| |
| |||||||
Log-Analyse und Auswertung: PC Langsam Hab ich einen Virus ?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
30.09.2014, 19:46
| #1 |
| |  PC Langsam Hab ich einen Virus ? Hallo liebes Board, ich hab nun schon seit längerer Zeit das Gefühl, dass mein Pc sehr langsam geworden ist. Downloads aus dem Internet brechen nach kurzer Zeit ab. Mein Browser ist sehr langsam. Ich habe viele Spiele über Steam auf dem Rechner installiert und wenn ich in Programme und Funktionen unter Windows 7 gucke erscheint da kein einziges Spiel nichtmal Steam selbst. Außerdem habe ich in meiner Taskleiste ein Programm welches ich nicht wegbekomme. Es nennt sich Search Protect ? und hat ein ähnliches Zeichen wie Internet Explorer. Ich bitte um Hilfe, da ich mein Windows nicht neu aufsetzen möchte. In dem Thema Viren/Trojaner etc. bin ich vollkommener Laie. Ich benutze Windows 7 64bit. Vielen Vielen Dank im voraus.  |
|
30.09.2014, 20:22
| #2 |
| /// the machine /// TB-Ausbilder    | PC Langsam Hab ich einen Virus ? hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
03.10.2014, 12:54
| #3 |
| | PC Langsam Hab ich einen Virus ?FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2014
Ran by Sky-GmbH (administrator) on SKY-GMBH-PC on 03-10-2014 13:34:45
Running from G:\Downloads
Loaded Profile: Sky-GmbH (Available profiles: Sky-GmbH)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Taiwan Shui Mu Chih Ching Technology Limited.) C:\Program Files (x86)\WinZipper\winzipersvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe
(Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Wajam Internet Technologies Inc.) C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Wajam Internet Technologies Inc.) C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancer.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Hercules®) C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTSched.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(Dropbox, Inc.) C:\Users\Sky-GmbH\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe
(Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\cpl2\HDJSeries2CPL.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
() C:\Program Files (x86)\SupTab\HpUI.exe
() C:\Program Files (x86)\SupTab\Loader64.exe
() C:\Program Files (x86)\SupTab\Loader32.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe
(Google Inc.) C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [Hercules DJ Series TrayAgent] => C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe [3574576 2014-03-04] (Hercules®)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-09-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AsioThk32Reg] => REGSVR32.EXE /S CTASIO.DLL
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-10-26] (Nullsoft, Inc.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKU\S-1-5-21-3580576135-3699304626-4257408890-1000\...\Run: [CreativeTaskScheduler] => C:\Program Files (x86)\Creative\Shared Files\CTSched.exe [53341 2006-11-17] (Creative Technology Ltd)
HKU\S-1-5-21-3580576135-3699304626-4257408890-1000\...\Run: [LiveSupport] => "C:\Program Files (x86)\LiveSupport\LiveSupport.exe" /noshow /log
HKU\S-1-5-21-3580576135-3699304626-4257408890-1000\...\Policies\Explorer: [DisallowRun] 1
HKU\S-1-5-21-3580576135-3699304626-4257408890-1000\...\MountPoints2: {22890cc3-c626-11e2-906e-8c89a532303f} - E:\pushinst.exe
HKU\S-1-5-21-3580576135-3699304626-4257408890-1000\...\MountPoints2: {237a054e-58f4-11e2-bc84-806e6f6e6963} - D:\setup.exe
AppInit_DLLs-x32: c:\progra~2\websea~1\sprote~1.dll => "c:\progra~2\websea~1\sprote~1.dll" File Not Found
Startup: C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Sky-GmbH\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
ProxyEnable: Internet Explorer proxy is enabled.
ProxyServer: http=127.0.0.1:52865;https=127.0.0.1:52865
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f28fb807-b9fd-409c-a311-c66ea75b232a&searchtype=ds&q={searchTerms}&installDate=01/01/1970
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x516A01B772FBCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f28fb807-b9fd-409c-a311-c66ea75b232a&searchtype=ds&q={searchTerms}&installDate=01/01/1970
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584&q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.istartsurf.com/?type=hp&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584&q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584&q={searchTerms}
SearchScopes: HKLM - {31090377-0740-419E-BEFC-A56E50500D5B} URL =
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584&q={searchTerms}
SearchScopes: HKLM-x32 - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f28fb807-b9fd-409c-a311-c66ea75b232a&searchtype=ds&q={searchTerms}&installDate=01/01/1970
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584&q={searchTerms}
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.searchbomb.info/?l=1&q={searchTerms}&pid=34&r=2013/11/25&hid=5932594283942080725&lg=EN&cc=DE&unqvl=42
SearchScopes: HKCU - DefaultScope {A05A4538-1D9E-478D-84A6-337DCAE8E684} URL = hxxp://speedial.com/results.php?f=4&q={searchTerms}&a=spd_dvd_14_25_ff&cd=2XzuyEtN2Y1L1Qzuzz0Czzzy0AyDtAtBtAtDtA0FyC0AtB0CtN0D0Tzu0SzzzyzytN1L2XzutBtFtBtCtFyEtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyDyEtAtD0EyBzy0BtG0FtBzztDtG0EtAtD0DtG0D0DyBzztGyEtCtC0EyCtDtBzyzztD0F0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDyBzyyEtAyCtC0CtGyByDyCyBtGtB0E0CyDtG0CtB0C0CtGtCyC0D0A0DzytC0A0DyCtC0F2Q&cr=553298919&ir=
SearchScopes: HKCU - URL hxxp://isearch.babylon.com/?q={searchTerms}&babsrc=SP_ss_Btisdt5&mntrId=C2308C89A532303F&affID=121562&tl=162546700&tt=250613_gr1&tsp=4926
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f28fb807-b9fd-409c-a311-c66ea75b232a&searchtype=ds&q={searchTerms}&installDate=01/01/1970
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.opti-page.com/?q={searchTerms}&babsrc=SP_ss&mntrId=C2308C89A532303F&affID=126473&tl=162546700&tsp=5040
SearchScopes: HKCU - {31090377-0740-419E-BEFC-A56E50500D5B} URL = hxxp://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=securitascout
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584&q={searchTerms}
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL =
SearchScopes: HKCU - {A05A4538-1D9E-478D-84A6-337DCAE8E684} URL = hxxp://speedial.com/results.php?f=4&q={searchTerms}&a=spd_dvd_14_25_ff&cd=2XzuyEtN2Y1L1Qzuzz0Czzzy0AyDtAtBtAtDtA0FyC0AtB0CtN0D0Tzu0SzzzyzytN1L2XzutBtFtBtCtFyEtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2SyDyEtAtD0EyBzy0BtG0FtBzztDtG0EtAtD0DtG0D0DyBzztGyEtCtC0EyCtDtBzyzztD0F0A2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyDyBzyyEtAyCtC0CtGyByDyCyBtGtB0E0CyDtG0CtB0C0CtGtCyC0D0A0DzytC0A0DyCtC0F2Q&cr=553298919&ir=
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = hxxp://websearch.searchbomb.info/?l=1&q={searchTerms}&pid=34&r=2013/11/25&hid=5932594283942080725&lg=EN&cc=DE&unqvl=42
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: YoutubeAdblocker -> {CA1FF14A-9541-4610-7A9E-8CA87A2F4235} -> C:\Program Files (x86)\YoutubeAdblocker\1E.x64.dll ()
BHO: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll (DVDVideoSoft Ltd.)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: YoutubeAdblocker -> {CA1FF14A-9541-4610-7A9E-8CA87A2F4235} -> C:\Program Files (x86)\YoutubeAdblocker\1E.dll ()
BHO-x32: DVDVideoSoft IE Extension -> {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} -> C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll (DVDVideoSoft Ltd.)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: istartsurf
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxp://google.de/
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Sky-GmbH\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Sky-GmbH\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\searchplugins\Speedial.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\istartsurf.xml
FF Extension: Easy YouTube to MP3 Converter - C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\Extensions\jid0-SQnwtgW1b8BsMB5PLV5WScEDWOw@jetpack.xpi [2013-12-19]
FF Extension: Speed Dial - C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2014-09-24]
FF Extension: {6653afde-c1ab-43c4-ba73-af5f7614d9de} - C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\Extensions\{6653afde-c1ab-43c4-ba73-af5f7614d9de}.xpi [2014-04-19]
FF Extension: S7 Airlines - C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\Extensions\{b6abf390-66f1-11e2-bcfd-0800200c9a66}.xpi [2014-09-24]
FF Extension: SoundCloud Downloader - Technowise - C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\Extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2013-12-19]
FF Extension: Theme Font & Size Changer - C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\Extensions\{f69e22c7-bc50-414a-9269-0f5c344cd94c}.xpi [2014-09-24]
FF HKLM-x32\...\Firefox\Extensions: [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff
FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-10-30]
FF HKLM-x32\...\Firefox\Extensions: [faststartff@gmail.com] - C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\extensions\faststartff@gmail.com
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
Chrome:
=======
CHR Profile: C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (New Tab Page by Speed Dial Team) - C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgeoanibcknhniccgaoaiolihidecjn [2014-09-25]
CHR HKCU\...\Chrome\Extension: [nikpibnbobmbdbheedjfogjlikpgpnhp] - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx [2013-10-30]
CHR HKLM-x32\...\Chrome\Extension: [mkcedibhemacmilmkpndpkoidlnmgngg] - C:\Users\Sky-GmbH\ChromeExtensions\mkcedibhemacmilmkpndpkoidlnmgngg\amazon.crx [2014-03-15]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-03-15]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-09-28] (Advanced Micro Devices, Inc.) [File not signed]
R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed]
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2013-03-07] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2013-01-07] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R2 HerculesDJControlMP3; C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [50688 2014-03-04] (Hercules®) [File not signed]
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [715656 2014-09-15] (Cherished Technololgy LIMITED)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 Wajam Internet Enhancer Service; C:\Program Files (x86)\Wajam\Wajam Internet Enhancer\WajamInternetEnhancerService.exe [303616 2014-08-31] (Wajam Internet Technologies Inc.) [File not signed] <==== ATTENTION
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-09-15] (Fuyu LIMITED) [File not signed]
R2 winzipersvc; C:\Program Files (x86)\WinZipper\winzipersvc.exe [424104 2013-10-23] (Taiwan Shui Mu Chih Ching Technology Limited.) <==== ATTENTION
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 a4djavs; C:\Windows\System32\Drivers\a4djavs.sys [359784 2012-12-18] (Native Instruments GmbH)
R3 a4djusb_svc; C:\Windows\System32\Drivers\a4djusb.sys [99688 2012-12-18] (Native Instruments GmbH)
S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin)
S3 Bulk; C:\Windows\System32\Drivers\HDJBulk.sys [296240 2014-03-05] (© Guillemot R&D, 2014. All rights reserved.)
S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH)
S3 HDJMidi; C:\Windows\System32\DRIVERS\HDJMidi.sys [276272 2014-03-05] (© Guillemot R&D, 2014. All rights reserved.)
