Tasks\Plus-HD-1.6-firefoxinstaller.job => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-firefoxinstaller.exe
Task: C:\Windows\Tasks\Plus-HD-1.6-updater.job => C:\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-updater.exe

==================== Loaded Modules (whitelisted) =============

2010-08-24 15:39 - 2010-08-24 15:39 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-12-26 16:36 - 2011-12-26 16:36 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-12-19 22:58 - 2012-09-19 19:17 - 00397088 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-10-18 10:48 - 2013-09-23 13:55 - 02704352 _____ () C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2011-03-15 04:13 - 2010-05-31 20:18 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2011-03-15 04:13 - 2010-05-31 20:18 - 00013312 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2013-01-10 23:19 - 2013-01-10 23:19 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\d89f0252d910d617de1de783a812f840\IsdiInterop.ni.dll
2010-10-12 19:14 - 2010-03-04 05:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-10-06 20:10 - 2013-10-06 20:10 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-10-10 18:00 - 2013-10-10 18:00 - 16233864 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/18/2013 10:20:09 AM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (10/16/2013 07:22:44 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (10/15/2013 06:04:07 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (10/13/2013 10:00:53 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.


Vorgang:
   Generatordaten werden gesammelt

Kontext:
   Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
   Generatorname: System Writer
   Generatorinstanz-ID: {01398283-3a88-451d-9027-00873571326c}

Error: (10/11/2013 04:20:30 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (10/11/2013 03:36:19 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: iexplore.exe, Version: 9.0.8112.16476, Zeitstempel: 0x51270dab
Name des fehlerhaften Moduls: ntdll.dll, Version: 6.1.7600.16915, Zeitstempel: 0x4ec4b137
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000c6ae2
ID des fehlerhaften Prozesses: 0x324
Startzeit der fehlerhaften Anwendung: 0xiexplore.exe0
Pfad der fehlerhaften Anwendung: iexplore.exe1
Pfad des fehlerhaften Moduls: iexplore.exe2
Berichtskennung: iexplore.exe3

Error: (10/10/2013 05:35:45 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (10/09/2013 09:25:08 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (10/07/2013 08:48:29 PM) (Source: Customer Experience Improvement Program) (User: )
Description: 80004005

Error: (10/06/2013 04:22:45 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.


System errors:
=============
Error: (10/18/2013 10:51:58 AM) (Source: Service Control Manager) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (10/18/2013 10:51:28 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "BitGuard" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/18/2013 10:51:28 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Update glindorus" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 5000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/18/2013 10:51:28 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Virtueller Datenträger" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 60000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (10/18/2013 10:51:28 AM) (Source: Service Control Manager) (User: )
Description: Dienst "VCService" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/18/2013 10:51:28 AM) (Source: Service Control Manager) (User: )
Description: Dienst "VAIO Power Management" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/18/2013 10:51:28 AM) (Source: Service Control Manager) (User: )
Description: Dienst "Intel(R) Management & Security Application User Notification Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/18/2013 10:51:28 AM) (Source: Service Control Manager) (User: )
Description: Dienst "VUAgent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/18/2013 10:51:28 AM) (Source: Service Control Manager) (User: )
Description: Dienst "VAIO Care Performance Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (10/18/2013 10:51:28 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
         

Servus,


Ursache für die von dir genannte Meldung ist eine massive Ansammlung von Werbesoftware auf deinem Rechner... ziemlich lästig, aber nicht gefährlich.
Ich denke, übers Wochenende sollten wir deinen Rechner wieder vollständig sauber bekommen.


Wir beginnen fürs Erste so:






Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.

• Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
• Starte die AdwCleaner.exe mit einem Doppelklick.
• Stimme den Nutzungsbedingungen zu.
• Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
  • "Tracing" Schlüssel löschen
  • Winsock Einstellungen zurücksetzen
  • Proxy Einstellungen zurücksetzen
  • Internet Explorer Richtlinien zurücksetzen
  • Chrome Richtlinien zurücksetzen
  • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
• Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
• Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
• Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
• Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

• Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
• Drücke eine beliebige Taste, um das Tool zu starten.
• Je nach System kann der Scan eine Weile dauern.
• Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
• Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.

Schritt 3
Downloade Dir bitte Malwarebytes Anti-Malware

• Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
• Starte Malwarebytes' Anti-Malware (MBAM).
• Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
• Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
• Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
• Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
• Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
• Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 4
Bitte lade dir zoek.exe von hier: http://hijackthis.nl/smeenk/

• Bitte deaktiviere während des Scans alle Virenscanner, da sie das Ergebnis beeinflussen
• Starte Zoek.exe mit einem Doppelklick.
• Achtung: Das folgende Skript wurde nur für diesen speziellen Fall geschrieben und könnte andere Computer beschädigen.
• Kopiere den Text der folgenden Box in das Skriptfenster von zoek:
  
  Code: Alles auswählenAufklappen

  ATTFilter

  FFdefaults;
  CHRdefaults;
  iedefaults;
  emptyclsid;
  autoclean;
           

• Nun klicke auf "Run script" und sei geduldig bis das Skript durchläuft.
• Wenn das Tool fertig ist wird sich Notepad mit dem Logfile öffnen (ggf. erst nach einem Neustart). Das Log befindet sich aber auch noch unter c:
• Bitte poste mir das ZOEK-Log (möglichst in CODE-Tags - #-Symbol im Antwortfenster klicken)

Bitte poste mit deiner nächsten Antwort

• die Logdatei von AdwCleaner,
• die Logdatei von JRT,
• die Logdatei von MBAM,
• die Logdatei von Zoek.

Vielen Dank für deine Hilfe Matthias. Wusste gar nicht dass ich so viel Werbesoftware auf dem Rechner habe ;D

Code: Alles auswählenAufklappen

ATTFilter

# AdwCleaner v1.606 - Logfile created 10/18/2013 at 21:26:18
# Updated 10/05/2012 by Xplode
# Operating system : Windows 7 Home Premium  (64 bits)
# User : Jullia Tanja Vaio - JULLIATANJAVAIO
# Running from : C:\Users\Jullia Tanja Vaio\Desktop\adwcleaner-1.606-en.exe
# Option [Delete]


***** [Services] *****


***** [Files / Folders] *****


***** [Registry] *****


***** [Registre - GUID] *****

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
[x64] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16421

[OK] Registry is clean.

-\\ Mozilla Firefox v24.0 (de)

Profile name : default 
File : C:\Users\Jullia Tanja Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\wcwbpoxz.default\prefs.js

[OK] File is clean.

-\\ Google Chrome v30.0.1599.101

File : C:\Users\Jullia Tanja Vaio\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [15933 octets] - [18/10/2013 10:50:51]
AdwCleaner[S1].txt - [15004 octets] - [18/10/2013 10:51:23]
AdwCleaner[R2].txt - [1459 octets] - [18/10/2013 21:25:51]
AdwCleaner[S2].txt - [1302 octets] - [18/10/2013 21:26:18]

########## EOF - C:\AdwCleaner[S2].txt - [1430 octets] ##########
         

Ich habe das Programm aus Schritt 2 heruntergeladen und Anti Virus deaktiviert.

Das Programm sagt mir aber, dass ein Fehler aufgetreten ist und gibt mir folgende Meldung:

The version of Junkware Removal Tool you are running is out of date. Update now?

Soll ich das machen? Ich habe es ja gerade erst runtergeladen, wie kann es dann schon veraltet sein?

Servus,

Zitat:

Zitat von Zwilling0810

[CODE]# AdwCleaner v1.606 - Logfile created 10/18/2013 at 21:26:18
adwcleaner-1.606-en.exe

Wo kommt diese uralte Version von AdwCleaner her Wenn du den Downloadlink verwendest, den ich dir angegeben habe, kommst du automatisch zur neusten Version, daher verstehe ich das überhaupt nicht.
Aktuell ist v3.008.
Deinstalliere diese Version 1.606 und dann verwende den Downloadlink aus meinem letzten Post und führe AdwCleaner nochmal aus.

Zitat:

Zitat von Zwilling0810

Ich habe das Programm aus Schritt 2 heruntergeladen und Anti Virus deaktiviert.

Das Programm sagt mir aber, dass ein Fehler aufgetreten ist und gibt mir folgende Meldung:

The version of Junkware Removal Tool you are running is out of date. Update now?

Soll ich das machen? Ich habe es ja gerade erst runtergeladen, wie kann es dann schon veraltet sein?

Hast du es auch direkt von dem Link runtergeladen, den ich dir bereitgestellt habe?
Lösche JRT und lade es nochmal herunter. Dann führst du es einfach aus, ohne Update.

Anschließend noch die anderen 2 Schritte ausführen und die Logdateien ebenfalls dazu posten.

Ich habe das Programm deinstalliert und nochmals über deinen Link runtergeladen.

Sobald ich das Programm ausführen möchte, erscheint das Fenster:

Programm zum Vergleichen von DOS 5-Dateien funktioniert nicht mehr.

und dann wird mir in dem schwarzen Textfeld wieder die selbe Information angezeigt, dass meine Version veraltet ist.

Version 6.0.7

Servus,

Zitat:

Zitat von Zwilling0810

und dann wird mir in dem schwarzen Textfeld wieder die selbe Information angezeigt, dass meine Version veraltet ist.

Version 6.0.7

Du sprichst hier von JRT. 6.0.7 ist sehr aktuell, ausführen bitte.


Aber zuvor die neuste Version von AdwCleaner laden und ausführen.

Code: Alles auswählenAufklappen

ATTFilter

# AdwCleaner v3.008 - Bericht erstellt am 19/10/2013 um 11:02:03
# Updated 17/10/2013 von Xplode
# Betriebssystem : Windows 7 Home Premium  (64 bits)
# Benutzername : Jullia Tanja Vaio - JULLIATANJAVAIO
# Gestartet von : C:\Users\Jullia Tanja Vaio\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : BitGuard
[#] Dienst Gelöscht : SystemStoreService
[#] Dienst Gelöscht : Update glindorus
[#] Dienst Gelöscht : Util glindorus

