| |
| |||||||
Log-Analyse und Auswertung: Windows 7 Virenscanner lässt sich nicht installieren, Firefox strartet selbstständigWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
08.07.2014, 08:54
| #7 |
| |  Windows 7 Virenscanner lässt sich nicht installieren, Firefox strartet selbstständig Hallo Schrauber, danke für die Antwort. Hier die Logfiles. ESET Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7587
# api_version=3.0.2
# EOSSerial=254f6f333428aa48ab35e830dcf4ed68
# engine=19070
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-07-08 07:39:37
# local_time=2014-07-08 09:39:37 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 425944 45394276 0 0
# scanned=299262
# found=184
# cleaned=0
# scan_time=4756
sh=297AB44B22D59DC00DA6E7138A6F57CAAA379D74 ft=1 fh=a263ea30718c1c6d vn="Variante von Win64/Adware.Adpeak.C Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\003\buuoujqmrk64.exe.vir.VIRUS"
sh=B98C851D46F6F34607DEC601FF82469DA350D9EC ft=1 fh=95a049650cc65f75 vn="Variante von Win64/Adware.Adpeak.C Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\004\rqpbhevlkc64.exe.vir.VIRUS"
sh=741518CA17409E0C108EA202464829E6C664ED1E ft=1 fh=52477f93f91d8732 vn="Variante von MSIL/DomaIQ.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files\Uninstaller\Uninstall.exe.vir"
sh=5A3BF792E02A8EF89D0F14E344DDF6AD9D6503CA ft=1 fh=d8a8aa49ce4e751c vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe.vir"
sh=6333DA667A1DB6B690F322886EF8B4DACECD7FE3 ft=1 fh=b02a9a0fb9ff7cbb vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\AspManager.exe.vir"
sh=93DC7D6BB28C238630D65A2766577262C43D17E9 ft=1 fh=f75d7f7c3c1fd884 vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Advanced System Protector\filetypehelper.exe.vir"
sh=E32ECB71CAA5BA1F62D7E28F6E7D76D226677B01 ft=1 fh=fc7b40d4e32d8af5 vn="Win32/Distromatic.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Amazon Browser Bar\search_protect.exe.vir"
sh=83E5B1198954A3971D9E6A1AFE08644EF16BDE2F ft=1 fh=a38179720b1e6f70 vn="Variante von Win32/AnyProtect.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\AnyProtectEx\AnyProtectTrayIcon.exe.vir"
sh=A4315160808D4D754BC09AB562B98557BEBE0BF6 ft=1 fh=c71c0011aa3af91f vn="Variante von Win32/AdWare.AddLyrics.AO Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Buzz-it-soft\Buzz-itE.exe.vir.VIRUS"
sh=D3B56855F6F2E8211D380277478905A2FAF003E9 ft=1 fh=c71c00113eb799cc vn="Variante von Win32/AdWare.AddLyrics.AS Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Buzz-it-soft\Buzz-itf86.exe.vir.VIRUS"
sh=8AA24D5D57CA10037F9428EEBBA5D481B0F3BF69 ft=1 fh=c71c00115b6aba1a vn="Variante von Win32/AdWare.AddLyrics.AN Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Buzz-it-soft\Buzz-itOn171.exe.vir.VIRUS"
sh=9B42F14B63DE9342A63E5AAB6905624EA86BF1D1 ft=1 fh=ad35e6e7bb8b1a62 vn="Variante von Win32/AdWare.AddLyrics.AS Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Buzz-it-soft\Uninstall.exe.vir.VIRUS"
sh=6D00C85C60CAF98D39E5CD07AACE53C757A99C49 ft=1 fh=ed4a7cab0d6835d6 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\goopdateres_ru.dll.vir"
sh=7489D541CA03F640A02B20A33A88C70691D689D5 ft=1 fh=5216003ac57facf4 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\npGoogleUpdate3.dll.vir"
sh=0652CF8AA5ACCADDDD31EE32521742F0CF6A62B0 ft=1 fh=6730b7aa2ee36939 vn="Win32/DealPly.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\DealPlyLive\Update\1.3.23.0\psmachine.dll.vir"
sh=1409EBB3A3E32D47579100DF86DC75C2C3251B1D ft=1 fh=1bb22fea6c29b3c4 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.10.0\deltaApp.dll.vir"
sh=D698B030B32596B463C472026A960115CF8BA08D ft=1 fh=757d60309ad51e46 vn="möglicherweise Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.10.0\deltaEng.dll.vir"
sh=FF2381AE65749BA610DF97FAF88952CF15FEF138 ft=1 fh=d64f7ddedf260d1b vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.10.0\deltasrv.exe.vir"
sh=074AD2C240AB3B311E098DA70E99C4C89063B7C8 ft=1 fh=6104037dd21597ba vn="Variante von Win32/Toolbar.Montiera.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.10.0\deltaTlbr.dll.vir"
sh=3400046C996E0D40BFDA36663BE83C5AF213497E ft=1 fh=ee0b8dcbe432084b vn="Win32/Toolbar.Montiera.J evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.10.0\escortShld.dll.vir"
sh=C9B1C1D6B536D17E425934058F0D49A0876B8C14 ft=1 fh=0271089e341685c4 vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.10.0\uninstall.exe.vir"
sh=B268732563F607687B0B5E63991763FEBF315D46 ft=1 fh=a9a8061b52917652 vn="Variante von Win32/Toolbar.Escort.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.10.0\bh\delta.dll.vir"
sh=1A44373C7D9083D4E83D4C7E63E84EC1B7DF4DDD ft=1 fh=7b1f17aaf5ac4c39 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.22.0\deltaApp.dll.vir"
sh=1039767B6CA8B147053BD89B771B6A1A98B4D15C ft=1 fh=a640223e2df9bd9b vn="möglicherweise Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.22.0\deltaEng.dll.vir"
sh=2716D2D21C1DB1BA71010D57CF048657ACA2A98F ft=1 fh=7c8ed813e1e6936b vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.22.0\deltasrv.exe.vir.VIRUS"
sh=6FA24D6B224C7ABA9882E29822A9671FA732895B ft=1 fh=58b846ad6f97dcfd vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.22.0\uninstall.exe.vir"
sh=1098A866901B7BF47609156BDED0356E468E7DFB ft=1 fh=df33ed2a9d79ec7b vn="Variante von Win32/Toolbar.Escort.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.22.0\bh\delta.dll.vir.VIRUS"
sh=34622C0C9B0F72AB2F67AE3BD7CF94EF76B2B54D ft=1 fh=422f90d5b5335443 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.24.6\deltaApp.dll.vir"
sh=80C8F13A1918FAEEAB9673C1CCF96E52325EE695 ft=1 fh=0aefb751d92be997 vn="möglicherweise Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.24.6\deltaEng.dll.vir"
sh=610CDC3A03DA21A83EB90193BACF1347AAA39A0F ft=1 fh=6544723ffe1f3f66 vn="Variante von Win32/Toolbar.Montiera.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.24.6\deltaTlbr.dll.vir.VIRUS"
sh=AFD5B25F86CFD3045CCFF940A249A1DA89DEDE5D ft=1 fh=c55a3c08e5709f9a vn="Win32/Toolbar.Montiera.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Delta\delta\1.8.24.6\uninstall.exe.vir"
sh=1EC0A3F220F026513E421FA17DF90936C8EBAD48 ft=1 fh=d7325a4bb0bb2d0a vn="Variante von Win32/ELEX.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Desk 365\deskplusdl.exe.vir.VIRUS"
sh=1A537BB9AD766C0F45DBE7CC9B0BDD7A8CD6F02C ft=1 fh=3dde6c4cfc19bf44 vn="Variante von Win32/ELEX.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Desk 365\deskSvc.exe.vir"
sh=D7B2AAB31AB9D8D61B6223A622655418CA4D3E6D ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 1.5\38532.crx.vir.VIRUS"
sh=FA7C0E26AA5D77AAF2974A0240DD673D0D152A5E ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 1.5\38532.xpi.vir.VIRUS"
sh=6F2BD9D97570A45DED11A0DB2AD1D55D7E409913 ft=1 fh=229ecbcd301e067c vn="Win32/Toolbar.CrossRider.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 1.5\Feven 1.5-bg.exe.vir"
sh=A01D6E1C83F592A7F5EDEB8903EF1C64AADA57A1 ft=1 fh=73fb969b74063804 vn="Variante von Win64/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 1.5\Feven 1.5-bho64.dll.vir"
sh=886FDE6E49AB6F3385BD2CE74F0DBF4947274EB0 ft=1 fh=548b6b486ef32a84 vn="Win32/Toolbar.CrossRider.M evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 1.5\Feven 1.5-buttonutil.dll.vir"
