Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung
Nach Trojanerbefall keine Netzwerkverbindung möglich (ping allgemeiner Fehler, kein DHCP)

Nach Trojanerbefall keine Netzwerkverbindung möglich (ping allgemeiner Fehler, kein DHCP)


Plagegeister aller Art und deren Bekämpfung: Nach Trojanerbefall keine Netzwerkverbindung möglich (ping allgemeiner Fehler, kein DHCP)

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

 
Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
Alt 16.05.2014, 10:58   #1
suppenhuhn12
 
Nach Trojanerbefall keine Netzwerkverbindung möglich (ping allgemeiner Fehler, kein DHCP) - Standard

Nach Trojanerbefall keine Netzwerkverbindung möglich (ping allgemeiner Fehler, kein DHCP)


Mahlzeit!

Ich lese schön länger mit und vieles hat mir schon geholfen. Aber jetzt ist es vorbei.

Nach einem Trojanerbefall (unten näheres) habe ich folgendes Problem:

- Beim Verbinden mit einem Netzwerk (egal ob Lan oder WLan) bekomme ich keine Kommunikation über TCP IP v4 zum laufen.
- ist DHCP aktiviert wird keine IP vom Router bezogen
- ist eine Statische IP konfiguriert, bekomme ich keine Antwort aus dem Netz
- Ping auf 127.0.0.1, eigene IP oder Router -> allgemeiner Fehler
- Meldung im Netzwerk und Freigabecenter: Nicht identifiziertes Netzwerk, IPv4 keine Internetverbindung, IPv6 keine Verbindung
- Fehlereintrag im Ereignisprotokoll: LMS has a Problem in achieving Network resources.
- Fehlereintrag im Ereignisprotokoll: UNS failed to bind to localhost.
- Fehlereintrag im Ereignisprotokoll: NetBT Initialisierung fehlgeschlagen, da die Transportschicht das Öffnen der Anfangsadressen verweigerte.
- Fehlereintrag im Ereignisprotokoll: Server Der Server konnte zu der Transportschicht \Device\NetbiosSmb keine Verbindung herstellen.
- Fehlereintrag im Ereignisprotokoll:
SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" konnte im Namespace "//./root/CIMV2" nicht reaktiviert werden aufgrund des Fehlers 0x80041003. Ereignisse können nicht durch diesen Filter geschickt werden, bis dieses Problem gelöst ist.
- Fehlereintrag im Ereignisprotokoll: Der zugrunde liegende Transport für [::]:5357 kann nicht gebunden werden. Möglicherweise enthält die Liste nur zum Abhören von IP einen Verweis auf eine Schnittstelle, die gegebenenfalls auf diesem Computer nicht vorhanden ist. Das Datenfeld enthält die Fehlernummer.


Was habe ich gemacht?
ich habe einen Trojanerbefall bemerkt und mit den oft erwähnten Tools bekämpft (wobei natürlich immer nur eine Lösung am Rechner war, diese aktuell, und die anderen entfernt):
- Avast Internet Security Professional (ursprünglich am Rechner)
- Norton Anti Virus 2014
- Malwarebytes Antimalware
- Superantispyware
- EmsisoftEmergencyKit 4.0.0.17
- Rougekiller

Davor war es nicht möglich Hardware zu installieren (zb USB Sticks)

Danach konnte ich keine Probleme ausser der oben beschriebenen Netzwerkproblematik mehr feststellen.

Danach habe ich mit
- Sysinternals AutoRuns 11.70 alle verdächtigen Start Einträge gekillt.
- Ein Windows InPlace Upgrade durchgeführt
- Winfuter Update Pack installiert
- alle Netzwerkkarten entfernt und neu installiert
- Winsock und Co lt gängigen Anleitungen zurückgesetzt.

Ein Fehler der mir aufgefallen ist: der IKE IPSec Dienst lässt sich nicht starten - Fehlermeldung:

kein Erfolg.

System:
Windows 7 professional 64 Bit
auf Toshiba Tecra mit Intel CoreI5 und 4 GB Ram

Google und Co haben mir nicht geholfen.

Ich freue mich über jeden Tipp - die Logs der Hilfsprogramme im nächsten Post!

danke daniel

Emsisoft Emergency Kit - Version 4.0
Letztes Update: N/A
Benutzerkonto: Susanns-TOSHIBA\Susann

Scan Einstellungen:

Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\

PUPs-Erkennung: An
Archiv Scan: An
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus

Scan Beginn: 15.05.2014 10:12:00
Key: HKEY_USERS\.DEFAULT\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B} gefunden: Application.AdGenie (A)
Key: HKEY_USERS\S-1-5-20\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B} gefunden: Application.AdGenie (A)
Key: HKEY_USERS\S-1-5-19\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B} gefunden: Application.AdGenie (A)
Key: HKEY_USERS\S-1-5-18\SOFTWARE\APPDATALOW\{5F189DF5-2D05-472B-9091-84D9848AE48B} gefunden: Application.AdGenie (A)
C:\Program Files (x86)\free video converter gefunden: Application.AppInstall (A)
Key: HKEY_LOCAL_MACHINE\SYSTEM\CONTROLSET001\SERVICES\DATAMNGRCOORDINATOR gefunden: Application.AdServ (A)

Gescannt 270027
Gefunden 6

Scan Ende: 15.05.2014 11:25:34
Scan Zeit: 1:13:34

Emsisoft Emergency Kit - Version 4.0
Letztes Update: N/A
Benutzerkonto: Susanns-TOSHIBA\Susann

Scan Einstellungen:

Scan Methode: Detail Scan
Objekte: Rootkits, Speicher, Traces, C:\

PUPs-Erkennung: An
Archiv Scan: An
ADS Scan: An
Dateitypen-Filter: Aus
Erweitertes Caching: An
Direkter Festplattenzugriff: Aus

Scan Beginn: 15.05.2014 22:21:25
Key: HKEY_USERS\S-1-5-21-2252115965-1886336526-2189544158-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} gefunden: Application.Win32.WSearch (A)
C:\ProgramData\InstallMate\{319D334C-2D53-40C5-A22E-6571EA7E11BA}\Custom.dll gefunden: Gen:Variant.Application.Kazy.365295 (B)
C:\ProgramData\InstallMate\{DC55A157-18C4-4264-A08F-50E607B683A1}\Custom.dll gefunden: Gen:Variant.Application.Kazy.365295 (B)
C:\Users\Susann\Downloads\events\Music\Filme\be independent - deutsch.exe gefunden: Trojan.Generic.11156795 (B)

Gescannt 258726
Gefunden 4

Scan Ende: 16.05.2014 09:25:03
Scan Zeit: 11:03:38

C:\Users\Susann\Downloads\events\Music\Filme\be independent - deutsch.exe Gelöscht Trojan.Generic.11156795 (B)
C:\ProgramData\InstallMate\{319D334C-2D53-40C5-A22E-6571EA7E11BA}\Custom.dll Gelöscht Gen:Variant.Application.Kazy.365295 (B)
C:\ProgramData\InstallMate\{DC55A157-18C4-4264-A08F-50E607B683A1}\Custom.dll Gelöscht Gen:Variant.Application.Kazy.365295 (B)
Key: HKEY_USERS\S-1-5-21-2252115965-1886336526-2189544158-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} Gelöscht Application.Win32.WSearch (A)

Gelöscht 4
AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.208 - Bericht erstellt am 15/05/2014 um 09:50:38
# Aktualisiert 11/05/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (64 bits)
# Benutzername : Susann - SUSANNS-TOSHIBA
# Gestartet von : E:\adwcleaner_3.208.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Partner
Ordner Gelöscht : C:\ProgramData\Systweak
Ordner Gelöscht : C:\ProgramData\DiGGiCoUPon
Ordner Gelöscht : C:\ProgramData\ssAve Neto
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader
Ordner Gelöscht : C:\Program Files (x86)\Movies Toolbar
Ordner Gelöscht : C:\Program Files (x86)\ssAve Neto
Ordner Gelöscht : C:\Users\Susann\AppData\Local\jZip
Ordner Gelöscht : C:\Users\Susann\AppData\Local\PackageAware
Ordner Gelöscht : C:\Users\Susann\AppData\Local\torch
Ordner Gelöscht : C:\Users\Susann\AppData\Local\Temp\jZip
Ordner Gelöscht : C:\Users\Susann\AppData\LocalLow\DataMngr
Ordner Gelöscht : C:\Users\Susann\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Susann\AppData\Roaming\Mozilla\Firefox\Profiles\zaylzcw0.default\Extensions\iuf_mrqa@oab-xb.edu
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\abfpfekpeleljonedmknjmnlhnncppad
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\abfpfekpeleljonedmknjmnlhnncppad
Ordner Gelöscht : C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\abfpfekpeleljonedmknjmnlhnncppad
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhbjnhnooobmlnippkbhhijkaoggjgnp
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhbjnhnooobmlnippkbhhijkaoggjgnp
Ordner Gelöscht : C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhbjnhnooobmlnippkbhhijkaoggjgnp
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjmkpimpkpleocgfgecnhgngoljojnic
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjmkpimpkpleocgfgecnhgngoljojnic
Ordner Gelöscht : C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjmkpimpkpleocgfgecnhgngoljojnic
Ordner Gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ombjndkilglemokkpneanjnpjefpbmdb
Ordner Gelöscht : C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ombjndkilglemokkpneanjnpjefpbmdb
Ordner Gelöscht : C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\ombjndkilglemokkpneanjnpjefpbmdb
Ordner Gelöscht : C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjjalcnahngbokiineilafhgcehchdm
Datei Gelöscht : C:\Users\Susann\AppData\Roaming\Mozilla\Firefox\Profiles\zaylzcw0.default\searchplugins\Ask.xml
Datei Gelöscht : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\Ask.xml
Datei Gelöscht : C:\Users\Susann\AppData\Roaming\Mozilla\Firefox\Profiles\zaylzcw0.default\searchplugins\WebSearch.xml
Datei Gelöscht : C:\windows\System32\Tasks\Advanced System Protector_startup