***** [ Dateien / Ordner ] *****

[!] Ordner Gelöscht : C:\ProgramData\BitGuard
Ordner Gelöscht : C:\ProgramData\DSearchLink
Ordner Gelöscht : C:\ProgramData\ICQ\ICQToolbar
Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\Program Files (x86)\Delta
Ordner Gelöscht : C:\Program Files (x86)\glindorus
Ordner Gelöscht : C:\Program Files (x86)\ICQ6Toolbar
Ordner Gelöscht : C:\Program Files (x86)\iMesh Applications
Ordner Gelöscht : C:\Program Files (x86)\Plus-HD-1.6
Ordner Gelöscht : C:\Program Files (x86)\SoftwareUpdater
Ordner Gelöscht : C:\Program Files (x86)\Common Files\Umbrella
Ordner Gelöscht : C:\Windows\Installer\{5CDCDBCD-119A-4AE1-9C55-B816DBBE4245}
Ordner Gelöscht : C:\Users\Jullia Tanja Vaio\AppData\Local\DownloadGuide
Ordner Gelöscht : C:\Users\Jullia Tanja Vaio\AppData\Roaming\BabSolution
Ordner Gelöscht : C:\Users\Jullia Tanja Vaio\AppData\Roaming\Delta
Ordner Gelöscht : C:\Users\Jullia Tanja Vaio\AppData\Roaming\Windows Net Data
Ordner Gelöscht : C:\Users\Jullia Tanja Vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Ordner Gelöscht : C:\Users\Jullia Tanja Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\wcwbpoxz.default\Extensions\6c937ed6-be66-4f72-9a60-ce5789cc7f09@53ba6712-2cae-46e2-b821-95baea44e049.com
Ordner Gelöscht : C:\Users\Jullia Tanja Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\wcwbpoxz.default\Extensions\ffxtlbr@delta.com
Ordner Gelöscht : C:\Users\Jullia Tanja Vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl
Ordner Gelöscht : C:\Users\Jullia Tanja Vaio\AppData\Local\Google\Chrome\User Data\Default\Extensions\jidjhchcblhlapbcpheibgdjkajekhbh
Datei Gelöscht : C:\Users\Jullia Tanja Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\wcwbpoxz.default\Extensions\webbooster@iminent.com.xpi
Datei Gelöscht : C:\Users\Jullia Tanja Vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\net.lnk
Datei Gelöscht : C:\Users\Jullia Tanja Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\wcwbpoxz.default\bprotector_extensions.sqlite
Datei Gelöscht : C:\Users\Jullia Tanja Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\wcwbpoxz.default\bprotector_prefs.js
Datei Gelöscht : C:\Users\Jullia Tanja Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\wcwbpoxz.default\foxydeal.sqlite
Datei Gelöscht : C:\Users\Jullia Tanja Vaio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage
Datei Gelöscht : C:\Users\Jullia Tanja Vaio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_igdhbblpcellaljokkpfhcjlagemhgjl_0.localstorage
Datei Gelöscht : C:\Windows\System32\Tasks\Dealply
Datei Gelöscht : C:\Windows\System32\Tasks\EPUpdater
Datei Gelöscht : C:\Windows\Tasks\Plus-HD-1.6-chromeinstaller.job
Datei Gelöscht : C:\Windows\System32\Tasks\Plus-HD-1.6-chromeinstaller
Datei Gelöscht : C:\Windows\Tasks\Plus-HD-1.6-codedownloader.job
Datei Gelöscht : C:\Windows\System32\Tasks\Plus-HD-1.6-codedownloader
Datei Gelöscht : C:\Windows\Tasks\Plus-HD-1.6-enabler.job
Datei Gelöscht : C:\Windows\System32\Tasks\Plus-HD-1.6-enabler
Datei Gelöscht : C:\Windows\Tasks\Plus-HD-1.6-firefoxinstaller.job
Datei Gelöscht : C:\Windows\System32\Tasks\Plus-HD-1.6-firefoxinstaller
Datei Gelöscht : C:\Windows\Tasks\Plus-HD-1.6-updater.job
Datei Gelöscht : C:\Windows\System32\Tasks\Plus-HD-1.6-updater
Datei Gelöscht : C:\Windows\System32\Tasks\Software Updater Ui
Datei Gelöscht : C:\Windows\System32\Tasks\Software Updater

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ofnnlhbgdcabppjmlijllkhekcglbjlg
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Wert Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaappCore.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaHlpr
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.deltaESrvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\Iminent_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0032002.BHO
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0032002.BHO.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0032002.Sandbox
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CrossriderApp0032002.Sandbox.1
Schlüssel Gelöscht : HKCU\Software\e57dedcb168e915
Schlüssel Gelöscht : HKLM\SOFTWARE\e57dedcb168e915
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_messenger-plus_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_fuer_messenger-plus_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3223F2FB-D9B9-45FC-9D66-CD717FFA4EE5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{9598E82A-7E09-4438-B425-B9E9718C3C73}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311201102}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322202202}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355205502}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366206602}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440344204402}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9598E82A-7E09-4438-B425-B9E9718C3C73}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311201102}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110311201102}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311201102}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110311201102}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}]
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{11111111-1111-1111-1111-110311201102}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220322202202}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550355205502}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660366206602}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311201102}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\BabSolution
[#] Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\delta LTD
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\FoxyDeal
Schlüssel Gelöscht : HKCU\Software\installedbrowserextensions
Schlüssel Gelöscht : HKCU\Software\YahooPartnerToolbar
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Crossrider
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Lyrics_Monkey
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\Plus-HD-1.6
Schlüssel Gelöscht : HKLM\Software\Delta
Schlüssel Gelöscht : HKLM\Software\DeviceVM
Schlüssel Gelöscht : HKLM\Software\ICQ\ICQToolbar
Schlüssel Gelöscht : HKLM\Software\Plus-HD-1.6
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{5CDCDBCD-119A-4AE1-9C55-B816DBBE4245}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-1.6
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\DeviceVM
Daten Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16476

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]

-\\ Mozilla Firefox v24.0 (de)

[ Datei : C:\Users\Jullia Tanja Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\wcwbpoxz.default\prefs.js ]

Zeile gelöscht : user_pref("browser.newtab.url", "hxxp://www.delta-search.com/?babsrc=NT_ss&mntrId=EA0590004EF8FEC4&affID=119557&tsp=5039");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://www.delta-search.com/?babsrc=HP_ss&mntrId=EA0590004EF8FEC4&affID=119557&tsp=5039");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.active", true);
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.addressbar", "NA");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.addressbarenhanced", "");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.asyncdb_dbWasSet", true);
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.asyncinternaldb_dbWasSet", true);
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.backgroundver", 2);
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.certdomaininstaller", "");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.changeprevious", false);
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.cookie._GPL_aoi.value", "%221382170329%22");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.cookie._GPL_parent_zoneid.value", "%22389887%22");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.cookie._GPL_zoneid.value", "%22392807%22");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.cookie.geo.expiration", "Fri Oct 25 2013 11:01:01 GMT+0200");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.cookie.geo.value", "%22DE%22");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.cookie.InstallationTime.value", "1382086572");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.description", "Turn YouTube videos to High Definition by default");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.domain", "");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.enablesearch", false);
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.homepage", "");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.iframe", false);
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.InstallationThankYouPage", false);
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.InstallationTime", 1382086572);
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.__disable_camp.expiration", "Mon Oct 21 2013 10:56:18 GMT+0200");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.__disable_camp.value", "true");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb._country_code_.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb._country_code_.value", "%22DE%22");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/003acba40adbfde226f740f147868a55_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/003acba40adbfde226f740f147868a55_DE.value", "%22var%20cat_003acba40adbfde226f740f[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/098f1094523324ac59b427a0c2532d9d_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/098f1094523324ac59b427a0c2532d9d_DE.value", "%22var%20cat_098f1094523324ac59b427a[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/1bb25568f8455e74906142466f792c87_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/1bb25568f8455e74906142466f792c87_DE.value", "%22var%20cat_1bb25568f8455e749061424[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/24c75ee12874b5775f0bdc6920d078a8_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/24c75ee12874b5775f0bdc6920d078a8_DE.value", "%22var%20cat_24c75ee12874b5775f0bdc6[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/253712f62fa354f36c490a3f42ba9bfc_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/253712f62fa354f36c490a3f42ba9bfc_DE.value", "%22var%20cat_253712f62fa354f36c490a3[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/286965653b415f505622ea74d2bd3bbe_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/286965653b415f505622ea74d2bd3bbe_DE.value", "%22var%20cat_286965653b415f505622ea7[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/2a71b3b28494cf1854d333288ccc18ba_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/2a71b3b28494cf1854d333288ccc18ba_DE.value", "%22var%20cat_2a71b3b28494cf1854d3332[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/2d468ab97ca7b06a3c21e9e97b353a62_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/2d468ab97ca7b06a3c21e9e97b353a62_DE.value", "%22var%20cat_2d468ab97ca7b06a3c21e9e[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/3518e1eac042730aa1274618984462b3_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/3518e1eac042730aa1274618984462b3_DE.value", "%22var%20cat_3518e1eac042730aa127461[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/3fb584595510ffd42fa9866ce0f84f32_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/3fb584595510ffd42fa9866ce0f84f32_DE.value", "%22var%20cat_3fb584595510ffd42fa9866[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/4c3f63645c68db469df209c2dc3a46aa_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/4c3f63645c68db469df209c2dc3a46aa_DE.value", "%22var%20cat_4c3f63645c68db469df209c[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/530e52021dc20843b1aa62957edeb9f8.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/530e52021dc20843b1aa62957edeb9f8_expire.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/530e52021dc20843b1aa62957edeb9f8_expire.value", "%221382126205909%22");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/530e52021dc20843b1aa62957edeb9f8_version.expiration", "Fri Feb 01 2030 00:00:00 G[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/530e52021dc20843b1aa62957edeb9f8_version.value", "%225234ecdd4aff979a8c126af264e5[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/56df29dfef36d0a64d0b754d8b7aa1df_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/56df29dfef36d0a64d0b754d8b7aa1df_DE.value", "%22var%20cat_56df29dfef36d0a64d0b754[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9.value", "%22function%20tcmMarkWindow%28a%29%7Bva[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9_expire.expiration", "Fri Feb 01 2030 00:00:00 GM[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9_expire.value", "%221382126205642%22");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9_version.expiration", "Fri Feb 01 2030 00:00:00 G[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/5cdf8a7ef2ec84abac286c67587b78d9_version.value", "%22a64db70efdf0ace7131e2fcedb58[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/62cce7d26ab5636bceb113b988d56c59_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/62cce7d26ab5636bceb113b988d56c59_DE.value", "%22var%20cat_62cce7d26ab5636bceb113b[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/658987e48ed8b4a20fa71afdd0c84454_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/658987e48ed8b4a20fa71afdd0c84454_DE.value", "%22var%20cat_658987e48ed8b4a20fa71af[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/6d4100dc97e9abad47303e5e0d38b2b6_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/6d4100dc97e9abad47303e5e0d38b2b6_DE.value", "%22var%20cat_6d4100dc97e9abad47303e5[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/833447eaff04548ccb80787286a7cad9_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/833447eaff04548ccb80787286a7cad9_DE.value", "%22var%20cat_833447eaff04548ccb80787[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/9c3a4c3f7d10f85147fa09d19f610015_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/9c3a4c3f7d10f85147fa09d19f610015_DE.value", "%22var%20cat_9c3a4c3f7d10f85147fa09d[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/9fde1e4ac93162562a3cb3a2ca4a207d_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/9fde1e4ac93162562a3cb3a2ca4a207d_DE.value", "%22var%20cat_9fde1e4ac93162562a3cb3a[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/aa36bceec49c832079e270icmc219ats.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100"[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/aa36bceec49c832079e270icmc219ats.value", "%22tcmPredefineRulesDict%3D%5B%5B%27bdd[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/bdd26d3b7ab2292048466bbb3ec4a74d_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/bdd26d3b7ab2292048466bbb3ec4a74d_DE.value", "%22var%20cat_bdd26d3b7ab2292048466bb[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/d5baae4ef839769f8eb7e9f9d82d8a40_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/d5baae4ef839769f8eb7e9f9d82d8a40_DE.value", "%22var%20cat_d5baae4ef839769f8eb7e9f[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/d965aead622233a60676ef2349956f38_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/d965aead622233a60676ef2349956f38_DE.value", "%22var%20cat_d965aead622233a60676ef2[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/ddedfe6ede02f148caf19a2dec7f877d_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/ddedfe6ede02f148caf19a2dec7f877d_DE.value", "%22var%20cat_ddedfe6ede02f148caf19a2[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/e3cd5b2c64ca319aadec7c28c6c6feba_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/e3cd5b2c64ca319aadec7c28c6c6feba_DE.value", "%22var%20cat_e3cd5b2c64ca319aadec7c2[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/e7395ccc0c22b2cca7bf3e0c7db4d8a6_DE.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/e7395ccc0c22b2cca7bf3e0c7db4d8a6_DE.value", "%22var%20cat_e7395ccc0c22b2cca7bf3e0[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.hxxp://icm.ginyas.com/tcm1/include.php?affId=ginyas_465_000568&pubId=ginyas_465_32002&g[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.hxxp://icm.ginyas.com/tcm1/include.php?affId=ginyas_465_000568&pubId=ginyas_465_32002&g[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3A%221689399F[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%221689399FEF50410FA3DFC2ECBC058[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.monetization_plugin_last_executable_request.expiration", "Sat Oct 19 2013 22:43:39 GMT+[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.monetization_plugin_last_executable_request.value", "%22hxxp%3A//thisisudax.org/downloa[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.Resources_appVer.value", "90");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.Resources_lastVersion.value", "2");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.Resources_meta.value", "%7B%7D");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.Resources_nextCheck.expiration", "Sat Oct 19 2013 16:11:58 GMT+0200");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.Resources_nextCheck.value", "true");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.Resources_queue.value", "%7B%7D");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.aliveNotificationMarker.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.aliveNotificationMarker.value", "%221%22");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.aliveNotificationMarker_Expiration.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.aliveNotificationMarker_Expiration.value", "%221382220000000%22");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.globalDoubleImpressionProtection.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100")[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.globalDoubleImpressionProtection.value", "%221%22");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.globalDoubleImpressionProtection_Expiration.expiration", "Fri Feb 01 2030 00:00:00[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.globalDoubleImpressionProtection_Expiration.value", "%221382127558628%22");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.impressions.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.impressions.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.impressions_Expiration.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.impressions_Expiration.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.initialDayDelayMarker.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.initialDayDelayMarker.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.initialDayDelayMarker_Expiration.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100")[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.initialDayDelayMarker_Expiration.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.openFirstTimeBrowserToday.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.openFirstTimeBrowserToday.value", "%221%22");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.openFirstTimeBrowserToday_Expiration.expiration", "Fri Feb 01 2030 00:00:00 GMT+01[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.openFirstTimeBrowserToday_Expiration.value", "%221382220000001%22");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.preDefRuleImpressions.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.preDefRuleImpressions.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.preDefRuleImpressions_Expiration.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100")[...]
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.preDefRuleImpressions_Expiration.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.quirksCount.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.quirksCount.value", "%220%22");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.quirksCount_Expiration.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.quirksCount_Expiration.value", "%22%22");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.version.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.version.value", "%220.3%22");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.version_Expiration.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.tcm2.version_Expiration.value", "%221382220000000%22");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.lastDailyReport", "1382170317350");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.lastUpdate", "1382170316805");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.manifesturl", "");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.name", "Plus-HD-1.6");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.newtab", "");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.opensearch", "");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/32002/plugins/092/ff/plugins.json");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.pluginsversion", 77);
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.publisher", "Plus HD");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.searchstatus", 0);
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.setnewtab", false);
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.thankyou", "");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.updateinterval", 360);
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.ver", 90);
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.apps", "32002");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.bic", "1408103e7d91add236ace4d4e02e81f3");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.cid", 32002);
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.firstrun", false);
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.hadappinstalled", true);
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.installationdate", 1382086572);
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.modetype", "production");
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.reportInstall", true);
Zeile gelöscht : user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.statsDailyCounter", 3);
Zeile gelöscht : user_pref("extensions.crossrider.bic", "1408103e7d91add236ace4d4e02e81f3");
Zeile gelöscht : user_pref("extensions.delta.bbDpng", "19");
Zeile gelöscht : user_pref("extensions.delta.cntry", "DE");
Zeile gelöscht : user_pref("extensions.delta.hdrMd5", "");
Zeile gelöscht : user_pref("extensions.delta.lastVrsnTs", "");
Zeile gelöscht : user_pref("extensions.delta.sg", "er");
Zeile gelöscht : user_pref("extensions.delta.smplGrp", "er");
Zeile gelöscht : user_pref("extensions.enabledAddons", "EFGLQA%4078ETGYN-0W7FN789T87.COM:1.01,webbooster%40iminent.com:7.41.2.1,firefox%40glindorus.net:1.0.0,ffxtlbr%40delta.com:1.5.0,6c937ed6-be66-4f72-9a60-ce5789cc7[...]