R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] ()
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [10368 2004-04-01] (Padus, Inc.) [File not signed]
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-03 13:33 - 2014-10-03 13:34 - 00000000 ____D () C:\FRST
2014-09-30 20:36 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2014-09-30 20:36 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2014-09-30 20:27 - 2014-09-30 20:27 - 00000000 __SHD () C:\Users\Sky-GmbH\AppData\Local\EmieUserList
2014-09-30 20:27 - 2014-09-30 20:27 - 00000000 __SHD () C:\Users\Sky-GmbH\AppData\Local\EmieSiteList
2014-09-28 23:15 - 2014-09-28 23:48 - 671068532 _____ () C:\Users\Sky-GmbH\Downloads\F.1..F.4.15.P4L.EN.GER.ITA.part07.rar
2014-09-28 23:15 - 2014-09-28 23:38 - 335539096 _____ () C:\Users\Sky-GmbH\Downloads\F.1..F.4.15.P4L.EN.GER.ITA.part1.rev
2014-09-28 23:15 - 2014-09-28 23:37 - 271260732 _____ () C:\Users\Sky-GmbH\Downloads\F.1..F.4.15.P4L.EN.GER.ITA.part08.rar
2014-09-28 23:15 - 2014-09-28 23:37 - 271231080 _____ () C:\Users\Sky-GmbH\Downloads\F.1..F.4.15.P4L.EN.GER.ITA.part05.rar
2014-09-28 23:15 - 2014-09-28 23:31 - 167751092 _____ () C:\Users\Sky-GmbH\Downloads\F.1..F.4.15.P4L.EN.GER.ITA.part03.rar
2014-09-28 23:15 - 2014-09-28 23:30 - 167764824 _____ () C:\Users\Sky-GmbH\Downloads\F.1..F.4.15.P4L.EN.GER.ITA.part09.rar
2014-09-28 23:15 - 2014-09-28 23:25 - 83869976 _____ () C:\Users\Sky-GmbH\Downloads\F.1..F.4.15.P4L.EN.GER.ITA.part04.rar
2014-09-28 23:15 - 2014-09-28 23:24 - 83870496 _____ () C:\Users\Sky-GmbH\Downloads\F.1..F.4.15.P4L.EN.GER.ITA.part06.rar
2014-09-28 23:14 - 2014-09-28 23:29 - 158761724 _____ () C:\Users\Sky-GmbH\Downloads\F.1..F.4.15.P4L.EN.GER.ITA.part02.rar
2014-09-28 23:14 - 2014-09-28 23:24 - 83875624 _____ () C:\Users\Sky-GmbH\Downloads\F.1..F.4.15.P4L.EN.GER.ITA.part01.rar
2014-09-28 23:09 - 2014-10-03 11:48 - 00001188 _____ () C:\Windows\PFRO.log
2014-09-28 23:09 - 2014-10-03 11:48 - 00000784 _____ () C:\Windows\setupact.log
2014-09-28 23:09 - 2014-09-28 23:09 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-28 18:17 - 2014-09-28 18:17 - 00002778 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-09-28 18:17 - 2014-09-28 18:17 - 00000871 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-28 18:17 - 2014-09-28 18:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-09-28 18:17 - 2014-09-28 18:17 - 00000000 ____D () C:\Program Files\CCleaner
2014-09-28 18:14 - 2014-09-28 18:16 - 03826912 _____ (Piriform Ltd) C:\Users\Sky-GmbH\Downloads\ccsetup417_slim (1).exe
2014-09-28 18:14 - 2014-09-28 18:15 - 03826912 _____ (Piriform Ltd) C:\Users\Sky-GmbH\Downloads\ccsetup417_slim.exe
2014-09-25 06:12 - 2014-09-25 06:12 - 00002378 _____ () C:\Users\Sky-GmbH\Desktop\Chrome App Launcher.lnk
2014-09-24 21:39 - 2014-09-24 21:28 - 00000664 _____ () C:\Users\Sky-GmbH\Desktop\Authorize.auz.lnk
2014-09-24 21:03 - 2014-09-24 21:28 - 00000000 ____D () C:\Users\Sky-GmbH\AppData\Roaming\Ableton
2014-09-24 16:22 - 2014-09-24 16:22 - 00007597 _____ () C:\Users\Sky-GmbH\AppData\Local\Resmon.ResmonCfg
2014-09-24 15:55 - 2014-09-24 15:55 - 00000000 ____D () C:\Users\Sky-GmbH\AppData\Roaming\Adobe
2014-09-24 15:49 - 2014-09-28 19:18 - 00000000 ____D () C:\Windows\rescache
2014-09-24 15:18 - 2014-09-24 15:18 - 00000000 ____D () C:\Users\Sky-GmbH\AppData\Roaming\ATI
2014-09-24 15:17 - 2014-09-24 15:17 - 00000000 ____D () C:\Users\Sky-GmbH\AppData\Roaming\Apple Computer
2014-09-24 15:11 - 2014-09-24 15:11 - 00003144 _____ () C:\Windows\System32\Tasks\{EFD0C31F-98C8-4B72-8429-BC1F4F038B09}
2014-09-24 14:22 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 14:22 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-15 23:00 - 2014-09-15 23:00 - 00325984 _____ () C:\Users\Sky-GmbH\Desktop\Skyyy.pk
2014-09-15 22:52 - 2014-09-15 22:52 - 31046444 ____T () C:\Users\Sky-GmbH\Desktop\Skyyy.wav
2014-09-15 22:52 - 2014-09-15 22:52 - 00369461 ____T () C:\Users\Sky-GmbH\Desktop\Skyyy.wav.asd
2014-09-15 22:08 - 2014-09-15 22:08 - 00003164 _____ () C:\Windows\System32\Tasks\{D600AA86-D82B-4578-9A49-B8F8E1FCBEF5}
2014-09-15 22:05 - 2014-09-15 22:05 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-09-15 22:04 - 2014-09-24 15:06 - 00000000 ____D () C:\Users\Sky-GmbH\AppData\Roaming\istartsurf
2014-09-15 22:04 - 2014-09-15 22:12 - 00000000 ____D () C:\http_filter
2014-09-15 22:04 - 2014-09-15 22:05 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-09-15 22:04 - 2014-09-15 22:04 - 00000000 ____D () C:\Users\Sky-GmbH\AppData\Local\PicRec
2014-09-15 22:04 - 2014-09-15 22:04 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-09-15 22:04 - 2014-09-15 22:04 - 00000000 ____D () C:\ProgramData\PicRec
2014-09-15 22:04 - 2014-09-15 22:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wajam
2014-09-15 22:04 - 2014-09-15 22:04 - 00000000 ____D () C:\Program Files\Common Files\PicRec
2014-09-15 22:04 - 2014-09-15 22:04 - 00000000 ____D () C:\Program Files (x86)\Wajam
2014-09-15 22:04 - 2014-09-15 22:04 - 00000000 ____D () C:\Program Files (x86)\PicRec (x86)
2014-09-15 22:04 - 2014-08-25 12:15 - 00049880 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\netmon_wfp.sys
2014-09-15 22:03 - 2014-09-15 22:03 - 00718497 _____ () C:\Windows\unins000.exe
2014-09-15 22:03 - 2014-09-15 22:03 - 00236076 _____ () C:\Windows\unins000.dat
2014-09-15 22:03 - 2014-09-15 22:03 - 00000000 ____D () C:\Users\Sky-GmbH\AppData\Local\Maxiget
2014-09-15 22:03 - 2014-09-15 22:03 - 00000000 ____D () C:\Program Files (x86)\Maxiget
2014-09-15 19:09 - 2014-09-15 19:12 - 00000010 _____ () C:\Users\Sky-GmbH\Desktop\Neues Textdokument.txt
2014-09-12 20:32 - 2014-09-01 21:39 - 00000000 ____D () C:\Users\Sky-GmbH\Downloads\Guardians.of.the.Galaxy.2014.German.720p.HDTS.AC3D.x264-Marvel
2014-09-11 23:30 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 23:30 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 23:30 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 23:30 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 23:30 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 23:30 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 23:30 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 23:30 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 23:30 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 23:30 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 23:30 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-11 23:30 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-11 23:30 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 23:30 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 23:30 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 23:30 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 23:30 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-11 23:30 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 23:30 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-11 23:30 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 23:30 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-11 23:30 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 23:30 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-11 23:30 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 23:30 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 23:30 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-11 23:30 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-11 23:30 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 23:30 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 23:30 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 23:30 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 23:30 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 23:30 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 23:30 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-11 23:30 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-11 23:30 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-11 23:30 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 23:30 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 23:30 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 23:30 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 23:30 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-11 23:30 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 23:30 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 23:30 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 23:30 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 23:30 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 23:30 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 23:30 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 23:30 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 23:30 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 23:30 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-11 23:30 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 23:30 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 23:30 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 23:30 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-11 23:30 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-11 23:26 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 23:26 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-11 22:23 - 2014-09-11 22:24 - 00000000 ____D () C:\Users\Sky-GmbH\Desktop\fdfdzdzt
2014-09-11 22:23 - 2014-09-11 22:23 - 00000000 ____D () C:\Users\Sky-GmbH\Desktop\The.Expendables.3.2014.HDRip.720p.x264.AC3.German.Dubbed-Foto1
2014-09-11 21:13 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-11 21:13 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-11 21:01 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-11 21:01 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-11 21:01 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-11 21:01 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-11 21:01 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-11 21:01 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-11 21:01 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-05 09:18 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-05 09:18 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-05 09:18 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-05 06:39 - 2014-09-05 06:39 - 00000000 ____D () C:\Users\Sky-GmbH\AppData\Local\Skyrim
2014-09-05 06:30 - 2014-02-01 06:06 - 00000000 ____D () C:\Users\Sky-GmbH\Downloads\Mardi
2014-09-05 06:04 - 2014-09-05 06:05 - 00000000 ____D () C:\Users\Sky-GmbH\Desktop\Keine Liebe
2014-09-05 06:04 - 2014-09-05 06:05 - 00000000 ____D () C:\Users\Sky-GmbH\Desktop\Genetikk - Foetus
2014-09-04 23:21 - 2014-09-04 23:21 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_a4djusb_01009.Wdf
2014-09-04 22:44 - 2014-09-05 00:06 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-09-04 22:44 - 2014-09-05 00:06 - 00000000 ___RD () C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-09-04 22:44 - 2014-09-04 22:44 - 00000000 ____D () C:\Users\TEMP
2014-09-04 22:44 - 2013-01-12 23:39 - 00000000 ____D () C:\Users\TEMP\AppData\Roaming\Macromedia
2014-09-03 10:21 - 2014-09-03 10:36 - 163545132 _____ () C:\Users\Sky-GmbH\Desktop\2014-09-03_10h21m21.wav
2014-09-03 09:55 - 2014-09-05 09:32 - 00000000 ____D () C:\Users\Sky-GmbH\Desktop\Neuer Ordner (4)
2014-09-03 09:47 - 2014-09-03 09:54 - 62980096 _____ () C:\Users\Sky-GmbH\Desktop\2014-09-03_9h47m25.wav
2014-09-03 09:39 - 2014-09-03 09:47 - 83558444 _____ () C:\Users\Sky-GmbH\Desktop\2014-09-03_9h39m27.wav
2014-09-03 08:36 - 2014-09-04 23:21 - 00000000 __HDC () C:\ProgramData\{4682E4CB-7209-4099-8AA1-580ABCCCE731}
2014-09-03 08:35 - 2014-09-03 08:33 - 16970466 _____ () C:\Users\Sky-GmbH\Desktop\Audio_4_DJ_310_PC.zip
2014-09-03 00:47 - 2014-09-03 03:47 - 22774622 _____ () C:\Users\Sky-GmbH\Desktop\2014-09-03_0h47m56.wav
2014-09-03 00:47 - 2014-09-03 03:47 - 02900830 _____ () C:\Users\Sky-GmbH\Desktop\2014-09-03_0h47m41.wav
2014-09-03 00:46 - 2014-09-03 03:47 - 13058910 _____ () C:\Users\Sky-GmbH\Desktop\2014-09-03_0h46m21.wav
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-10-03 12:49 - 2013-03-31 12:03 - 00001132 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3580576135-3699304626-4257408890-1000UA.job
2014-10-03 12:43 - 2013-10-19 18:00 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-03 12:01 - 2013-01-07 07:21 - 01370558 _____ () C:\Windows\WindowsUpdate.log
2014-10-03 11:57 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-03 11:57 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-03 11:48 - 2013-09-21 23:16 - 00000000 ___RD () C:\Users\Sky-GmbH\Dropbox
2014-10-03 11:48 - 2013-09-21 23:12 - 00000000 ____D () C:\Users\Sky-GmbH\AppData\Roaming\Dropbox
2014-10-03 11:48 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-29 14:55 - 2013-03-31 12:03 - 00001080 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3580576135-3699304626-4257408890-1000Core.job
2014-09-28 18:38 - 2013-01-07 07:22 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-28 18:37 - 2009-10-14 08:04 - 00000000 ____D () C:\Windows\Panther
2014-09-25 21:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\uk-UA
2014-09-25 21:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI
2014-09-25 21:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2014-09-25 21:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\he-IL
2014-09-25 21:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA
2014-09-25 21:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\uk-UA
2014-09-25 21:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sl-SI
2014-09-25 21:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sk-SK
2014-09-25 21:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\he-IL
2014-09-25 21:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\ar-SA
2014-09-25 18:39 - 2013-01-26 10:36 - 00737390 _____ () C:\Windows\system32\perfh00A.dat
2014-09-25 18:39 - 2013-01-26 10:36 - 00158472 _____ () C:\Windows\system32\perfc00A.dat
2014-09-25 18:39 - 2013-01-26 10:15 - 00384278 _____ () C:\Windows\system32\perfh00D.dat
2014-09-25 18:39 - 2013-01-26 10:15 - 00084756 _____ () C:\Windows\system32\perfc00D.dat
2014-09-25 18:39 - 2013-01-26 09:33 - 00731980 _____ () C:\Windows\system32\perfh010.dat
2014-09-25 18:39 - 2013-01-26 09:33 - 00146844 _____ () C:\Windows\system32\perfc010.dat
2014-09-25 18:39 - 2013-01-26 09:14 - 00682558 _____ () C:\Windows\system32\perfh00C.dat
2014-09-25 18:39 - 2013-01-26 09:14 - 00470948 _____ () C:\Windows\system32\perfh001.dat
2014-09-25 18:39 - 2013-01-26 09:14 - 00130230 _____ () C:\Windows\system32\perfc00C.dat
2014-09-25 18:39 - 2013-01-26 09:14 - 00094770 _____ () C:\Windows\system32\perfc001.dat
2014-09-25 18:39 - 2009-07-14 19:58 - 00699432 _____ () C:\Windows\system32\perfh007.dat
2014-09-25 18:39 - 2009-07-14 19:58 - 00149572 _____ () C:\Windows\system32\perfc007.dat
2014-09-25 18:39 - 2009-07-14 07:13 - 05236968 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-25 14:54 - 2014-06-19 02:53 - 00000000 ____D () C:\Users\Public\Steam
2014-09-25 06:12 - 2013-03-31 12:04 - 00000000 ____D () C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-25 06:04 - 2014-06-18 22:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-25 06:04 - 2013-12-12 23:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-24 22:21 - 2013-10-23 02:07 - 00000000 ____D () C:\Program Files (x86)\WinZipper
2014-09-24 15:17 - 2013-11-26 01:28 - 00000000 ____D () C:\ProgramData\SearchNewTab
2014-09-24 15:17 - 2013-11-26 01:27 - 00000000 ____D () C:\Program Files (x86)\Sk.Enhancer
2014-09-24 15:14 - 2013-04-26 19:02 - 00000000 ____D () C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ
2014-09-24 15:14 - 2013-04-26 19:02 - 00000000 ____D () C:\Program Files (x86)\VirtualDJ
2014-09-24 15:12 - 2014-03-15 20:38 - 00000000 ____D () C:\Users\Sky-GmbH\AppData\Roaming\Security System 2
2014-09-24 15:11 - 2013-11-26 01:28 - 00000000 ____D () C:\Program Files (x86)\SearchNewTab
2014-09-24 15:11 - 2013-11-26 01:26 - 00000000 ____D () C:\ProgramData\904306d03d380de3
2014-09-24 14:44 - 2013-10-19 18:00 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 14:44 - 2013-10-19 18:00 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 14:44 - 2013-10-19 18:00 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-24 14:33 - 2014-06-18 02:28 - 00001478 _____ () C:\Users\Sky-GmbH\AppData\Local\RecConfig.xml
2014-09-24 14:16 - 2013-09-21 23:13 - 00000000 ____D () C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-22 08:42 - 2009-10-14 07:13 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-15 22:52 - 2014-08-21 21:06 - 00000000 ___RD () C:\Users\Sky-GmbH\Desktop\Unbenannt Project
2014-09-15 22:04 - 2013-01-07 07:20 - 00001645 _____ () C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-15 19:15 - 2014-08-15 23:11 - 00000000 ____D () C:\Users\Sky-GmbH\Desktop\Aero Bilder 1