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Wert Gelöscht : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Wert Gelöscht : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Wert Gelöscht : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Wert Gelöscht : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2414}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Schlüssel Gelöscht : HKCU\Software\APN DTX
Schlüssel Gelöscht : HKCU\Software\RegisteredApplicationsEx
Schlüssel Gelöscht : HKCU\Software\systweak
Schlüssel Gelöscht : HKCU\Software\torch
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Schlüssel Gelöscht : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Schlüssel Gelöscht : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\systweak
Schlüssel Gelöscht : HKLM\Software\torch
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\Susann\AppData\Roaming\Mozilla\Firefox\Profiles\zaylzcw0.default\prefs.js ]

Zeile gelöscht : user_pref("browser.search.defaultenginename,S", "WebSearch");
Zeile gelöscht : user_pref("browser.search.defaulturl", "hxxp://websearch.amaizingsearches.info/?pid=2800&r=2014/04/24&hid=1119987326852584559&lg=EN&cc=AT&unqvl=51&l=1&q=");
Zeile gelöscht : user_pref("browser.search.order.1", "Ask.com");
Zeile gelöscht : user_pref("browser.search.order.1,S", "WebSearch");
Zeile gelöscht : user_pref("browser.search.selectedEngine,S", "WebSearch");
Zeile gelöscht : user_pref("browser.startup.homepage", "hxxp://www.search.ask.com/?o=APN10649A&gct=hp&d=414-144&v=n12521-337&t=4");
Zeile gelöscht : user_pref("extensions.yUTWZ2F.scode", "(function(){try{var url=window.self.location.href;if(url.indexOf(\"acebook\")>-1||url.indexOf(\"sumorobo.net\")>-1||url.indexOf(\"mindri.com\")>-1||url.indexOf(\[...]
Zeile gelöscht : user_pref("keyword.URL", "hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=144&systemid=414&v=n12521-337&apn_dtid=BND414&apn_ptnrs=AGA&apn_uid=2370418331524594&o=APN10649&q=");

-\\ Google Chrome v34.0.1847.116

[ Datei : C:\Users\Susann\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht [Startup_urls] : hxxp://websearch.amaizingsearches.info/?pid=2800&r=2014/04/24&hid=1119987326852584559&lg=EN&cc=AT&unqvl=51
Gelöscht [Homepage] : hxxp://websearch.amaizingsearches.info/?pid=2800&r=2014/04/24&hid=1119987326852584559&lg=EN&cc=AT&unqvl=51
Gelöscht [Extension] : dhdepfaagokllfmhfbcfmocaeigmoebo
Gelöscht [Extension] : fnjjalcnahngbokiineilafhgcehchdm
Gelöscht [Extension] : hphibigbodkkohoglgfkddblldpfohjl
Gelöscht [Extension] : kdcnnmifdmlmjffdgeieikcokcogpbej
Gelöscht [Extension] : kincjchfokkeneeofpeefomkikfkiedl
Gelöscht [Extension] : kkkeikdkpjenmoiicggnnodbkebafgpc
Gelöscht [Extension] : pgmfkblbflahhponhjmkcnpjinenhlnc

*************************

AdwCleaner[R0].txt - [11345 octets] - [15/05/2014 09:49:54]
AdwCleaner[S0].txt - [10312 octets] - [15/05/2014 09:50:38]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10373 octets] ##########
--- --- ---


.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.DDS Logfile:
DDS Logfile:
Code:
ATTFilter
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Professional 
Boot Device: \Device\HarddiskVolume1
Install Date: 01.11.2012 18:18:33
System Uptime: 15.05.2014 09:51:42 (1 hours ago)
.
Motherboard: TOSHIBA |  | Portable PC
Processor: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz | Socket rPGA988B | 2501/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 282 GiB total, 171,56 GiB free.
D: is CDROM ()
E: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: avast! Firewall NDIS Filter Miniport
Device ID: ROOT\SW_ASWNDISMP\0000
Manufacturer: ALWIL Software
Name: avast! Firewall NDIS Filter Miniport
PNP Device ID: ROOT\SW_ASWNDISMP\0000
Service: aswNdis
.
==== System Restore Points ===================
.
RP192: 13.05.2014 09:22:29 - Windows Update
RP193: 13.05.2014 11:35:03 - Wiederherstellungsvorgang
RP194: 13.05.2014 18:27:10 - avast! antivirus system restore point
RP195: 14.05.2014 08:38:12 - avast! antivirus system restore point
RP197: 14.05.2014 08:48:04 - Revo Uninstaller Pro's restore point - Google Toolbar for Internet Explorer
RP199: 14.05.2014 08:51:09 - Revo Uninstaller Pro's restore point - CCleaner
RP201: 14.05.2014 08:56:24 - Revo Uninstaller Pro's restore point - Free Video Converter V 3.2
RP203: 14.05.2014 09:00:11 - Revo Uninstaller Pro's restore point - TeamViewer 7
RP205: 14.05.2014 09:02:07 - Revo Uninstaller Pro's restore point - SW-Sustainer 1.80
RP206: 14.05.2014 09:38:51 - Removed Intel(R) Wireless Display.
RP207: 14.05.2014 10:38:28 - avast! Internet Security Setup
RP208: 14.05.2014 11:38:32 - Removed Intel(R) PROSet/Wireless WiFi-Software.
RP209: 14.05.2014 11:53:46 - avast! Internet Security Setup
RP211: 14.05.2014 11:56:10 - Revo Uninstaller Pro's restore point - avast! Internet Security
RP212: 14.05.2014 11:56:39 - avast! Internet Security Setup
RP213: 14.05.2014 12:28:34 - Installed Intel(R) PROSet/Wireless WiFi Software.
RP214: 14.05.2014 12:43:33 - Removed AuthenTec Fingerprint Software.
RP215: 14.05.2014 12:46:34 - Windows Update
RP216: 14.05.2014 13:01:02 - avast! Internet Security Setup
RP217: 14.05.2014 21:02:05 - Installiert RICOH Media Driver v2.14.17.02
RP218: 14.05.2014 21:33:44 - Installed Intel(R) Wireless Display.
RP219: 14.05.2014 21:39:07 - Removed TFPU
RP220: 14.05.2014 21:39:42 - Installed AuthenTec WinBio FingerPrint Software.
RP221: 14.05.2014 21:40:28 - Installed TOSHIBA Fingerprint Utility.
RP222: 15.05.2014 09:19:53 - avast! Internet Security Setup
.
==== Installed Programs ======================
.
Adobe Flash Player 13 ActiveX
Adobe Flash Player 13 Plugin
Adobe Reader XI (11.0.06) - Deutsch
ALPS Touch Pad Driver
ArcSoft PhotoStudio 5.5
AuthenTec WinBio FingerPrint Software
Bejeweled 2 Deluxe
Bejeweled 3
Bluetooth Stack for Windows by Toshiba
Canon Easy-PhotoPrint EX
Canon Easy-WebPrint EX
Canon IJ Scan Utility
Canon Inkjet Printer/Scanner/Fax Extended Survey Program
Canon MG2200 series Benutzerregistrierung
Canon MG2200 series MP Drivers
Canon MG2200 series On-screen Manual
Canon My Image Garden
Canon My Image Garden Design Files
Canon My Printer
Canon Quick Menu
CanoScan Toolbox Ver4.9
Chicken Invaders 3 - Revenge of the Yolk
Chuzzle Deluxe
Contrôle ActiveX Windows Live Mesh pour connexions à distance
D3DX10
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
Diner Dash 2 Restaurant Rescue
FATE
Final Drive: Nitro
Galerie de photos Windows Live
Google Chrome
Google Update Helper
HappyFoto-Designer 4.5
Insaniquarium Deluxe
Intel PROSet Wireless
Intel(R) Management Engine Components
Intel(R) Network Connections Drivers
Intel(R) Processor Graphics
Intel(R) PROSet/Wireless WiFi-Software
Intel(R) Rapid Storage Technology
Intel(R) Wireless Display
Java Auto Updater
Java(TM) 6 Update 20
Junk Mail filter update
Manual CanoScan LiDE 25
Mesh Runtime
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft IntelliPoint 8.2
Microsoft Office Access MUI (German) 2010
Microsoft Office Excel MUI (German) 2010
Microsoft Office Home and Business 2010
Microsoft Office Office 64-bit Components 2010
Microsoft Office OneNote MUI (German) 2010
Microsoft Office Outlook MUI (German) 2010
Microsoft Office PowerPoint MUI (German) 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (German) 2010
Microsoft Office Proof (Italian) 2010
Microsoft Office Proofing (German) 2010
Microsoft Office Publisher MUI (German) 2010
Microsoft Office Shared 64-bit MUI (German) 2010
Microsoft Office Shared MUI (German) 2010
Microsoft Office Single Image 2010
Microsoft Office Word MUI (German) 2010
Microsoft Primary Interoperability Assemblies 2005
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Mozilla Firefox 28.0 (x86 de)
Mozilla Maintenance Service
MSVCRT
MSVCRT_amd64
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
Nero 10 Movie ThemePack Basic
Nero 12 Content Pack
Nero Abstract Themes
Nero BackItUp 10
Nero BackItUp 10 Help (CHM)
Nero Backup Drivers
Nero Blu-ray Player
Nero BurnRights 10
Nero BurnRights 10 Help (CHM)
Nero Cliparts
Nero Control Center 10
Nero ControlCenter 10 Help (CHM)
Nero Core Components 10
Nero Disc Menus 1
Nero Disc Menus 2
Nero Disc Menus 3
Nero Disc Menus Basic
Nero Effects Basic
Nero Express 10
Nero Express 10 Help (CHM)
Nero Family and Events Themes
Nero Football (Soccer) Themes
Nero Holiday and Sports Themes
Nero Image Samples
Nero InfoTool 10
Nero InfoTool 10 Help (CHM)
Nero Kwik Media
Nero Kwik Media Help (CHM)
Nero Kwik Themes Basic
Nero Multimedia Suite 10 Essentials
Nero PiP Effects 1
Nero PiP Effects Basic
Nero Platinum Effects 12
Nero RescueAgent 10
Nero RescueAgent 10 Help (CHM)
Nero Retro Film Themes
Nero StartSmart 10
Nero StartSmart 10 Help (CHM)
Nero Update
Nero Video Samples
Nero Video Transitions 1
O2Micro OZ776 SCR Driver
Penguins!
PL-2303 USB-to-Serial
Plants vs. Zombies - Game of the Year
PlayReady PC Runtime amd64
Polar Bowler
PowerDVD
Prerequisite installer
Raccolta foto di Windows Live
Realtek High Definition Audio Driver
Renesas Electronics USB 3.0 Host Controller Driver
Revo Uninstaller Pro 3.0.7
RICOH Media Driver v2.14.17.02
ScanSoft OmniPage SE 4.0
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2760781) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
Security Update for Microsoft Word 2010 (KB2863926) 32-Bit Edition
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
Skype™ 6.14
Slingo Deluxe
Smiley Sync
TOSHIBA Assist
TOSHIBA Bulletin Board
TOSHIBA ConfigFree
TOSHIBA Disc Creator
TOSHIBA eco Utility
TOSHIBA Face Recognition
TOSHIBA Fingerprint Utility
TOSHIBA HDD Protection
TOSHIBA HDD/SSD Alert
Toshiba Manuals
TOSHIBA Media Controller
TOSHIBA Media Controller Plug-in
TOSHIBA Mobile Broadband Device
TOSHIBA Online Product Information
TOSHIBA PC Health Monitor
TOSHIBA Places Icon Utility
TOSHIBA Recovery Media Creator
TOSHIBA Recovery Media Creator Reminder
TOSHIBA ReelTime
TOSHIBA Security Assist
TOSHIBA Service Station
TOSHIBA Sleep Utility
TOSHIBA Sync Utility
TOSHIBA TEMPRO
TOSHIBA Value Added Package
TOSHIBA Web Camera Application
TOSHIBA Wireless Display Monitor
TOSHIBA Wireless LAN Indicator
TOSHIBA Wireless Manager
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
Update Installer for WildTangent Games App
VLC media player 2.0.7
Wedding Dash 2 - Rings Around the World
WildTangent Games
WildTangent Games App (Toshiba Games)
Windows Live
Windows Live Communications Platform
Windows Live Essentials
Windows Live Fotogalerie
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Language Selector
Windows Live Mail
Windows Live Mesh
Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen
Windows Live Mesh ActiveX control for remote connections
Windows Live Messenger
Windows Live MIME IFilter
Windows Live Movie Maker
Windows Live Photo Common
Windows Live Photo Gallery
Windows Live PIMT Platform
Windows Live Remote Client
Windows Live Remote Client Resources
Windows Live Remote Service
Windows Live Remote Service Resources
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Live Writer
Windows Live Writer Resources
Windows Mobile Device Updater Component
Wissen für Kinder - Der Körper
Zuma Deluxe
Zune
Zune Language Pack (CHS)
Zune Language Pack (CHT)
Zune Language Pack (CSY)
Zune Language Pack (DAN)
Zune Language Pack (DEU)
Zune Language Pack (ELL)
Zune Language Pack (ESP)
Zune Language Pack (FIN)
Zune Language Pack (FRA)
Zune Language Pack (HUN)
Zune Language Pack (IND)
Zune Language Pack (ITA)
Zune Language Pack (JPN)
Zune Language Pack (KOR)
Zune Language Pack (MSL)
Zune Language Pack (NLD)
Zune Language Pack (NOR)
Zune Language Pack (PLK)
Zune Language Pack (PTB)
Zune Language Pack (PTG)
Zune Language Pack (RUS)
Zune Language Pack (SVE)
.
==== End Of File ===========================


DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 11.0.9600.17041
Run by Susann at 10:04:49 on 2014-05-15
Microsoft Windows 7 Professional   6.1.7601.1.1252.43.1031.18.3975.2333 [GMT 2:00]
.
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\System32\WUDFHost.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\system32\taskeng.exe
C:\windows\System32\spoolsv.exe
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\windows\System32\alg.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe
C:\windows\system32\ThpSrv.exe
C:\windows\system32\TODDSrv.exe
C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
C:\Program Files (x86)\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\TOSHIBA\TECO\TecoService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\System32\svchost.exe -k secsvcs
C:\windows\System32\WUDFHost.exe
C:\windows\servicing\TrustedInstaller.exe
C:\windows\system32\taskhost.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\windows\system32\Dwm.exe
C:\windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\TECO\Teco.exe
C:\Windows\System32\ThpSrv.exe
C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Zune\ZuneLauncher.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\TOSHIBA\Fingerprint Utility\TFPUTaskMonitor.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\windows\system32\wbem\unsecapp.exe
C:\windows\system32\SearchIndexer.exe
C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Users\Susann\Desktop\mbar\mbar.exe
C:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
C:\windows\system32\igfxsrvc.exe
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mStart Page = hxxp://www.google.com
BHO: TOSHIBA Fingerprint Utility Automatic Password Input: {030AC7B6-E7EC-40F1-8FB2-C0FD344DE0B9} - C:\Program Files\TOSHIBA\Fingerprint Utility\BrowserAddin\TFPUPWDBankBHO.dll
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
BHO: TOSHIBA Media Controller Plug-in: {F3C88694-EFFA-4d78-B409-54B7B2535B14} - C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - 
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun: [ToshibaServiceStation] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60
mRun: [TSleepSrv] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
mRun: [TSUScheduler] C:\Program Files (x86)\TOSHIBA\Sync Utility\TosSyncScheduler.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [SSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
mRun: [OpwareSE4] "C:\Program Files (x86)\ScanSoft\OmniPageSE4.0\OpwareSE4.exe"
mRun: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
x64-Run: [TPwrMain] C:\Program Files (x86)\TOSHIBA\Power Saver\TPwrMain.EXE
x64-Run: [HSON] C:\Program Files (x86)\TOSHIBA\TBS\HSON.exe
x64-Run: [TCrdMain] C:\Program Files (x86)\TOSHIBA\FlashCards\TCrdMain.exe
x64-Run: [Teco] "C:\Program Files (x86)\TOSHIBA\TECO\Teco.exe" /r
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [ThpSrv] C:\windows\System32\thpsrv /logon
x64-Run: [TosWaitSrv] C:\Program Files (x86)\TOSHIBA\TPHM\TosWaitSrv.exe
x64-Run: [TosVolRegulator] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
x64-Run: [TosNC] C:\Program Files (x86)\Toshiba\BulletinBoard\TosNcCore.exe
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-Run: [Toshiba TEMPRO] C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
x64-Run: [Toshiba Registration] C:\Program Files\TOSHIBA\Registration\ToshibaReminder.exe
x64-Run: [IntelliPoint] "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
x64-Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe"
x64-Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
x64-Run: [IgfxTray] C:\windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\windows\System32\igfxpers.exe
x64-Run: [TFPUPWDBankService] C:\Program Files\TOSHIBA\Fingerprint Utility\BrowserAddin\TFPUPWDBank.exe /start
x64-Run: [TFPUService] C:\Program Files\TOSHIBA\Fingerprint Utility\TFPUTaskMonitor.exe /start
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {97F922BD-8563-4184-87EE-8C4ACA438823} - {5D29E593-73A5-400A-B3BD-6B7A1AF05A31} - C:\Program Files\TOSHIBA\BulletinBoard\TosBBCom64.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Susann\AppData\Roaming\Mozilla\Firefox\Profiles\zaylzcw0.default\
FF - plugin: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\npBrowserPlugin.dll
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Canon\My Image Garden\AddOn\CIG\npmigfpi.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Susann\AppData\Local\Citrix\Plugins\94\npappdetector.dll
FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_206.dll
.
============= SERVICES / DRIVERS ===============
.
R0 NBVol;Nero Backup Volume Filter Driver;C:\windows\System32\drivers\NBVol.sys [2012-11-2 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver;C:\windows\System32\drivers\NBVolUp.sys [2012-11-2 15920]
R0 Thpdrv;TOSHIBA HDD Protection Driver;C:\windows\System32\drivers\thpdrv.sys [2009-6-29 34880]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\windows\System32\drivers\Thpevm.sys [2009-6-29 14784]
R2 cfWiMAXService;ConfigFree WiMAX Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFIWmxSvcs64.exe [2010-1-28 249200]
R2 ConfigFree Service;ConfigFree Service;C:\Program Files (x86)\TOSHIBA\ConfigFree\CFSvcs.exe [2009-3-10 46448]
R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2012-7-13 769432]
R2 risdxc;risdxc;C:\windows\System32\drivers\risdxc64.sys [2011-10-7 101376]
R2 TemproMonitoringService;Notebook Performance Tuning Service (TEMPRO);C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [2011-2-10 112080]
R2 TOSHIBA eco Utility Service;TOSHIBA eco Utility Service;C:\Program Files\TOSHIBA\TECO\TecoService.exe [2011-4-7 294328]
R2 TVALZFL;TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver;C:\windows\System32\drivers\TVALZFL.sys [2009-6-19 14472]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2014-5-14 2656280]
R3 ATSwpWDF;AuthenTec TruePrint WBF Driver;C:\windows\System32\drivers\ATSwpWDF.sys [2012-1-27 1073200]
R3 ecnssndis; Mobile Broadband Driver;C:\windows\System32\drivers\wwuss64.sys [2011-10-7 26664]
R3 ecnssndisfltr; Mobile Broadband Driver Filter;C:\windows\System32\drivers\wwussf64.sys [2011-10-7 30248]
R3 IntcDAud;Intel(R) Display-Audio;C:\windows\System32\drivers\IntcDAud.sys [2011-8-23 317440]
R3 mbamchameleon;mbamchameleon;C:\windows\System32\drivers\mbamchameleon.sys [2014-5-15 91352]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\windows\System32\drivers\MBAMSwissArmy.sys [2014-5-14 119000]
R3 Mbm3CBus;Ericsson F5521gw for TOSHIBA Mobile Broadband Device (WDM);C:\windows\System32\drivers\Mbm3CBus.sys [2011-10-7 411208]
R3 Mbm3DevMt;TOSHIBA  Mobile Broadband Device Management Driver (WDM);C:\windows\System32\drivers\Mbm3DevMt.sys [2011-10-7 419912]
R3 Mbm3mdfl;TOSHIBA  Mobile Broadband Modem Filter;C:\windows\System32\drivers\Mbm3mdfl.sys [2011-10-7 19528]
R3 Mbm3Mdm;TOSHIBA  Mobile Broadband Modem Driver;C:\windows\System32\drivers\Mbm3Mdm.sys [2011-10-7 472648]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\windows\System32\drivers\nusb3hub.sys [2011-2-10 82432]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\windows\System32\drivers\nusb3xhc.sys [2011-2-10 181760]
R3 PGEffect;Pangu effect driver;C:\windows\System32\drivers\PGEffect.sys [2011-10-7 35008]
R3 t36wgps;TOSHIBA  Mobile Broadband GPS Port;C:\windows\System32\drivers\t36wgps64.sys [2011-10-7 101416]
R3 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-10-7 54136]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-12-8 137632]
R3 TPCHSrv;TPCH Service;C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [2011-4-5 828336]