-\\ Google Chrome v30.0.1599.101

[ Datei : C:\Users\Jullia Tanja Vaio\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : homepage
Gelöscht : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [49282 octets] - [19/10/2013 11:01:31]
AdwCleaner[S0].txt - [48425 octets] - [19/10/2013 11:02:03]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [48486 octets] ##########
         

Lag an der alten Version von adwCleaner. Sorry bin jetzt wieder voll da

Code: Alles auswählenAufklappen

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.7 (10.15.2013:3)
OS: Windows 7 Home Premium x64
Ran by Jullia Tanja Vaio on 19.10.2013 at 11:09:29,98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2228940376-3748922148-189436976-1001\Software\SweetIM
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\plus-hd-2_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\plus-hd-2_rasmancs
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110311201102}



~~~ Files

Successfully deleted: [File] "C:\Users\Jullia Tanja Vaio\appdata\locallow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com"



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\yuna software"
Successfully deleted: [Folder] "C:\Users\Jullia Tanja Vaio\music\qtrax media library"
Successfully deleted: [Empty Folder] C:\Users\Jullia Tanja Vaio\appdata\local\{0AE62EC6-843C-4060-9B1F-8272A60EC007}
Successfully deleted: [Empty Folder] C:\Users\Jullia Tanja Vaio\appdata\local\{4F81F6DB-B5D6-44D6-AB50-A4E3417F2E7F}
Successfully deleted: [Empty Folder] C:\Users\Jullia Tanja Vaio\appdata\local\{5EB64E6E-990C-4BB0-99A9-4408B068EEBA}
Successfully deleted: [Empty Folder] C:\Users\Jullia Tanja Vaio\appdata\local\{682A3949-ACE2-430D-91D8-3029B09B8F1A}
Successfully deleted: [Empty Folder] C:\Users\Jullia Tanja Vaio\appdata\local\{7C7F448D-B473-422A-8625-83463CB50769}
Successfully deleted: [Empty Folder] C:\Users\Jullia Tanja Vaio\appdata\local\{81D53A75-CBA6-4BB6-8477-46650A969817}
Successfully deleted: [Empty Folder] C:\Users\Jullia Tanja Vaio\appdata\local\{A311AC9C-6FC9-4A11-A7F7-62F252599DE5}
Successfully deleted: [Empty Folder] C:\Users\Jullia Tanja Vaio\appdata\local\{CD421BC8-3569-4D31-B0BD-DFCAFD682639}
Successfully deleted: [Empty Folder] C:\Users\Jullia Tanja Vaio\appdata\local\{D4FFAB5E-10A5-4103-8D8C-FB4CEE67DBE5}
Successfully deleted: [Empty Folder] C:\Users\Jullia Tanja Vaio\appdata\local\{F62925C3-62B0-4854-AA23-E09E40998123}



~~~ FireFox

Successfully deleted: [Folder] C:\Users\Jullia Tanja Vaio\AppData\Roaming\mozilla\firefox\profiles\wcwbpoxz.default\extensions\6c937ed6-be66-4f72-9a60-ce5789cc7f09@53ba6712-2cae-46e2-b821-95baea44e049.com
Successfully deleted the following from C:\Users\Jullia Tanja Vaio\AppData\Roaming\mozilla\firefox\profiles\wcwbpoxz.default\prefs.js

