Windows 7 Enterprise: RocketTab und andere wie Conduit gefunden

# AdwCleaner v3.310 - Bericht erstellt am 23/09/2014 um 12:27:59
# Aktualisiert 12/09/2014 von Xplode
# Betriebssystem : Windows 7 Enterprise Service Pack 1 (64 bits)
# Benutzername : benni - BENNI-PC
# Gestartet von : D:\Downloads\AdwCleaner_3.310.exe
# Option : Löschen

***** [ Dienste ] *****

Dienst Gelöscht : SCBackService

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Datei Gelöscht : C:\Users\benni\AppData\Roaming\Mozilla\Firefox\Profiles\z208863a.default\searchplugins\safesearch.xml

***** [ Tasks ] *****

Task Gelöscht : RocketTab Update Task
Task Gelöscht : RocketTab

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Schlüssel Gelöscht : HKCU\Software\OCS

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v32.0.2 (x86 de)

[ Datei : C:\Users\benni\AppData\Roaming\Mozilla\Firefox\Profiles\z208863a.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [11600 octets] - [06/09/2014 16:34:30]
AdwCleaner[R1].txt - [1424 octets] - [23/09/2014 12:27:05]
AdwCleaner[S0].txt - [10033 octets] - [06/09/2014 16:41:17]
AdwCleaner[S1].txt - [1299 octets] - [23/09/2014 12:27:59]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1359 octets] ##########
         

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.2.0 (09.22.2014:1)
OS: Windows 7 Enterprise x64
Ran by benni on 23.09.2014 at 12:38:16,39
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] wcuservice_stc_ie 
Successfully deleted: [Service] wcuservice_stc_ie 