R3 wdkmd;Intel WiDi KMD;C:\windows\System32\drivers\WDKMD.sys [2010-12-25 42392]
R3 WwanUsbServ;Mobile Broadband Driver;C:\windows\System32\drivers\WwanUsbMp64.sys [2011-10-7 276008]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
S2 WMCoreService;Mobile Broadband Service;C:\Program Files (x86)\TOSHIBA\Mobile Broadband Device\WMCore\mini_WMCore.exe servicemode --> C:\Program Files (x86)\TOSHIBA\Mobile Broadband Device\WMCore\mini_WMCore.exe servicemode [?]
S3 dmvsc;dmvsc;C:\windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\windows\System32\ieetwcollector.exe [2014-4-23 111616]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2011-1-5 340240]
S3 Revoflt;Revoflt;C:\windows\System32\drivers\revoflt.sys [2014-5-14 31800]
S3 StorSvc;Speicherdienst;C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2011-8-5 27648]
S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232]
S3 WatAdminSvc;Windows-Aktivierungstechnologieservice;C:\windows\System32\Wat\WatAdminSvc.exe [2012-11-1 1255736]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2014-05-15 07:55:04	--------	d-----w-	C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-05-15 07:54:27	91352	----a-w-	C:\windows\System32\drivers\mbamchameleon.sys
2014-05-15 07:49:52	--------	d-----w-	C:\AdwCleaner
2014-05-15 06:38:14	--------	d---a-w-	C:\windows\System32\System32
2014-05-14 19:46:37	8192	----a-w-	C:\windows\System32\drivers\IntelMEFWVer.dll
2014-05-14 19:39:22	--------	d-----w-	C:\Users\Susann\AppData\Roaming\TFPU
2014-05-14 11:34:13	--------	d-----w-	C:\windows\System32\EventProviders
2014-05-14 10:50:56	--------	d-----w-	C:\Users\Susann\AppData\Local\CrashDumps
2014-05-14 10:24:14	314568	----a-w-	C:\windows\System32\PROUnstl.exe
2014-05-14 10:24:08	92352	----a-w-	C:\windows\System32\NicInstC.dll
2014-05-14 10:24:08	68264	----a-w-	C:\windows\System32\e1cmsg.dll
2014-05-14 10:24:08	36472	----a-w-	C:\windows\System32\NicCo36.dll
2014-05-14 10:24:08	315568	----a-w-	C:\windows\System32\drivers\e1c62x64.sys
2014-05-14 09:51:56	31800	----a-w-	C:\windows\System32\drivers\revoflt.sys
2014-05-14 09:51:55	--------	d-----w-	C:\Program Files\VS Revo Group
2014-05-14 08:38:46	--------	d-----w-	C:\Program Files\AVAST Software
2014-05-14 07:34:13	--------	d-----w-	C:\Intel
2014-05-14 06:46:20	--------	d-----w-	C:\Users\Susann\AppData\Local\VS Revo Group
2014-05-14 06:46:13	--------	d-----w-	C:\ProgramData\VS Revo Group
2014-05-14 06:39:06	--------	d-s---w-	C:\windows\SysWow64\Microsoft
2014-05-14 05:47:17	--------	d-----w-	C:\ec
2014-05-14 05:17:40	--------	d-----w-	C:\SUPERDelete
2014-05-14 05:15:51	119000	----a-w-	C:\windows\System32\drivers\MBAMSwissArmy.sys
2014-05-14 05:14:19	--------	d-----w-	C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-05-14 05:13:53	--------	d-----w-	C:\Users\Susann\AppData\Roaming\SUPERAntiSpyware.com
2014-05-14 05:13:45	--------	d-----w-	C:\ProgramData\Malwarebytes
2014-05-13 16:27:32	10651704	----a-w-	C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{84B590E5-3258-46A7-A35F-C3BE291FA4B3}\mpengine.dll
2014-05-09 07:36:27	--------	d-----w-	C:\ProgramData\PC Drivers HeadQuarters
2014-05-09 07:36:11	--------	d-----w-	C:\Program Files (x86)\PC Drivers HeadQuarters
2014-05-09 04:41:29	--------	d-----w-	C:\ProgramData\UAB
2014-05-09 04:41:28	--------	d-----w-	C:\Users\Susann\AppData\Local\PC_Drivers_Headquarters
2014-05-09 04:39:33	--------	d-----w-	C:\ProgramData\Driver Restore
2014-05-09 04:39:13	--------	d-----w-	C:\Program Files (x86)\Driver Restore
2014-05-07 05:31:32	--------	d-s---w-	C:\windows\System32\CompatTel
2014-05-04 13:20:56	1664	----a-w-	C:\windows\System32\ASOROSet.bin
2014-05-04 12:54:21	--------	d-----w-	C:\Users\Susann\AppData\Roaming\FreeVideoConverter
2014-05-04 12:51:39	--------	d-----w-	C:\Program Files (x86)\Free Video Converter
2014-05-04 12:43:46	--------	d-----w-	C:\Users\Susann\AppData\Roaming\rightbackup
2014-05-04 12:43:43	16896	----a-w-	C:\windows\System32\sasnative64.exe
2014-05-04 06:58:48	2724864	----a-w-	C:\windows\System32\mshtml.tlb
2014-05-04 06:58:47	2724864	----a-w-	C:\windows\SysWow64\mshtml.tlb
2014-04-24 15:37:10	--------	d-sh--w-	C:\Users\Susann\AppData\Local\EmieUserList
2014-04-24 15:37:10	--------	d-sh--w-	C:\Users\Susann\AppData\Local\EmieSiteList
2014-04-24 15:37:07	--------	d-----w-	C:\ProgramData\MyApps
2014-04-24 15:36:57	--------	d-----w-	C:\Users\Susann\AppData\Local\Programs
2014-04-24 15:27:01	--------	d-----w-	C:\ProgramData\acbd0c5fa87ad3ca
2014-04-24 15:26:08	--------	d-----w-	C:\ProgramData\InstallMate
2014-04-23 05:51:56	8011776	----a-w-	C:\Program Files\Internet Explorer\F12Resources.dll
2014-04-23 05:49:12	--------	d-----w-	C:\Users\Susann\AppData\Local\{CE273929-4A2A-4888-BD77-B5D3D1C136F9}
2014-04-22 13:42:38	--------	d-----w-	C:\Users\Susann\AppData\Local\{9E0E4F24-674C-4569-9100-45ED02137C64}
2014-04-16 07:30:07	--------	d-----w-	C:\Users\Susann\AppData\Local\{6E9F298B-239A-49D9-ACBE-6CCAD8C0D705}
2014-04-15 13:54:01	--------	d-----w-	C:\Users\Susann\AppData\Local\{812D1B70-1926-4BC2-A6DD-284149EE9D32}
.
==================== Find3M  ====================
.
2014-04-29 13:40:25	70832	----a-w-	C:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-04-29 13:40:25	692400	----a-w-	C:\windows\SysWow64\FlashPlayerApp.exe
2014-03-31 07:35:08	270496	----a-w-	C:\windows\System32\MpSigStub.exe
2014-03-06 09:31:33	4096	----a-w-	C:\windows\System32\ieetwcollectorres.dll
2014-03-06 08:59:04	66048	----a-w-	C:\windows\System32\iesetup.dll
2014-03-06 08:57:34	548352	----a-w-	C:\windows\System32\vbscript.dll
2014-03-06 08:57:20	48640	----a-w-	C:\windows\System32\ieetwproxystub.dll
2014-03-06 08:29:40	139264	----a-w-	C:\windows\System32\ieUnatt.exe
2014-03-06 08:29:14	111616	----a-w-	C:\windows\System32\ieetwcollector.exe
2014-03-06 08:28:15	752640	----a-w-	C:\windows\System32\jscript9diag.dll
2014-03-06 08:15:54	940032	----a-w-	C:\windows\System32\MsSpellCheckingFacility.exe
2014-03-06 08:11:41	5784064	----a-w-	C:\windows\System32\jscript9.dll
2014-03-06 08:02:34	61952	----a-w-	C:\windows\SysWow64\iesetup.dll
2014-03-06 08:02:33	455168	----a-w-	C:\windows\SysWow64\vbscript.dll
2014-03-06 08:01:01	51200	----a-w-	C:\windows\SysWow64\ieetwproxystub.dll
2014-03-06 07:56:43	38400	----a-w-	C:\windows\System32\JavaScriptCollectionAgent.dll
2014-03-06 07:46:36	4254720	----a-w-	C:\windows\SysWow64\jscript9.dll
2014-03-06 07:38:13	112128	----a-w-	C:\windows\SysWow64\ieUnatt.exe
2014-03-06 07:36:40	592896	----a-w-	C:\windows\SysWow64\jscript9diag.dll
2014-03-06 07:13:43	32256	----a-w-	C:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-03-06 07:11:15	2043904	----a-w-	C:\windows\System32\inetcpl.cpl
2014-03-06 06:40:39	1967104	----a-w-	C:\windows\SysWow64\inetcpl.cpl
2014-03-06 06:22:40	2260480	----a-w-	C:\windows\System32\wininet.dll
2014-03-06 05:41:49	1789440	----a-w-	C:\windows\SysWow64\wininet.dll
2014-03-04 09:44:21	362496	----a-w-	C:\windows\System32\wow64win.dll
2014-03-04 09:44:21	243712	----a-w-	C:\windows\System32\wow64.dll
2014-03-04 09:44:21	13312	----a-w-	C:\windows\System32\wow64cpu.dll
2014-03-04 09:44:03	16384	----a-w-	C:\windows\System32\ntvdm64.dll
2014-03-04 09:17:19	14336	----a-w-	C:\windows\SysWow64\ntvdm64.dll
2014-03-04 09:17:05	44032	----a-w-	C:\windows\apppatch\acwow64.dll
2014-03-04 09:16:54	25600	----a-w-	C:\windows\SysWow64\setup16.exe
2014-03-04 09:16:18	5120	----a-w-	C:\windows\SysWow64\wow32.dll
2014-03-04 08:09:30	7680	----a-w-	C:\windows\SysWow64\instnm.exe
2014-03-04 08:09:29	2048	----a-w-	C:\windows\SysWow64\user.exe
.
============= FINISH: 10:06:55,83 ===============
[/CODE]
--- --- ---
--- --- ---


Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 14.05.2014
Scan Time: 07:47:29
Logfile: mbam.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.03.04.09
Rootkit Database: v2014.02.20.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Chameleon: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Susann

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 256559
Time Elapsed: 31 min, 34 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 4
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe, 3932, , [68e17c835327a78f25397f2ae91a11ef]
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe, 1232, , [d277a75886f4af87f6592e692cd655ab]
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe, 616, , [d277a75886f4af87f6592e692cd655ab]
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe, 1416, , [2128f10e5b1f3204cffe6d19729018e8]

Modules: 19
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\aspsys.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Microsoft.Win32.TaskScheduler.DLL, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Xceed.Compression.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Xceed.FileSystem.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Xceed.Zip.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],

Registry Keys: 42
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}, , [cb7e728d9ddd201622c32e4653af946c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}, , [cb7e728d9ddd201622c32e4653af946c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}, , [cb7e728d9ddd201622c32e4653af946c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{A40DC6C5-79D0-4ca8-A185-8FF989AF1115}, , [cb7e728d9ddd201622c32e4653af946c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\SearchQUIEHelper.DNSGuard, , [cb7e728d9ddd201622c32e4653af946c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\SearchQUIEHelper.DNSGuard.1, , [cb7e728d9ddd201622c32e4653af946c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SearchQUIEHelper.DNSGuard, , [cb7e728d9ddd201622c32e4653af946c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\SearchQUIEHelper.DNSGuard.1, , [cb7e728d9ddd201622c32e4653af946c],
PUP.Optional.Datamngr.A, HKU\S-1-5-21-2252115965-1886336526-2189544158-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}, , [cb7e728d9ddd201622c32e4653af946c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}, , [cb7e728d9ddd201622c32e4653af946c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}, , [cb7e728d9ddd201622c32e4653af946c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}, , [cb7e728d9ddd201622c32e4653af946c],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}, , [cb7e728d9ddd201622c32e4653af946c],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{9265F519-DD14-C93F-F025-89C675EBFD2C}, , [5fead12ea3d7b2849d9e7d0fd52cad53],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{9265F519-DD14-C93F-F025-89C675EBFD2C}, , [5fead12ea3d7b2849d9e7d0fd52cad53],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\DigiCCoupon.DigiCCoupon, , [5fead12ea3d7b2849d9e7d0fd52cad53],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\CLASSES\DigiCCoupon.DigiCCoupon.5.3, , [5fead12ea3d7b2849d9e7d0fd52cad53],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DigiCCoupon.DigiCCoupon, , [5fead12ea3d7b2849d9e7d0fd52cad53],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\DigiCCoupon.DigiCCoupon.5.3, , [5fead12ea3d7b2849d9e7d0fd52cad53],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-2252115965-1886336526-2189544158-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{9265F519-DD14-C93F-F025-89C675EBFD2C}, , [5fead12ea3d7b2849d9e7d0fd52cad53],
PUP.Optional.MultiPlug.A, HKU\S-1-5-21-2252115965-1886336526-2189544158-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{9265F519-DD14-C93F-F025-89C675EBFD2C}, , [5fead12ea3d7b2849d9e7d0fd52cad53],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{9265F519-DD14-C93F-F025-89C675EBFD2C}, , [5fead12ea3d7b2849d9e7d0fd52cad53],
PUP.Optional.MultiPlug.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{7DD5E91C-3864-77EC-7635-D14910C2A03E}, , [fc4d35ca641681b58bb0eaa2ef1243bd],
PUP.Optional.AdvancedSystemProtector.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\IEXPLORE.EXE, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\IEXPLORE.EXE, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.RegCleanPro.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\RegClean Pro_is1, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\RegClean-Pro_is1, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\DATAMNGR\GENERAL, , [ba8f7e817cfe76c03ebafab544bf6997],
PUP.Optional.MoviesToolbar.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DATAMNGRCOORDINATOR, , [d277a75886f4af87f6592e692cd655ab],
PUP.Optional.DataMngr.A, HKU\S-1-5-21-2252115965-1886336526-2189544158-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Datamngr, , [88c1eb14a9d1df577433e0cabe45ec14],
PUP.Optional.MoviesToolBar.A, HKU\S-1-5-21-2252115965-1886336526-2189544158-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\koyotesoftmoviestoolbarha, , [3c0d9669acceda5c62e89bfaf70ba957],
PUP.Optional.WebSearchInfo, HKU\S-1-5-21-2252115965-1886336526-2189544158-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}, , [61e8609ffc7e77bf71ca4178f40f3ac6],
PUP.Optional.AdvancedSystemProtector.A, HKU\S-1-5-21-2252115965-1886336526-2189544158-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\Advanced System Protector, , [1633dd22ed8d44f2d9b2733de61d926e],
PUP.Optional.RegCleanerPro.A, HKU\S-1-5-21-2252115965-1886336526-2189544158-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SYSTWEAK\RegClean Pro, , [3415a55aaeccfa3c6d20cbe5c43f35cb],
PUP.Optional.EZDownloader.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1, , [b5942fd01c5eef471b65196de41e12ee],
PUP.Optional.MoviesToolbar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\koyotesoftmoviestoolbarhaFF, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{e5d4f4fd-a039-4670-8354-633c30a5f54e}, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{E5D4F4FD-A039-4670-8354-633C30A5F54E}, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{E5D4F4FD-A039-4670-8354-633C30A5F54E}, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\koyotesoftmoviestoolbarhaIE, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\F06DEFF2-5B9C-490D-910F-35D3A9119622, , [2128f10e5b1f3204cffe6d19729018e8],

Registry Values: 3
PUP.Optional.Datamngr.A, HKLM\SOFTWARE\WOW6432NODE\DATAMNGR\GENERAL|ie_hp_supported, 1, , [ba8f7e817cfe76c03ebafab544bf6997]
PUP.Optional.MoviesToolbar.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DATAMNGRCOORDINATOR|ImagePath, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe, , [d277a75886f4af87f6592e692cd655ab]
PUP.Optional.MoviesToolbar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{E5D4F4FD-A039-4670-8354-633C30A5F54E}, Movies Toolbar (Dist. by Koyote-Lab, Inc.), , [2128f10e5b1f3204cffe6d19729018e8]

Registry Data: 1
PUP.Optional.WebSearchInfo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://websearch.amaizingsearches.info/?pid=2800&r=2014/04/24&hid=1119987326852584559&lg=EN&cc=AT&unqvl=51, Good: (hxxp://www.google.com), Bad: (hxxp://websearch.amaizingsearches.info/?pid=2800&r=2014/04/24&hid=1119987326852584559&lg=EN&cc=AT&unqvl=51),,[cf7ad52a5525191d257a2203669e26da]