sh=9BAE5D8FB43FF67BF9AE5F36A84C7EE570675117 ft=1 fh=3ad31b5f6f79af2e vn="Win32/Toolbar.CrossRider.N evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 1.5\Feven 1.5-buttonutil.exe.vir"
sh=447337AB14F363A030066E0AEEE749D470A13C1E ft=1 fh=00db2348504f4fe9 vn="Variante von Win64/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 1.5\Feven 1.5-buttonutil64.dll.vir"
sh=3FA3F0761EBAFF9A147AEE2A406ACEF1D1144C1B ft=1 fh=da74f39cee092855 vn="Variante von Win64/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 1.5\Feven 1.5-buttonutil64.exe.vir"
sh=07C8D9860F6F6FC5F93AAD97AC02141C8ED25B68 ft=1 fh=4aa8e8f62111304b vn="Variante von Win32/Toolbar.CrossRider.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 1.5\Feven 1.5-codedownloader.exe.vir.VIRUS"
sh=65F597B9E4D0FCD4D50010C3A55CF5DBBACB3579 ft=1 fh=b1e5946ee2312e18 vn="Win32/Toolbar.CrossRider.L evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 1.5\Feven 1.5-helper.exe.vir"
sh=7F57F2FC51409AE519610CCC5BC8076665C653AC ft=1 fh=3df0e3987fad1a15 vn="Variante von Win32/Toolbar.CrossRider.K evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 1.5\Feven 1.5-updater.exe.vir"
sh=E04ABB727567AB7DD22159CF8C2AA75EBCA18144 ft=1 fh=edd75c9e8dccf5e8 vn="Win32/Packed.VMDetector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Feven 1.5\utils.exe.vir"
sh=F0E5DFC9F5903A66E3D2BF8511539955D7E17200 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MediaPlayerplus\54246.crx.vir"
sh=089BB7E56A87C74508E8848076D05281BD3DA473 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MediaPlayerplus\54246.xpi.vir"
sh=677D86005EBDFB5E1F760AD807409DB08536BCDB ft=1 fh=d3c83b4567ac8997 vn="Variante von Win32/Toolbar.CrossRider.AL evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bg.exe.vir.VIRUS"
sh=03968227D47D277355EF6E7A63678E157969140F ft=1 fh=d8accb8698cd2780 vn="Variante von Win64/Toolbar.Crossrider.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MediaPlayerplus\MediaPlayerplus-bho64.dll.vir"
sh=80984286766388010D80EF1854A03C840F95F493 ft=1 fh=c1190a78ba67e05f vn="Variante von Win32/Packed.VMDetector.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\MediaPlayerplus\utils.exe.vir"
sh=E4860D5FC736021C218C5ECEABB00C268D5C49D0 ft=1 fh=8a90c8250dbc4ece vn="Variante von Win32/Toolbar.SearchSuite.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\apcrtldr.dll.vir"
sh=42385CEA71F1A33CB8A6BF1EA70AED988180AB53 ft=1 fh=d94392d828f8b4a9 vn="Variante von Win32/Toolbar.SearchSuite.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\Datamngr.dll.vir"
sh=7B2E4742DF2E101B0860FCEAC9B0AFDE13F17E42 ft=1 fh=6df01fe619fc4bbc vn="Variante von Win32/AdWare.Bandoo.AE Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrChrome.dll.vir"
sh=9D33FC49D0C492282AB70BC4831E6810826D0B3F ft=1 fh=f842e13d90d4f4ca vn="Variante von Win32/Toolbar.SearchSuite.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe.vir"
sh=044C759F1A8FDFD14719DA0AA53B6F865C3B1A70 ft=1 fh=466a7ffde640807b vn="Variante von Win32/Toolbar.SearchSuite.O evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe.vir"
sh=5A724A2BDA20A82667C1FFE9AEEA485930D28F32 ft=1 fh=32a0c8e70bf18ee5 vn="Variante von Win32/Toolbar.SearchSuite.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\del_DM_LL_nsl810E.dll.vir"
sh=0FB316273932836910AE3FB8D5F297493DE7A5C9 ft=1 fh=9d7118e3ef68c63b vn="Variante von Win32/Toolbar.SearchSuite.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\Helper.dll.vir"
sh=FC83D5580E69DC05681CBD088BD215B53A87CF89 ft=1 fh=f2920accee387938 vn="Variante von Win32/Toolbar.SearchSuite.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\IEBHO.dll.vir"
sh=1C8E83A0261402A094162D68BAF04415DF49947B ft=1 fh=bd4eb1c921dbcb01 vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\Internet Explorer Settings.exe.vir"
sh=6EA281BE968AC3B70366E6DB6F0E1DAC4EE6B1F0 ft=1 fh=5531c7981d991a32 vn="Variante von Win32/Toolbar.SearchSuite.S evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\mgrldr.dll.vir"
sh=79747E1A2E2ECD59391DF30AD547C69F2915B35B ft=1 fh=231df5506c90bf35 vn="Win32/AdWare.Bandoo.AD Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\setmgrc1.cfg.vir"
sh=06C7EAE98354E9FA66916B9567988ABE3B97DA8F ft=1 fh=71851554da6e4830 vn="Variante von Win32/Toolbar.SearchSuite.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\Uninstall.exe.vir"
sh=DDCD6F1275B9C4C760FAA8C9C9B8FF117D29EB26 ft=1 fh=a224e389a79b5bad vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\dtuser.exe.vir"
sh=A7399A72B41503ACF603E78989691E112DB51867 ft=1 fh=3ddbf4c13d9f090d vn="Variante von Win32/Toolbar.Visicom.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\__searchresultsDx.dll.vir"
sh=1AB1729A3F5BFD236DE138D12B8E0F3FFA78C2A6 ft=1 fh=48ad535d7a1ce207 vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~1\IE\__searchresultstb.dll.vir"
sh=DDCD6F1275B9C4C760FAA8C9C9B8FF117D29EB26 ft=1 fh=a224e389a79b5bad vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~2\IE\dtuser.exe.vir"
sh=A7399A72B41503ACF603E78989691E112DB51867 ft=1 fh=3ddbf4c13d9f090d vn="Variante von Win32/Toolbar.Visicom.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~2\IE\__searchresultsDx.dll.vir"
sh=1AB1729A3F5BFD236DE138D12B8E0F3FFA78C2A6 ft=1 fh=48ad535d7a1ce207 vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~2\IE\__searchresultstb.dll.vir"
sh=DDCD6F1275B9C4C760FAA8C9C9B8FF117D29EB26 ft=1 fh=a224e389a79b5bad vn="Variante von Win32/Toolbar.Visicom.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~3\IE\dtuser.exe.vir"
sh=A7399A72B41503ACF603E78989691E112DB51867 ft=1 fh=3ddbf4c13d9f090d vn="Variante von Win32/Toolbar.Visicom.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~3\IE\__searchresultsDx.dll.vir"
sh=1AB1729A3F5BFD236DE138D12B8E0F3FFA78C2A6 ft=1 fh=48ad535d7a1ce207 vn="Variante von Win32/Toolbar.Visicom.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\SRTOOL~3\IE\__searchresultstb.dll.vir"
sh=6603A489746EEC452EE2F8265891F9D35D493C2F ft=1 fh=a206e96e62ff4c0a vn="Variante von Win64/Toolbar.SearchSuite.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\x64\apcrtldr.dll.vir"
sh=8E7F262E2456FFDDD6ABF12DB970A0A6746B4CBD ft=1 fh=402e4816eeda7e36 vn="Variante von Win64/Toolbar.SearchSuite.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\x64\Datamngr.dll.vir"
sh=5BE2F4F47197D45AA186314394A8C61DE29D3520 ft=1 fh=3461c23255d24773 vn="Variante von Win64/Toolbar.SearchSuite.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\x64\del_DM_LL_nsl810E.dll.vir"
sh=5751717FDAC627C6A0F4713238393C5840978E00 ft=1 fh=c5422d7692c4916b vn="Variante von Win64/Toolbar.SearchSuite.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\x64\IEBHO.dll.vir"
sh=FF33DAFC2B9BBDF0C7381641A02151BEAF6602A3 ft=1 fh=3873eb98d7f7b95a vn="Variante von Win32/Toolbar.SearchSuite.Q evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\x64\Internet Explorer Settings.exe.vir"
sh=A613BDDC4F5943F9697C7F75AD67D9B579AF00F1 ft=1 fh=07469553cf3324c4 vn="Variante von Win64/Toolbar.SearchSuite.C evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\x64\mgrldr.dll.vir"
sh=86F449EEBC3AC33E506DDEA3E24B72D977438DF8 ft=1 fh=46605f0b8adcee1c vn="Win64/Adware.Bandoo.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Movies Toolbar\Datamngr\x64\setmgrc1.cfg.vir"