user_pref("extensions.a6c937ed6be664f729a60ce5789cc7f0953ba67122cae46e2b82195baea44e049com32002.32002.internaldb.cache/530e52021dc20843b1aa62957edeb9f8.value", "%22var%20adsDe
user_pref("extensions.crossrider.bic", "141cff65815c0f5fd50e3ba708ceb7d3");
user_pref("iminent.LayoutId", "1");
user_pref("iminent.ShowThankyouPixel", "0");
user_pref("iminent.displayFavLinks", "0");
user_pref("iminent.registerToolbarEvent101", "1376587823129");
user_pref("iminent.registerToolbarEvent102", "1382083293945");
user_pref("iminent.registerToolbarEvent109", "1381436239242");
user_pref("iminent.registerToolbarEvent110", "1378226341118");
user_pref("iminent.registerToolbarEvent111", "1381436239248");
user_pref("iminent.registerToolbarEvent112", "1379449078223");
user_pref("iminent.registerToolbarEvent122", "1381436239254");
user_pref("iminent.registerToolbarEvent140", "1376586204197");
user_pref("iminent.version", "7.41.2.1");
user_pref("iminent.versioning", "{\"CurrentVersion\":\"7.36.1.1\",\"InstallEventCTime\":1381176777056,\"InstallEvent\":\"True\",\"UpdateEventCTime\":1382086128022}");
user_pref("iminent.webbooster.scripts.minibar.LayoutId", "1");
user_pref("iminent.webbooster.scripts.minibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar");
user_pref("iminent.webbooster.scripts.minibar.Services.BHPCode", "01");
user_pref("iminent.webbooster.scripts.minibar.Services.DefaultEvent", "000");
user_pref("iminent.webbooster.scripts.minibar.Services.DefaultWebSite", "000");
user_pref("iminent.webbooster.scripts.minibar.Services.IminentClientCode", "11");
user_pref("iminent.webbooster.scripts.minibar.Services.SmartFavCode", "02");
user_pref("iminent.webbooster.scripts.minibar.ShowThankyouPixel", "0");
user_pref("iminent.webbooster.scripts.minibar.displayFavLinks", "1");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent102", "1376472483155");
user_pref("iminent.webbooster.scripts.minibar.registerToolbarEvent134", "1376554158012");
user_pref("iminent.webbooster.scripts.sslminibar.LayoutId", "1");
user_pref("iminent.webbooster.scripts.sslminibar.ROOTEXTENSION", "chrome://iminentwebbooster/content/minibar");
user_pref("iminent.webbooster.scripts.sslminibar.Services.BHPCode", "01");
user_pref("iminent.webbooster.scripts.sslminibar.Services.DefaultEvent", "000");
user_pref("iminent.webbooster.scripts.sslminibar.Services.DefaultWebSite", "000");
user_pref("iminent.webbooster.scripts.sslminibar.Services.IminentClientCode", "11");
user_pref("iminent.webbooster.scripts.sslminibar.Services.SmartFavCode", "02");
user_pref("iminent.webbooster.scripts.sslminibar.ShowThankyouPixel", "0");
user_pref("iminent.webbooster.scripts.sslminibar.displayFavLinks", "1");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent102", "1376557061795");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent109", "1376577513246");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent110", "1376471578556");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent111", "1376577513255");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent112", "1376489266957");
user_pref("iminent.webbooster.scripts.sslminibar.registerToolbarEvent122", "1376577513262");
Emptied folder: C:\Users\Jullia Tanja Vaio\AppData\Roaming\mozilla\firefox\profiles\wcwbpoxz.default\minidumps [100 files]



~~~ Chrome

Successfully deleted: [Folder] C:\Users\Jullia Tanja Vaio\appdata\local\Google\Chrome\User Data\Default\Extensions\jidjhchcblhlapbcpheibgdjkajekhbh



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 19.10.2013 at 11:17:51,78
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Code: Alles auswählenAufklappen

ATTFilter

 Malwarebytes Anti-Malware  (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2013.10.19.02

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Jullia Tanja Vaio :: JULLIATANJAVAIO [Administrator]

Schutz: Deaktiviert

19.10.2013 11:23:24
mbam-log-2013-10-19 (11-23-24).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 208507
Laufzeit: 6 Minute(n), 46 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 2
HKCU\SOFTWARE\glindorus (PUP.Optional.Glindorus.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKLM\SOFTWARE\glindorus (PUP.Optional.Glindorus.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 3
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\mt_ffx\Delta (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\mt_ffx\Delta\delta (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\mt_ffx\Delta\delta\1.8.24.6 (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateien: 9
C:\$Recycle.Bin\S-1-5-21-2228940376-3748922148-189436976-1001\$RFGY0Y4.exe (PUP.Optional.Firseria) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\2343467C-BAB0-7891-AD96-F31C58DE65F3\Latest\ccp.exe (PUP.Optional.Conduit.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\2343467C-BAB0-7891-AD96-F31C58DE65F3\Latest\CrxInstaller.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\2343467C-BAB0-7891-AD96-F31C58DE65F3\Latest\DSearchLink.exe (PUP.Optional.Delta.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\2343467C-BAB0-7891-AD96-F31C58DE65F3\Latest\MntrDLLInstall.dll (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\2343467C-BAB0-7891-AD96-F31C58DE65F3\Latest\MyDeltaTB.exe (PUP.Optional.Delta) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\2343467C-BAB0-7891-AD96-F31C58DE65F3\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Jullia Tanja Vaio\Downloads\iMeshSetup-r1487-w-bf.exe (PUP.Optional.iMeshMusicBoxTB.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
C:\Users\Jullia Tanja Vaio\Downloads\ZipExtractorSetup.exe (PUP.Optional.Installcore) -> Erfolgreich gelöscht und in Quarantäne gestellt.

(Ende)
         

Code: Alles auswählenAufklappen

ATTFilter

Zoek.exe Version 4.0.0.5 Updated 17-October-2013
Tool run by Jullia Tanja Vaio on 19.10.2013 at 11:45:59,33.
Microsoft Windows 7 Home Premium  6.1.7600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\JULLIA~1\AppData\Local\Temp\zoek\zoek.exe [Script inserted] 

==== System Restore Info ======================

19.10.2013 11:50:33 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2228940376-3748922148-189436976-1001\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} deleted successfully
HKEY_USERS\S-1-5-21-2228940376-3748922148-189436976-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} deleted successfully
HKEY_USERS\S-1-5-21-2228940376-3748922148-189436976-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{32004B8A-44A9-43E7-84E9-808838809519} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2228940376-3748922148-189436976-1001\Software\Mozilla\Firefox\Extensions\{652702bb-9ef6-4817-a019-b3abdcfcd40c} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Jullia Tanja Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\wcwbpoxz.default\prefs.js:

Added to C:\Users\Jullia Tanja Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\wcwbpoxz.default\prefs.js:
user_pref("browser.startup.homepage", "hxxp://www.google.com");
user_pref("browser.search.defaulturl", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "hxxp://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "hxxp://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Jullia Tanja Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\wcwbpoxz.default

user.js not found
---- Lines iminent removed from prefs.js ----

user_pref("iminent.versioning", "{\"CurrentVersion\":\"7.36.1.1\",\"InstallEventCTime\":1381176777056,\"InstallEvent\":\"True\",\"UpdateEventCTime\":1382086128022}");

---- Lines iminent modified from prefs.js ----


---- FireFox user.js and prefs.js backups ---- 

prefs__1157_.backup

==== Deleting Files \ Folders ======================

C:\Users\Jullia Tanja Vaio\AppData\Roaming\HoolappForAndroid deleted
C:\ProgramData\Package Cache deleted
C:\Users\Jullia Tanja Vaio\AppData\Local\avgchrome deleted
C:\windows\SysNative\Tasks\Hoolapp For Android deleted
C:\windows\SysNative\Tasks\Hoolapp Init deleted
C:\Users\Jullia Tanja Vaio\Downloads\FreeYouTubeToMP3Converter(1).exe deleted
C:\Users\Jullia Tanja Vaio\Downloads\FreeYouTubeToMP3Converter(2).exe deleted
C:\Users\Jullia Tanja Vaio\Downloads\FreeYouTubetoMP3Converter.exe deleted
C:\Users\Jullia Tanja Vaio\Desktop\Amazon.url deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\Jullia Tanja Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\wcwbpoxz.default
- pricealarm - %ProfilePath%\extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
- glindorus - %ProfilePath%\extensions\firefox@glindorus.net.xpi
- DVDVideoSoft YouTube MP3 and Video Download - %ProfilePath%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Jullia Tanja Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\wcwbpoxz.default
4BF70B35B943BD73BD6E13EB7C1BA4B3	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll -	Shockwave Flash
D7324EB1EDCB8990F8522DE0311359E9	- C:\Windows\SysWOW64\npdeployJava1.dll -	Java Deployment Toolkit 7.0.250.17
15E298B5EC5B89C5994A59863969D9FF	- C:\Windows\SysWOW64\npmproxy.dll -	Microsoft® Windows® Operating System


==== Deleting Files \ Folders ======================

"C:\Users\Jullia Tanja Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\wcwbpoxz.default\extensions\firefox@glindorus.net.xpi" deleted
"C:\Users\Jullia Tanja Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\wcwbpoxz.default\extensions\EFGLQA@78ETGYN-0W7FN789T87.COM" deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
ammjbfijeglcdlnlnhlkdhgjnlgmpehe - C:\Program Files (x86)\glindorus\ammjbfijeglcdlnlnhlkdhgjnlgmpehe.crx[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17.01.2012 12:45]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx[]

YouTube - Jullia Tanja Vaio - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Price Alarm - Jullia Tanja Vaio - Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab
Skype Click to Call - Jullia Tanja Vaio - Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl

==== Chrome Fix ======================

C:\Users\Jullia Tanja Vaio\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ammjbfijeglcdlnlnhlkdhgjnlgmpehe_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
"Default_Page_URL"="hxxp://www.google.com/ig/redirectdomain?brand=SVEE&bmod=SVEE"
"ICQ Search"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="C:\\ProgramData\\ICQ\\ICQNewTab\\newTab.html"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="C:\\ProgramData\\ICQ\\ICQNewTab\\newTab.html"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"ICQ Search"="hxxp://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="hxxp://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="hxxp://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{0E791A27-579B-495A-9A88-9ADF4A22CCFC} Shopping.com  Url="hxxp://de.shopping.com/?linkin_id=8056363"
{1DBF24B8-04A7-48C3-B4E5-39C4CF132D86} eBay  Url="hxxp://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms}"
{3EEF4B8F-C743-4D31-A030-6CA51B522BE8} Zinio  Url="hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices"

==== Reset Google Chrome ======================

C:\Users\Jullia Tanja Vaio\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Jullia Tanja Vaio\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ammjbfijeglcdlnlnhlkdhgjnlgmpehe deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jullia Tanja Vaio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jullia Tanja Vaio\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jullia Tanja Vaio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Jullia Tanja Vaio\AppData\Local\Mozilla\Firefox\Profiles\wcwbpoxz.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Jullia Tanja Vaio\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\JULLIA~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Jullia Tanja Vaio\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on 19.10.2013 at 12:03:35,50 ======================
         

Servus,



sieht gut aus.
Wir spüren die letzten Reste auf, damit wir sie später entfernen können:





Schritt 1
Kontrollscan mit FRST
Führe wie zuvor beschrieben einen Scan mit FRST aus.