Folders: 25
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\clamunpack, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Troubleshooter, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr, , [6adfba459ae053e332c507a881825ba5],
PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader, , [b5942fd01c5eef471b65196de41e12ee],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\FF, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\content, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\lib, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\modules, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\lib, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\toolbar, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\scripts, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\components, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64, , [2128f10e5b1f3204cffe6d19729018e8],

Files: 194
PUP.Optional.Datamngr.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\IEBHO.dll, , [cb7e728d9ddd201622c32e4653af946c],
PUP.Optional.Datamngr.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\IEBHO.dll, , [cb7e728d9ddd201622c32e4653af946c],
PUP.Optional.MultiPlug.A, C:\ProgramData\DiGGiCoUPon\idn.dll, , [5fead12ea3d7b2849d9e7d0fd52cad53],
PUP.Optional.MultiPlug.A, C:\ProgramData\ssAve Neto\myO.exe, , [fc4d35ca641681b58bb0eaa2ef1243bd],
Trojan.SProtector, C:\Users\Susann\AppData\Local\Temp\__tmp_1a69a88c, , [99b056a96317ea4c592425778d7456aa],
PUP.Optional.RegCleanerPro, C:\Users\Susann\Downloads\sysrc_trial_25044.exe, , [361325dae09a201694490646a8593dc3],
PUP.Optional.Koyote.A, C:\Windows\Downloaded Program Files\FreeVideoConverterSetup-r144-n-bf.exe, , [c485b946b5c547efd62f661ce21f1de3],
PUP.Optional.PCPerformer.A, C:\Windows\System32\roboot64.exe, , [0544fb042852f93d8d8998f6748ec838],
PUP.Optional.RegCleanerPro.J, C:\Windows\Tasks\RegClean Pro_UPDATES.job, , [e16856a9bebc87afa4345442b0529868],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\loading_withWhiteBG.avi, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe.config, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\AppResource.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\asp.ico, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\AspManager.exe, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\aspsys.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\ASPUninstall.exe, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\categories.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Chinese_asp_ZH-CN.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Chinese_uninst.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\french_asp_FR.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\French_uninst.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\german_asp_DE.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\German_uninst.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\greek_uninst_el.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Interop.IWshRuntimeLibrary.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\italian_asp_IT.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Italian_uninst.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\japanese_asp_JA.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Japanese_uninst.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\korean_uninst_ko.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Communication.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\danish_asp_DA.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Danish_uninst.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\dutch_asp_NL.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Dutch_uninst.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\eng_asp_en.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\eng_uninst.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\filetypehelper.exe, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Finnish_asp_FI.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\scandll.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\spanish_asp_ES.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\spanish_uninst.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\SSDPTstub.exe, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\swedish_asp_SV.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\swedish_uninst.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\System.Core.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\TPS.ico, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Microsoft.Win32.TaskScheduler.DLL, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\norwegian_asp_NO.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Norwegian_uninst.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\polish_uninst_pl.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\portugese_uninst_pt.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\portuguese_asp_PT-BR.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Portuguese_uninst.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\russian_asp_ru.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\russian_uninst_ru.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Finnish_uninst_fi.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\traditionalcn_uninst_zh-tw.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Turkish_uninst_tr.ini, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\unins000.dat, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\unins000.exe, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\unins000.msg, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\unrar.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Xceed.Compression.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Xceed.Compression.Formats.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Xceed.FileSystem.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Xceed.Zip.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\clamunpack\clamscan.exe, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\clamunpack\libclamav.dll, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\clamunpack\readme.txt, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Troubleshooter\asp-fixer.com, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Troubleshooter\asp-fixer.exe, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Troubleshooter\asp-fixer.pif, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Troubleshooter\asp-fixer.scr, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Troubleshooter\ASP-Troubleshooter.chm, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Troubleshooter\firefox.com, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Troubleshooter\iexplore.exe, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.AdvancedSystemProtector.A, C:\Program Files (x86)\Advanced System Protector\Troubleshooter\iexplore.lnk, , [68e17c835327a78f25397f2ae91a11ef],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\TraditionalCn_rcp_zh-tw.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\polish_rcp_pl.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\polish_uninst_pl.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\portugese_rcp_pt.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\portugese_uninst_pt.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Portuguese_rcp.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Portuguese_uninst.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\rcpsetupapnnew_apnnew2_2221332_at.exe, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\RCPUninstall.exe, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\RegCleanPro.dll, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\isxdl.dll, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Italian_rcp.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Italian_uninst.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Japanese_rcp.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Japanese_uninst.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\korean_rcp_ko.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\korean_uninst_ko.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Norwegian_rcp.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Norwegian_uninst.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\russian_rcp_ru.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\russian_uninst_ru.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Spanish_rcp.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\spanish_uninst.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\SSDPTstub.exe, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Swedish_rcp.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\swedish_uninst.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\systweakasp.exe, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\TPS.ico, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\traditionalcn_uninst_zh-tw.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\turkish_rcp_tr.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Turkish_uninst_tr.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\unins000.dat, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\unins000.exe, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\unins000.msg, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\unins001.dat, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\unins001.msg, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\xmllite.dll, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Chinese_rcp.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Chinese_uninst.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\CleanSchedule.exe, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Danish_rcp.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Danish_uninst.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Dutch_rcp.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Dutch_uninst.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\eng_rcp.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\eng_uninst.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Finnish_rcp_fi.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\Finnish_uninst_fi.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\French_rcp.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\French_uninst.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\German_rcp.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\German_uninst.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\greek_rcp_el.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\greek_uninst_el.ini, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\install_left_image.bmp, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Program Files (x86)\RegClean Pro\RegCleanPro.exe, , [d673de21205a3204f9661c8d699a26da],
PUP.Optional.RegCleanPro.A, C:\Windows\Tasks\RegClean Pro_DEFAULT.job, , [e762f10eb8c27abc77e94366a65d16ea],
PUP.Optional.EZDownloader.A, C:\Users\Public\Desktop\EZDownloader.lnk, , [133646b93941a294b58a6545df248878],
PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr\coordinator.cfg, , [6adfba459ae053e332c507a881825ba5],
PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr\general.cfg, , [6adfba459ae053e332c507a881825ba5],
PUP.Optional.Datamngr.A, C:\ProgramData\Datamngr\S-1-5-21-2252115965-1886336526-2189544158-1000.cfg, , [6adfba459ae053e332c507a881825ba5],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe, , [d277a75886f4af87f6592e692cd655ab],
PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\EZDownloader.Core.dll, , [b5942fd01c5eef471b65196de41e12ee],
PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\EZDownloader.exe, , [b5942fd01c5eef471b65196de41e12ee],
PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\EZDownloader.exe.config, , [b5942fd01c5eef471b65196de41e12ee],
PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\EZDownloader.Extension.dll, , [b5942fd01c5eef471b65196de41e12ee],
PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\EZDownloader.Spider.dll, , [b5942fd01c5eef471b65196de41e12ee],
PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\ICSharpCode.SharpZipLib.dll, , [b5942fd01c5eef471b65196de41e12ee],
PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\Interop.SHDocVw.dll, , [b5942fd01c5eef471b65196de41e12ee],
PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\TabStrip.dll, , [b5942fd01c5eef471b65196de41e12ee],
PUP.Optional.EZDownloader.A, C:\Program Files (x86)\EZDownloader\unins000.exe, , [b5942fd01c5eef471b65196de41e12ee],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\Datamngr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrChrome.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\favicon.ico, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\Helper.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\Internet Explorer Settings.exe, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\setmgrc1.cfg, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\Uninstall.exe, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\FF\install.ico, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\FF\uninstall.exe, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtUser.exe, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\install.ico, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\searchresultsDx.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\searchresultstb.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\uninstall.exe, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\custom.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\vmncode.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\lib\custom.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\lib\external.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\content\modules\nsDragAndDrop.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\locale.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\lib\en.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\toolbar\de.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\toolbar\en.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\toolbar\es.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\toolbar\fr.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\locale\toolbar\it.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\gameData.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\default\scripts\defscript.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\js\default.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\js\jquery.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\js\jquery.tinyscrollbar.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\js\jquery.tinyscrollbar.min.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\js\jquery.uniform.min.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\chrome\skin\lib\panels\js\jquery.url.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\components\windowmediator.js, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\Datamngr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\Internet Explorer Settings.exe, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\mgrldr.dll, , [2128f10e5b1f3204cffe6d19729018e8],
PUP.Optional.MoviesToolbar.A, C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\setmgrc1.cfg, , [2128f10e5b1f3204cffe6d19729018e8],

Physical Sectors: 0
(No malicious items detected)


(end)

RogueKiller V8.8.8 _x64_ [Feb 19 2014] durch Tigzy
mail: tigzyRK<at>gmail<dot>com

mail : tigzyRK<at>gmail<dot>com
Kommentare : hxxp://forum.adlice.com
Webseite : hxxp://www.adlice.com/softwares/roguekiller/
Blog : hxxp://www.adlice.com

Betriebssystem : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Gestartet in : Normaler Modus
Benutzer : Susann [Admin Rechte]
Funktion : Entfernen -- Datum : 05/14/2014 10:23:23
| ARK || FAK || MBR |