2014-09-15 19:09 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-09-15 13:30 - 2014-08-20 20:04 - 00000000 ____D () C:\Users\Sky-GmbH\Documents\Max
2014-09-11 23:30 - 2013-01-07 23:14 - 05121062 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-11 23:29 - 2014-01-26 12:45 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-09-11 23:29 - 2013-08-14 19:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 23:29 - 2013-01-07 23:14 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-11 23:29 - 2013-01-07 23:14 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-11 23:29 - 2013-01-07 23:14 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-09-11 23:26 - 2009-10-14 07:12 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-11 20:38 - 2009-07-14 06:45 - 00270704 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-05 00:22 - 2013-10-10 07:10 - 00000000 ___HD () C:\Users\Sky-GmbH\AppData\Local\HCGVPYWZ7
2014-09-05 00:06 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat
2014-09-05 00:05 - 2014-08-20 20:42 - 00000000 ____D () C:\Users\Sky-GmbH\Desktop\MP Track
2014-09-05 00:05 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration
2014-09-04 23:21 - 2014-03-15 14:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Native Instruments
2014-09-04 23:07 - 2013-01-07 07:19 - 00000000 ____D () C:\Users\Sky-GmbH
2014-09-03 10:43 - 2014-08-20 21:24 - 07502926 _____ () C:\Users\Sky-GmbH\Desktop\Marvin Pahne - Oh no ( Dub mix ).wma
2014-09-03 10:05 - 2014-08-20 21:53 - 00000000 ____D () C:\Users\Sky-GmbH\Desktop\Set mp
2014-09-03 09:55 - 2014-09-01 15:32 - 00000000 ____D () C:\Users\Sky-GmbH\Desktop\Neuer Ordner (2)
2014-09-03 09:30 - 2014-09-02 02:37 - 00000000 ____D () C:\Users\Sky-GmbH\Desktop\Neuer Ordner (3)
Some content of TEMP:
====================
C:\Users\Sky-GmbH\AppData\Local\Temp\9873Installer.exe
C:\Users\Sky-GmbH\AppData\Local\Temp\Ableton Swapper.exe
C:\Users\Sky-GmbH\AppData\Local\Temp\amazonicon_v4.exe
C:\Users\Sky-GmbH\AppData\Local\Temp\BackupSetup.exe
C:\Users\Sky-GmbH\AppData\Local\Temp\bi_cleaner.exe
C:\Users\Sky-GmbH\AppData\Local\Temp\bundlesweetimsetup.exe
C:\Users\Sky-GmbH\AppData\Local\Temp\dlLogic.exe
C:\Users\Sky-GmbH\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptyjeuc.dll
C:\Users\Sky-GmbH\AppData\Local\Temp\FLVPlayerSetup.exe
C:\Users\Sky-GmbH\AppData\Local\Temp\instloffer.exe
C:\Users\Sky-GmbH\AppData\Local\Temp\Java.exe
C:\Users\Sky-GmbH\AppData\Local\Temp\LiveSupport_setup.exe
C:\Users\Sky-GmbH\AppData\Local\Temp\mMamStub.exe
C:\Users\Sky-GmbH\AppData\Local\Temp\MyBabylonTB.exe
C:\Users\Sky-GmbH\AppData\Local\Temp\nsk6619.exe
C:\Users\Sky-GmbH\AppData\Local\Temp\nsu8D0C.exe
C:\Users\Sky-GmbH\AppData\Local\Temp\OptimizerPro.exe
C:\Users\Sky-GmbH\AppData\Local\Temp\pricepeep_130001_1001.exe
C:\Users\Sky-GmbH\AppData\Local\Temp\qc_a402013b_7656_4f6f_b57f_5a8ef69f5fc4_64.exe
C:\Users\Sky-GmbH\AppData\Local\Temp\sdapskill.exe
C:\Users\Sky-GmbH\AppData\Local\Temp\sdaspwn.exe
C:\Users\Sky-GmbH\AppData\Local\Temp\smt_istartsurf.exe
C:\Users\Sky-GmbH\AppData\Local\Temp\somoto.exe
C:\Users\Sky-GmbH\AppData\Local\Temp\uninst1.exe
C:\Users\Sky-GmbH\AppData\Local\Temp\vcredist_x64.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-09-28 19:06
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2014
Ran by Sky-GmbH at 2014-10-03 13:38:00
Running from G:\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Ableton Live 9 Suite (HKLM\...\{48EC4E57-1D04-4831-90A7-151DA2269495}) (Version: 9.0.0.0 - Ableton)
AMD Accelerated Video Transcoding (Version: 12.5.100.20928 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1016.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{10813B5C-D346-C028-5550-220FA31EC809}) (Version: 8.0.903.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2012.0928.1532.26058 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.70928.1539 - Advanced Micro Devices, Inc.) Hidden
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
ccc-utility64 (Version: 2012.0928.1532.26058 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
Google Chrome (HKCU\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
iTunes (HKLM\...\{76FF0F03-B707-4332-B5D1-A56C8303514E}) (Version: 11.0.4.4 - Apple Inc.)
Logitech Webcam Software (HKLM\...\{987FE247-4E69-4A2E-A961-D14F901FDBF6}) (Version: 12.10.1113 - Logitech Inc.)
Logitech Webcam Software-Treiberpaket (HKLM\...\lvdrivers_12.10) (Version: 12.10.1110 - Logitech Inc.)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service DE-DE Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Client DE-DE Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Native Instruments Audio 4 DJ Driver (Version: 3.1.0.761 - Native Instruments) Hidden
Native Instruments Controller Editor (Version: 1.5.6.1344 - Native Instruments) Hidden
Native Instruments Service Center (Version: 2.4.3.1177 - Native Instruments) Hidden
Native Instruments Traktor 2 (Version: 2.6.3.144 - Native Instruments) Hidden
Native Instruments Traktor Kontrol X1 (Version: 3.0.1.648 - Native Instruments) Hidden
Native Instruments Traktor Kontrol X1 MK2 Driver (Version: 3.1.1.780 - Native Instruments) Hidden
Winamp Erkennungs-Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3580576135-3699304626-4257408890-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Sky-GmbH\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3580576135-3699304626-4257408890-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Sky-GmbH\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3580576135-3699304626-4257408890-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Sky-GmbH\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3580576135-3699304626-4257408890-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Sky-GmbH\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3580576135-3699304626-4257408890-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sky-GmbH\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3580576135-3699304626-4257408890-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sky-GmbH\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3580576135-3699304626-4257408890-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sky-GmbH\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3580576135-3699304626-4257408890-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sky-GmbH\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3580576135-3699304626-4257408890-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sky-GmbH\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3580576135-3699304626-4257408890-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sky-GmbH\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3580576135-3699304626-4257408890-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sky-GmbH\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3580576135-3699304626-4257408890-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Sky-GmbH\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3580576135-3699304626-4257408890-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Sky-GmbH\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
==================== Restore Points =========================
15-09-2014 10:21:42 Windows Update
15-09-2014 20:05:52 Removed Bonjour
15-09-2014 20:07:30 Removed Apple Software Update
15-09-2014 20:11:54 Removed PicRec (x86)
24-09-2014 12:15:02 Windows Update
24-09-2014 13:12:01 Removed VirtualDJ Home FREE
24-09-2014 13:15:04 Windows Update
24-09-2014 13:56:48 Removed Max 6.1.8 (x64)
25-09-2014 03:58:46 Windows Modules Installer
25-09-2014 19:14:11 Windows Update
30-09-2014 18:38:31 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {10562850-A619-4D2A-82DF-60EB724B179F} - System32\Tasks\Omiga Plus RunAsStdUser => C:\Program Files (x86)\Omiga Plus\omigaplus.exe <==== ATTENTION
Task: {4CE8DDF2-97C7-4264-B2EC-BA175BF55BAB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {51390762-D4FA-4945-B487-B274907A8BC3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3580576135-3699304626-4257408890-1000UA => C:\Users\Sky-GmbH\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-31] (Google Inc.)
Task: {569A36A5-2520-4A8F-A1FA-BF74AA462385} - System32\Tasks\Desk 365 RunAsStdUser => C:\Program Files (x86)\Desk 365\desk365.exe <==== ATTENTION
Task: {8A6AC59B-CB8D-49E1-9A78-814E5D402FA6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {CDD4DCE8-45D0-4680-A8DF-475E55DF8C4F} - System32\Tasks\LaunchApp => C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe <==== ATTENTION
Task: {EC80A8A1-E994-4585-AD8A-31F1C2B360F0} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3580576135-3699304626-4257408890-1000Core => C:\Users\Sky-GmbH\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-31] (Google Inc.)
Task: {F53A7C9F-EEB1-4BC3-84D9-1346B7EFFD5C} - System32\Tasks\DealPly => C:\Users\Sky-GmbH\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3580576135-3699304626-4257408890-1000Core.job => C:\Users\Sky-GmbH\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3580576135-3699304626-4257408890-1000UA.job => C:\Users\Sky-GmbH\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2012-09-28 16:44 - 2012-09-28 16:44 - 00210944 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-09-23 14:53 - 2012-09-23 14:53 - 00748544 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-09-23 14:53 - 2012-09-23 14:53 - 03645952 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2014-08-21 12:33 - 2014-09-15 22:05 - 00106376 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll
2012-09-28 16:43 - 2012-09-28 16:43 - 00103424 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2014-08-21 12:32 - 2014-09-15 22:04 - 00733576 _____ () C:\Program Files (x86)\SupTab\HpUI.exe
2014-07-16 10:55 - 2014-07-16 10:55 - 00073216 _____ () C:\Program Files (x86)\SupTab\Loader64.exe
2014-07-16 11:16 - 2014-07-16 11:16 - 00064000 _____ () C:\Program Files (x86)\SupTab\Loader32.exe
2013-10-23 02:07 - 2013-10-23 02:07 - 00612520 _____ () C:\Program Files (x86)\WinZipper\sqlite3.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-10-03 11:48 - 2014-10-03 11:48 - 00043008 _____ () c:\users\sky-gmbh\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptyjeuc.dll
2013-08-23 21:01 - 2013-08-23 21:01 - 25100288 _____ () C:\Users\Sky-GmbH\AppData\Roaming\Dropbox\bin\libcef.dll
2014-08-21 12:33 - 2014-09-15 22:05 - 00023944 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 01135616 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMSWrap.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00656896 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ContentDirectoryPresenter.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00105472 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMCDP.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00098816 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\FolderCDP.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00077312 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MetadataFramework.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00520234 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\sqlite3.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00450560 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\MoodExtractor.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 05717504 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\DCMImgExtractor.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00029184 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AutoChaptering.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00147456 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexpat.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoThumb.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 04671488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avcodec-52.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00070656 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avutil-50.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00686080 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\avformat-52.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00152064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\swscale-0.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00027648 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AudioExtractor.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00063488 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ID3Driver.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00366592 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\tag.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00289792 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libThumbnail.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00023040 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RichInfoDriver.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoExtractor.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00017920 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ThumbnailMaker.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00133120 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\VideoMetadataDriver.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00290304 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libKeyFrame.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\SECMetaDriver.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00012288 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\ImageExtractor.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00024064 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\photoDriver.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00399826 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\libexif-12.dll.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00013824 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\TextExtractor.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00031232 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\Autobackup.dll
2012-02-22 16:46 - 2012-02-22 16:46 - 00054784 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\RosettaAllShare.dll
2012-01-05 22:40 - 2012-01-05 22:40 - 00044032 _____ () C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\us.dll
2014-09-25 03:55 - 2014-09-23 06:06 - 01098056 _____ () C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-25 03:55 - 2014-09-23 06:06 - 00174408 _____ () C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-25 03:55 - 2014-09-23 06:07 - 08577864 _____ () C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-25 03:55 - 2014-09-23 06:07 - 00331592 _____ () C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-25 03:55 - 2014-09-23 06:06 - 01660232 _____ () C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
2014-09-25 03:55 - 2014-09-23 06:07 - 14891848 _____ () C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\Users\Sky-GmbH\AppData\Local\HCGVPYWZ7:Kp1thSDmGWDRREg1IneZ6
AlternateDataStreams: C:\Users\Sky-GmbH\AppData\Local\Temporary Internet Files:vmtAz1POufJvF0fkLw
AlternateDataStreams: C:\Users\Sky-GmbH\AppData\Local\Temporary Internet Files:we7QnUYyj06LlsjdRp1jB7kr
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^Sky-GmbH^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: AllShareAgent => C:\Program Files (x86)\Samsung\AllShare\AllShareAgent.exe
MSCONFIG\startupreg: AVMWlanClient => C:\Program Files (x86)\avmwlanstick\wlangui.exe
MSCONFIG\startupreg: CTHelper => CTHELPER.EXE
MSCONFIG\startupreg: Google Update => "C:\Users\Sky-GmbH\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogitechQuickCamRibbon => "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
MSCONFIG\startupreg: SearchProtect => C:\Users\Sky-GmbH\AppData\Roaming\SearchProtect\bin\cltmng.exe
MSCONFIG\startupreg: SearchProtectAll => C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
========================= Accounts: ==========================
Administrator (S-1-5-21-3580576135-3699304626-4257408890-500 - Administrator - Disabled)
Gast (S-1-5-21-3580576135-3699304626-4257408890-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-3580576135-3699304626-4257408890-1006 - Limited - Enabled)
Sky-GmbH (S-1-5-21-3580576135-3699304626-4257408890-1000 - Administrator - Enabled) => C:\Users\Sky-GmbH
==================== Faulty Device Manager Devices =============
Name: Microsoft PS/2-Maus
Description: Microsoft PS/2-Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: USB (Universal Serial Bus)-Controller
Description: USB (Universal Serial Bus)-Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: Microsoft-Teredo-Tunneling-Adapter
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (10/03/2014 00:20:39 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "SMC,processorArchitecture="x86",type="win32",version="6.2.0.0"1".