sh=8F070D36BA757747527BDF3736EFCBBE1D051B0A ft=1 fh=92aee2bc5570ebe1 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\mysearchdialApp.dll.vir"
sh=B67DF0C86BF6403B0AC8E1DC26A078C678EFC74C ft=1 fh=b945d4e158c45c12 vn="möglicherweise Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\mysearchdialEng.dll.vir.VIRUS"
sh=E869D3646D89D4514F947304703F0483029F6CAF ft=1 fh=9691cee157383ff8 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\mysearchdialsrv.exe.vir"
sh=3246C5908CCDBA82B39C3A0E05285299C4B2CADA ft=1 fh=f7922527b1859756 vn="Variante von Win32/Toolbar.Montiera.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\mysearchdialTlbr.dll.vir.VIRUS"
sh=31D0B125962639ACC9DF9F39782A3207099DD924 ft=1 fh=ca95fc211bc2fbc3 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialApp.dll.vir.VIRUS"
sh=6857BD88EA938B705EFC3FD46D5C91D2C1B3EDE9 ft=1 fh=a2f65d85debd6839 vn="möglicherweise Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialEng.dll.vir.VIRUS"
sh=7ABB587B2A0D80E1EC4B2F1E8BB0E2C194FBB4A0 ft=1 fh=9074270edfd38722 vn="Variante von Win32/Toolbar.Montiera.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialsrv.exe.vir.VIRUS"
sh=3407FB00757C71D9CB28AEC2EC7855FF5D3A6609 ft=1 fh=67364266c19decdd vn="Variante von Win32/Toolbar.Montiera.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.29.0\mysearchdialTlbr.dll.vir.VIRUS"
sh=89DC63472DE94DF3F12DBAE15B7EBE6C04263369 ft=1 fh=7fb9e45e0079471d vn="Variante von Win32/Toolbar.Escort.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\1.8.29.0\bh\mysearchdial.dll.vir.VIRUS"
sh=8F6145BD8F0880546E45BA03E013B958F7C5B7EC ft=1 fh=ec51ffcf586b9fa0 vn="Variante von Win32/Toolbar.Escort.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Mysearchdial\bh\mysearchdial.dll.vir.VIRUS"
sh=2FB6E17B5B1771AF9BBE670D80BC29672A764471 ft=1 fh=45f0ba0365790147 vn="Variante von Win32/SProtector.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProCrash.dll.vir.VIRUS"
sh=1375A8FFF1D262AD65AB09311A91AA9B96E83049 ft=1 fh=72898e0453db9d6a vn="Variante von Win32/SProtector.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProCrashSvc.dll.vir"
sh=9F8E488CB68193DABA2E820964EB6BB5B0053BA0 ft=1 fh=5c179f4fc04177a8 vn="Variante von Win64/SProtector.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll.vir"
sh=2F367F244D08950211E4C05FB8EF8E0959BB773A ft=1 fh=20d3e0bbdedcd685 vn="Variante von Win32/AdWare.SpeedingUpMyPC.D Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProLauncher.exe.vir"
sh=E5DB01AF8C7541396D4C619A55B7B664281A5375 ft=1 fh=97edb4dad52fbf6e vn="Variante von Win32/Adware.SpeedingUpMyPC.C Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe.vir"
sh=B0620B454574191BFA28A172BA2769D49B744D4F ft=1 fh=da2cbaa9ae7ff67b vn="Variante von Win32/SpeedingUpMyPC.F Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\PC Speed Maximizer\PCSpeedMaximizer.exe.vir"
sh=54C7E75A5B413CCE4DD0AE31E535207EF3BE1159 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-1.6\32002.crx.vir"
sh=0BC1A3D8C105537DA301626C539E23B0E6C957AA ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-1.6\32002.xpi.vir.VIRUS"
sh=AEDEBD241B2D4F6386D33D0D96BB1662819C26C9 ft=1 fh=198c49bf5680ed49 vn="Variante von Win64/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-bho64.dll.vir"
sh=8F89DC8BC736E8F2A29C992AF0A2F83826C7669E ft=1 fh=54abba1c672239f8 vn="Variante von Win64/Toolbar.Crossrider.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-1.6\Plus-HD-1.6-buttonutil64.dll.vir"
sh=1F08C4166547F9A95C6B36C5D2E2E10579BD1366 ft=1 fh=e4f100e9489a4ea9 vn="Win32/Packed.VMDetector.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Plus-HD-1.6\utils.exe.vir"
sh=FABF99D84DAE1B16B0BDBA7003ACA991AE40DB47 ft=1 fh=2aca0aed277d57d6 vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\SaveSenseLive.exe.vir.VIRUS"
sh=10903598F769E2AC5F1E2372E90F6722A3A860B7 ft=1 fh=89560075533c3d40 vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\npGoogleUpdate3.dll.vir.VIRUS"
sh=88482528CE4F67A1004B50BA93282CEACCEDE534 ft=1 fh=e40b702402e604d5 vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\psmachine.dll.vir"
sh=FABF99D84DAE1B16B0BDBA7003ACA991AE40DB47 ft=1 fh=2aca0aed277d57d6 vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLive.exe.vir.VIRUS"
sh=70D49B9ABA391E6976DAB5C4BEA63733459B3F1C ft=1 fh=0b76a05977e7722a vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveBroker.exe.vir"
sh=FABF99D84DAE1B16B0BDBA7003ACA991AE40DB47 ft=1 fh=2aca0aed277d57d6 vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveHandler.exe.vir.VIRUS"
sh=F09B9B9B1D16D1539D23CC6ACDE0DC7BC983DF59 ft=1 fh=2dbadf99ca2df2d7 vn="Win32/SaveSense.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\SaveSenseLive\Update\1.3.23.0\SaveSenseLiveOnDemand.exe.vir"
sh=BFB609ED6CFC882F193F64E0C4B30D106106B64D ft=1 fh=bd431ef42f430194 vn="Win32/ShopperPro.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ShopperPro\ShopperPro.dll.vir"
sh=07AE4D6DDA1459689E1D5389F0E6826BC69AC82D ft=1 fh=14f16cf84965c313 vn="Variante von Win32/ShopperPro.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ShopperPro\ShopperPro.exe.vir"
sh=561EC2822E18343DAA736197901F3B4D487D9E86 ft=1 fh=0cea4f6b79b2b8af vn="Win64/ShopperPro.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ShopperPro\ShopperPro64.dll.vir"
sh=D5C6D1E35285D8AD3BFD28C5663597DB70419722 ft=1 fh=82327c63794ba811 vn="Variante von Win32/ShopperPro.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\ShopperPro\Updater.exe.vir"
sh=B992ED7A1B4DF30F6AF8A911FBFDE92ED9F77519 ft=1 fh=5dac4dde3cd39976 vn="Variante von MSIL/DomaIQ.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Uninstaller\Uninstall.exe.vir"
sh=A252FEDCEEDCA1655D593982040CCEED07812DEF ft=1 fh=975aa770e795194d vn="Win32/Wajam.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Wajam\Updater\WajamUpdater.exe.vir"
sh=28B51176D6A6087C267C15AE8D32F98701F1E080 ft=1 fh=ee5922ade32ec373 vn="Variante von Win32/ELEX.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\WinZipper\winzipersvc.exe.vir"
sh=54A8802E779AE281FF1B259B5559145E5F781968 ft=1 fh=c71c001102f2b850 vn="Variante von Win32/AdWare.MultiPlug.N Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\easytoshop\gOT8meg.dll.vir.VIRUS"
sh=2648349A062066B2B4D9F44854780414B69D59DB ft=1 fh=c71c00110fd81f90 vn="Variante von Win64/Adware.MultiPlug.A Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\easytoshop\gOT8meg.x64.dll.vir.VIRUS"
sh=95D8C7F2851240F836D46EBD0DCB0BBAE3C9C3C8 ft=1 fh=c39b2415a29978f2 vn="Variante von Win32/ELEX.AD evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\IePluginService\PluginService.exe.vir.VIRUS"
sh=6F7DA0B999F2A216A65FC4F4740D1E37BF8D3DAD ft=1 fh=c71c0011adf2139a vn="Variante von Win32/AdWare.MultiPlug.T Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\KKinGCoupon\fnN.dll.vir.VIRUS"
sh=0BFE90FAB6F10C0104F69A06184B63F7FBDBFD93 ft=1 fh=c71c0011f25c11fd vn="Variante von Win32/AdWare.MultiPlug.T Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\KKinGCoupon\fnN.exe.vir.VIRUS"
sh=17B24E567626BE32B4ED4541A957BA3EC1E8DA41 ft=1 fh=c71c0011b9dd8ce9 vn="Variante von Win64/Adware.MultiPlug.C Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\KKinGCoupon\fnN.x64.dll.vir.VIRUS"