Setze dazu eine Haken bei Addition.txt rechts unten und klicke auf Scan.
Es werden wieder zwei Logdateien erzeugt. Poste mir diese.





Schritt 2
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)

• Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
• Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:
  
  
  

  Code: Alles auswählenAufklappen

  ATTFilter

  :filefind
  *glindorus*
  *plus-hd*
  *BitGuard*
  *DSearchLink*
  
  :folderfind
  *glindorus*
  *plus-hd*
  *BitGuard*
  *DSearchLink*
  
  :regfind
  glindorus
  plus-hd
  BitGuard
  DSearchLink
           

• Klicke nun auf den Button Look, um den Scan zu starten.
• Der Suchlauf kann einige Zeit dauern.
• Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
• Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.

Gibt es noch Probleme mit Malware? Wenn ja, welche?
Wie läuft der Rechner derzeit?





Bitte poste mit deiner nächsten Antwort

• die beiden Logdateien von FRST,
• die Logdatei von SystemLook,
• die Beantwortung der gestellten Fragen.

FRST Logfile:

FRST Logfile:

Code: Alles auswählenAufklappen

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Jullia Tanja Vaio (administrator) on JULLIATANJAVAIO on 19-10-2013 12:30:30
Running from C:\Users\Jullia Tanja Vaio\Downloads
Windows 7 Home Premium (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\DllHost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apntex.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony of America Corporation) C:\Program Files\Sony\VAIO Care\listener.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCsystray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\system32\consent.exe

==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10775584 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2040352 2010-05-31] (Realtek Semiconductor)
HKLM\...\Run: [Apoint] - C:\Program Files\Apoint\Apoint.exe [212480 2010-05-31] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKCU\...\Run: [msnmsgr] - "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKCU\...\Run: [MobileDocuments] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKCU\...\Run: [Hoolapp Android] - "C:\Users\JULLIA~1\AppData\Roaming\HOOLAP~1\Hoolapp.exe" /Minimized
HKCU\...\Run: [iCloudServices] - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [59720 2013-09-14] (Apple Inc.)
HKCU\...\Run: [ApplePhotoStreams] - C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-09-15] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-03-04] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] - C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [673136 2010-05-31] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] - C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [600928 2010-06-01] (Sony Corporation)
HKLM-x32\...\Run: [NBAgent] - C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe [1234216 2010-03-26] (Nero AG)
HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] - C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [102400 2010-09-20] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Reader Speed Launcher] - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41208 2012-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [347192 2013-09-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-10-01] (Apple Inc.)
AppInit_DLLs-x32: c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll [ ] ()

==================== Internet (Whitelisted) ====================

StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKCU - {0E791A27-579B-495A-9A88-9ADF4A22CCFC} URL = hxxp://de.shopping.com/?linkin_id=8056363
SearchScopes: HKCU - {1DBF24B8-04A7-48C3-B4E5-39C4CF132D86} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-9/4?satitle={searchTerms}
SearchScopes: HKCU - {3EEF4B8F-C743-4D31-A030-6CA51B522BE8} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\Jullia Tanja Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\wcwbpoxz.default
FF NewTab: hxxp://www.google.com/
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxp://www.google.com
FF Keyword.URL: hxxp://www.google.com/search?btnG=Google+Search&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 - C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: No Name - C:\Users\Jullia Tanja Vaio\AppData\Roaming\Mozilla\Firefox\Profiles\wcwbpoxz.default\Extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}.xpi

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (YouTube) - C:\Users\JULLIA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2_0
CHR Extension: (Google Search) - C:\Users\JULLIA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.14_0
CHR Extension: () - C:\Users\JULLIA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab\background.html
CHR Extension: (Skype Click to Call) - C:\Users\JULLIA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl\5.9.0.9216_0
CHR Extension: (Gmail) - C:\Users\JULLIA~1\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\6.1.3_0
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx

==================== Services (Whitelisted) =================

S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [84024 2013-09-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [108088 2013-09-05] (Avira Operations GmbH & Co. KG)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [259192 2011-01-29] (Sony Corporation)
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [104960 2008-09-18] (ArcSoft, Inc.)
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)

==================== Drivers (Whitelisted) ====================

R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105344 2013-09-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132088 2013-09-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-04-02] (Avira Operations GmbH & Co. KG)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-19 12:00 - 2013-10-19 11:44 - 00024064 _____ C:\Windows\zoek-delete.exe
2013-10-19 11:50 - 2013-10-19 12:03 - 00010296 _____ C:\zoek-results.log
2013-10-19 11:43 - 2013-10-19 11:43 - 04161486 _____ C:\Users\Jullia Tanja Vaio\Downloads\zoek.rar
2013-10-19 11:21 - 2013-10-19 11:21 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-19 11:21 - 2013-10-19 11:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-19 11:21 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2013-10-19 11:20 - 2013-10-19 11:20 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Jullia Tanja Vaio\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-10-19 11:17 - 2013-10-19 11:17 - 00006810 _____ C:\Users\Jullia Tanja Vaio\Desktop\JRT.txt
2013-10-19 11:09 - 2013-10-19 11:09 - 00000000 ____D C:\Windows\ERUNT
2013-10-19 11:08 - 2013-10-19 11:08 - 01033335 _____ (Thisisu) C:\Users\Jullia Tanja Vaio\Downloads\JRT.exe
2013-10-19 11:00 - 2013-10-19 11:02 - 00000000 ____D C:\AdwCleaner
2013-10-19 10:59 - 2013-10-19 10:59 - 01050644 _____ C:\Users\Jullia Tanja Vaio\Downloads\adwcleaner.exe
2013-10-18 21:26 - 2013-10-18 21:26 - 00001429 _____ C:\AdwCleaner[S2].txt
2013-10-18 21:25 - 2013-10-18 21:25 - 00001459 _____ C:\AdwCleaner[R2].txt
2013-10-18 21:11 - 2013-10-18 21:11 - 00000807 _____ C:\Users\Public\Desktop\iMesh.lnk
2013-10-18 10:51 - 2013-10-18 10:51 - 00015004 _____ C:\AdwCleaner[S1].txt
2013-10-18 10:50 - 2013-10-18 10:50 - 00015933 _____ C:\AdwCleaner[R1].txt
2013-10-18 10:38 - 2013-10-18 11:05 - 00027880 _____ C:\Users\Jullia Tanja Vaio\Downloads\Addition.txt
2013-10-18 10:36 - 2013-10-18 10:36 - 00000000 ____D C:\FRST
2013-10-18 10:35 - 2013-10-18 10:35 - 01954124 _____ (Farbar) C:\Users\Jullia Tanja Vaio\Downloads\FRST64.exe
2013-10-18 10:03 - 2013-10-18 10:03 - 00000000 ____D C:\Users\Jullia Tanja Vaio\AppData\Roaming\Malwarebytes
2013-10-18 10:03 - 2013-10-18 10:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-18 10:02 - 2013-10-18 10:02 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Jullia Tanja Vaio\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-11 18:42 - 2013-10-11 18:42 - 00000000 ____D C:\Users\Jullia Tanja Vaio\AppData\Roaming\SharePod
2013-10-11 18:36 - 2013-10-11 18:36 - 02140631 _____ C:\Users\Jullia Tanja Vaio\Downloads\SharePod_3.99.zip
2013-10-06 20:10 - 2013-10-18 10:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-06 11:35 - 2013-10-06 11:35 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-06 11:34 - 2013-10-06 11:35 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-06 11:34 - 2013-10-06 11:35 - 00000000 ____D C:\Program Files\iTunes
2013-10-06 11:34 - 2013-10-06 11:35 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-06 11:34 - 2013-10-06 11:34 - 00000000 ____D C:\Program Files\iPod

==================== One Month Modified Files and Folders =======

2013-10-19 12:15 - 2011-03-15 04:07 - 01237560 _____ C:\Windows\WindowsUpdate.log
2013-10-19 12:11 - 2009-07-14 06:45 - 00013936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-19 12:11 - 2009-07-14 06:45 - 00013936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-19 12:03 - 2013-10-19 11:50 - 00010296 _____ C:\zoek-results.log
2013-10-19 12:01 - 2011-03-15 04:16 - 00001120 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2013-10-19 12:01 - 2011-03-15 04:05 - 00172306 _____ C:\Windows\PFRO.log
2013-10-19 12:01 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-19 12:01 - 2009-07-14 06:51 - 00084566 _____ C:\Windows\setupact.log
2013-10-19 11:55 - 2013-02-16 16:59 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-19 11:44 - 2013-10-19 12:00 - 00024064 _____ C:\Windows\zoek-delete.exe
2013-10-19 11:43 - 2013-10-19 11:43 - 04161486 _____ C:\Users\Jullia Tanja Vaio\Downloads\zoek.rar
2013-10-19 11:37 - 2011-03-15 04:16 - 00001124 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2013-10-19 11:21 - 2013-10-19 11:21 - 00001109 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2013-10-19 11:21 - 2013-10-19 11:21 - 00000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2013-10-19 11:20 - 2013-10-19 11:20 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Jullia Tanja Vaio\Downloads\mbam-setup-1.75.0.1300(1).exe
2013-10-19 11:17 - 2013-10-19 11:17 - 00006810 _____ C:\Users\Jullia Tanja Vaio\Desktop\JRT.txt
2013-10-19 11:09 - 2013-10-19 11:09 - 00000000 ____D C:\Windows\ERUNT
2013-10-19 11:08 - 2013-10-19 11:08 - 01033335 _____ (Thisisu) C:\Users\Jullia Tanja Vaio\Downloads\JRT.exe
2013-10-19 11:02 - 2013-10-19 11:00 - 00000000 ____D C:\AdwCleaner
2013-10-19 11:02 - 2011-07-18 18:02 - 00000000 ____D C:\ProgramData\ICQ
2013-10-19 11:02 - 2011-03-24 22:35 - 00000000 ___RD C:\Users\Jullia Tanja Vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-19 10:59 - 2013-10-19 10:59 - 01050644 _____ C:\Users\Jullia Tanja Vaio\Downloads\adwcleaner.exe
2013-10-19 10:49 - 2011-03-24 22:36 - 00004006 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{098E5DB3-EEDF-4143-BB74-8135FEDC134E}
2013-10-18 21:26 - 2013-10-18 21:26 - 00001429 _____ C:\AdwCleaner[S2].txt
2013-10-18 21:25 - 2013-10-18 21:25 - 00001459 _____ C:\AdwCleaner[R2].txt
2013-10-18 21:11 - 2013-10-18 21:11 - 00000807 _____ C:\Users\Public\Desktop\iMesh.lnk
2013-10-18 11:05 - 2013-10-18 10:38 - 00027880 _____ C:\Users\Jullia Tanja Vaio\Downloads\Addition.txt
2013-10-18 10:51 - 2013-10-18 10:51 - 00015004 _____ C:\AdwCleaner[S1].txt
2013-10-18 10:50 - 2013-10-18 10:50 - 00015933 _____ C:\AdwCleaner[R1].txt
2013-10-18 10:49 - 2013-10-06 20:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-18 10:36 - 2013-10-18 10:36 - 00000000 ____D C:\FRST
2013-10-18 10:35 - 2013-10-18 10:35 - 01954124 _____ (Farbar) C:\Users\Jullia Tanja Vaio\Downloads\FRST64.exe
2013-10-18 10:03 - 2013-10-18 10:03 - 00000000 ____D C:\Users\Jullia Tanja Vaio\AppData\Roaming\Malwarebytes
2013-10-18 10:03 - 2013-10-18 10:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2013-10-18 10:02 - 2013-10-18 10:02 - 10285040 _____ (Malwarebytes Corporation                                    ) C:\Users\Jullia Tanja Vaio\Downloads\mbam-setup-1.75.0.1300.exe
2013-10-14 18:32 - 2011-03-15 04:16 - 00004120 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2013-10-14 18:32 - 2011-03-15 04:16 - 00003868 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2013-10-13 22:02 - 2013-02-07 22:41 - 00000000 ____D C:\Program Files (x86)\Freetec