Die abhängige Assemblierung "SMC,processorArchitecture="x86",type="win32",version="6.2.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (10/03/2014 00:20:39 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "SMC,processorArchitecture="x86",type="win32",version="6.2.0.0"1".
Die abhängige Assemblierung "SMC,processorArchitecture="x86",type="win32",version="6.2.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (10/03/2014 00:20:37 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "SMC,processorArchitecture="x86",type="win32",version="6.2.0.0"1".
Die abhängige Assemblierung "SMC,processorArchitecture="x86",type="win32",version="6.2.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (10/03/2014 00:20:37 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "SMC,processorArchitecture="x86",type="win32",version="6.2.0.0"1".
Die abhängige Assemblierung "SMC,processorArchitecture="x86",type="win32",version="6.2.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (10/03/2014 00:19:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" in Zeile C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Error: (10/03/2014 00:19:02 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (10/03/2014 00:19:02 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1". Fehler in
Manifest- oder Richtliniendatei "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" in Zeile C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit
einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Komponente 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Error: (09/29/2014 00:17:33 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "SMC,processorArchitecture="x86",type="win32",version="6.2.0.0"1".
Die abhängige Assemblierung "SMC,processorArchitecture="x86",type="win32",version="6.2.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (09/29/2014 00:17:33 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "SMC,processorArchitecture="x86",type="win32",version="6.2.0.0"1".
Die abhängige Assemblierung "SMC,processorArchitecture="x86",type="win32",version="6.2.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (09/29/2014 00:17:32 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "SMC,processorArchitecture="x86",type="win32",version="6.2.0.0"1".
Die abhängige Assemblierung "SMC,processorArchitecture="x86",type="win32",version="6.2.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
System errors:
=============
Error: (10/03/2014 11:48:11 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\pfc.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/30/2014 08:39:58 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\pfc.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/30/2014 08:38:58 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.185.1436.0
Aktualisierungsquelle: %NT-AUTORITÄT59
Aktualisierungsphase: 4.6.0305.00
Quellpfad: 4.6.0305.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (09/30/2014 08:38:58 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.185.1436.0
Aktualisierungsquelle: %NT-AUTORITÄT59
Aktualisierungsphase: 4.6.0305.00
Quellpfad: 4.6.0305.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (09/30/2014 08:38:58 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.
Neue Signaturversion:
Vorherige Signaturversion: 1.185.1436.0
Aktualisierungsquelle: %NT-AUTORITÄT59
Aktualisierungsphase: 4.6.0305.00
Quellpfad: 4.6.0305.01
Signaturtyp: %NT-AUTORITÄT602
Aktualisierungstyp: %NT-AUTORITÄT604
Benutzer: NT-AUTORITÄT\SYSTEM
Aktuelle Modulversion: %NT-AUTORITÄT605
Vorherige Modulversion: %NT-AUTORITÄT606
Fehlercode: %NT-AUTORITÄT607
Fehlerbeschreibung: %NT-AUTORITÄT608
Error: (09/30/2014 08:24:21 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\pfc.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/28/2014 11:09:43 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\pfc.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/28/2014 05:51:22 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\pfc.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/25/2014 11:34:31 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\pfc.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Error: (09/25/2014 06:04:52 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Aufgrund der Inkompatibilität mit diesem System wurde \SystemRoot\SysWow64\drivers\pfc.sys nicht geladen. Wenden Sie sich an den Softwarehersteller, um eine kompatible Version des Treibers zu erhalten.
Microsoft Office Sessions:
=========================
Error: (10/03/2014 00:20:39 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: SMC,processorArchitecture="x86",type="win32",version="6.2.0.0"C:\Program Files (x86)\Nero\Nero 9\Nero WaveEditor\MultiChannelDll\MultiChannel.dll.Manifest
Error: (10/03/2014 00:20:39 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: SMC,processorArchitecture="x86",type="win32",version="6.2.0.0"C:\Program Files (x86)\Nero\Nero 9\Nero SoundTrax\MultiChannelDll\MultiChannel.dll.Manifest
Error: (10/03/2014 00:20:37 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: SMC,processorArchitecture="x86",type="win32",version="6.2.0.0"C:\Program Files (x86)\Nero\Nero 9\Nero WaveEditor\WEDll\waveedit.dll.Manifest
Error: (10/03/2014 00:20:37 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: SMC,processorArchitecture="x86",type="win32",version="6.2.0.0"C:\Program Files (x86)\Nero\Nero 9\Nero SoundTrax\WEDll\waveedit.dll.Manifest
Error: (10/03/2014 00:19:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Program Files (x86)\Nero\Nero 9\Nero Recode\Recode.exe.Manifest
Error: (10/03/2014 00:19:02 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnapViewer.exe.Manifest
Error: (10/03/2014 00:19:02 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\Nero\Nero 9\Nero PhotoSnap\PhotoSnap.exe.Manifest
Error: (09/29/2014 00:17:33 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: SMC,processorArchitecture="x86",type="win32",version="6.2.0.0"C:\Program Files (x86)\Nero\Nero 9\Nero WaveEditor\MultiChannelDll\MultiChannel.dll.Manifest
Error: (09/29/2014 00:17:33 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: SMC,processorArchitecture="x86",type="win32",version="6.2.0.0"C:\Program Files (x86)\Nero\Nero 9\Nero SoundTrax\MultiChannelDll\MultiChannel.dll.Manifest
Error: (09/29/2014 00:17:32 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: SMC,processorArchitecture="x86",type="win32",version="6.2.0.0"C:\Program Files (x86)\Nero\Nero 9\Nero WaveEditor\WEDll\waveedit.dll.Manifest
==================== Memory info ===========================
Processor: AMD Phenom(tm) II X6 1090T Processor
Percentage of memory in use: 26%
Total physical RAM: 8178.14 MB
Available physical RAM: 6041.85 MB
Total Pagefile: 16354.45 MB
Available Pagefile: 13717.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:302.64 GB) (Free:19.48 GB) NTFS
Drive d: (Akai MPK mini Ed) (CDROM) (Total:0.04 GB) (Free:0 GB) CDFS
Drive g: (Volume) (Fixed) (Total:628.78 GB) (Free:528.68 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 8C47B286)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=302.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=628.8 GB) - (Type=07 NTFS)
==================== End Of Log ============================
|
|
04.10.2014, 13:46
| #4 | |
| /// the machine /// TB-Ausbilder | PC Langsam Hab ich einen Virus ?Zitat:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
06.10.2014, 16:25
| #5 |
| |  PC Langsam Hab ich einen Virus ? Nein habe mein Rechner nur so genannt!  |
|
07.10.2014, 13:38
| #6 |
| /// the machine /// TB-Ausbilder | PC Langsam Hab ich einen Virus ? hi, Scan mit Combofix
__________________ --> PC Langsam Hab ich einen Virus ? |
|
07.10.2014, 20:06
| #7 |
| | PC Langsam Hab ich einen Virus ?Code:
ATTFilter ComboFix 14-10-04.01 - Sky-GmbH 07.10.2014 20:31:57.4.6 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.49.1031.18.8178.6510 [GMT 2:00]
ausgeführt von:: c:\users\Sky-GmbH\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\IePluginServices
c:\programdata\IePluginServices\PluginService.exe
c:\windows\TEMP\logishrd\LVPrcInj01.dll . . . . Nicht in der Lage zu löschen
c:\windows\TEMP\logishrd\LVPrcInj02.dll . . . . Nicht in der Lage zu löschen
.
.
((((((((((((((((((((((((((((((((((((((( Treiber/Dienste )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_IePluginServices
-------\Service_IePluginServices
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-09-07 bis 2014-10-07 ))))))))))))))))))))))))))))))
.
.
2014-10-07 18:38 . 2014-10-07 18:38 -------- d-----w- c:\users\TEMP\AppData\Local\temp
2014-10-03 11:33 . 2014-10-03 11:39 -------- d-----w- C:\FRST
2014-09-30 18:36 . 2014-09-25 02:08 371712 ----a-w- c:\windows\system32\qdvd.dll
2014-09-30 18:36 . 2014-09-25 01:40 519680 ----a-w- c:\windows\SysWow64\qdvd.dll
2014-09-30 18:27 . 2014-09-30 18:27 -------- d-sh--w- c:\users\Sky-GmbH\AppData\Local\EmieUserList
2014-09-30 18:27 . 2014-09-30 18:27 -------- d-sh--w- c:\users\Sky-GmbH\AppData\Local\EmieSiteList
2014-09-28 16:17 . 2014-09-28 16:17 -------- d-----w- c:\program files\CCleaner
2014-09-24 19:03 . 2014-09-24 19:28 -------- d-----w- c:\users\Sky-GmbH\AppData\Roaming\Ableton
2014-09-24 13:49 . 2014-09-28 17:18 -------- d-----w- c:\windows\rescache
2014-09-24 13:18 . 2014-09-24 13:18 -------- d-----w- c:\users\Sky-GmbH\AppData\Roaming\ATI
2014-09-24 13:17 . 2014-09-24 13:17 -------- d-----w- c:\users\Sky-GmbH\AppData\Roaming\Apple Computer
2014-09-24 12:22 . 2014-09-09 22:11 2048 ----a-w- c:\windows\system32\tzres.dll
2014-09-24 12:22 . 2014-09-09 21:47 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-09-15 20:04 . 2014-09-15 20:04 -------- d-----w- c:\programdata\WindowsMangerProtect
2014-09-15 20:04 . 2014-09-15 20:05 -------- d-----w- c:\program files (x86)\SupTab
2014-09-15 20:04 . 2014-09-15 20:04 -------- d-----w- c:\programdata\PicRec
2014-09-15 20:04 . 2014-09-15 20:04 -------- d-----w- c:\program files\Common Files\PicRec
2014-09-15 20:04 . 2014-09-24 13:06 -------- d-----w- c:\users\Sky-GmbH\AppData\Roaming\istartsurf
2014-09-15 20:04 . 2014-09-15 20:12 -------- d-----w- C:\http_filter
2014-09-15 20:04 . 2014-09-15 20:04 -------- d-----w- c:\users\Sky-GmbH\AppData\Local\PicRec
2014-09-15 20:04 . 2014-08-25 10:15 49880 ----a-w- c:\windows\system32\drivers\netmon_wfp.sys
2014-09-15 20:04 . 2014-09-15 20:04 -------- d-----w- c:\program files (x86)\PicRec (x86)
2014-09-15 20:03 . 2014-09-15 20:03 718497 ----a-w- c:\windows\unins000.exe
2014-09-15 20:03 . 2014-09-15 20:03 -------- d-----w- c:\program files (x86)\Maxiget
2014-09-15 20:03 . 2014-09-15 20:03 -------- d-----w- c:\users\Sky-GmbH\AppData\Local\Maxiget
2014-09-11 21:31 . 2014-08-18 20:45 360448 ----a-w- c:\program files\Internet Explorer\IEShims.dll
2014-09-11 21:26 . 2014-06-27 02:08 2777088 ----a-w- c:\windows\system32\msmpeg2vdec.dll
2014-09-11 21:26 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\SysWow64\msmpeg2vdec.dll
2014-09-11 19:13 . 2014-08-01 11:53 1031168 ----a-w- c:\windows\system32\TSWorkspace.dll
2014-09-11 19:13 . 2014-08-01 11:35 793600 ----a-w- c:\windows\SysWow64\TSWorkspace.dll
2014-09-11 19:01 . 2014-06-24 03:29 2565120 ----a-w- c:\windows\system32\d3d10warp.dll
2014-09-11 19:01 . 2014-06-24 02:59 1987584 ----a-w- c:\windows\SysWow64\d3d10warp.dll
2014-09-11 19:01 . 2014-07-07 02:06 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-09-11 19:01 . 2014-07-07 02:06 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-09-11 19:01 . 2014-07-07 01:40 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-09-11 19:01 . 2014-07-07 01:40 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-09-11 19:01 . 2014-07-07 01:39 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-09-24 12:44 . 2013-10-19 16:00 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-09-24 12:44 . 2013-10-19 16:00 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-22 06:42 . 2009-10-14 05:13 278152 ------w- c:\windows\system32\MpSigStub.exe
2014-09-11 21:26 . 2009-10-14 05:12 101694776 ----a-w- c:\windows\system32\MRT.exe
2014-08-23 02:07 . 2014-09-05 07:18 404480 ----a-w- c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-09-05 07:18 311808 ----a-w- c:\windows\SysWow64\gdi32.dll
2014-08-23 00:59 . 2014-09-05 07:18 3163648 ----a-w- c:\windows\system32\win32k.sys
2014-07-25 00:35 . 2014-07-25 00:35 875688 ----a-w- c:\windows\SysWow64\msvcr120_clr0400.dll
2014-07-24 21:47 . 2014-07-24 21:47 869544 ----a-w- c:\windows\system32\msvcr120_clr0400.dll
2014-07-14 02:02 . 2014-08-15 20:48 1216000 ----a-w- c:\windows\system32\rpcrt4.dll
2014-07-14 01:40 . 2014-08-15 20:48 664064 ----a-w- c:\windows\SysWow64\rpcrt4.dll
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
2014-09-15 20:05 515464 ----a-w- c:\program files (x86)\SupTab\SupTab.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{CA1FF14A-9541-4610-7A9E-8CA87A2F4235}]
c:\program files (x86)\YoutubeAdblocker\1E.dll [BU]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2014-06-11 15:57 297128 ----a-w- c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08 131480 ----a-w- c:\users\Sky-GmbH\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08 131480 ----a-w- c:\users\Sky-GmbH\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08 131480 ----a-w- c:\users\Sky-GmbH\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CreativeTaskScheduler"="c:\program files (x86)\Creative\Shared Files\CTSched.exe" [2006-11-17 53341]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-09-28 642728]
"AsioThk32Reg"="CTASIO.DLL" [2010-03-18 47104]
"WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2011-10-26 74752]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
.