sh=BFB609ED6CFC882F193F64E0C4B30D106106B64D ft=1 fh=bd431ef42f430194 vn="Win32/ShopperPro.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\ShopperPro\ShopperPro.dll.vir"
sh=561EC2822E18343DAA736197901F3B4D487D9E86 ft=1 fh=0cea4f6b79b2b8af vn="Win64/ShopperPro.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\ShopperPro\ShopperPro64.dll.vir"
sh=91403A26D23237F6F93273B244B2FD558ACCF3F7 ft=1 fh=2db2a806fbb0a318 vn="möglicherweise Variante von Win32/Adware.Yontoo.B Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\Tarma Installer\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}\_Setupx.dll.vir"
sh=2FA019C3D1CC2BC1905FBD6765DA3CFBE851DD64 ft=1 fh=f275e610e24fd946 vn="Win64/Toolbar.SearchSuite.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\wincert\del_64DLL_nsf2D6E.dll.vir"
sh=E15DF75E5B81A209E0E453092C9610C3F8DC7073 ft=1 fh=8918dac93ad3a346 vn="Win32/Toolbar.SearchSuite.M evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\wincert\win32cert.dll.vir"
sh=9B56D5787C88CF939DABA1E9273775A1D33EF25F ft=1 fh=8aacdf233e2d6e39 vn="Win32/Toolbar.SearchSuite.M evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\wincert\win32prop.dll.vir"
sh=2FA019C3D1CC2BC1905FBD6765DA3CFBE851DD64 ft=1 fh=f275e610e24fd946 vn="Win64/Toolbar.SearchSuite.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\wincert\win64cert.dll.vir"
sh=34ABB88310B01A075382292FDE9F2B6E727E5D66 ft=1 fh=1bef8d0f51d0bf3a vn="Win64/Toolbar.SearchSuite.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\wincert\win64prop.dll.vir"
sh=9BA6DC699104472080E202066F9A6194C861BBC4 ft=1 fh=644180d9ce5cd441 vn="Win32/AnyProtect.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Local\AnyProtectScannerSetup.exe.vir"
sh=C7438D942F5D66F71822D807D890EA30B68DEA5E ft=1 fh=cea6bc5b719b3fa1 vn="Variante von Win32/DealPly.M evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Local\SaveSense\SaveSenseUpdateVer.exe.vir"
sh=45A00CBBE698665BCC1D163926EBA65E7BD32AC3 ft=1 fh=d540c0af311fbf80 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Local\Smartbar\Application\SmartbarInternetExplorerBHO.dll.vir"
sh=20E69E37AC8C04AE910C1D292770CD68163C4409 ft=1 fh=3155f889dd0dbf9a vn="Variante von MSIL/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Local\Smartbar\Application\SmartbarInternetExplorerExtension.dll.vir"
sh=1E5DB8057720A153D3E851B8FC37F8EC980EE8E7 ft=1 fh=a65556fe5bee8b10 vn="Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Local\Smartbar\Application\amfclgbdpgndipgoegfpkkgobahigbcl\GoogleChromeRemotePlugin.dll.vir"
sh=506CF74F58DEE1A450C9840FDB8F93490FA23BFD ft=1 fh=47e454377749b8d6 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_24.dll.vir"
sh=04F888260E1E0DF879B2C63693EA9C746D6F938E ft=1 fh=c0789a66bf16a7a5 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_25.dll.vir"
sh=4B298F597E719B98DBEAE306E363719AFA1CD074 ft=1 fh=1a0789ee68cbf649 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_26.dll.vir"
sh=C4229E29B0D547CCA2EC493C9359F7FCE27CB5E2 ft=1 fh=353735db63e62932 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_27.dll.vir"
sh=4651567B6F6C117C61B452373FA19E9C0FE0E814 ft=1 fh=9d26a6a798748e85 vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_28.dll.vir"
sh=A430BD4F7C79FB7C27DC0DC7ADEA629BB707F96A ft=1 fh=01b69ef96ed28c0c vn="Variante von Win32/Toolbar.Linkury.D evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Local\Smartbar\Application\helperbar@helperbar.com\components\SmartbarFireFoxRemotePlugin_29.dll.vir"
sh=5DA338E36AC330751F6F83F83590D7F0DCEEA546 ft=1 fh=8e8a24b10317c97e vn="Variante von Win32/Toolbar.SearchSuite.P evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Local\torch\Helper.dll.vir"
sh=4AFB1A8A9B6234518266E5EC2312F6F5FF90B499 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Local\torch\User Data\Default\Cache\f_000635.vir"
sh=7C05A460CED51E5C586D5651A9D4822B41BD3D80 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Local\torch\User Data\Default\Cache\f_00069c.vir"
sh=3972109B1974BEA7EAA2CFCAF92269548E9C2E72 ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Local\torch\User Data\Default\Cache\f_0006d5.vir"
sh=4F1C38F649CC3DF6B317972621DE7C6317D076AE ft=0 fh=0000000000000000 vn="JS/Toolbar.Crossrider.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Local\torch\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd\1.26.21_0\extensionData\plugins\91.js.vir"
sh=4A6A0F4255AF0736D186189E46ED9D164FA2FB3F ft=1 fh=18fb82cd25e5988e vn="Variante von Win32/DomaIQ.BK evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Local\torch\User Data\Default\File System\000\t\00\00000001.vir.VIRUS"
sh=85A199E2D11AF93BEFA2086BDA319E52621ECD6D ft=1 fh=e5029e0356f39201 vn="Variante von Win32/DomaIQ.BB evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Local\torch\User Data\Default\File System\001\t\00\00000000.vir.VIRUS"
sh=CCFF8FD6CCA3EFBF708B608F0795E4797DAD5BA2 ft=1 fh=6884fd3f20959c4c vn="Variante von Win32/DomaIQ.BB evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Local\torch\User Data\Default\File System\002\t\00\00000000.vir.VIRUS"
sh=2DAAB83B0439BC76845E58F3F7DDB84EE8E210C4 ft=1 fh=855a37aa5dbeb36f vn="Win32/InstallCore.PC evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Roaming\0C1I1L1R1J0M1P0I1G\VuuPC Packages\uninstaller.exe.vir"
sh=1549CF4F9282F1B42A58B5E050E12EF0AD669798 ft=1 fh=ffe6693d8bc7d6c5 vn="Win32/Toolbar.Babylon.I evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Roaming\BabSolution\Shared\BabMaint.exe.vir"
sh=BE3A5951F9D566E9C0B10B41781E42A3A8562B12 ft=1 fh=bfe637157b287a9d vn="Variante von Win32/Toolbar.Babylon.W evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Roaming\BabSolution\Shared\enhancedNT.dll.vir"
sh=6BEC571BC3DA3DD5D2A35422FBD1CD5CEC49B964 ft=0 fh=0000000000000000 vn="Win32/Adware.AddLyrics.L Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\mqk0njry.default\Extensions\130\chrome\content\main.js.vir"
sh=8E84B3369C409B88BFF2F167495B5BDA08485065 ft=1 fh=cea6bc5b1fc91d53 vn="Variante von Win32/DealPly.S evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Roaming\SaveSense\UpdateProc\UpdateTask.exe.vir"
sh=464FD963183897BB987030A2097E759ED613A79C ft=1 fh=d1e1cc77b7d23939 vn="Variante von Win32/Thinknice.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Roaming\SupTab\SupTab.dll.vir.VIRUS"
sh=3D4C9A423D5D33794A3B29AD3ED5602500098CE8 ft=0 fh=0000000000000000 vn="Variante von MSIL/DomaIQ.E evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Roaming\Systweak\Advanced System Protector\Quarantine\adware.domaiq._qt_.vir.VIRUS"
sh=E8E6BB9ACD4A31B6BBCC4A80E31154E0E9DF8180 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Babylon.V evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Roaming\Systweak\Advanced System Protector\Quarantine\malware.agent._qt_.vir"
sh=BC422B3C4B4DD016270A01F3ADF504366BE55C7F ft=0 fh=0000000000000000 vn="Variante von Win32/Wajam.G evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Roaming\Systweak\Advanced System Protector\Quarantine\malware.ie._qt_.vir"
sh=01AD3B6BC8B1A242197047F7B08F013BE3D0C4D1 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Babylon.W evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Roaming\Systweak\Advanced System Protector\Quarantine\pup.bundleinstaller._qt_.vir.VIRUS"