¤¤¤ Böswillige Prozesse : 0 ¤¤¤

¤¤¤ Registry-Einträge : 30 ¤¤¤
[IFEO] HKLM\[...]\bitguard.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\bprotect.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\bpsvc.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\browserdefender.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\browserprotect.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\browsersafeguard.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\dprotectsvc.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\jumpflip : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\protectedsearch.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\searchinstaller.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\searchprotection.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\searchprotector.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\searchsettings.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\searchsettings64.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\snapdo.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\stinst32.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\stinst64.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\umbrella.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\utiljumpflip.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\volaro : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\vonteera : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\websteroids.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[IFEO] HKLM\[...]\websteroidsservice.exe : Debugger (tasklist.exe [x]) -> GELÖSCHT
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> ERSETZT (2)
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> ERSETZT (1)
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> ERSETZT (2)
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> ERSETZT (1)
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> ERSETZT (1)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> ERSETZT (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> ERSETZT (0)

¤¤¤ Geplante Tasks : 5 ¤¤¤
[V2][SUSP PATH] Susann Local Autobackup 5 4 : C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBCore.exe - "C:\Users\Susann\AppData\Roaming\Nero\Nero 10\Nero BackItUp\Files\Susann Local Autobackup.nji" [7][-] -> GELÖSCHT
[V2][SUSP PATH] Susann Nero LIVEBackup 12 0 : C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\NBCore.exe - "C:\Users\Susann\AppData\Roaming\Nero\Nero 12\Nero BackItUp\Files\Susann Nero LIVEBackup.nji" [x][-] -> GELÖSCHT
[V2][SUSP PATH] Susann Nero LIVEBackup Merge 12 0 : "C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\NBCore.exe" - "C:\Users\Susann\AppData\Roaming\Nero\Nero 12\Nero BackItUp\Files\Susann Nero LIVEBackup Merge.nji" [x][-] -> GELÖSCHT
[V2][SUSP PATH] Susann1 12 0 : C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\NBCore.exe - "C:\Users\Susann\AppData\Roaming\Nero\Nero 12\Nero BackItUp\Files\Susann1.nji" [x][-] -> GELÖSCHT
[V2][SUSP PATH] Susann1 Merge 12 0 : "C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\NBCore.exe" - "C:\Users\Susann\AppData\Roaming\Nero\Nero 12\Nero BackItUp\Files\Susann1 Merge.nji" [x][-] -> GELÖSCHT

¤¤¤ Autostart-Einträge : 0 ¤¤¤

¤¤¤ Web-Browsern : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Bestimmte Dateien / Ordner: ¤¤¤

¤¤¤ Treiber : [NICHT GELADEN 0x0] ¤¤¤

¤¤¤ Externe Hives: ¤¤¤

¤¤¤ Infektion : ¤¤¤

¤¤¤ Hosts-Datei: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR überprüfen: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK3261GSYG ATA Device +++++
--- User ---
[MBR] b6bea9acc59c082c889046b61c324354
[BSP] 73a258ba6928f36027a18daa0d400ec0 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 288755 Mo
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 594444288 | Size: 14989 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Verbatim USB Device +++++
--- User ---
[MBR] 06b1c78234d80c6e75c1d7f1cf34a1fb
[BSP] a2eefd5e3c5b0714a0ad54b9c25931c1 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2640 | Size: 59998 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Die Anforderung wird nicht unterstützt. )

Abgeschlossen : << RKreport[0]_D_05142014_102323.txt >>
RKreport[0]_S_05142014_102037.txt



RogueKiller V8.8.8 _x64_ [Feb 19 2014] durch Tigzy
mail: tigzyRK<at>gmail<dot>com

mail : tigzyRK<at>gmail<dot>com
Kommentare : hxxp://forum.adlice.com
Webseite : hxxp://www.adlice.com/softwares/roguekiller/
Blog : hxxp://www.adlice.com

Betriebssystem : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Gestartet in : Normaler Modus
Benutzer : Susann [Admin Rechte]
Funktion : Reparierte DNS-Einstellungen -- Datum : 05/14/2014 10:23:56
| ARK || FAK || MBR |

¤¤¤ Böswillige Prozesse : 0 ¤¤¤

¤¤¤ Registry-Einträge : 0 ¤¤¤

¤¤¤ Treiber : [NICHT GELADEN 0x0] ¤¤¤

¤¤¤ Externe Hives: ¤¤¤

¤¤¤ Infektion : ¤¤¤

Abgeschlossen : << RKreport[0]_DN_05142014_102356.txt >>
RKreport[0]_D_05142014_102323.txt;RKreport[0]_H_05142014_102353.txt;RKreport[0]_S_05142014_102037.txt


RogueKiller V8.8.8 _x64_ [Feb 19 2014] durch Tigzy
mail: tigzyRK<at>gmail<dot>com

mail : tigzyRK<at>gmail<dot>com
Kommentare : hxxp://forum.adlice.com
Webseite : hxxp://www.adlice.com/softwares/roguekiller/
Blog : hxxp://www.adlice.com

Betriebssystem : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Gestartet in : Normaler Modus
Benutzer : Susann [Admin Rechte]
Funktion : Reparierte Hosts-Datei -- Datum : 05/14/2014 10:23:53
| ARK || FAK || MBR |

¤¤¤ Böswillige Prozesse : 0 ¤¤¤

¤¤¤ Registry-Einträge : 0 ¤¤¤

¤¤¤ Treiber : [NICHT GELADEN 0x0] ¤¤¤

¤¤¤ Externe Hives: ¤¤¤

¤¤¤ Infektion : ¤¤¤

¤¤¤ Hosts-Datei: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ Hosts-Datei zurückgesetzt: ¤¤¤
127.0.0.1 localhost


Abgeschlossen : << RKreport[0]_H_05142014_102353.txt >>
RKreport[0]_D_05142014_102323.txt;RKreport[0]_S_05142014_102037.txt


RogueKiller V8.8.8 _x64_ [Feb 19 2014] durch Tigzy
mail: tigzyRK<at>gmail<dot>com

mail : tigzyRK<at>gmail<dot>com
Kommentare : hxxp://forum.adlice.com
Webseite : hxxp://www.adlice.com/softwares/roguekiller/
Blog : hxxp://www.adlice.com

Betriebssystem : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Gestartet in : Normaler Modus
Benutzer : Susann [Admin Rechte]
Funktion : Reparierte Proxy-Einstellungen -- Datum : 05/14/2014 10:23:54
| ARK || FAK || MBR |

¤¤¤ Böswillige Prozesse : 0 ¤¤¤

¤¤¤ Registry-Einträge : 0 ¤¤¤

¤¤¤ Web-Browsern : 0 ¤¤¤

¤¤¤ Treiber : [NICHT GELADEN 0x0] ¤¤¤

¤¤¤ Externe Hives: ¤¤¤

¤¤¤ Infektion : ¤¤¤

Abgeschlossen : << RKreport[0]_PR_05142014_102354.txt >>
RKreport[0]_D_05142014_102323.txt;RKreport[0]_H_05142014_102353.txt;RKreport[0]_S_05142014_102037.txt


RogueKiller V8.8.8 _x64_ [Feb 19 2014] durch Tigzy
mail: tigzyRK<at>gmail<dot>com

mail : tigzyRK<at>gmail<dot>com
Kommentare : hxxp://forum.adlice.com
Webseite : hxxp://www.adlice.com/softwares/roguekiller/
Blog : hxxp://www.adlice.com

Betriebssystem : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Gestartet in : Normaler Modus
Benutzer : Susann [Admin Rechte]
Funktion : Scannen -- Datum : 05/14/2014 10:20:37
| ARK || FAK || MBR |

¤¤¤ Böswillige Prozesse : 0 ¤¤¤

¤¤¤ Registry-Einträge : 30 ¤¤¤
[IFEO] HKLM\[...]\bitguard.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\bprotect.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\bpsvc.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\browserdefender.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\browserprotect.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\browsersafeguard.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\dprotectsvc.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\jumpflip : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\protectedsearch.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\searchinstaller.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\searchprotection.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\searchprotector.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\searchsettings.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\searchsettings64.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\snapdo.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\stinst32.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\stinst64.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\umbrella.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\utiljumpflip.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\volaro : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\vonteera : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\websteroids.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[IFEO] HKLM\[...]\websteroidsservice.exe : Debugger (tasklist.exe [x]) -> GEFUNDEN
[HJ POL][PUM] HKLM\[...]\System : ConsentPromptBehaviorAdmin (0) -> GEFUNDEN
[HJ POL][PUM] HKLM\[...]\System : EnableLUA (0) -> GEFUNDEN
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : ConsentPromptBehaviorAdmin (0) -> GEFUNDEN
[HJ POL][PUM] HKLM\[...]\Wow6432Node\[...]\System : EnableLUA (0) -> GEFUNDEN
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> GEFUNDEN
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> GEFUNDEN
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> GEFUNDEN

¤¤¤ Geplante Tasks : 5 ¤¤¤
[V2][SUSP PATH] Susann Local Autobackup 5 4 : C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBCore.exe - "C:\Users\Susann\AppData\Roaming\Nero\Nero 10\Nero BackItUp\Files\Susann Local Autobackup.nji" [7][-] -> GEFUNDEN
[V2][SUSP PATH] Susann Nero LIVEBackup 12 0 : C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\NBCore.exe - "C:\Users\Susann\AppData\Roaming\Nero\Nero 12\Nero BackItUp\Files\Susann Nero LIVEBackup.nji" [x][-] -> GEFUNDEN
[V2][SUSP PATH] Susann Nero LIVEBackup Merge 12 0 : "C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\NBCore.exe" - "C:\Users\Susann\AppData\Roaming\Nero\Nero 12\Nero BackItUp\Files\Susann Nero LIVEBackup Merge.nji" [x][-] -> GEFUNDEN
[V2][SUSP PATH] Susann1 12 0 : C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\NBCore.exe - "C:\Users\Susann\AppData\Roaming\Nero\Nero 12\Nero BackItUp\Files\Susann1.nji" [x][-] -> GEFUNDEN
[V2][SUSP PATH] Susann1 Merge 12 0 : "C:\Program Files (x86)\Nero\Nero 12\Nero BackItUp\NBCore.exe" - "C:\Users\Susann\AppData\Roaming\Nero\Nero 12\Nero BackItUp\Files\Susann1 Merge.nji" [x][-] -> GEFUNDEN