c:\users\Sky-GmbH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Sky-GmbH\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-9-13 36414624]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R3 a4djavs;Audio 4 DJ WDM Audio;c:\windows\system32\Drivers\a4djavs.sys;c:\windows\SYSNATIVE\Drivers\a4djavs.sys [x]
R3 a4djusb_svc;Audio 4 DJ;c:\windows\system32\Drivers\a4djusb.sys;c:\windows\SYSNATIVE\Drivers\a4djusb.sys [x]
R3 avmeject;AVM Eject;c:\windows\system32\drivers\avmeject.sys;c:\windows\SYSNATIVE\drivers\avmeject.sys [x]
R3 Bulk;HDJBulk;c:\windows\system32\Drivers\HDJBulk.sys;c:\windows\SYSNATIVE\Drivers\HDJBulk.sys [x]
R3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.SYS;c:\windows\SYSNATIVE\drivers\COMMONFX.SYS [x]
R3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [x]
R3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe;c:\program files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [x]
R3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.SYS;c:\windows\SYSNATIVE\drivers\CTAUDFX.SYS [x]
R3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\System32\drivers\CTERFXFX.SYS;c:\windows\SYSNATIVE\drivers\CTERFXFX.SYS [x]
R3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.SYS;c:\windows\SYSNATIVE\drivers\CTERFXFX.SYS [x]
R3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.SYS;c:\windows\SYSNATIVE\drivers\CTSBLFX.SYS [x]
R3 FWLANUSB;AVM FRITZ!WLAN;c:\windows\system32\DRIVERS\fwlanusb.sys;c:\windows\SYSNATIVE\DRIVERS\fwlanusb.sys [x]
R3 HDJMidi;DJ Control MP3 e2 MIDI;c:\windows\system32\DRIVERS\HDJMidi.sys;c:\windows\SYSNATIVE\DRIVERS\HDJMidi.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 kx1avs;Traktor Kontrol X1 Midi;c:\windows\system32\Drivers\kx1avs.sys;c:\windows\SYSNATIVE\Drivers\kx1avs.sys [x]
R3 kx1usb_svc;Traktor Kontrol X1;c:\windows\system32\Drivers\kx1usb.sys;c:\windows\SYSNATIVE\Drivers\kx1usb.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech QuickCam S5500(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SimpleSlideShowServer;SimpleSlideShowServer;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe;c:\program files (x86)\Samsung\AllShare\AllShareSlideShowService.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
S0 amd_sata;amd_sata;c:\windows\system32\DRIVERS\amd_sata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_sata.sys [x]
S0 amd_xata;amd_xata;c:\windows\system32\DRIVERS\amd_xata.sys;c:\windows\SYSNATIVE\DRIVERS\amd_xata.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 AMD FUEL Service;AMD FUEL Service;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe;c:\program files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [x]
S2 AODDriver4.2;AODDriver4.2;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys;c:\program files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [x]
S2 HerculesDJControlMP3;Hercules DJ Control MP3;c:\program files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE;c:\program files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [x]
S2 LVPrcS64;Process Monitor;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe;c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [x]
S2 NIHardwareService;NIHardwareService;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe;c:\program files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [x]
S2 SamsungAllShareV2.0;Samsung AllShare PC;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe;c:\program files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe [x]
S2 WindowsMangerProtect;WindowsMangerProtect Service;c:\programdata\WindowsMangerProtect\ProtectWindowsManager.exe;c:\programdata\WindowsMangerProtect\ProtectWindowsManager.exe [x]
S2 winzipersvc;WinZiper service;c:\program files (x86)\WinZipper\winzipersvc.exe;c:\program files (x86)\WinZipper\winzipersvc.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\System32\drivers\COMMONFX.SYS;c:\windows\SYSNATIVE\drivers\COMMONFX.SYS [x]
S3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\System32\drivers\CTAUDFX.SYS;c:\windows\SYSNATIVE\drivers\CTAUDFX.SYS [x]
S3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\System32\drivers\CTSBLFX.SYS;c:\windows\SYSNATIVE\drivers\CTSBLFX.SYS [x]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 usbfilter;AMD USB Filter Driver;c:\windows\system32\DRIVERS\usbfilter.sys;c:\windows\SYSNATIVE\DRIVERS\usbfilter.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-10-07 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-19 12:44]
.
2014-10-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3580576135-3699304626-4257408890-1000Core.job
- c:\users\Sky-GmbH\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-31 10:03]
.
2014-10-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3580576135-3699304626-4257408890-1000UA.job
- c:\users\Sky-GmbH\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-31 10:03]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]
2013-12-30 20:27 357432 ----a-w- c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08 164760 ----a-w- c:\users\Sky-GmbH\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08 164760 ----a-w- c:\users\Sky-GmbH\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08 164760 ----a-w- c:\users\Sky-GmbH\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 21:08 164760 ----a-w- c:\users\Sky-GmbH\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-10-01 825184]
"Hercules DJ Series TrayAgent"="c:\program files\Guillemot\HDJTray\HDJSeries2TrayBar.exe" [2014-03-04 3574576]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:Tabs
mDefault_Search_URL = hxxp://www.istartsurf.com/web/?type=ds&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584&q={searchTerms}
mDefault_Page_URL = hxxp://www.istartsurf.com/?type=hp&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584
mStart Page = hxxp://www.istartsurf.com/?type=hp&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.istartsurf.com/web/?type=ds&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584&q={searchTerms}
uInternet Settings,ProxyOverride = <-loopback>
uInternet Settings,ProxyServer = http=127.0.0.1:52865;https=127.0.0.1:52865
uSearchAssistant = hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f28fb807-b9fd-409c-a311-c66ea75b232a&searchtype=ds&q={searchTerms}&installDate=01/01/1970
IE: Free YouTube Download - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm
IE: Free YouTube to MP3 Converter - c:\program files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
IE: {{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - c:\program files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll
TCP: DhcpNameServer = 192.168.2.1
DPF: {E705A591-DA3C-4228-B0D5-A356DBA42FBF} - hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Creative\Shared Files\CTAudSvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\avmwlanstick\WlanNetService.exe
c:\program files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
c:\program files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-10-07 20:43:29 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2014-10-07 18:43
ComboFix2.txt 2014-10-07 18:20
.
Vor Suchlauf: 14 Verzeichnis(se), 21.382.512.640 Bytes frei
Nach Suchlauf: 16 Verzeichnis(se), 20.821.872.640 Bytes frei
.
- - End Of File - - 8BB173E3ED912A4B1B04E07D6BB21E0D
A36C5E4F47E84449FF07ED3517B43A31
|
|
08.10.2014, 12:56
| #8 |
| /// the machine /// TB-Ausbilder | PC Langsam Hab ich einen Virus ? Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.10.2014, 14:03
| #9 |
| | PC Langsam Hab ich einen Virus ?Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 08.10.2014 Suchlauf-Zeit: 14:08:36 Logdatei: logdatei.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.10.08.03 Rootkit Datenbank: v2014.09.19.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Sky-GmbH Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 368985 Verstrichene Zeit: 22 Min, 15 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 1 PUP.Optional.WindowsProtectManger.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, 1312, , [e063a66c08740531928e734206fbb848] Module: 0 (No malicious items detected) Registrierungsschlüssel: 32 PUP.Optional.WindowsProtectManger.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, , [e063a66c08740531928e734206fbb848], PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, , [92b114fe83f90f27895f23ada55d619f], PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, , [92b114fe83f90f27895f23ada55d619f], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [6bd8e52da2da4fe709f4b5e6b84a52ae], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [6bd8e52da2da4fe709f4b5e6b84a52ae], PUP.Optional.Snapdo.T, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, , [c380d141f389bb7bdb86449038cae11f], PUP.Optional.Snapdo.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}, , [c380d141f389bb7bdb86449038cae11f], PUP.Optional.Babylon.A, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, , [e0635db5aece072f4a30336403ff1de3], PUP.Optional.DomaIQ.A, HKLM\SOFTWARE\DomaIQ, , [c28162b0adcf6ec8793c03463bc83dc3], PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [ac9738dacfad92a4d1e69acea460c63a], PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\DataMngr, , [ea59739fd6a69b9b3ae52703c73c44bc], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, , [7ac936dce09c74c206b6dd6af11238c8], PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\istartsurfSoftware, , [9ea5ae6480fcdc5a30abb06849ba5ca4], PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, , [85be13ff2f4d02340023ceaf2dd741bf], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\supWPM, , [ad967a980f6de650f12d22f5ae554db3], PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\Wajam, , [d76c17fb5c2076c0cdc3562155af1be5], PUP.Optional.QuickStart.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pelmeidfhdlhlbjimpabfcbnnojbboma, , [79ca749e4339e0568e986dce2ad9d42c], PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [55ee809289f35adcbcfb71f72cd83cc4], PUP.Optional.FastSearchings, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}, , [340f888a4735dd59863497e709fbc33d], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPDP, , [98ab52c0d6a6de58fbefeb2bd52e4db3], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, , [6dd6fe145d1f57df9b82cc4bf50e44bc], PUP.Optional.BundleInstaller.A, HKLM\SOFTWARE\WOW6432NODE\VITTALIA\AxtanInstaller, , [b78ca270c5b7e84e401a63e132d1c33d], PUP.Optional.DataMngr.A, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar, , [cc77f022b6c65adc8e6c0458a65ec63a], PUP.Optional.WebSearches.A, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SupHpUISoft, , [6ed5030f2c5037ffb42161b7bf4436ca], PUP.Optional.DVDVideoSoftTB.A, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nikpibnbobmbdbheedjfogjlikpgpnhp, , [6bd8e2305626c373cfadcc46dd26cd33], PUP.Optional.InstallCore.A, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [bc87d63cc3b948ee6764ef577f842fd1], PUP.Optional.InstallCore.A, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [68dbf51de795fc3a71adf36af70d8a76], PUP.Optional.SuperFish.A, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, , [fc472be71567cc6a78cbed364eb56c94], PUP.Optional.Qone8, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [281bd53d6e0ede580aac37318d7748b8], PUP.Optional.WebSearchInfo, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}, , [c57e46ccfb8151e5a49f05664bb9659b], PUP.Optional.FastStart.A, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS, , [76cd0a08c2bab77f0f16e92b1fe41fe1], PUP.Optional.Wajam.A, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WAJAM, , [2a19c2507309cf67dd8ee47cfe069070], Registrierungswerte: 8 PUP.Optional.SmartBar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, , [76cdd73bc6b6db5bab1247ce27dcfd03] PUP.Optional.SmartBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, , [e55eb9599ddfad89437a21f4e71c936d] PUP.Optional.FastStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|faststartff@gmail.com, C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\extensions\faststartff@gmail.com, , [f1520a082458dc5ac5767804ba4a4db3] PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPDP|dir, C:\Program Files (x86)\SupTab, , [98ab52c0d6a6de58fbefeb2bd52e4db3] PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, smt, , [6dd6fe145d1f57df9b82cc4bf50e44bc] PUP.Optional.InstallCore.A, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 1V2X1Q1R1M1F, , [68dbf51de795fc3a71adf36af70d8a76] PUP.Optional.FastStart.A, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, , [76cd0a08c2bab77f0f16e92b1fe41fe1] PUP.Optional.Wajam.A, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WAJAM|affiliate_id, 8755, , [2a19c2507309cf67dd8ee47cfe069070] Registrierungsdaten: 10 PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.istartsurf.com/?type=hp&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/?type=hp&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584),,[49fab35fe79559dd15b1ff0c31d4fe02] PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[2f14d43ef6861e184e8da472ab5a22de] PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.istartsurf.com/web/?type=ds&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=ds&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584&q={searchTerms}),,[dc671101f78584b216aeba51a560ab55] PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.istartsurf.com/?type=hp&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/?type=hp&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584),,[0c37e929c9b372c47d45c5467293be42] PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.istartsurf.com/?type=hp&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/?type=hp&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584),,[7dc6a66c4339db5baf17e8231fe6c739] PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[71d260b2215b68ce1fbc53c3c5409b65] PUP.Optional.SnapDo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f28fb807-b9fd-409c-a311-c66ea75b232a&searchtype=ds&q={searchTerms}&installDate=01/01/1970, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f28fb807-b9fd-409c-a311-c66ea75b232a&searchtype=ds&q={searchTerms}&installDate=01/01/1970),,[84bffb17de9e33036487868664a15ba5] PUP.Optional.Snapdo, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f28fb807-b9fd-409c-a311-c66ea75b232a&searchtype=ds&q={searchTerms}&installDate=01/01/1970, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f28fb807-b9fd-409c-a311-c66ea75b232a&searchtype=ds&q={searchTerms}&installDate=01/01/1970),,[64dfb85aabd115213a1520f606ff4db3] PUP.Optional.Snapdo, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f28fb807-b9fd-409c-a311-c66ea75b232a&searchtype=ds&q={searchTerms}&installDate=01/01/1970, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f28fb807-b9fd-409c-a311-c66ea75b232a&searchtype=ds&q={searchTerms}&installDate=01/01/1970),,[241f5eb47a022d0927292aeced1804fc] PUP.Optional.SnapDo.A, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f28fb807-b9fd-409c-a311-c66ea75b232a&searchtype=ds&q={searchTerms}&installDate=01/01/1970, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f28fb807-b9fd-409c-a311-c66ea75b232a&searchtype=ds&q={searchTerms}&installDate=01/01/1970),,[96ad3dd5720aec4aad3f6e9ee71e2fd1] Ordner: 