sh=C515632A51A22678894193AEF1AAD442491B335C ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.DefaultTab.B evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Roaming\Systweak\Advanced System Protector\Quarantine\pup.defaulttab._qt_.vir"
sh=56D188403CB0E4C98773134494093652AA0857C2 ft=0 fh=0000000000000000 vn="Variante von Win32/Toolbar.Linkury.F evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Roaming\Systweak\Advanced System Protector\Quarantine\pup.optional._qt_.vir.VIRUS"
sh=ED998D4627E3006D0A1423F1F8650BD502ABB799 ft=0 fh=0000000000000000 vn="Win32/Toolbar.Babylon.U evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Computer\AppData\Roaming\Systweak\Advanced System Protector\Quarantine\trojan.agent._qt_.vir"
sh=2C494B60F6B3BDD93F7B64FAA5545C3F24A9CDA1 ft=1 fh=59764e4444c293a9 vn="Variante von Win32/AnyProtect.D evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Computer\AppData\Local\nsd3B9A.tmp.vir"
sh=013B7891099C149B922352B68797D0EE3F7A094A ft=1 fh=c71c0011eb26300d vn="Win32/VOPackage.C evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Computer\AppData\Local\nsl5C18.tmp.vir"
sh=3E80573FD1D1BC15315B1B3BB94A4E91AD429048 ft=1 fh=abbd31e3f6e7905e vn="Win32/AnyProtect.D evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Computer\AppData\Local\nsq9933.tmp.vir"
sh=013B7891099C149B922352B68797D0EE3F7A094A ft=1 fh=c71c0011eb26300d vn="Win32/VOPackage.C evtl. unerwünschte Anwendung" ac=I fn="C:\Qoobox\Quarantine\C\Users\Computer\AppData\Local\nsrA8C.tmp.vir"
sh=C6B44F78F2397DE2F60970B4F8BE825CC5D2CD23 ft=1 fh=221cbc7fa0bb8f1b vn="Variante von Win32/SpeedBit.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Computer\AppData\Local\Installer\Install_15766\ytdownloader_ww_setup_20140203.exe"
sh=C6B44F78F2397DE2F60970B4F8BE825CC5D2CD23 ft=1 fh=221cbc7fa0bb8f1b vn="Variante von Win32/SpeedBit.A evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Computer\AppData\Local\Installer\Install_26274\ytdownloader_ww_setup_20140203.exe"
sh=BCEB518F8911E047E9DC5B0798B2C38B4260BFA3 ft=1 fh=28814f77d171d827 vn="MSIL/AdvancedSystemProtector.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Computer\Downloads\advancedfileoptimizersetup_PDF.exe"
sh=512A07BB856E1D1884204FD86722744B6393E18B ft=1 fh=8839b1d98d2facde vn="Variante von MSIL/AdvancedSystemProtector.B evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Computer\Downloads\aspsetup.exe"
sh=3AAC9BE2B82F5FFBFEE8B7A66D77271DC9305781 ft=1 fh=8fb93d435df59318 vn="Variante von Win32/SpeedingUpMyPC.F Anwendung" ac=I fn="C:\Users\Computer\Downloads\PCSpeedMaximizer.exe"
sh=58636D9D54C7B4B38A6D7198D05F62CFF860E600 ft=1 fh=854234364ad5f832 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Computer\Downloads\PCSpeedMaximizer_AQDE_EM_adhoc.exe"
sh=3947DC53990D4C0F5E5F655818233800CF9F601B ft=0 fh=0000000000000000 vn="Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\76414.msi"
sh=E1FD38D19BAF8784FF0BBC7C0C02500ED2766433 ft=1 fh=d5332291bae29db0 vn="Variante von MSIL/Toolbar.Linkury.E evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI8947.tmp-\Smartbar.Resources.LanguageSettings.resources.dll"
sh=292EDFC66D493DE4016AEC0CA33BBC6DE34E1A27 ft=1 fh=5c16a016d6377857 vn="Variante von MSIL/Toolbar.Linkury.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\MSI8947.tmp-\Smartbar.Resources.SetBrowsersSettings.dll"
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[1]"
sh=E4333469F3070D049E4FDA053756B96B9F59569B ft=1 fh=5e9b3d881266bb41 vn="Win32/Distromatic evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-2[1].VIRUS"
sh=63981687FFC14608CDAE65C7EFEA1B24ACAF1DF4 ft=1 fh=c82ffca9f6717ccb vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-3[1]"
sh=29E421AB9476F9D2E23DAC7CFDE8DD9EE9D0768A ft=1 fh=d53e88ba43d6b8ab vn="Win32/Distromatic.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-4[1]"
sh=0FB316273932836910AE3FB8D5F297493DE7A5C9 ft=1 fh=9d7118e3ef68c63b vn="Variante von Win32/Toolbar.SearchSuite.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Temp\nsz715A.tmp\Helper.dll"
sh=319246C2064010418D1CC5718E835DD302F990BC ft=1 fh=6d631669bca3599f vn="Variante von Win32/Toolbar.SearchSuite.M evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\System32\config\systemprofile\AppData\Local\Temp\nsz715A.tmp\Starter.exe"
sh=3DAE542BD4F0368B19B4047C0838D3F4FC4DA090 ft=1 fh=9b1350829aeb80db vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-abb-fix[1]"
sh=E4333469F3070D049E4FDA053756B96B9F59569B ft=1 fh=5e9b3d881266bb41 vn="Win32/Distromatic evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-2[1].VIRUS"
sh=63981687FFC14608CDAE65C7EFEA1B24ACAF1DF4 ft=1 fh=c82ffca9f6717ccb vn="Variante von Win32/Distromatic.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-3[1]"
sh=29E421AB9476F9D2E23DAC7CFDE8DD9EE9D0768A ft=1 fh=d53e88ba43d6b8ab vn="Win32/Distromatic.B evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\distro-search-protect-fix-4[1]"
sh=0FB316273932836910AE3FB8D5F297493DE7A5C9 ft=1 fh=9d7118e3ef68c63b vn="Variante von Win32/Toolbar.SearchSuite.C evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temp\nsz715A.tmp\Helper.dll"
sh=319246C2064010418D1CC5718E835DD302F990BC ft=1 fh=6d631669bca3599f vn="Variante von Win32/Toolbar.SearchSuite.M evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Temp\nsz715A.tmp\Starter.exe"
Code:
ATTFilter Results of screen317's Security Check version 0.99.85
x64 (UAC is enabled)
Internet Explorer 10 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Defender
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Adobe Flash Player 11.9.900.170 Flash Player out of Date!
Mozilla Firefox (30.0)
Google Chrome 33.0.1750.154
Google Chrome 34.0.1847.131
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by Computer (administrator) on PCBECKER on 08-07-2014 09:49:54
Running from C:\Users\Computer\Desktop
Platform: Windows 8 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.0.1119.516_x64__8wekyb3d8bbwe\LiveComm.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe
(Microsoft® Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
(Microsoft® Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Works Shared\WksCal.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Portal\Sdd.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\PmmUpdate.exe
(Egis Technology Inc.) C:\Program Files\EgisTec IPS\EgisUpdate.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12921488 2012-07-02] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-03-22] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKU\.DEFAULT\...\RunOnce: [IsMyWinLockerReboot] - msiexec.exe /qn /x{voidguid}
HKU\S-1-5-21-424039607-3106668974-96046439-1001\...\Run: [Spotify Web Helper] => C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe [1193176 2012-10-03] ()
HKU\S-1-5-21-424039607-3106668974-96046439-1001\...\Run: [Steam] => C:\Steam\Steam.exe [1754816 2014-05-29] (Valve Corporation)
HKU\S-1-5-21-424039607-3106668974-96046439-1001\...\Run: [AcerCloud] => C:\Program Files (x86)\Acer\Acer Portal\acpanel_win.exe [18247424 2014-02-13] (Acer Incorporated)
HKU\S-1-5-21-424039607-3106668974-96046439-1001\...\Run: [Google+ Auto Backup] => C:\Users\Computer\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3619096 2014-01-06] (Google Inc.)