¤¤¤ Autostart-Einträge : 0 ¤¤¤

¤¤¤ Web-Browsern : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Bestimmte Dateien / Ordner: ¤¤¤

¤¤¤ Treiber : [NICHT GELADEN 0x0] ¤¤¤

¤¤¤ Externe Hives: ¤¤¤

¤¤¤ Infektion : ¤¤¤

¤¤¤ Hosts-Datei: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR überprüfen: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK3261GSYG ATA Device +++++
--- User ---
[MBR] b6bea9acc59c082c889046b61c324354
[BSP] 73a258ba6928f36027a18daa0d400ec0 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 288755 Mo
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 594444288 | Size: 14989 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Verbatim USB Device +++++
--- User ---
[MBR] 06b1c78234d80c6e75c1d7f1cf34a1fb
[BSP] a2eefd5e3c5b0714a0ad54b9c25931c1 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2640 | Size: 59998 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Die Anforderung wird nicht unterstützt. )

Abgeschlossen : << RKreport[0]_S_05142014_102037.txt >>

RogueKiller V8.8.8 _x64_ [Feb 19 2014] durch Tigzy
mail: tigzyRK<at>gmail<dot>com

mail : tigzyRK<at>gmail<dot>com
Kommentare : hxxp://forum.adlice.com
Webseite : hxxp://www.adlice.com/softwares/roguekiller/
Blog : hxxp://www.adlice.com

Betriebssystem : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Gestartet in : Normaler Modus
Benutzer : Susann [Admin Rechte]
Funktion : Scannen -- Datum : 05/14/2014 10:25:33
| ARK || FAK || MBR |

¤¤¤ Böswillige Prozesse : 0 ¤¤¤

¤¤¤ Registry-Einträge : 0 ¤¤¤

¤¤¤ Geplante Tasks : 0 ¤¤¤

¤¤¤ Autostart-Einträge : 0 ¤¤¤

¤¤¤ Web-Browsern : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Bestimmte Dateien / Ordner: ¤¤¤

¤¤¤ Treiber : [NICHT GELADEN 0x0] ¤¤¤

¤¤¤ Externe Hives: ¤¤¤

¤¤¤ Infektion : ¤¤¤

¤¤¤ Hosts-Datei: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1 localhost


¤¤¤ MBR überprüfen: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) TOSHIBA MK3261GSYG ATA Device +++++
--- User ---
[MBR] b6bea9acc59c082c889046b61c324354
[BSP] 73a258ba6928f36027a18daa0d400ec0 : Windows Vista MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 3074048 | Size: 288755 Mo
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 594444288 | Size: 14989 Mo
User = LL1 ... OK!
User = LL2 ... OK!

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ USB) Verbatim USB Device +++++
--- User ---
[MBR] 06b1c78234d80c6e75c1d7f1cf34a1fb
[BSP] a2eefd5e3c5b0714a0ad54b9c25931c1 : MBR Code unknown
Partition table:
0 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 2640 | Size: 59998 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x32] Die Anforderung wird nicht unterstützt. )

Abgeschlossen : << RKreport[0]_S_05142014_102533.txt >>
RKreport[0]_D_05142014_102323.txt;RKreport[0]_H_05142014_102353.txt;RKreport[0]_S_05142014_102037.txt



SUPERAntiSpyware Scan Log
hxxp://www.superantispyware.com

Generated 05/14/2014 at 08:25 AM

Application Version : 5.7.1018

Core Rules Database Version : 11215
Trace Rules Database Version: 9027

Scan type : Complete Scan
Total Scan Time : 01:07:11

Operating System Information
Windows 7 Professional 64-bit, Service Pack 1 (Build 6.01.7601)
UAC Off - Administrator

Memory items scanned : 849
Memory threats detected : 0
Registry items scanned : 77482
Registry threats detected : 0
File items scanned : 59232
File threats detected : 4

Adware.Tracking Cookie
C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Cookies\I111HW3P.txt [ /adfarm1.adition.com ]
C:\Users\Susann\AppData\Roaming\Microsoft\Windows\Cookies\YCI7GQFO.txt [ /ad3.adfarm1.adition.com ]

Trojan.Agent/Gen-Nullo[Short]
C:\PROGRAMDATA\SSAVE NETO\MYO.EXE

Adware.InstallCore
C:\USERS\SUSANN\DOCUMENTS\SKORPIO VERLAG\PDFREADERSETUP_V3.EXE

 

Themen zu Nach Trojanerbefall keine Netzwerkverbindung möglich (ping allgemeiner Fehler, kein DHCP)
4d36e972-e325-11ce-bfc1-08002be10318, appdatalow, application.adserv, c:\windows\system32\roboot64.exe, computer, fehlermeldung, gen:variant.application.kazy.365295, hosts-datei, install.exe, malwarebytes, netzwerk, netzwerkkarte, preferences, problem, problem gelöst, pup.optional.datamngr.a, pup.optional.ezdownloader.a, pup.optional.koyote.a, pup.optional.moviestoolbar.a, pup.optional.multiplug.a, pup.optional.pcperformer.a, pup.optional.regcleanerpro, pup.optional.regcleanerpro.a, pup.optional.regcleanerpro.j, pup.optional.regcleanpro.a, pup.optional.websearchinfo, registrierungsdatenbank, revo uninstaller, traces, trojan.sprotector, windows


« PC reagiert nicht | Browser laufen nach Bereinigung nicht mehr »


Ähnliche Themen: Nach Trojanerbefall keine Netzwerkverbindung möglich (ping allgemeiner Fehler, kein DHCP)


  1. DHCP Client Fehler 1068 bei Start nach Malwarebytes Quarantäne Bereinigung
    Plagegeister aller Art und deren Bekämpfung - 26.04.2015 (1)
  2. Nach Adware Cleaner Meldung: "Keine Internetverbindung". Keine Updates, kein Skype u.ä. mehr möglich!
    Antiviren-, Firewall- und andere Schutzprogramme - 08.01.2015 (15)
  3. Kein Internet trotz Verbindung nach Trojanerbefall
    Plagegeister aller Art und deren Bekämpfung - 07.08.2014 (4)
  4. Win7 nach Trojanerbefall kein Upload mehr möglich.
    Log-Analyse und Auswertung - 30.06.2014 (1)
  5. Nach Neustart von Windows 7 keine Aktionen (Maus+Tastatur) mehr möglich! Allerdings kein Freeze!
    Plagegeister aller Art und deren Bekämpfung - 04.06.2014 (5)
  6. Windows Vista KEINE LAN Verbindung mit INTERNET möglich, statisch / dhcp
    Alles rund um Windows - 01.02.2014 (10)
  7. nach fast fertiger xp reperaturinstallation kein abgesicherter modus und keine windows anmeldung möglich
    Plagegeister aller Art und deren Bekämpfung - 30.03.2013 (0)
  8. BKA-Virus: Kein Internet, kein abgesicherter Modus, keine Systemwiederherstellung möglich
    Plagegeister aller Art und deren Bekämpfung - 14.11.2012 (40)
  9. Keine Netzwerkverbindung nach Löschen des Bundestrojaners
    Plagegeister aller Art und deren Bekämpfung - 19.10.2012 (14)
  10. weißer bildschirm, keine taskleiste, kein taskmanager mehr - kein Klicken möglich
    Plagegeister aller Art und deren Bekämpfung - 29.08.2012 (1)
  11. kein WindowsUpdate möglich - diverse SVCHOST Fehler
    Log-Analyse und Auswertung - 03.11.2010 (4)
  12. Keine Windows Updates möglich: Fehler 0x80072EFD
    Plagegeister aller Art und deren Bekämpfung - 03.10.2010 (1)
  13. Nach Entfernung der AV Security Suite kein Internet mehr....aber Ping geht
    Netzwerk und Hardware - 20.08.2010 (38)
  14. kein Zugriff auf Windowsupdate-Seiten nach Trojanerbefall
    Plagegeister aller Art und deren Bekämpfung - 15.05.2010 (14)
  15. Keine Netzwerkverbindung nach Downadup Removal
    Log-Analyse und Auswertung - 26.09.2009 (1)
  16. keine Netzwerkverbindung,Systemwiederherstellung mehr möglich!
    Plagegeister aller Art und deren Bekämpfung - 08.03.2009 (8)
  17. svchost zu 99% ausgelastet, Ping ins www möglich, kein Seitenaufbau !!
    Log-Analyse und Auswertung - 09.07.2005 (5)
Anleitungen und Tipps

- Für alle Hilfesuchenden! Was beachten?

- Anleitung: MyStartSearch.com entfernen

- Anleitung: WebSearches löschen

- Hilfe: iStartSurf entfernen – so gehts!

- Anleitung: Omiga Plus richtig entfernen

- Browser Viren entfernen


Zum Thema Nach Trojanerbefall keine Netzwerkverbindung möglich (ping allgemeiner Fehler, kein DHCP) - Mahlzeit! Ich lese schön länger mit und vieles hat mir schon geholfen. Aber jetzt ist es vorbei. Nach einem Trojanerbefall (unten näheres) habe ich folgendes Problem: - Beim Verbinden mit - Nach Trojanerbefall keine Netzwerkverbindung möglich (ping allgemeiner Fehler, kein DHCP)...
Archiv
Du betrachtest: Nach Trojanerbefall keine Netzwerkverbindung möglich (ping allgemeiner Fehler, kein DHCP) auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131