74 Adware.PicRec, C:\Users\Sky-GmbH\AppData\Local\PicRec, , [83c057bbd6a6c76ff894110118eb58a8], PUP.Optional.eSafe.A, C:\ProgramData\eSafe\log, , [1f242ce61864e155100a2c17b152a65a], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\1, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\3, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\35, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\36, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\39, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\4, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\41, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\42, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\components, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\desk_bkg, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\sysicons, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\wp, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Program Files (x86)\Desk 365, , [a1a2e032225ab680678ca3b7e3210bf5], PUP.Optional.DealPly.A, C:\Users\Sky-GmbH\AppData\Roaming\DealPly, , [0c372be795e7a59160c1b43011f19e62], PUP.Optional.DealPly.A, C:\Users\Sky-GmbH\AppData\Roaming\DealPly\UpdateProc, , [0c372be795e7a59160c1b43011f19e62], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\04EF6AFC4BAE4F5CBF52E05FA59AD774, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\394692FCCF1B4C5F84DE8C77F82767E1, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\7CE63C9703E94FB8ADFD8E43D1AF0EEA, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\A9AD9E2716F4432A98EE8A7E7E89541E, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\D0094371F3F849D9B294DAA11F1740EA, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\D0677A1A5D74454297C54CBDF9BBC65B, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\DCC14DE66C2441D4A647ADCEF4ED8E48, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\OpenCandy_A9AD9E2716F4432A98EE8A7E7E89541E, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.337Technologies.A, C:\Program Files (x86)\Common Files\337\libcef, , [40036aa8d0ac1e1888f96480fb0746ba], PUP.Optional.337Technologies.A, C:\Program Files (x86)\Common Files\337\libcef\1.1364.1123, , [40036aa8d0ac1e1888f96480fb0746ba], PUP.Optional.337Technologies.A, C:\Program Files (x86)\Common Files\337\libcef\1.1364.1123\locales, , [40036aa8d0ac1e1888f96480fb0746ba], PUP.Optional.FreeGames.A, C:\Users\Sky-GmbH\AppData\Roaming\freegames4357, , [61e27d95bac2a096ce4f8264d32f5ca4], PUP.Optional.SpeedTest.A, C:\Users\Sky-GmbH\AppData\Roaming\speedtest4354, , [84bfc54d4e2e8fa7bb659056669cbc44], PUP.Optional.YoutubeAdblocker.A, C:\ProgramData\YoutubeAdblocker, , [ea599a78dd9f01356ef5d711847ec838], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\baodmgdpdoelldjmkhknbolcldnfjegg, , [b390f61c196376c063a136c19e6439c7], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cokhadepfhgbjhnngnmkkbcclhgjelkn, , [004335dd5923e94de6378773a26049b7], PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, , [0d361101d4a83204332fe21ac939bc44], PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log, , [0d361101d4a83204332fe21ac939bc44], PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, , [0d361101d4a83204332fe21ac939bc44], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\code, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\log, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.DSearchLink.A, C:\ProgramData\DSearchLink, , [b192fe1488f486b0685f2adf0cf7b24e], Adware.PicRec, C:\Program Files\Common Files\PicRec\PicRecHelper, , [3310050dc1bbf6408f60cf3cfa0938c8], Dateien: 259 PUP.Optional.WindowsProtectManger.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, , [e063a66c08740531928e734206fbb848], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SupTab.dll, , [6bd8e52da2da4fe709f4b5e6b84a52ae], PUP.Optional.Delta.A, C:\ProgramData\DSearchLink\DSearchLink.exe, , [b39064aee597ab8be1fb7751fb099b65], PUP.Optional.MultiPlug.A, C:\ProgramData\YoutubeAdblocker\bAG.exe, , [b3902fe33b4192a41f2c0e4f56ab857b], PUP.Optional.MultiPlug.A, C:\ProgramData\YoutubeBookmark\yVuNUFv.exe, , [5ee5b1611c60c571f358b0adcd3411ef], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\components\component_libcef_1.1364.1123.exe, , [ff4472a096e6c86e5bb590adf90cb44c], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Omiga Plus\wallpaper_components.exe, , [99aade34bfbd6ec88d83132a2ed7ec14], PUP.Optional.Conduit.A, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\04EF6AFC4BAE4F5CBF52E05FA59AD774\mconduitinstaller.exe, , [96ad62b09ddfe84e439859c50af6c13f], PUP.Optional.Delta.A, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\D0094371F3F849D9B294DAA11F1740EA\DeltaTB.exe, , [4ff40012f4882a0cda9ea674dd241ce4], PUP.Optional.OpenCandy.A, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\DCC14DE66C2441D4A647ADCEF4ED8E48\Setupsft_chr_p1v7.exe, , [350e5ab880fc1125cbe5fcee29dba65a], PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\DpInterface32.dll, , [350eb55dd3a993a3c5198b0dc43dd52b], PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\DpInterface64.dll, , [fa490e04d6a670c6548a841459a89c64], PUP.Optional.IEPluginService.A, C:\Program Files (x86)\SupTab\RSHP.exe, , [d17238da8bf1e74ff710f983cf32b64a], PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\SearchProtect32.dll, , [f74c0d05c5b73501a638b6e259a81ae6], PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\SearchProtect64.dll, , [65de36dc2a52c76f23bbc2d614edb947], PUP.Optional.IePluginService.A, C:\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe, , [94afcc46f5871026b4a8db8e09f8df21], PUP.Optional.Bandoo, C:\Users\Sky-GmbH\Downloads\jZipSetup-r230-n-bc.exe, , [92b1fd15fe7e49ed5a73c00ae021916f], PUP.Optional.SmartBar, C:\Windows\Installer\MSI5409.tmp-\Smartbar.Installer.CustomActions.dll, , [0f346da586f6d165bf921d1103fdd42c], Adware.PicRec, C:\Users\Sky-GmbH\AppData\Local\PicRec\BaseLibrary.dll, , [83c057bbd6a6c76ff894110118eb58a8], Adware.PicRec, C:\Users\Sky-GmbH\AppData\Local\PicRec\ConfigurationData.dll, , [83c057bbd6a6c76ff894110118eb58a8], Adware.PicRec, C:\Users\Sky-GmbH\AppData\Local\PicRec\InstallerLibrary.dll, , [83c057bbd6a6c76ff894110118eb58a8], Adware.PicRec, C:\Users\Sky-GmbH\AppData\Local\PicRec\Interop.SHDocVw.dll, , [83c057bbd6a6c76ff894110118eb58a8], Adware.PicRec, C:\Users\Sky-GmbH\AppData\Local\PicRec\LinqBridge.dll, , [83c057bbd6a6c76ff894110118eb58a8], Adware.PicRec, C:\Users\Sky-GmbH\AppData\Local\PicRec\NDde.DLL, , [83c057bbd6a6c76ff894110118eb58a8], Adware.PicRec, C:\Users\Sky-GmbH\AppData\Local\PicRec\SQLite.Interop.dll, , [83c057bbd6a6c76ff894110118eb58a8], Adware.PicRec, C:\Users\Sky-GmbH\AppData\Local\PicRec\System.Data.SQLite.dll, , [83c057bbd6a6c76ff894110118eb58a8], Adware.PicRec, C:\Users\Sky-GmbH\AppData\Local\PicRec\wsystem.exe, , [83c057bbd6a6c76ff894110118eb58a8], PUP.Optional.IStartSurf.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\istartsurf.xml, , [172c50c28af2a195d03fae6cb053b050], PUP.Optional.DealPly.A, C:\Windows\System32\Tasks\DealPly, , [68dbe230b4c88da98b9c4adaab58e11f], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cokhadepfhgbjhnngnmkkbcclhgjelkn_0.localstorage, , [80c309098fed4ee83d56b670bd469b65], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_baodmgdpdoelldjmkhknbolcldnfjegg_0.localstorage, , [c47ff41eceae88ae3d4465c53cc79d63], PUP.Optional.Speedial.A, C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\searchplugins\Speedial.xml, , [51f2ac66ceaef442beadc56bc34049b7], PUP.Optional.eSafe.A, C:\ProgramData\eSafe\log\eGdpSvc.LOG, , [1f242ce61864e155100a2c17b152a65a], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote.xml, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\accelerate, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\desk_bkg_list.xml, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\desk_list.xml, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\desk_settings.ini, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\process_mgr.xml, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\1\angrybirds.db, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\1\angrybirds.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\3\BigFarm.db, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\3\BigFarm.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\35\Gmail.db, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\35\Gmail.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\36\Outlook.db, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\36\Outlook.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\39\ESPN.db, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\39\ESPN.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\4\Empire.db, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\4\Empire.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\41\gcalendar.db, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\41\gcalendar.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\42\pulse.db, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\42\pulse.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_1.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_2.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_3.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_4.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_5.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_default.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\337_7c9140b13c049fd26989f7fa25b77cb1_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\angrybirds_00ff92c12703baaf0130d6aec427d047_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\Barbie_00a67ff4ef657679a6c88553135d62ad_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\BigFarm_de933b0e5218a4db24bebe3d55ed3558_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\chrome_483ac4d2c86667bf6a11770a58608c76.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\chrome_483ac4d2c86667bf6a11770a58608c76_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\Empire_22b42f57d1c467841280810e218d5510_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\ESPN_a7b078f5f5f5b87efcef66ab5783cf9d_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\Facebook_aab07bc79cf599b25c0110f32d46a3ef_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\gcalendar_50b3e3c5fc202f0cfcae8032b2465c1b_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\Gmail_731b6d011bd9f67463a916a496775935_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\Google_60d75cb277f0c452fa60dba8350caf65_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\iexplore_7306874f6ecd2bc134bbab44894967ce.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\iexplore_7306874f6ecd2bc134bbab44894967ce_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\Mario_52934d81761dc31187a93a3a0be7fecc_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\Outlook_6f817b67fa6af1a9c8abfa3813a8595c_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\pulse_b5a242da04cc06eacd02b1ca41e3583c_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\sys_computer_20_20.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\sys_computer_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\sys_control_panel_20_20.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\sys_control_panel_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\sys_downloads_20_20.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\sys_my_documents_20_20.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\sys_my_documents_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\Twitter_ebddd85ec04b7b94a2b2e97b73a90a4a_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\Youtube_bf18fdfc4aefd6417a8bacae4be5b415_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\337.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\337_7c9140b13c049fd26989f7fa25b77cb1.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\barbie.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\Barbie_00a67ff4ef657679a6c88553135d62ad.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\facebook.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\Facebook_aab07bc79cf599b25c0110f32d46a3ef.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\GameCenter.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\google.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\Google_60d75cb277f0c452fa60dba8350caf65.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\mario.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\Mario_52934d81761dc31187a93a3a0be7fecc.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\twitter.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\Twitter_ebddd85ec04b7b94a2b2e97b73a90a4a.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\v9.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\youtube.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\Youtube_bf18fdfc4aefd6417a8bacae4be5b415.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\sysicons\07584c03a5dd11a6104e45e8ad03b3fe_104.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\sysicons\07584c03a5dd11a6104e45e8ad03b3fe_107.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\sysicons\07584c03a5dd11a6104e45e8ad03b3fe_175.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\sysicons\83f241e79de36dffdfbd037cd1780688_21.