HKU\S-1-5-21-424039607-3106668974-96046439-1001\...\Run: [GoogleChromeAutoLaunch_99AE18632314C5772DDF1A65D9BFB3A0] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [841032 2014-04-24] (Google Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Erinnerungen für Microsoft Works-Kalender.lnk
ShortcutTarget: Erinnerungen für Microsoft Works-Kalender.lnk -> C:\Program Files (x86)\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe (Microsoft® Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.symantec.com/redirects/security_response/fix_homepage/index.jsp?lg=de&pid=NIS&pvid=21.3.0.12
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {63183CC4-C8CA-4276-BDF2-47706CC4EC60} URL = hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=tugumsd&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtB0E0ByCyDzy0DtA0EtBtCtN0D0Tzu0CyCyCtDtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu2Z2Y1N2Y1H1B1Q&cr=691960370&ir=
SearchScopes: HKLM - {7EC40E7C-DA68-857B-84C7-3AD81B7A9077} URL = hxxp://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MAARJS
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - URL hxxp://search.conduit.com/Results.aspx?ctid=CT3320216&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP3A298DD6-1F89-4B53-B768-CE94BDB5B920&q={searchTerms}&SSPV=
SearchScopes: HKCU - SuggestionsURL_JSON hxxp://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms}
SearchScopes: HKCU - {9BB47C17-9C68-4BB3-B188-DD9AF0FD2} URL = hxxp://dts.search.ask.com/sr?src=ieb&gct=ds&appid=&systemid=&v=-&apn_uid=&apn_dtid=BND&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
BHO-x32: easYtosHop - {E569D2C5-82B3-56D7-CC4E-2E3DF6A278BD} - C:\ProgramData\easYtosHop\gOT8meg.dll No File
BHO-x32: CoonverrtMe - {E664A4CA-CBB5-9B01-D333-2B7AFB5CB4C2} - C:\ProgramData\CoonverrtMe\aKj_.dll No File
Handler: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - No File
Handler-x32: http\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: http\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: https\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: ipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\0x00000001 - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Handler-x32: msdaipp\oledb - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\Program Files (x86)\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\mqk0njry.default
FF Homepage: hxxp://www.amazon.de/gp/bit/amazonserp/ref=bit_bds-p23_serp_ff_de_display?ie=UTF8&tagbase=bds-p23&tbrId=v1_abb-channel-23_99f740896c4e4f5db538310a9845c664_39_1006_20130731_DE_ff_sp_
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin-x32: @canon.com/MycameraPlugin - C:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll (CANON INC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 - C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.20 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\3\NP_wtapp.dll ()
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF HKLM-x32\...\Firefox\Extensions: [shortcutff@gmail.com] - C:\Users\Computer\AppData\Roaming\Mozilla\Firefox\Profiles\mqk0njry.default\extensions\shortcutff@gmail.com
Chrome:
=======
CHR HomePage: hxxp://www.google.com/
CHR DefaultSearchKeyword: ask.com
CHR DefaultSearchProvider: Ask.com
CHR DefaultSearchURL: hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=&systemid=&v=-&apn_uid=&apn_dtid=BND&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
CHR DefaultNewTabURL:
CHR Extension: (Google Docs) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-18]
CHR Extension: (Google Drive) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-10]
CHR Extension: (YouTube) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-10]
CHR Extension: (Google-Suche) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-10]
CHR Extension: (Raven Internet Marketing Tools) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijfnifaophpooekkminfbekpgmanjlcf [2014-06-09]
CHR Extension: (Google Wallet) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-13]
CHR Extension: (Google Mail) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-18]
CHR Extension: (Anti-Banner) - C:\Users\Computer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-06-25]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Services (Whitelisted) =================
S4 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Portal\CCDMonitorService.exe [2797312 2013-11-25] (Acer Incorporated)
S4 cjpcsc; C:\Windows\SysWOW64\cjpcsc.exe [514128 2012-03-19] (REINER SCT)
S4 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [658576 2012-08-22] (Acer Incorporated)
S4 ExpressCache; C:\Program Files\Diskeeper Corporation\ExpressCache\ExpressCache.exe [79664 2012-03-30] (Diskeeper Corporation)
S4 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-06-15] (WildTangent)
S4 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-03-22] (Intel Corporation)
S4 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [File not signed]
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-03-20] (Intel Corporation)
S2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [50688 2013-11-14] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [66048 2013-11-14] (Hewlett-Packard) [File not signed]
S4 StarMoney 8.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 8.0\ouservice\StarMoneyOnlineUpdate.exe [699680 2012-12-21] (Star Finanz - Software Entwicklung und Vertriebs GmbH)
S4 StarMoney 9.0 OnlineUpdate; C:\Program Files (x86)\StarMoney 9.0\ouservice\StarMoneyOnlineUpdate.exe [663184 2014-01-27] (Star Finanz-Software Entwicklung und Vertriebs GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [14920 2013-01-29] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21600 2013-03-29] (Advanced Micro Devices, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [29696 2012-09-20] (Microsoft Corporation)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-14] (Advanced Micro Devices)
S3 cjusb; C:\Windows\system32\DRIVERS\cjusb.sys [34672 2011-03-29] (REINER SCT)
R3 e1cexpress; C:\Windows\system32\DRIVERS\e1c63x64.sys [498032 2012-07-12] (Intel Corporation)
R1 excfs; C:\Windows\System32\DRIVERS\excfs.sys [23344 2012-03-30] (Diskeeper Corporation)
R0 excsd; C:\Windows\System32\DRIVERS\excsd.sys [95024 2012-03-30] (Diskeeper Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-03-20] (Intel Corporation)
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [46376 2014-06-02] (NetFilterSDK.com)
S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-06-23] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 RSUSBSTOR; \SystemRoot\System32\Drivers\RtsUStor.sys [X]
S2 SPDRIVER_1.0.0.21; \??\C:\Program Files (x86)\ShopperPro\JSDRIVER\1.0.0.21\JSDRV.SYS [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-08 09:49 - 2014-07-08 09:49 - 00000000 ____D () C:\Users\Computer\Desktop\FRST-OlderVersion
2014-07-08 08:09 - 2014-07-08 08:09 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-07 09:27 - 2014-07-08 09:49 - 02084352 _____ (Farbar) C:\Users\Computer\Desktop\FRST64.exe
2014-07-07 09:27 - 2014-07-08 09:49 - 00014305 _____ () C:\Users\Computer\Desktop\FRST.txt
2014-07-07 09:25 - 2014-07-07 09:25 - 00001872 _____ () C:\Users\Computer\Desktop\JRT.txt
2014-07-07 09:22 - 2014-07-07 09:22 - 00000000 ____D () C:\Windows\ERUNT
2014-07-07 09:21 - 2014-07-07 09:15 - 01016261 _____ (Thisisu) C:\Users\Computer\Desktop\JRT.exe
2014-07-04 11:29 - 2014-07-04 11:29 - 00015568 _____ () C:\ComboFix.txt
2014-07-04 11:18 - 2014-07-04 11:29 - 00000000 ____D () C:\Qoobox
2014-07-04 11:18 - 2014-07-04 11:29 - 00000000 ____D () C:\ComboFix
2014-07-04 11:18 - 2014-07-04 11:28 - 00000000 ____D () C:\Windows\erdnt
2014-07-04 11:18 - 2014-07-04 11:15 - 05213907 ____R (Swearware) C:\Users\Computer\Desktop\ComboFix.exe
2014-07-04 11:18 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-04 11:18 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-04 11:18 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-04 11:18 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-04 11:18 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-07-04 11:18 - 2000-08-31 02:00 - 00212480 _____ (SteelWerX) C:\Windows\SWXCACLS.exe