2013-10-13 21:56 - 2013-01-04 00:14 - 00000000 ____D C:\Program Files (x86)\AVS4YOU
2013-10-11 18:42 - 2013-10-11 18:42 - 00000000 ____D C:\Users\Jullia Tanja Vaio\AppData\Roaming\SharePod
2013-10-11 18:36 - 2013-10-11 18:36 - 02140631 _____ C:\Users\Jullia Tanja Vaio\Downloads\SharePod_3.99.zip
2013-10-11 18:29 - 2011-03-15 13:01 - 00654400 _____ C:\Windows\system32\perfh007.dat
2013-10-11 18:29 - 2011-03-15 13:01 - 00130240 _____ C:\Windows\system32\perfc007.dat
2013-10-11 18:29 - 2009-07-14 07:13 - 01498742 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-11 17:26 - 2011-03-24 22:38 - 00000000 ____D C:\Users\Jullia Tanja Vaio\AppData\Local\Google
2013-10-11 17:23 - 2012-11-08 19:22 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2013-10-11 17:23 - 2012-11-08 19:22 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2013-10-11 16:42 - 2013-02-07 22:42 - 00000000 ____D C:\Users\Jullia Tanja Vaio\Documents\TubeBox
2013-10-11 15:47 - 2011-04-03 13:44 - 00000000 ____D C:\ProgramData\Microsoft Help
2013-10-11 15:43 - 2013-08-15 01:16 - 00000000 ____D C:\Windows\system32\MRT
2013-10-11 15:40 - 2011-07-21 16:17 - 80541720 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2013-10-10 18:00 - 2013-02-16 16:59 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-10 18:00 - 2012-11-05 21:29 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2013-10-10 18:00 - 2011-10-15 17:20 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2013-10-09 20:48 - 2012-10-11 12:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-07 22:12 - 2012-10-11 12:37 - 00000000 ____D C:\Users\Jullia Tanja Vaio\AppData\Local\Mozilla
2013-10-07 22:10 - 2013-07-08 21:06 - 00000000 ____D C:\Users\Jullia Tanja Vaio\AppData\Roaming\vlc
2013-10-06 15:26 - 2011-03-28 17:53 - 00000000 ____D C:\Users\Jullia Tanja Vaio\Documents\Bewerbungen
2013-10-06 12:22 - 2011-04-26 20:29 - 00648292 _____ C:\test.xml
2013-10-06 11:35 - 2013-10-06 11:35 - 00001783 _____ C:\Users\Public\Desktop\iTunes.lnk
2013-10-06 11:35 - 2013-10-06 11:34 - 00000000 ____D C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-06 11:35 - 2013-10-06 11:34 - 00000000 ____D C:\Program Files\iTunes
2013-10-06 11:35 - 2013-10-06 11:34 - 00000000 ____D C:\Program Files (x86)\iTunes
2013-10-06 11:34 - 2013-10-06 11:34 - 00000000 ____D C:\Program Files\iPod
2013-09-20 18:12 - 2011-12-25 21:55 - 00000000 ____D C:\Update
2013-09-19 18:43 - 2010-10-12 19:48 - 00000000 ____D C:\ProgramData\Sony Corporation

==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-14 18:20

==================== End Of Log ============================
         

--- --- ---

--- --- ---

Code: Alles auswählenAufklappen

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by Jullia Tanja Vaio at 2013-10-19 12:31:34
Running from C:\Users\Jullia Tanja Vaio\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Disabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Disabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 Update for Microsoft Office 2007 (KB2508958) (x32)
Adobe AIR (x32 Version: 1.5.3.9130)
Adobe Flash Player 11 ActiveX (x32 Version: 11.9.900.117)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader 9.5.3 - Deutsch (x32 Version: 9.5.3)
Alps Pointing-device for VAIO
Apple Application Support (x32 Version: 2.3.6)
Apple Mobile Device Support (Version: 7.0.0.117)
Apple Software Update (x32 Version: 2.1.3.127)
ArcSoft Magic-i Visual Effects 2 (x32 Version: 2.0.1.115)
ArcSoft WebCam Companion 3 (x32 Version: 3.0.21.368)
ATI Catalyst Install Manager (Version: 3.0.769.0)
Avira Free Antivirus (x32 Version: 13.0.0.4052)
Bonjour (Version: 3.0.0.10)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Core Implementation (x32 Version: 2010.0920.2143.37117)
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0920.2143.37117)
Catalyst Control Center Graphics Full New (x32 Version: 2010.0920.2143.37117)
Catalyst Control Center Graphics Light (x32 Version: 2010.0920.2143.37117)
Catalyst Control Center Graphics Previews Common (x32 Version: 2010.0920.2143.37117)
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0920.2143.37117)
Catalyst Control Center InstallProxy (x32 Version: 2010.0209.16.306)
Catalyst Control Center InstallProxy (x32 Version: 2010.0920.2143.37117)
Catalyst Control Center Localization All (x32 Version: 2010.0920.2143.37117)
CCC Help Chinese Standard (x32 Version: 2010.0920.2142.37117)
CCC Help Chinese Traditional (x32 Version: 2010.0920.2142.37117)
CCC Help Czech (x32 Version: 2010.0920.2142.37117)
CCC Help Danish (x32 Version: 2010.0920.2142.37117)
CCC Help Dutch (x32 Version: 2010.0920.2142.37117)
CCC Help English (x32 Version: 2010.0920.2142.37117)
CCC Help Finnish (x32 Version: 2010.0920.2142.37117)
CCC Help French (x32 Version: 2010.0920.2142.37117)
CCC Help German (x32 Version: 2010.0920.2142.37117)
CCC Help Greek (x32 Version: 2010.0920.2142.37117)
CCC Help Hungarian (x32 Version: 2010.0920.2142.37117)
CCC Help Italian (x32 Version: 2010.0920.2142.37117)
CCC Help Japanese (x32 Version: 2010.0920.2142.37117)
CCC Help Korean (x32 Version: 2010.0920.2142.37117)
CCC Help Norwegian (x32 Version: 2010.0920.2142.37117)
CCC Help Polish (x32 Version: 2010.0920.2142.37117)
CCC Help Portuguese (x32 Version: 2010.0920.2142.37117)
CCC Help Russian (x32 Version: 2010.0920.2142.37117)
CCC Help Spanish (x32 Version: 2010.0920.2142.37117)
CCC Help Swedish (x32 Version: 2010.0920.2142.37117)
CCC Help Thai (x32 Version: 2010.0920.2142.37117)
CCC Help Turkish (x32 Version: 2010.0920.2142.37117)
ccc-core-static (x32 Version: 2010.0920.2143.37117)
ccc-utility64 (Version: 2010.0920.2143.37117)
glindorus 1.0.0 (Version: 1.0.0)
Google Chrome (x32 Version: 30.0.1599.101)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0)
Google Toolbar for Internet Explorer (x32 Version: 7.5.4601.54)
Google Update Helper (x32 Version: 1.3.21.165)
High-Definition Video Playback 10 (x32 Version: 7.0.11400.29.0)
iCloud (Version: 3.0.2.163)
Intel(R) Control Center (x32 Version: 1.2.1.1007)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179)
Intel(R) Rapid Storage Technology (x32 Version: 9.6.0.1014)
Intel(R) Turbo Boost Technology Driver (x32 Version: 01.02.00.1002)
iTunes (Version: 11.1.1.11)
Java 7 Update 25 (x32 Version: 7.0.250)
Java Auto Updater (x32 Version: 2.1.9.5)
Java(TM) 6 Update 20 (64-bit) (Version: 6.0.200)
Java(TM) 6 Update 33 (x32 Version: 6.0.330)
Malwarebytes Anti-Malware Version 1.75.0.1300 (x32 Version: 1.75.0.1300)
Media Gallery (Version: 1.3.0)
Media Gallery (x32 Version: 1.3.0.06230)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Choice Guard (x32 Version: 2.0.48.0)
Microsoft Office 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Live Add-in 1.5 (x32 Version: 2.0.4024.1)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014)
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000)
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000)
Microsoft Primary Interoperability Assemblies 2005 (x32 Version: 8.0.50727.42)
Microsoft Silverlight (Version: 5.1.20913.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (x32 Version: 8.0.61001)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (Version: 8.0.51011)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.56336)
Microsoft Visual C++ 2005 Redistributable (x64) (Version: 8.0.61000)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (x32 Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (x32 Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
MSXML 4.0 SP3 Parser (KB2721691) (x32 Version: 4.30.2114.0)
MSXML 4.0 SP3 Parser (KB2758694) (x32 Version: 4.30.2117.0)
MSXML 4.0 SP3 Parser (KB973685) (x32 Version: 4.30.2107.0)
MSXML 4.0 SP3 Parser (x32 Version: 4.30.2100.0)
Nero 10 Menu TemplatePack Basic (x32 Version: 10.0.10600.6.0)
Nero 10 Movie ThemePack Basic (x32 Version: 10.0.10600.6.0)
Nero BackItUp 10 (x32 Version: 5.4.11600.19.100)
Nero BackItUp 10 Help (CHM) (x32 Version: 1.0.10700)
Nero Burning ROM 10 (x32 Version: 10.0.11100.10.100)
Nero BurningROM 10 Help (CHM) (x32 Version: 1.0.10700)
Nero BurnRights 10 (x32 Version: 4.0.11000.12.100)
Nero BurnRights 10 Help (CHM) (x32 Version: 1.0.10600)
Nero Control Center 10 (x32 Version: 10.0.12000.1.4)
Nero ControlCenter 10 Help (CHM) (x32 Version: 1.0.10700)
Nero Core Components 10 (x32 Version: 2.0.13700.0.1)
Nero CoverDesigner 10 (x32 Version: 5.0.10900.11.100)
Nero CoverDesigner 10 Help (CHM) (x32 Version: 1.0.10600)
Nero DiscSpeed 10 (x32 Version: 6.0.10800.7.100)
Nero DiscSpeed 10 Help (CHM) (x32 Version: 1.0.10600)
Nero Dolby Files 10 (x32 Version: 2.0.11000.0.10)
Nero Express 10 (x32 Version: 10.0.11000.10.100)
Nero Express 10 Help (CHM) (x32 Version: 1.0.10700)
Nero InfoTool 10 (x32 Version: 7.0.10800.8.100)
Nero InfoTool 10 Help (CHM) (x32 Version: 1.0.10600)
Nero MediaHub 10 (x32 Version: 1.0.13400.11.100)
Nero MediaHub 10 Help (CHM) (x32 Version: 1.0.10700)
Nero Multimedia Suite 10 (x32 Version: 10.0.13100)
Nero Recode 10 (x32 Version: 4.6.10900.4.100)
Nero Recode 10 Help (CHM) (x32 Version: 1.0.10600)
Nero RescueAgent 10 (x32 Version: 3.0.10900.9.100)
Nero RescueAgent 10 Help (CHM) (x32 Version: 1.0.10700)
Nero SoundTrax 10 (x32 Version: 4.6.10600.2.100)
Nero SoundTrax 10 Help (CHM) (x32 Version: 1.0.10600)
Nero StartSmart 10 (x32 Version: 10.0.11200.12.100)
Nero StartSmart 10 Help (CHM) (x32 Version: 1.0.10700)
Nero Update (x32 Version: 1.0.0017)
Nero Vision 10 (x32 Version: 7.0.11100.8.100)
Nero Vision 10 Help (CHM) (x32 Version: 1.0.10600)
Nero WaveEditor 10 (x32 Version: 5.6.10600.2.100)
Nero WaveEditor 10 Help (CHM) (x32 Version: 1.0.10600)
PMB (x32 Version: 5.3.00.06040)
PMB VAIO Edition Plug-in (Version: 1.5.10.05300)
PMB VAIO Edition Plug-in (x32 Version: 1.5.10.06150)
Quick Web Access (x32 Version: 1.4.7.0)
QuickTime (x32 Version: 7.74.80.86)
Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.6034)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6098)
Remote Play mit PlayStation®3 (x32 Version: 1.0.2.06210)
Remote Play with PlayStation 3 (x32 Version: 1.0.2.06210)
Remote-Tastatur mit PlayStation 3 (x32 Version: 1.0.2.06170)
Safari (x32 Version: 5.34.57.2)
Skype Click to Call (x32 Version: 5.9.9216)
Skype™ 5.10 (x32 Version: 5.10.116)
TubeBox (x32 Version: 4.1.1.0)
TubeBox! (x32 Version: 3.4.9)
Update for 2007 Microsoft Office System (KB967642) (x32)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2473228) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2827325) 32-Bit Edition (x32)
Update für Microsoft Office Excel 2007 Help (KB963678) (x32)
Update für Microsoft Office Outlook 2007 Help (KB963677) (x32)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
Update für Microsoft Office Word 2007 Help (KB963665) (x32)
VAIO - Media Gallery (x32 Version: 1.3.0.06230)
VAIO - PMB VAIO Edition Guide (x32 Version: 1.5.00.03020)
VAIO - PMB VAIO Edition Plug-in (x32 Version: 1.6.10.11160)
VAIO Care (x32 Version: 6.4.2.11150)
VAIO Control Center (x32 Version: 4.3.0.05310)
VAIO Data Restore Tool (x32 Version: 1.4.0.05240)
VAIO DVD Menu Data (x32 Version: 2.4.00.05300)
VAIO Gate (x32 Version: 2.4.1.09230)
VAIO Gate Default (x32 Version: 2.2.0.07020)
VAIO Hardware Diagnostics (x32 Version: 4.0.0.06230)
VAIO Media plus (Version: 2.1.0)
VAIO Media plus (x32 Version: 2.1.0.18210)
VAIO Media plus Opening Movie (x32 Version: 2.1.0.13220)
VAIO Movie Story Template Data (x32 Version: 2.3.00.06040)
VAIO Movie Story Template Data (x32 Version: 2.5.00.05300)
VAIO Sample Contents (x32 Version: 1.3.0.06041)
VAIO screensaver (x32 Version: 1.0.0.0)
VAIO Smart Network (x32 Version: 3.3.0.06080)
VAIO Update (x32 Version: 6.3.0.08010)
VAIO-Handbuch (x32 Version: 1.1.0.05280)
VAIO-Support für Übertragungen (x32 Version: 1.2.0.06230)
VLC media player 2.0.7 (x32 Version: 2.0.7)
VU5x64 (Version: 1.1.0)
VU5x86 (x32 Version: 1.0.0)
VU5x86 (x32 Version: 1.1.0)
WIDCOMM Bluetooth Software (Version: 6.3.0.5600)
Windows Utils (x32)

==================== Restore Points  =========================

12-09-2013 20:54:00 Windows Update
14-09-2013 08:22:02 Windows Update
14-09-2013 09:25:13 Windows Update
17-09-2013 19:58:17 Windows Update