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\wp\r0.jpg, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\wp\r1.jpg, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\wp\r2.jpg, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\wp\r3.jpg, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\wp\r4.jpg, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\wp\r5.jpg, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\wp\r6.jpg, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\wp\r7.jpg, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\wp\r8.jpg, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\wp\r9.jpg, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Program Files (x86)\Desk 365\promote.xml, , [a1a2e032225ab680678ca3b7e3210bf5], PUP.Optional.Desk365.A, C:\Program Files (x86)\Desk 365\desk_bkg_list.xml, , [a1a2e032225ab680678ca3b7e3210bf5], PUP.Optional.Desk365.A, C:\Program Files (x86)\Desk 365\desk_list.xml, , [a1a2e032225ab680678ca3b7e3210bf5], PUP.Optional.Desk365.A, C:\Program Files (x86)\Desk 365\desk_settings.ini, , [a1a2e032225ab680678ca3b7e3210bf5], PUP.Optional.Desk365.A, C:\Program Files (x86)\Desk 365\process_mgr.xml, , [a1a2e032225ab680678ca3b7e3210bf5], PUP.Optional.Desk365.A, C:\Program Files (x86)\Desk 365\recent.xml, , [a1a2e032225ab680678ca3b7e3210bf5], PUP.Optional.DealPly.A, C:\Users\Sky-GmbH\AppData\Roaming\DealPly\UpdateProc\config.dat, , [0c372be795e7a59160c1b43011f19e62], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\394692FCCF1B4C5F84DE8C77F82767E1\TuneUpUtilities2013-2200217_de-DE.exe, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\7CE63C9703E94FB8ADFD8E43D1AF0EEA\TuneUpUtilities2013-2200218_de-DE.exe, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\A9AD9E2716F4432A98EE8A7E7E89541E\3708.ico, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\A9AD9E2716F4432A98EE8A7E7E89541E\EBB77268-338F-4C6A-8590-AD88FED26F4A, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\A9AD9E2716F4432A98EE8A7E7E89541E\Installer.exe, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\A9AD9E2716F4432A98EE8A7E7E89541E\OCBrowserHelper_1.0.5.112.dll, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\D0094371F3F849D9B294DAA11F1740EA\5471.ico, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\D0094371F3F849D9B294DAA11F1740EA\EBB77268-338F-4C6A-8590-AD88FED26F4A, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\D0094371F3F849D9B294DAA11F1740EA\OCBrowserHelper_1.0.6.125.exe, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\D0677A1A5D74454297C54CBDF9BBC65B\3708.ico, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\D0677A1A5D74454297C54CBDF9BBC65B\EBB77268-338F-4C6A-8590-AD88FED26F4A, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\D0677A1A5D74454297C54CBDF9BBC65B\Installer.exe, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\D0677A1A5D74454297C54CBDF9BBC65B\OCBrowserHelper_1.0.6.128.exe, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.337Technologies.A, C:\Program Files (x86)\Common Files\337\libcef\1.1364.1123\icudt.dll, , [40036aa8d0ac1e1888f96480fb0746ba], PUP.Optional.337Technologies.A, C:\Program Files (x86)\Common Files\337\libcef\1.1364.1123\libcef.dll, , [40036aa8d0ac1e1888f96480fb0746ba], PUP.Optional.337Technologies.A, C:\Program Files (x86)\Common Files\337\libcef\1.1364.1123\locales\en-US.pak, , [40036aa8d0ac1e1888f96480fb0746ba], PUP.Optional.FreeGames.A, C:\Users\Sky-GmbH\AppData\Roaming\freegames4357\freegames4357.crx, , [61e27d95bac2a096ce4f8264d32f5ca4], PUP.Optional.FreeGames.A, C:\Users\Sky-GmbH\AppData\Roaming\freegames4357\freegames4357DeskTopIcon.ico, , [61e27d95bac2a096ce4f8264d32f5ca4], PUP.Optional.FreeGames.A, C:\Users\Sky-GmbH\AppData\Roaming\freegames4357\install_helper.exe, , [61e27d95bac2a096ce4f8264d32f5ca4], PUP.Optional.SpeedTest.A, C:\Users\Sky-GmbH\AppData\Roaming\speedtest4354\install_helper.exe, , [84bfc54d4e2e8fa7bb659056669cbc44], PUP.Optional.SpeedTest.A, C:\Users\Sky-GmbH\AppData\Roaming\speedtest4354\speedtest4354.crx, , [84bfc54d4e2e8fa7bb659056669cbc44], PUP.Optional.SpeedTest.A, C:\Users\Sky-GmbH\AppData\Roaming\speedtest4354\speedtest4354DeskTopIcon.ico, , [84bfc54d4e2e8fa7bb659056669cbc44], PUP.Optional.YoutubeAdblocker.A, C:\ProgramData\YoutubeAdblocker\bAG.dat, , [ea599a78dd9f01356ef5d711847ec838], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\baodmgdpdoelldjmkhknbolcldnfjegg\000005.sst, , [b390f61c196376c063a136c19e6439c7], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\baodmgdpdoelldjmkhknbolcldnfjegg\000012.log, , [b390f61c196376c063a136c19e6439c7], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\baodmgdpdoelldjmkhknbolcldnfjegg\CURRENT, , [b390f61c196376c063a136c19e6439c7], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\baodmgdpdoelldjmkhknbolcldnfjegg\LOCK, , [b390f61c196376c063a136c19e6439c7], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\baodmgdpdoelldjmkhknbolcldnfjegg\LOG, , [b390f61c196376c063a136c19e6439c7], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\baodmgdpdoelldjmkhknbolcldnfjegg\LOG.old, , [b390f61c196376c063a136c19e6439c7], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\baodmgdpdoelldjmkhknbolcldnfjegg\MANIFEST-000010, , [b390f61c196376c063a136c19e6439c7], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cokhadepfhgbjhnngnmkkbcclhgjelkn\000005.sst, , [004335dd5923e94de6378773a26049b7], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cokhadepfhgbjhnngnmkkbcclhgjelkn\000015.log, , [004335dd5923e94de6378773a26049b7], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cokhadepfhgbjhnngnmkkbcclhgjelkn\CURRENT, , [004335dd5923e94de6378773a26049b7], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cokhadepfhgbjhnngnmkkbcclhgjelkn\LOCK, , [004335dd5923e94de6378773a26049b7], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cokhadepfhgbjhnngnmkkbcclhgjelkn\LOG, , [004335dd5923e94de6378773a26049b7], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cokhadepfhgbjhnngnmkkbcclhgjelkn\LOG.old, , [004335dd5923e94de6378773a26049b7], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cokhadepfhgbjhnngnmkkbcclhgjelkn\MANIFEST-000013, , [004335dd5923e94de6378773a26049b7], PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-09-15[22-04-59-478].log, , [0d361101d4a83204332fe21ac939bc44], PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, , [0d361101d4a83204332fe21ac939bc44], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\HpUI.exe, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\ient.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\install.data, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\Loader32.exe, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\Loader64.exe, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcp110.dll, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcr110.dll, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\uninstall.exe, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\bk_shadow.png, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\btn.png, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\close.png, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\main.xml, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\main.xml.bak, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\ck_box.png, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\ck_check.png, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\radio_bk.png, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\radio_check.png, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\data.html, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE.html, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE8.html, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\main.css, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\ver.txt, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\google_trends.png, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon128.png, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon16.png, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon48.png, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\loading.gif, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\logo32.ico, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\common.js, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ga.js, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery-1.11.0.min.js, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\js.js, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\library.js, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\xagainit-ie8.js, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\xagainit2.0.js, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\278.json, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\MessageBox.xml, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\uninstallDlg2.xml, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\uninstalled2.ini, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\UninstallManager.exe, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\bg.png, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\bg1.png, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\bk_shadow.png, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\button.png, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\button1.png, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\checkbox.png, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\checkbox_select.png, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\checked.png, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\close.png, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\loading_bg.png, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\loading_light.png, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\min.png, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\scrollbar.bmp, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\Thumbs.db, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\unchecked.png, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\code\code1.jpg, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\code\code2.jpg, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\code\code3.jpg, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\code\code4.jpg, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\code\code5.jpg, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\code\code6.jpg, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\code\Thumbs.db, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\log\UninstallManager_2014-09-15[22-08-28-536].log, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\log\UninstallManager_2014-09-15[22-08-49-040].log, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\log\UninstallManager_2014-09-15[22-08-57-688].log, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\log\UninstallManager_2014-09-15[22-09-15-533].log, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\log\UninstallManager_2014-09-15[22-09-21-924].log, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\log\UninstallManager_2014-09-15[22-10-45-138].log, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\log\UninstallManager_2014-09-15[22-10-55-245].log, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\log\UninstallManager_2014-09-24[15-04-47-716].log, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\log\UninstallManager_2014-09-24[15-06-50-122].log, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.QuickStart.A, C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");), ,[8eb5a66c423aa98d58494801b84d8080] PUP.Optional.Babylon.A, C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.prtkDS", 0);), ,[f0537d95205c1f17dc1734168e778a76] PUP.Optional.Babylon.A, C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.prtkHmpg", 0);), ,[c380d63cd2aaac8adc1739119372cf31] Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v3.311 - Bericht erstellt am 08/10/2014 um 14:34:06
# Aktualisiert 30/09/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : Sky-GmbH - SKY-GMBH-PC
# Gestartet von : G:\Downloads\AdwCleaner_3.311.exe
# Option : Suchen
***** [ Dienste ] *****
Dienst Gefunden : WindowsMangerProtect
Dienst Gefunden : winzipersvc
***** [ Dateien / Ordner ] *****
Ordner Gefunden : C:\Program Files (x86)\Common Files\337
Ordner Gefunden : C:\Program Files (x86)\MyPC Backup
Ordner Gefunden : C:\Program Files (x86)\PicRec (x86)
Ordner Gefunden : C:\Program Files (x86)\suurF And keeep
Ordner Gefunden : C:\Program Files (x86)\WinZipper
Ordner Gefunden : C:\ProgramData\~0
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\ProgramData\eSafe
Ordner Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Ordner Gefunden : C:\ProgramData\PicRec
Ordner Gefunden : C:\ProgramData\QuickSet
Ordner Gefunden : C:\ProgramData\simplitec
Ordner Gefunden : C:\ProgramData\suurF And keeep
Ordner Gefunden : C:\ProgramData\WindowsMangerProtect
Ordner Gefunden : C:\ProgramData\YoutubeBookmark
Ordner Gefunden : C:\Users\Sky-GmbH\AppData\Local\jZip
Ordner Gefunden : C:\Users\Sky-GmbH\AppData\Local\webplayer
Ordner Gefunden : C:\Users\Sky-GmbH\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\Sky-GmbH\AppData\LocalLow\Delta
Ordner Gefunden : C:\Users\Sky-GmbH\AppData\LocalLow\Opti Toolbar
Ordner Gefunden : C:\Users\Sky-GmbH\AppData\LocalLow\Softonic
Ordner Gefunden : C:\Users\Sky-GmbH\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gefunden : C:\Users\Sky-GmbH\AppData\Roaming\Omiga Plus
Ordner Gefunden : C:\Users\Sky-GmbH\AppData\Roaming\Security System 2
Ordner Gefunden : C:\Users\Sky-GmbH\AppData\Roaming\SendSpace
Ordner Gefunden : C:\Users\Sky-GmbH\AppData\Roaming\simplitec
Ordner Gefunden : C:\Users\Sky-GmbH\AppData\Roaming\WinZipper
Ordner Gefunden : C:\Users\Sky-GmbH\Documents\Optimizer Pro
***** [ Tasks ] *****
Task Gefunden : Dealply
Task Gefunden : Desk 365 RunAsStdUser
Task Gefunden : LaunchApp
Task Gefunden : Omiga Plus RunAsStdUser
***** [ Verknüpfungen ] *****
Verknüpfung Gefunden : C:\Users\Sky-GmbH\Desktop\Musik\alles\Search.lnk ( -url hxxp://www2.delta-search.com/?babsrc=DT_ss&mntrId=C2308C89A532303F&affID=119887&tl=162546700&tt=160913_m1&tsp=5011 -wbr 4 )
Verknüpfung Gefunden : C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584 )
Verknüpfung Gefunden : C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584 )
Verknüpfung Gefunden : C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://www.istartsurf.com/?type=sc&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584 )
Verknüpfung Gefunden : C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584 )
Verknüpfung Gefunden : C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584 )
Verknüpfung Gefunden : C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584 )
Verknüpfung Gefunden : C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584 )
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKCU\Software\84ddd9b26dee12
Schlüssel Gefunden : HKCU\Software\APN PIP
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\lyricsmonkey
Schlüssel Gefunden : HKCU\Software\BI
Schlüssel Gefunden : HKCU\Software\Classes\pokki
Schlüssel Gefunden : HKCU\Software\Delta
Schlüssel Gefunden : HKCU\Software\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
Schlüssel Gefunden : HKCU\Software\jZip
Schlüssel Gefunden : HKCU\Software\lollipop
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKCU\Software\Opti Toolbar
Schlüssel Gefunden : HKCU\Software\RegisteredApplicationsEx
Schlüssel Gefunden : [x64] HKCU\Software\APN PIP
Schlüssel Gefunden : [x64] HKCU\Software\BI
Schlüssel Gefunden : [x64] HKCU\Software\Delta
Schlüssel Gefunden : [x64] HKCU\Software\jZip
Schlüssel Gefunden : [x64] HKCU\Software\lollipop
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Schlüssel Gefunden : [x64] HKCU\Software\Opti Toolbar
Schlüssel Gefunden : [x64] HKCU\Software\RegisteredApplicationsEx
Schlüssel Gefunden : HKLM\SOFTWARE\84ddd9b26dee12
Schlüssel Gefunden : HKLM\SOFTWARE\Babylon
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{CA1FF14A-9541-4610-7A9E-8CA87A2F4235}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gefunden : HKLM\SOFTWARE\Delta