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{45567D98-FC52-4CBE-8E2F-A178D7DAE785}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\ytd video downloader"
Successfully deleted: [Folder] "C:\Users\benni\appdata\local\adawarebp"
Successfully deleted: [Folder] "C:\Users\benni\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader"
Successfully deleted: [Empty Folder] C:\Users\benni\appdata\local\{080F86D1-795C-494D-B1EB-4FF1E78DCD17}
Successfully deleted: [Empty Folder] C:\Users\benni\appdata\local\{093B6650-972A-40E2-B707-E0118F2A92F2}
Successfully deleted: [Empty Folder] C:\Users\benni\appdata\local\{0E0A72A3-C15C-45F6-ABF0-661BDFEC6B7C}
Successfully deleted: [Empty Folder] C:\Users\benni\appdata\local\{32E15B5C-95F1-4829-962C-7206816DCC88}
Successfully deleted: [Empty Folder] C:\Users\benni\appdata\local\{474243DF-F2A3-4FDC-988F-AC244D101157}
Successfully deleted: [Empty Folder] C:\Users\benni\appdata\local\{52D17FDE-AFB9-4960-A25B-FE8AC7D06635}
Successfully deleted: [Empty Folder] C:\Users\benni\appdata\local\{61ED743A-EBDA-4DCC-8CBC-73BFC59A4AA8}
Successfully deleted: [Empty Folder] C:\Users\benni\appdata\local\{6D2EE670-2AAB-40AF-9D5F-26290A8842C7}
Successfully deleted: [Empty Folder] C:\Users\benni\appdata\local\{85B0CC71-9F42-4BB6-B600-9CE3CDC71295}
Successfully deleted: [Empty Folder] C:\Users\benni\appdata\local\{904838D1-98D2-4860-8228-F583FE0FA74A}
Successfully deleted: [Empty Folder] C:\Users\benni\appdata\local\{A1CD01B4-1779-4444-B4E2-FDA465F1CA4D}
Successfully deleted: [Empty Folder] C:\Users\benni\appdata\local\{ABD256F0-1AC1-4428-BD6A-9633F4E9512B}
Successfully deleted: [Empty Folder] C:\Users\benni\appdata\local\{B1E56152-3260-448E-8D6A-A617948953EC}
Successfully deleted: [Empty Folder] C:\Users\benni\appdata\local\{B37C5E23-5659-4B08-A9E6-71C6FE2773C0}
Successfully deleted: [Empty Folder] C:\Users\benni\appdata\local\{B5EDA118-40DC-47DE-A601-054A848038EA}
Successfully deleted: [Empty Folder] C:\Users\benni\appdata\local\{B67CD892-F284-4F1F-8090-2C96940042C9}
Successfully deleted: [Empty Folder] C:\Users\benni\appdata\local\{BA917F15-346A-4616-A887-DB12CD4B9F57}
Successfully deleted: [Empty Folder] C:\Users\benni\appdata\local\{C79BE970-E6A9-48B6-A7B1-8757C98FBF21}
Successfully deleted: [Empty Folder] C:\Users\benni\appdata\local\{D701900D-4328-4779-9062-455269C05454}
Successfully deleted: [Empty Folder] C:\Users\benni\appdata\local\{D82F9AA2-31B0-45F4-B865-986166611D00}
Successfully deleted: [Empty Folder] C:\Users\benni\appdata\local\{ED57C097-4074-4264-9E96-ECB045A0E084}
Successfully deleted: [Empty Folder] C:\Users\benni\appdata\local\{F48FA75A-65CB-47F6-A5E5-7C4FF3589F6A}
Successfully deleted: [Empty Folder] C:\Users\benni\appdata\local\{FCFA42BB-C25A-4111-8917-F4B52C78AAF8}



~~~ FireFox

Emptied folder: C:\Users\benni\AppData\Roaming\mozilla\firefox\profiles\z208863a.default\minidumps [91 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 23.09.2014 at 12:41:22,19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Shortcut Cleaner 1.3.3 by Lawrence Abrams (Grinler)
hxxp://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Shortcut Cleaner can be found at this link:
 hxxp://www.bleepingcomputer.com/download/shortcut-cleaner/

Windows Version: Windows 7 Enterprise Service Pack 1
Program started at: 09/23/2014 12:42:28 PM.

Scanning for registry hijacks:

 * No issues found in the Registry.

Searching for Hijacked Shortcuts:

Searching C:\Users\benni\AppData\Roaming\Microsoft\Windows\Start Menu\

Searching C:\ProgramData\Microsoft\Windows\Start Menu\

Searching C:\Users\benni\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\

Searching C:\Users\Public\Desktop\

Searching C:\Users\benni\Desktop


0 bad shortcuts found.

Program finished at: 09/23/2014 12:42:29 PM
Execution time: 0 hours(s), 0 minute(s), and 0 seconds(s)
         

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=e516ccd8d242be4292d099119a431bd5
# engine=20259
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-23 01:17:07
# local_time=2014-09-23 03:17:07 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Norton Internet Security'
# compatibility_mode=3597 16777213 100 100 685308 174074812 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 37137125 163108077 0 0
# scanned=246861
# found=7
# cleaned=0
# scan_time=6229
sh=8992F72873D09212597E582A16F8D9BC60E6A22A ft=1 fh=e21391a34e842ffc vn="Win32/Toolbar.Conduit potentially unwanted application" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=A836A8346F791EC8A83B51BC78E84B2F6659E6DA ft=1 fh=0a2e45c370149901 vn="Win32/Wajam.F potentially unwanted application" ac=I fn="C:\Users\benni\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2K11GL09\wajam_validate[1].exe"
sh=9B72604832B83A5508824184D19DF2E98B654EA4 ft=1 fh=29a0d2f607c0a043 vn="Win32/Conduit.SearchProtect.Q potentially unwanted application" ac=I fn="C:\Users\benni\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9IKOFLDO\searchprotect_w_prechecker[1].exe"
sh=542CE206747FF7E65FFA92B41F39E31CDEB5A548 ft=1 fh=d8426f61a71ae618 vn="a variant of MSIL/Adware.iBryte.G application" ac=I fn="C:\Users\benni\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GHRA3NF6\rt-installer[1].exe"
sh=E341AC3E4CB6A9312D9649F04DED7C8DE83F981B ft=1 fh=bdd7afd760e25730 vn="Win32/Toolbar.Conduit potentially unwanted application" ac=I fn="D:\Downloads\FreeAudioCDToMP3Converter1.3.12.908.exe"
sh=9B30A64C71A9B7EA00A4BB55C91ADD7EEDA21326 ft=1 fh=748a3b2a9f5fdaf0 vn="Win32/Toolbar.Conduit potentially unwanted application" ac=I fn="D:\Downloads\FreeDVDVideoConverter.exe"
sh=5047E5909FAB60E0B24A2D6BBB55D99B89186012 ft=0 fh=0000000000000000 vn="a variant of Win32/ELEX.AG potentially unwanted application" ac=I fn="D:\Downloads\prog setups\FFSetup280.zip"