2014-07-04 11:18 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-04 11:18 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-04 11:18 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-04 10:34 - 2014-07-04 10:34 - 00001264 _____ () C:\Users\Computer\Desktop\Revo Uninstaller.lnk
2014-07-04 10:34 - 2014-07-04 10:34 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-04 09:24 - 2014-07-08 09:49 - 00000000 ____D () C:\FRST
2014-07-04 09:24 - 2014-07-04 09:24 - 00000000 _____ () C:\Users\Computer\defogger_reenable
2014-07-03 14:53 - 2014-07-03 14:54 - 04161050 _____ () C:\Users\Computer\Downloads\tdsskiller.zip
2014-07-03 14:22 - 2014-07-03 14:22 - 00380416 _____ () C:\Users\Computer\Downloads\rhstcvpu.exe
2014-07-03 11:21 - 2014-07-03 11:28 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-07-03 10:57 - 2014-07-03 11:02 - 281672840 ____N (Symantec Corporation) C:\Users\Computer\Downloads\NIS-ESD-21.3.0-GE.exe
2014-07-03 08:30 - 2014-07-07 09:04 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-03 08:29 - 2014-07-03 08:29 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-03 08:29 - 2014-07-03 08:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-03 08:29 - 2014-07-03 08:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-03 08:29 - 2014-07-03 08:29 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-03 08:29 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-03 08:29 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-03 08:29 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-03 08:27 - 2014-07-03 08:28 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Computer\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-02 11:34 - 2014-07-02 11:34 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-07-02 11:34 - 2014-07-02 11:34 - 00000000 _____ () C:\Windows\HPMProp.INI
2014-07-02 11:34 - 2013-12-04 00:14 - 00601376 _____ (HP) C:\Windows\SysWOW64\hpcdmc32.dll
2014-07-02 11:34 - 2013-12-04 00:14 - 00237344 _____ (Hewlett-Packard Company) C:\Windows\system32\hpmlm135.dll
2014-07-02 11:34 - 2013-12-04 00:13 - 00217376 _____ (Hewlett-Packard) C:\Windows\system32\hpmml160.dll
2014-07-02 11:34 - 2013-12-04 00:13 - 00189728 _____ (Hewlett-Packard) C:\Windows\system32\hpmpm081.dll
2014-07-02 11:34 - 2013-12-04 00:13 - 00162080 _____ (Hewlett-Packard) C:\Windows\system32\hpmtp160.dll
2014-07-02 11:34 - 2013-12-04 00:13 - 00074016 _____ (Hewlett-Packard) C:\Windows\system32\hpmpw081.dll
2014-07-02 11:34 - 2013-12-04 00:12 - 00199968 _____ (Hewlett-Packard) C:\Windows\system32\hpmja160.dll
2014-07-02 11:34 - 2013-12-04 00:11 - 00447264 _____ (Hewlett-Packard Corporation) C:\Windows\system32\hpcpn160.dll
2014-07-02 11:34 - 2013-12-04 00:11 - 00140064 _____ (Hewlett-Packard) C:\Windows\system32\hpcjpm.dll
2014-07-02 11:34 - 2013-12-04 00:07 - 00446240 _____ (Hewlett Packard Corporation) C:\Windows\SysWOW64\hpcc3160.dll
2014-07-02 11:34 - 2011-02-11 14:23 - 00193592 _____ (Hewlett-Packard) C:\Windows\system32\hppdcompio.dll
2014-07-02 11:34 - 2011-02-11 14:23 - 00167480 _____ (Hewlett-Packard) C:\Windows\SysWOW64\hppccompio.dll
2014-07-02 11:34 - 2009-02-25 16:32 - 00060440 _____ (Hewlett-Packard) C:\Windows\system32\FxCompChannel_x64.dll
2014-07-02 11:08 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-02 11:06 - 2014-07-07 09:18 - 00000000 ____D () C:\AdwCleaner
2014-07-02 11:06 - 2014-07-02 11:06 - 01346519 _____ () C:\Users\Computer\Downloads\adwcleaner_3.214.exe
2014-07-02 11:01 - 2014-07-03 09:16 - 00000795 _____ () C:\Windows\setupact.log
2014-07-02 11:01 - 2014-07-02 11:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-29 23:30 - 2014-06-29 23:30 - 00000000 ____D () C:\Program Files (x86)\A6ADCE5D-859A-4E7E-B0B2-D07F8AB9237E
2014-06-28 13:55 - 2014-06-27 17:49 - 01286520 _____ (Netviewer AG) C:\Users\Computer\Desktop\diagnose.exe
2014-06-28 13:49 - 2014-06-28 13:49 - 01286520 _____ (Netviewer AG) C:\Users\Computer\Downloads\diagnose (1).exe
2014-06-27 18:37 - 2014-06-27 18:37 - 00000863 _____ () C:\Users\Computer\Desktop\Kaspersky Internet Security Version 14.0.1.4651 installieren.zip
2014-06-27 17:49 - 2014-06-27 17:49 - 01286520 _____ (Netviewer AG) C:\Users\Computer\Downloads\diagnose.exe
2014-06-26 21:30 - 2014-06-26 21:30 - 00000000 ____D () C:\Program Files (x86)\C1788BAC-0FCE-48F4-AF6A-AB180B237191
2014-06-25 16:17 - 2014-07-03 09:29 - 00001080 _____ () C:\Users\Computer\Desktop\Kaspersky Internet Security Version 14.0.1.4651 installieren.lnk
2014-06-24 22:57 - 2014-06-24 22:57 - 00287864 _____ () C:\Windows\Minidump\062414-18843-01.dmp
2014-06-22 21:47 - 2014-06-22 21:47 - 00287864 _____ () C:\Windows\Minidump\062214-19421-01.dmp
2014-06-22 21:46 - 2014-06-22 21:46 - 00000017 _____ () C:\Users\Computer\AppData\Local\resmon.resmoncfg
2014-06-20 22:20 - 2014-06-20 22:20 - 00007312 _____ () C:\Windows\system32\SettingsFile
2014-06-15 18:24 - 2014-06-15 18:24 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-06-09 22:11 - 2014-06-09 22:11 - 00000000 _____ () C:\Windows\SysWOW64\㩃啜敳獲䍜浯異整屲灁䑰瑡屡潒浡湩屧潍楺汬屡楆敲潦屸牐景汩獥浜歱渰牪敤慦汵屴潣歯敩煳楬整
2014-06-09 14:14 - 2014-06-09 14:14 - 03448360 _____ (Smart PC Solutions ) C:\Users\Computer\Downloads\PCSpeedMaximizer.exe
2014-06-09 14:00 - 2014-06-09 14:00 - 00287864 _____ () C:\Windows\Minidump\060914-14000-01.dmp
2014-06-09 12:08 - 2014-06-09 12:08 - 00256992 _____ () C:\Users\Computer\Downloads\DriverFinder_Setup.exe
2014-06-09 12:04 - 2014-06-09 12:04 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\DriverFinder
2014-06-09 11:54 - 2014-06-23 23:57 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2014-06-09 11:54 - 2014-06-09 11:54 - 00002469 _____ () C:\Users\Public\Desktop\DriverUpdate.lnk
2014-06-09 11:54 - 2014-06-09 11:54 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-06-09 11:54 - 2014-06-09 11:54 - 00000000 ____D () C:\Users\Computer\AppData\Local\SlimWare Utilities Inc
2014-06-09 11:54 - 2014-06-09 11:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverUpdate
2014-06-09 11:54 - 2014-06-09 11:54 - 00000000 ____D () C:\Program Files (x86)\DriverUpdate
==================== One Month Modified Files and Folders =======
2014-07-08 09:50 - 2014-07-07 09:27 - 00014305 _____ () C:\Users\Computer\Desktop\FRST.txt
2014-07-08 09:49 - 2014-07-08 09:49 - 00000000 ____D () C:\Users\Computer\Desktop\FRST-OlderVersion
2014-07-08 09:49 - 2014-07-07 09:27 - 02084352 _____ (Farbar) C:\Users\Computer\Desktop\FRST64.exe
2014-07-08 09:49 - 2014-07-04 09:24 - 00000000 ____D () C:\FRST
2014-07-08 09:32 - 2013-07-29 19:27 - 00001138 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-08 09:00 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\system32\sru
2014-07-08 08:14 - 2013-01-25 19:07 - 00003592 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-424039607-3106668974-96046439-1001
2014-07-08 08:09 - 2014-07-08 08:09 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-08 08:09 - 2013-02-21 23:16 - 00000000 ____D () C:\Steam
2014-07-07 09:40 - 2012-10-03 13:45 - 01884646 _____ () C:\Windows\WindowsUpdate.log
2014-07-07 09:25 - 2014-07-07 09:25 - 00001872 _____ () C:\Users\Computer\Desktop\JRT.txt
2014-07-07 09:22 - 2014-07-07 09:22 - 00000000 ____D () C:\Windows\ERUNT
2014-07-07 09:19 - 2012-08-02 17:04 - 01569794 _____ () C:\Windows\PFRO.log
2014-07-07 09:19 - 2012-07-26 09:22 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-07 09:18 - 2014-07-02 11:06 - 00000000 ____D () C:\AdwCleaner
2014-07-07 09:18 - 2012-07-26 07:26 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-07-07 09:15 - 2014-07-07 09:21 - 01016261 _____ (Thisisu) C:\Users\Computer\Desktop\JRT.exe
2014-07-07 09:04 - 2014-07-03 08:30 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-04 11:29 - 2014-07-04 11:29 - 00015568 _____ () C:\ComboFix.txt
2014-07-04 11:29 - 2014-07-04 11:18 - 00000000 ____D () C:\Qoobox
2014-07-04 11:29 - 2014-07-04 11:18 - 00000000 ____D () C:\ComboFix
2014-07-04 11:29 - 2012-07-26 07:37 - 00000000 __RHD () C:\Users\Default
2014-07-04 11:28 - 2014-07-04 11:18 - 00000000 ____D () C:\Windows\erdnt
2014-07-04 11:27 - 2012-07-26 09:59 - 00000000 ____D () C:\Windows\CbsTemp
2014-07-04 11:26 - 2012-07-26 07:26 - 00000215 _____ () C:\Windows\system.ini