19-09-2013 16:42:27 Installiert VAIO Update
24-09-2013 17:15:22 Windows Update
29-09-2013 09:17:06 Windows Update
06-10-2013 09:23:03 Windows Update
10-10-2013 15:28:52 Windows Update
11-10-2013 13:38:03 Windows Update
13-10-2013 20:00:55 Windows Defender Checkpoint
13-10-2013 20:01:46 Free YouTube Download Manager
13-10-2013 20:09:22 No23 Recorder wird entfernt
15-10-2013 15:51:30 Windows Update
19-10-2013 09:50:08 zoek.exe restore point

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {06AB5330-CD86-45E7-B989-A6F321A49F0F} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCOneClick.exe [2011-02-16] (Sony Corporation)
Task: {1BFA509F-7295-45D9-8487-C3F8711DB8FE} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2013-08-01] (Sony Corporation)
Task: {3BE171B7-B437-43E0-9615-C69CD03D47A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-15] (Google Inc.)
Task: {423A0F0B-AC7A-4DCC-B156-17A57DBEAD0A} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2013-08-01] (Sony Corporation)
Task: {5A3467C0-8139-4BC0-BE25-ACCEF215840D} - \Plus-HD-1.6-chromeinstaller No Task File
Task: {60EBC42A-4075-40B6-8D2A-E44CDAD017AD} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation)
Task: {63614B1D-B9B7-42A6-9FD4-B87DF895429A} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {64207460-E195-49D0-A655-6B85E4DFEDE8} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate Restart => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-09-23] (Sony Corporation)
Task: {648B9371-B1AB-45BD-B696-98D8657E66B5} - \Plus-HD-1.6-enabler No Task File
Task: {6A51A238-DE2B-4304-B995-5AEA55A18E34} - \EPUpdater No Task File
Task: {6A64E718-404C-4198-B241-AE6006FB59B1} - \Hoolapp Init No Task File
Task: {74246D89-10E0-4714-A3AD-B9BDD6638FB5} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {7669778B-2454-4AF4-8C2B-2BEDC93C4DB5} - \Software Updater No Task File
Task: {7F15EFB0-9E08-4B75-9CBD-197F39AA81BA} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-02-23] (Microsoft Corporation)
Task: {90ABA0FD-9171-46D4-85E6-EBB1CB3F5474} - \Plus-HD-1.6-updater No Task File
Task: {A716A205-AA97-4132-B207-836D3F32FE01} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-05-31] (Sony Corporation)
Task: {ABCE7353-26C0-45BF-84D1-A7E1C0CF6524} - \Plus-HD-1.6-firefoxinstaller No Task File
Task: {AC5022C6-3E71-4101-9264-89072CB38BE6} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCsystray.exe [2011-02-16] (Sony Corporation)
Task: {B14CAE38-257E-4C6E-A25E-4F36BD3DF0F3} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-10] (Adobe Systems Incorporated)
Task: {BCFE7F42-DAC6-45A4-AF8B-B914A0F4C79D} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-09-23] (Sony Corporation)
Task: {CBD4DB0B-22A4-4CAF-9CB4-95CDC6376B70} - System32\Tasks\SONY\VAIO Wallpaper Setting Tool\VAIO Wallpaper Setting Tool => C:\Program Files (x86)\Sony\VAIO Wallpaper Setting Tool\VWSet.exe
Task: {CD009A48-A859-4664-8641-3ACA129FFE97} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-06-21] (Sony Corporation)
Task: {D087F9E2-21AC-4807-BBDC-F6AB1D4733F5} - \DealPly No Task File
Task: {D420A439-4FF8-4C02-A98E-87F2F97781FA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2011-03-15] (Google Inc.)
Task: {D49A4A13-9620-4E8A-BE96-2D0C2835662B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E1308E0B-079F-4564-AEFC-8149B6B93CBC} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-09-23] (Sony Corporation)
Task: {E513AA39-EA3C-4CCD-8E87-C9DBD0C71AAD} - \Plus-HD-1.6-codedownloader No Task File
Task: {E649C448-A4AE-4415-835D-BC33E8FB6FCB} - System32\Tasks\SONY\Remote Keyboard with PlayStation 3\Remote Keyboard with PlayStation 3 => C:\Program Files\Sony\Remote Keyboard with PlayStation 3\VBTKBUtil.exe [2010-06-17] (Sony Corporation)
Task: {F2D4FCE2-9CBC-4FC7-B68F-D923F490FBD0} - \Software Updater Ui No Task File
Task: {FDB2472B-3B3F-4718-9A00-BC53460CE2C0} - \Hoolapp For Android No Task File
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2010-08-24 15:39 - 2010-08-24 15:39 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-12-26 16:36 - 2011-12-26 16:36 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-12-19 22:58 - 2012-09-19 19:17 - 00397088 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-02 00:26 - 2011-11-02 00:26 - 01242472 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-03-15 04:13 - 2010-05-31 20:18 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2011-03-15 04:13 - 2010-05-31 20:18 - 00013312 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSubPS.dll
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2013-01-10 23:19 - 2013-01-10 23:19 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\d89f0252d910d617de1de783a812f840\IsdiInterop.ni.dll
2010-10-12 19:14 - 2010-03-04 05:08 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-10-06 20:10 - 2013-10-06 20:10 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (10/19/2013 11:57:22 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (10/19/2013 11:57:22 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (10/19/2013 11:57:22 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (10/19/2013 11:57:21 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.

Error: (10/19/2013 11:57:21 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "PEVSystemStart" ist als interaktiver Dienst gekennzeichnet. Das System wurde jedoch so konfiguriert, dass interaktive Dienste nicht möglich sind. Der Dienst wird möglicherweise nicht richtig funktionieren.


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 41%
Total physical RAM: 3950.1 MB
Available physical RAM: 2297.67 MB
Total Pagefile: 7898.33 MB
Available Pagefile: 5562.86 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:454.93 GB) (Free:340.64 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: CA7110E1)
Partition 1: (Not Active) - (Size=11 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=455 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         

Servus,


fehlt noch SystemLook.

Code: Alles auswählenAufklappen

ATTFilter

SystemLook 30.07.11 by jpshortstuff
Log created at 12:37 on 19/10/2013 by Jullia Tanja Vaio
Administrator - Elevation successful

========== filefind ==========

Searching for "*glindorus*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\glindorus\glindorus.ico.vir	--a---- 1150 bytes	[01:02 05/10/2013]	[01:02 05/10/2013] 678B9D145C015C05FB910C2FDFA3CE49
C:\AdwCleaner\Quarantine\C\Program Files (x86)\glindorus\glindorusBHO.dll.vir	--a---- 249632 bytes	[01:02 05/10/2013]	[01:02 05/10/2013] FDBD96A80497638DCD3603D5581039BB
C:\AdwCleaner\Quarantine\C\Program Files (x86)\glindorus\glindorusUninstall.exe.vir	--a---- 212652 bytes	[08:48 18/10/2013]	[08:48 18/10/2013] 5EE3108C860AA52A296518A6EE11EF47
C:\AdwCleaner\Quarantine\C\Program Files (x86)\glindorus\updateglindorus.exe.vir	--a---- 65312 bytes	[01:02 05/10/2013]	[01:02 05/10/2013] 5FEF2DD4926E1A9CFA8037120312CE72
C:\AdwCleaner\Quarantine\C\Program Files (x86)\glindorus\updateglindorus.InstallState.vir	--a---- 5012 bytes	[08:48 18/10/2013]	[08:48 18/10/2013] 02470B8CB92C619455756E930E53AD86
C:\AdwCleaner\Quarantine\C\Program Files (x86)\glindorus\bin\utilglindorus.exe.vir	--a---- 65312 bytes	[08:48 19/10/2013]	[08:48 19/10/2013] 5FEF2DD4926E1A9CFA8037120312CE72
C:\AdwCleaner\Quarantine\C\Program Files (x86)\glindorus\bin\utilglindorus.InstallState.vir	--a---- 5012 bytes	[08:48 19/10/2013]	[08:48 19/10/2013] 02470B8CB92C619455756E930E53AD86

Searching for "*plus-hd*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-bg.exe.vir	--a---- 701800 bytes	[08:49 18/10/2013]	[08:49 18/10/2013] 71960B178EEBBF5E83894F5FC147118F
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-bho.dll.vir	--a---- 594280 bytes	[08:49 18/10/2013]	[08:49 18/10/2013] 8E6CDBC543AECBA9FB6D15BDDB2BC212
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-bho64.dll.vir	--a---- 958824 bytes	[08:49 18/10/2013]	[08:49 18/10/2013] 4F22BD700B69E12654534B260E508230
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-buttonutil.dll.vir	--a---- 458600 bytes	[08:49 18/10/2013]	[08:49 18/10/2013] 1F2AA96D3076367788808E8BADF90769
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-buttonutil.exe.vir	--a---- 372072 bytes	[08:49 18/10/2013]	[08:49 18/10/2013] F04200246C6825A7A1356BB53BC464E5
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-buttonutil64.dll.vir	--a---- 516456 bytes	[08:49 18/10/2013]	[08:49 18/10/2013] 39E499AB5298319CA663513FB45E3194
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-buttonutil64.exe.vir	--a---- 470376 bytes	[08:49 18/10/2013]	[08:49 18/10/2013] A86D20F2FB5E021C20FEC09C97310E09
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-chromeinstaller.exe.vir	--a---- 489320 bytes	[08:49 18/10/2013]	[08:49 18/10/2013] 8165425D61BC81EF036E70745F0A5586
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-codedownloader.exe.vir	--a---- 516456 bytes	[08:49 18/10/2013]	[08:49 18/10/2013] CF8FAFF3C64E17B90F5F24B6AC341439
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-enabler.exe.vir	--a---- 351080 bytes	[08:49 18/10/2013]	[08:49 18/10/2013] A81458A9121FA8D035CEBA5DD4772EED
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-firefoxinstaller.exe.vir	--a---- 727400 bytes	[08:49 18/10/2013]	[08:49 18/10/2013] AA07C1464C0F2F31DE674C8432967EDA
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-helper.exe.vir	--a---- 341864 bytes	[08:49 18/10/2013]	[08:49 18/10/2013] 6317572ED2B9D490BB5EEBA6A8730009
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-updater.exe.vir	--a---- 396136 bytes	[08:49 18/10/2013]	[08:49 18/10/2013] 39DEA8F4000E89FC83798CF9A6805026
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6.ico.vir	--a---- 9662 bytes	[09:47 15/10/2013]	[09:47 15/10/2013] 739B67DAC0C716F3DA123622BACAB424
C:\AdwCleaner\Quarantine\C\Windows\System32\Tasks\Plus-HD-1.6-chromeinstaller.vir	--a---- 4960 bytes	[08:49 18/10/2013]	[08:49 18/10/2013] 1116E52B055260709610F2E85E9B1E3A
C:\AdwCleaner\Quarantine\C\Windows\System32\Tasks\Plus-HD-1.6-codedownloader.vir	--a---- 4252 bytes	[08:49 18/10/2013]	[08:49 18/10/2013] 701873BFBA417EE2B17007335D80EEB4
C:\AdwCleaner\Quarantine\C\Windows\System32\Tasks\Plus-HD-1.6-enabler.vir	--a---- 4152 bytes	[08:49 18/10/2013]	[08:49 18/10/2013] D019A79C7F6B2851E6855BAEC169B1ED
C:\AdwCleaner\Quarantine\C\Windows\System32\Tasks\Plus-HD-1.6-firefoxinstaller.vir	--a---- 4884 bytes	[08:49 18/10/2013]	[08:49 18/10/2013] 8C073854F4D377C0C2B40AB2480C6CA0
C:\AdwCleaner\Quarantine\C\Windows\System32\Tasks\Plus-HD-1.6-updater.vir	--a---- 4350 bytes	[08:49 18/10/2013]	[08:49 18/10/2013] 48700BB9B9E89760D15573257699D7D0
C:\AdwCleaner\Quarantine\C\Windows\Tasks\Plus-HD-1.6-chromeinstaller.job.vir	--a---- 1930 bytes	[08:49 18/10/2013]	[08:49 19/10/2013] B8C1AA50D76650F6DAF238D947D92A0A
C:\AdwCleaner\Quarantine\C\Windows\Tasks\Plus-HD-1.6-codedownloader.job.vir	--a---- 1222 bytes	[08:49 18/10/2013]	[08:49 19/10/2013] 35C55E0BBB50ACDBCA42653624E2C89A
C:\AdwCleaner\Quarantine\C\Windows\Tasks\Plus-HD-1.6-enabler.job.vir	--a---- 1122 bytes	[08:49 18/10/2013]	[08:49 19/10/2013] 5A478EF5051A7E027BA6487D695E4502
C:\AdwCleaner\Quarantine\C\Windows\Tasks\Plus-HD-1.6-firefoxinstaller.job.vir	--a---- 1854 bytes	[08:49 18/10/2013]	[08:54 19/10/2013] DD98D1FEFA6326B940C07EC5D7CCAB0D
C:\AdwCleaner\Quarantine\C\Windows\Tasks\Plus-HD-1.6-updater.job.vir	--a---- 1320 bytes	[08:49 18/10/2013]	[08:49 19/10/2013] 4727DB6D829013584DB3DAD2B34CE6F7

Searching for "*BitGuard*"
C:\AdwCleaner\Quarantine\C\Users\Jullia Tanja Vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard\Uninstall BitGuard.lnk.vir	--a---- 1261 bytes	[08:49 18/10/2013]	[08:49 18/10/2013] 2C0ED01997CE01CCE4047CAC8C5D746E

Searching for "*DSearchLink*"
C:\AdwCleaner\Quarantine\C\ProgramData\DSearchLink\DSearchLink.exe.vir	--a---- 154112 bytes	[08:48 18/10/2013]	[11:53 27/08/2013] 30B9BD7CD6F7A4395A22B5D8907F302C

========== folderfind ==========

Searching for "*glindorus*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\glindorus	d------	[09:02 19/10/2013]

Searching for "*plus-hd*"
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-1.6	d------	[09:02 19/10/2013]

Searching for "*BitGuard*"