2014-07-04 11:23 - 2012-07-26 07:26 - 75235328 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-07-04 11:23 - 2012-07-26 07:26 - 15204352 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-07-04 11:23 - 2012-07-26 07:26 - 01310720 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-07-04 11:23 - 2012-07-26 07:26 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-07-04 11:23 - 2012-07-26 07:26 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-07-04 11:15 - 2014-07-04 11:18 - 05213907 ____R (Swearware) C:\Users\Computer\Desktop\ComboFix.exe
2014-07-04 10:34 - 2014-07-04 10:34 - 00001264 _____ () C:\Users\Computer\Desktop\Revo Uninstaller.lnk
2014-07-04 10:34 - 2014-07-04 10:34 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-04 10:34 - 2013-01-25 19:16 - 00000000 ____D () C:\Users\Computer\AppData\Local\CrashDumps
2014-07-04 09:24 - 2014-07-04 09:24 - 00000000 _____ () C:\Users\Computer\defogger_reenable
2014-07-04 09:24 - 2013-01-25 18:57 - 00000000 ____D () C:\Users\Computer
2014-07-03 14:54 - 2014-07-03 14:53 - 04161050 _____ () C:\Users\Computer\Downloads\tdsskiller.zip
2014-07-03 14:22 - 2014-07-03 14:22 - 00380416 _____ () C:\Users\Computer\Downloads\rhstcvpu.exe
2014-07-03 14:21 - 2013-07-31 23:09 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-07-03 14:21 - 2012-07-26 10:12 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-07-03 14:21 - 2012-07-26 07:26 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-07-03 14:18 - 2012-10-03 14:20 - 00000000 ____D () C:\ProgramData\Norton
2014-07-03 14:09 - 2014-02-12 23:26 - 00000000 ____D () C:\temp
2014-07-03 12:36 - 2014-04-16 18:45 - 00000000 ____D () C:\ProgramData\CoonverrtMe
2014-07-03 11:28 - 2014-07-03 11:21 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Internet Security
2014-07-03 11:02 - 2014-07-03 10:57 - 281672840 ____N (Symantec Corporation) C:\Users\Computer\Downloads\NIS-ESD-21.3.0-GE.exe
2014-07-03 10:51 - 2014-01-11 16:24 - 00000000 ____D () C:\ProgramData\Kaspersky Lab Setup Files
2014-07-03 09:32 - 2014-01-11 17:23 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-03 09:31 - 2013-02-02 15:14 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-03 09:29 - 2014-06-25 16:17 - 00001080 _____ () C:\Users\Computer\Desktop\Kaspersky Internet Security Version 14.0.1.4651 installieren.lnk
2014-07-03 09:29 - 2013-02-02 20:29 - 00000000 ____D () C:\Users\Computer\AppData\Local\clear.fi
2014-07-03 09:17 - 2012-10-02 08:54 - 00752930 _____ () C:\Windows\system32\perfh007.dat
2014-07-03 09:17 - 2012-10-02 08:54 - 00156156 _____ () C:\Windows\system32\perfc007.dat
2014-07-03 09:17 - 2012-07-26 09:28 - 01748838 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-03 09:16 - 2014-07-02 11:01 - 00000795 _____ () C:\Windows\setupact.log
2014-07-03 08:29 - 2014-07-03 08:29 - 00001102 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-07-03 08:29 - 2014-07-03 08:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2014-07-03 08:29 - 2014-07-03 08:29 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-03 08:29 - 2014-07-03 08:29 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware
2014-07-03 08:28 - 2014-07-03 08:27 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Computer\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-03 08:08 - 2012-07-26 10:12 - 00000000 ____D () C:\Windows\AUInstallAgent
2014-07-02 11:34 - 2014-07-02 11:34 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-07-02 11:34 - 2014-07-02 11:34 - 00000000 _____ () C:\Windows\HPMProp.INI
2014-07-02 11:11 - 2014-06-01 18:41 - 00001079 _____ () C:\Users\Computer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-02 11:11 - 2013-07-29 19:27 - 00001278 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-02 11:11 - 2013-07-29 19:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-02 11:11 - 2013-02-03 12:44 - 00001061 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-02 11:11 - 2013-02-03 12:44 - 00001049 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-02 11:10 - 2013-07-31 23:19 - 00000000 ____D () C:\Program Files (x86)\Amazon
2014-07-02 11:06 - 2014-07-02 11:06 - 01346519 _____ () C:\Users\Computer\Downloads\adwcleaner_3.214.exe
2014-07-02 11:02 - 2012-08-02 17:19 - 00000000 ____D () C:\ProgramData\Temp
2014-07-02 11:01 - 2014-07-02 11:01 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-30 18:47 - 2014-01-11 15:01 - 00000000 ____D () C:\Program Files (x86)\StarMoney 9.0
2014-06-29 23:30 - 2014-06-29 23:30 - 00000000 ____D () C:\Program Files (x86)\A6ADCE5D-859A-4E7E-B0B2-D07F8AB9237E
2014-06-28 18:04 - 2014-02-13 00:49 - 00016896 ___SH () C:\Users\Computer\Documents\Thumbs.db
2014-06-28 13:49 - 2014-06-28 13:49 - 01286520 _____ (Netviewer AG) C:\Users\Computer\Downloads\diagnose (1).exe
2014-06-27 18:37 - 2014-06-27 18:37 - 00000863 _____ () C:\Users\Computer\Desktop\Kaspersky Internet Security Version 14.0.1.4651 installieren.zip
2014-06-27 17:49 - 2014-06-28 13:55 - 01286520 _____ (Netviewer AG) C:\Users\Computer\Desktop\diagnose.exe
2014-06-27 17:49 - 2014-06-27 17:49 - 01286520 _____ (Netviewer AG) C:\Users\Computer\Downloads\diagnose.exe
2014-06-26 21:30 - 2014-06-26 21:30 - 00000000 ____D () C:\Program Files (x86)\C1788BAC-0FCE-48F4-AF6A-AB180B237191
2014-06-26 18:18 - 2013-05-18 14:37 - 00000000 ____D () C:\Users\Computer\Documents\kai zeug
2014-06-24 22:57 - 2014-06-24 22:57 - 00287864 _____ () C:\Windows\Minidump\062414-18843-01.dmp
2014-06-24 22:57 - 2014-04-03 21:44 - 1688198262 _____ () C:\Windows\MEMORY.DMP
2014-06-24 22:57 - 2014-02-21 23:01 - 00000000 ____D () C:\Windows\Minidump
2014-06-24 22:49 - 2013-02-03 12:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-24 21:56 - 2012-10-03 14:13 - 00002435 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office.lnk
2014-06-23 23:57 - 2014-06-09 11:54 - 00016152 _____ () C:\Windows\system32\Drivers\SWDUMon.sys
2014-06-22 21:54 - 2013-10-16 21:44 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-22 21:47 - 2014-06-22 21:47 - 00287864 _____ () C:\Windows\Minidump\062214-19421-01.dmp
2014-06-22 21:46 - 2014-06-22 21:46 - 00000017 _____ () C:\Users\Computer\AppData\Local\resmon.resmoncfg
2014-06-20 22:20 - 2014-06-20 22:20 - 00007312 _____ () C:\Windows\system32\SettingsFile
2014-06-18 18:20 - 2014-05-29 23:00 - 00000000 ____D () C:\rei
2014-06-18 18:20 - 2014-05-29 22:46 - 00000163 _____ () C:\Windows\Reimage.ini
2014-06-15 18:24 - 2014-06-15 18:24 - 00000000 ____D () C:\ProgramData\BlueStacks
2014-06-15 18:24 - 2012-08-02 17:13 - 00002486 ____N () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - acer.lnk
2014-06-15 18:24 - 2012-08-02 17:13 - 00002470 ____N () C:\Users\Public\Desktop\WildTangent Games App - acer.lnk
2014-06-15 18:24 - 2012-08-02 17:13 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-15 18:24 - 2012-08-02 17:13 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-06-09 22:11 - 2014-06-09 22:11 - 00000000 _____ () C:\Windows\SysWOW64\㩃啜敳獲䍜浯異整屲灁䑰瑡屡潒浡湩屧潍楺汬屡楆敲潦屸牐景汩獥浜歱渰牪敤慦汵屴潣歯敩煳楬整
2014-06-09 19:03 - 2014-04-04 22:38 - 00000000 ____D () C:\ProgramData\a4b33b63d1694301
2014-06-09 14:14 - 2014-06-09 14:14 - 03448360 _____ (Smart PC Solutions ) C:\Users\Computer\Downloads\PCSpeedMaximizer.exe
2014-06-09 14:00 - 2014-06-09 14:00 - 00287864 _____ () C:\Windows\Minidump\060914-14000-01.dmp
2014-06-09 12:08 - 2014-06-09 12:08 - 00256992 _____ () C:\Users\Computer\Downloads\DriverFinder_Setup.exe
2014-06-09 12:04 - 2014-06-09 12:04 - 00000000 ____D () C:\Users\Computer\AppData\Roaming\DriverFinder
2014-06-09 11:54 - 2014-06-09 11:54 - 00002469 _____ () C:\Users\Public\Desktop\DriverUpdate.lnk
2014-06-09 11:54 - 2014-06-09 11:54 - 00000000 ____D () C:\Users\Public\Documents\Downloaded Installers
2014-06-09 11:54 - 2014-06-09 11:54 - 00000000 ____D () C:\Users\Computer\AppData\Local\SlimWare Utilities Inc
2014-06-09 11:54 - 2014-06-09 11:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverUpdate
2014-06-09 11:54 - 2014-06-09 11:54 - 00000000 ____D () C:\Program Files (x86)\DriverUpdate
Some content of TEMP:
====================
C:\Users\Computer\AppData\Local\temp\Quarantine.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-07 08:27
==================== End Of Log ============================
--- --- --- |
Baum-Darstellung