C:\AdwCleaner\Quarantine\C\ProgramData\BitGuard	d------	[09:02 19/10/2013]
C:\AdwCleaner\Quarantine\C\Users\Jullia Tanja Vaio\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard	d------	[09:02 19/10/2013]

Searching for "*DSearchLink*"
C:\AdwCleaner\Quarantine\C\ProgramData\DSearchLink	d------	[09:02 19/10/2013]

========== regfind ==========

Searching for "glindorus"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{886CB8E6-B6B1-492B-8FE6-CE8AC83F6AC5}]
@="IglindorusBHO"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1A1BD1A4-DE07-441E-8EAF-880C7FDF7683}\1.0]
@="glindorusIEClientLib"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1A1BD1A4-DE07-441E-8EAF-880C7FDF7683}\1.0\0\win32]
@="C:\Program Files (x86)\glindorus\glindorusbho.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1A1BD1A4-DE07-441E-8EAF-880C7FDF7683}\1.0\HELPDIR]
@="C:\Program Files (x86)\glindorus"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{886CB8E6-B6B1-492B-8FE6-CE8AC83F6AC5}]
@="IglindorusBHO"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{1A1BD1A4-DE07-441E-8EAF-880C7FDF7683}\1.0]
@="glindorusIEClientLib"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{1A1BD1A4-DE07-441E-8EAF-880C7FDF7683}\1.0\0\win32]
@="C:\Program Files (x86)\glindorus\glindorusbho.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{1A1BD1A4-DE07-441E-8EAF-880C7FDF7683}\1.0\HELPDIR]
@="C:\Program Files (x86)\glindorus"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\glindorus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\glindorus]
"DisplayName"="glindorus 1.0.0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\glindorus]
"UninstallString"="C:\Program Files (x86)\glindorus\glindorusuninstall.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\glindorus]
"QuietUninstallString"="C:\Program Files (x86)\glindorus\glindorusuninstall.exe /S"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\glindorus]
"InstallLocation"="C:\Program Files (x86)\glindorus"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\glindorus]
"DisplayIcon"="C:\Program Files (x86)\glindorus\glindorus.ico"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\glindorus]
"Publisher"="glindorus"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\glindorus]
"HelpLink"="mailto:support@glindorus.net"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\glindorus]
"URLUpdateInfo"="hxxp://glindorus.net"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\glindorus]
"URLInfoAbout"="hxxp://glindorus.net/support"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\glindorus_2709-e3c075a1_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\glindorus_2709-e3c075a1_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\glindorus_Setup_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\glindorus_Setup_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateglindorus_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateglindorus_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilglindorus_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilglindorus_RASMANCS]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\Interface\{886CB8E6-B6B1-492B-8FE6-CE8AC83F6AC5}]
@="IglindorusBHO"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{1A1BD1A4-DE07-441E-8EAF-880C7FDF7683}\1.0]
@="glindorusIEClientLib"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{1A1BD1A4-DE07-441E-8EAF-880C7FDF7683}\1.0\0\win32]
@="C:\Program Files (x86)\glindorus\glindorusbho.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Classes\TypeLib\{1A1BD1A4-DE07-441E-8EAF-880C7FDF7683}\1.0\HELPDIR]
@="C:\Program Files (x86)\glindorus"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application\Update glindorus]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\eventlog\Application\Util glindorus]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\Application\Update glindorus]
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\services\eventlog\Application\Util glindorus]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\Update glindorus]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\Util glindorus]

Searching for "plus-hd"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10a580be-df75-4944-9e15-0552ba38cbb2}]
"AppName"="Plus-HD-1.6-buttonutil.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10a580be-df75-4944-9e15-0552ba38cbb2}]
"AppPath"="C:\Program Files (x86)\Plus-HD-1.6"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{563f18ea-fef3-440c-9463-59c468565d06}]
"AppName"="Plus-HD-1.6-buttonutil64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{563f18ea-fef3-440c-9463-59c468565d06}]
"AppPath"="C:\Program Files (x86)\Plus-HD-1.6"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1e00947-f971-464a-82e9-59191d89de11}]
"AppName"="Plus-HD-1.6-bg.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1e00947-f971-464a-82e9-59191d89de11}]
"AppPath"="C:\Program Files (x86)\Plus-HD-1.6"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e05ecbce-fe25-426b-9281-bb218e7f0e8b}]
"AppName"="Plus-HD-1.6-helper.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e05ecbce-fe25-426b-9281-bb218e7f0e8b}]
"AppPath"="C:\Program Files (x86)\Plus-HD-1.6"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa5a0d6a-1489-42cb-80f3-3b4701064b60}]
"AppName"="Plus-HD-1.6-codedownloader.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa5a0d6a-1489-42cb-80f3-3b4701064b60}]
"AppPath"="C:\Program Files (x86)\Plus-HD-1.6"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A3467C0-8139-4BC0-BE25-ACCEF215840D}]
"Path"="\Plus-HD-1.6-chromeinstaller"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{648B9371-B1AB-45BD-B696-98D8657E66B5}]
"Path"="\Plus-HD-1.6-enabler"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{90ABA0FD-9171-46D4-85E6-EBB1CB3F5474}]
"Path"="\Plus-HD-1.6-updater"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ABCE7353-26C0-45BF-84D1-A7E1C0CF6524}]
"Path"="\Plus-HD-1.6-firefoxinstaller"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E513AA39-EA3C-4CCD-8E87-C9DBD0C71AAD}]
"Path"="\Plus-HD-1.6-codedownloader"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-1.6-chromeinstaller]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-1.6-codedownloader]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-1.6-enabler]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-1.6-firefoxinstaller]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Plus-HD-1.6-updater]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10a580be-df75-4944-9e15-0552ba38cbb2}]
"AppName"="Plus-HD-1.6-buttonutil.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10a580be-df75-4944-9e15-0552ba38cbb2}]
"AppPath"="C:\Program Files (x86)\Plus-HD-1.6"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{563f18ea-fef3-440c-9463-59c468565d06}]
"AppName"="Plus-HD-1.6-buttonutil64.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{563f18ea-fef3-440c-9463-59c468565d06}]
"AppPath"="C:\Program Files (x86)\Plus-HD-1.6"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1e00947-f971-464a-82e9-59191d89de11}]
"AppName"="Plus-HD-1.6-bg.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1e00947-f971-464a-82e9-59191d89de11}]
"AppPath"="C:\Program Files (x86)\Plus-HD-1.6"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e05ecbce-fe25-426b-9281-bb218e7f0e8b}]
"AppName"="Plus-HD-1.6-helper.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e05ecbce-fe25-426b-9281-bb218e7f0e8b}]
"AppPath"="C:\Program Files (x86)\Plus-HD-1.6"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa5a0d6a-1489-42cb-80f3-3b4701064b60}]
"AppName"="Plus-HD-1.6-codedownloader.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa5a0d6a-1489-42cb-80f3-3b4701064b60}]
"AppPath"="C:\Program Files (x86)\Plus-HD-1.6"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Plus-HD-1_RASAPI32]
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Plus-HD-1_RASMANCS]

Searching for "BitGuard"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll"

Searching for "DSearchLink"
No data found.

-= EOF =-
         

Servus,



wir entfernen die letzten Reste und kontrollieren nochmal alles. ESET kann länger (> 2 h) dauern.




Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code: Alles auswählenAufklappen

ATTFilter

start
AppInit_DLLs-x32: c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll [ ] ()
c:\progra~3\bitguard
C:\Users\Public\Desktop\iMesh.lnk
C:\test.xml
Task: {5A3467C0-8139-4BC0-BE25-ACCEF215840D} - \Plus-HD-1.6-chromeinstaller No Task File
Task: {648B9371-B1AB-45BD-B696-98D8657E66B5} - \Plus-HD-1.6-enabler No Task File
Task: {6A51A238-DE2B-4304-B995-5AEA55A18E34} - \EPUpdater No Task File
Task: {6A64E718-404C-4198-B241-AE6006FB59B1} - \Hoolapp Init No Task File
Task: {7669778B-2454-4AF4-8C2B-2BEDC93C4DB5} - \Software Updater No Task File
Task: {90ABA0FD-9171-46D4-85E6-EBB1CB3F5474} - \Plus-HD-1.6-updater No Task File
Task: {ABCE7353-26C0-45BF-84D1-A7E1C0CF6524} - \Plus-HD-1.6-firefoxinstaller No Task File
Task: {D087F9E2-21AC-4807-BBDC-F6AB1D4733F5} - \DealPly No Task File
Task: {E513AA39-EA3C-4CCD-8E87-C9DBD0C71AAD} - \Plus-HD-1.6-codedownloader No Task File
Task: {F2D4FCE2-9CBC-4FC7-B68F-D923F490FBD0} - \Software Updater Ui No Task File
Task: {FDB2472B-3B3F-4718-9A00-BC53460CE2C0} - \Hoolapp For Android No Task File
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{886CB8E6-B6B1-492B-8FE6-CE8AC83F6AC5}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{1A1BD1A4-DE07-441E-8EAF-880C7FDF7683}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\glindorus" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\glindorus_2709-e3c075a1_RASAPI32" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\glindorus_2709-e3c075a1_RASMANCS" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\glindorus_Setup_RASAPI32" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\glindorus_Setup_RASMANCS" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateglindorus_RASAPI32" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\updateglindorus_RASMANCS" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilglindorus_RASAPI32" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\utilglindorus_RASMANCS" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\Update glindorus" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\eventlog\Application\Util glindorus" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Plus-HD-1_RASAPI32" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Tracing\Plus-HD-1_RASMANCS" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{10a580be-df75-4944-9e15-0552ba38cbb2}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{563f18ea-fef3-440c-9463-59c468565d06}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1e00947-f971-464a-82e9-59191d89de11}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e05ecbce-fe25-426b-9281-bb218e7f0e8b}" /f
Reg: reg delete "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{fa5a0d6a-1489-42cb-80f3-3b4701064b60}" /f
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).

• Starte nun FRST erneut und klicke den Entfernen Button.
• Das Tool erstellt eine Fixlog.txt.
• Poste mir deren Inhalt.

Schritt 2

ESET Online Scanner

• Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
• Lade und starte Eset Online Scanner
• Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
• Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
• Klicke auf Starten.
• Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
• Klicke am Ende des Suchlaufs auf Fertig stellen.
• Schließe das Fenster von ESET.
• Explorer öffnen.
• C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
• Logfile hier posten.
• Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
• Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 3
Downloade Dir bitte SecurityCheck und:

• Speichere es auf dem Desktop.
• Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
• Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.






Bitte poste mit deiner nächsten Antwort

• die Logdatei von FRST,
• die Logdatei von ESET,
• die Logdatei von SecurityCheck.

PC läuft schneller und die Malware ist auch nicht mehr zu sehen