Schlüssel Gefunden : HKLM\SOFTWARE\Desksvc
Schlüssel Gefunden : HKLM\SOFTWARE\eSafeSecControl
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg
Schlüssel Gefunden : HKLM\SOFTWARE\hdcode
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA1FF14A-9541-4610-7A9E-8CA87A2F4235}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CA1FF14A-9541-4610-7A9E-8CA87A2F4235}
Schlüssel Gefunden : HKLM\SOFTWARE\omigaplusSvc
Schlüssel Gefunden : HKLM\SOFTWARE\Opti Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\PIP
Schlüssel Gefunden : HKLM\SOFTWARE\SoftwareUpdater
Schlüssel Gefunden : HKLM\SOFTWARE\SP Global
Schlüssel Gefunden : HKLM\SOFTWARE\SProtector
Schlüssel Gefunden : HKLM\SOFTWARE\Uniblue
Schlüssel Gefunden : HKLM\SOFTWARE\V9
Schlüssel Gefunden : HKLM\SOFTWARE\Vittalia
Schlüssel Gefunden : HKLM\SOFTWARE\winzipersvc
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\omigaplussvc
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}]
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17280
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.istartsurf.com/web/?type=ds&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584&q={searchTerms}
-\\ Mozilla Firefox v
[ Datei : C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\prefs.js ]
Zeile gefunden : user_pref("aol_toolbar.default.homepage.check", false);
Zeile gefunden : user_pref("aol_toolbar.default.search.check", false);
Zeile gefunden : user_pref("browser.search.defaultenginename", "istartsurf");
Zeile gefunden : user_pref("browser.search.selectedEngine", "istartsurf");
Zeile gefunden : user_pref("extensions.quick_start.enable_search1", false);
Zeile gefunden : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
Zeile gefunden : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Zeile gefunden : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Zeile gefunden : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Zeile gefunden : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Zeile gefunden : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Zeile gefunden : user_pref("sweetim.toolbar.searchguard.enable", "");
-\\ Google Chrome v
[ Datei : C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [12295 octets] - [08/10/2014 14:34:06]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [12356 octets] ##########
Code:
ATTFilter # AdwCleaner v3.311 - Bericht erstellt am 08/10/2014 um 14:36:14
# Aktualisiert 30/09/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : Sky-GmbH - SKY-GMBH-PC
# Gestartet von : G:\Downloads\AdwCleaner_3.311.exe
# Option : Löschen
***** [ Dienste ] *****
Dienst Gelöscht : WindowsMangerProtect
Dienst Gelöscht : winzipersvc
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\~0
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\eSafe
Ordner Gelöscht : C:\ProgramData\PicRec
Ordner Gelöscht : C:\ProgramData\QuickSet
Ordner Gelöscht : C:\ProgramData\simplitec
Ordner Gelöscht : C:\ProgramData\WindowsMangerProtect
Ordner Gelöscht : C:\ProgramData\suurF And keeep
Ordner Gelöscht : C:\ProgramData\YoutubeBookmark
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Program Files (x86)\PicRec (x86)
Ordner Gelöscht : C:\Program Files (x86)\WinZipper
Ordner Gelöscht : C:\Program Files (x86)\suurF And keeep
Ordner Gelöscht : C:\Program Files (x86)\Common Files\337
Ordner Gelöscht : C:\Users\Sky-GmbH\AppData\Local\jZip
Ordner Gelöscht : C:\Users\Sky-GmbH\AppData\Local\webplayer
Ordner Gelöscht : C:\Users\Sky-GmbH\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Sky-GmbH\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\Sky-GmbH\AppData\LocalLow\Opti Toolbar
Ordner Gelöscht : C:\Users\Sky-GmbH\AppData\LocalLow\Softonic
Ordner Gelöscht : C:\Users\Sky-GmbH\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Sky-GmbH\AppData\Roaming\Omiga Plus
Ordner Gelöscht : C:\Users\Sky-GmbH\AppData\Roaming\Security System 2
Ordner Gelöscht : C:\Users\Sky-GmbH\AppData\Roaming\SendSpace
Ordner Gelöscht : C:\Users\Sky-GmbH\AppData\Roaming\simplitec
Ordner Gelöscht : C:\Users\Sky-GmbH\AppData\Roaming\WinZipper
Ordner Gelöscht : C:\Users\Sky-GmbH\Documents\Optimizer Pro
***** [ Tasks ] *****
Task Gelöscht : Dealply
Task Gelöscht : Desk 365 RunAsStdUser
Task Gelöscht : LaunchApp
Task Gelöscht : Omiga Plus RunAsStdUser
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\Users\Sky-GmbH\Desktop\Musik\alles\Search.lnk
Verknüpfung Desinfiziert : C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg
Schlüssel Gelöscht : HKCU\Software\Classes\pokki
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\omigaplussvc
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Schlüssel Gelöscht : HKCU\Software\84ddd9b26dee12
Schlüssel Gelöscht : HKLM\SOFTWARE\84ddd9b26dee12
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CA1FF14A-9541-4610-7A9E-8CA87A2F4235}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA1FF14A-9541-4610-7A9E-8CA87A2F4235}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CA1FF14A-9541-4610-7A9E-8CA87A2F4235}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\jZip
Schlüssel Gelöscht : HKCU\Software\lollipop
Schlüssel Gelöscht : HKCU\Software\Opti Toolbar
Schlüssel Gelöscht : HKCU\Software\RegisteredApplicationsEx
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\lyricsmonkey
Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Delta
Schlüssel Gelöscht : HKLM\SOFTWARE\Desksvc
Schlüssel Gelöscht : HKLM\SOFTWARE\eSafeSecControl
Schlüssel Gelöscht : HKLM\SOFTWARE\hdcode
Schlüssel Gelöscht : HKLM\SOFTWARE\omigaplusSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Opti Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\PIP
Schlüssel Gelöscht : HKLM\SOFTWARE\SoftwareUpdater
Schlüssel Gelöscht : HKLM\SOFTWARE\SP Global
Schlüssel Gelöscht : HKLM\SOFTWARE\SProtector
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\V9
Schlüssel Gelöscht : HKLM\SOFTWARE\Vittalia
Schlüssel Gelöscht : HKLM\SOFTWARE\winzipersvc
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17280
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v
[ Datei : C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\prefs.js ]
Zeile gelöscht : user_pref("aol_toolbar.default.homepage.check", false);
Zeile gelöscht : user_pref("aol_toolbar.default.search.check", false);
Zeile gelöscht : user_pref("browser.search.defaultenginename", "istartsurf");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "istartsurf");
Zeile gelöscht : user_pref("extensions.quick_start.enable_search1", false);
Zeile gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.enable", "");
-\\ Google Chrome v
[ Datei : C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [12509 octets] - [08/10/2014 14:34:06]
AdwCleaner[S0].txt - [10715 octets] - [08/10/2014 14:36:14]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10776 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.1 (10.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by Sky-GmbH on 08.10.2014 at 14:46:34,46
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricsMonkeyUpdater_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricsMonkeyUpdater_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricsPal_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricsPal_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\pricepeep_130001_1001_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\pricepeep_130001_1001_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\LyricsMonkeyUpdater_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\LyricsMonkeyUpdater_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\LyricsPal_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\LyricsPal_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\pricepeep_130001_1001_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\pricepeep_130001_1001_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A05A4538-1D9E-478D-84A6-337DCAE8E684}
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.10.2014 at 14:49:39,89
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014 01 Ran by Sky-GmbH (administrator) on SKY-GMBH-PC on 08-10-2014 15:02:37 Running from G:\Downloads Loaded Profile: Sky-GmbH (Available profiles: Sky-GmbH) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (AMD) C:\Windows\System32\atieclxx.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe (Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (Hercules®) C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTSched.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe (Dropbox, Inc.) C:\Users\Sky-GmbH\AppData\Roaming\Dropbox\bin\Dropbox.exe (Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\cpl2\HDJSeries2CPL.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe (Google Inc.) C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-09-28] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [AsioThk32Reg] => REGSVR32.EXE /S CTASIO.DLL HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-10-26] (Nullsoft, Inc.) HKU\S-1-5-21-3580576135-3699304626-4257408890-1000\...\Run: [CreativeTaskScheduler] => C:\Program Files (x86)\Creative\Shared Files\CTSched.exe [53341 2006-11-17] (Creative Technology Ltd) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyServer: http=127.0.0.1:52865;https=127.0.0.1:52865 HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x516A01B772FBCD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKCU - URL hxxp://isearch.babylon.com/?q={searchTerms}&babsrc=SP_ss_Btisdt5&mntrId=C2308C89A532303F&affID=121562&tl=162546700&tt=250613_gr1&tsp=4926 BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default FF Homepage: hxxp://google.de/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Sky-GmbH\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Sky-GmbH\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Extension: Easy YouTube to MP3 Converter - C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\Extensions\jid0-SQnwtgW1b8BsMB5PLV5WScEDWOw@jetpack.xpi [2013-12-19] FF Extension: Speed Dial - C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2014-09-24] FF Extension: {6653afde-c1ab-43c4-ba73-af5f7614d9de} - C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\Extensions\{6653afde-c1ab-43c4-ba73-af5f7614d9de}.xpi [2014-04-19] FF Extension: S7 Airlines - C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\Extensions\{b6abf390-66f1-11e2-bcfd-0800200c9a66}.xpi [2014-09-24] FF Extension: SoundCloud Downloader - Technowise - C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\Extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2013-12-19] FF Extension: Theme Font & Size Changer - C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\Extensions\{f69e22c7-bc50-414a-9269-0f5c344cd94c}.xpi [2014-09-24] FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-10-30] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found] Chrome: ======= CHR Profile: C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (New Tab Page by Speed Dial Team) - C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgeoanibcknhniccgaoaiolihidecjn [2014-09-25] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-09-28] (Advanced Micro Devices, Inc.) [File not signed] R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed] S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2013-03-07] (Creative Labs) [File not signed] S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2013-01-07] (Creative Labs) [File not signed] R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed] R2 HerculesDJControlMP3; C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [50688 2014-03-04] (Hercules®) [File not signed] R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 a4djavs; C:\Windows\System32\Drivers\a4djavs.sys [359784 2012-12-18] (Native Instruments GmbH) R3 a4djusb_svc; C:\Windows\System32\Drivers\a4djusb.sys [99688 2012-12-18] (Native Instruments GmbH) S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin) S3 Bulk; C:\Windows\System32\Drivers\HDJBulk.sys [296240 2014-03-05] (© Guillemot R&D, 2014. All rights reserved.) S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH) S3 HDJMidi; C:\Windows\System32\DRIVERS\HDJMidi.sys [276272 2014-03-05] (© Guillemot R&D, 2014. All rights reserved.) R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-08] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [10368 2004-04-01] (Padus, Inc.) [File not signed] S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed] S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-08 14:49 - 2014-10-08 14:49 - 00002167 _____ () C:\Users\Sky-GmbH\Desktop\JRT.txt 2014-10-08 14:46 - 2014-10-08 14:46 - 00000000 ____D () C:\Windows\ERUNT 2014-10-08 14:46 - 2014-10-08 14:22 - 01705141 _____ (Thisisu) C:\Users\Sky-GmbH\Desktop\JRT.exe 2014-10-08 14:45 - 2014-10-08 14:59 - 00000000 ____D () C:\Users\Sky-GmbH\Desktop\Log Daten 2014-10-08 14:34 - 2014-10-08 14:45 - 00000000 ____D () C:\AdwCleaner 2014-10-08 14:08 - 2014-10-08 14:52 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-10-08 14:08 - 2014-10-08 14:08 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-10-08 14:07 - 2014-10-08 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-10-08 14:07 - 2014-10-08 14:07 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-10-08 14:07 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-10-08 14:07 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-10-08 14:07 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-10-07 20:43 - 2014-10-07 20:43 - 00024100 _____ () C:\ComboFix.txt 2014-10-07 19:16 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-10-07 19:16 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-10-07 19:16 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-10-07 19:16 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-10-07 19:16 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-10-07 19:16 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-10-07 19:16 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-10-07 19:16 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-10-07 19:15 - 2014-10-07 20:43 - 00000000 ____D () C:\Qoobox 2014-10-07 19:15 - 2014-10-07 20:38 - 00000000 ____D () C:\Windows\erdnt 2014-10-07 19:11 - 2014-10-07 19:13 - 05582481 ____R (Swearware) C:\Users\Sky-GmbH\Desktop\ComboFix.exe 2014-10-03 13:33 - 2014-10-08 15:02 - 00000000 ____D () C:\FRST 2014-09-30 20:36 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2014-09-30 20:36 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2014-09-30 20:27 - 2014-09-30 20:27 - 00000000 __SHD () C:\Users\Sky-GmbH\AppData\Local\EmieUserList 2014-09-30 20:27 - 2014-09-30 20:27 - 00000000 __SHD () C:\Users\Sky-GmbH\AppData\Local\EmieSiteList 2014-09-28 23:15 - 2014-09-28 23:48 - 671068532 _____ () C:\Users\Sky-GmbH\Downloads\F.1..F.4.15.P4L.EN.GER.ITA.part07.rar 2014-09-28 23:15 - 2014-09-28 23:38 - 335539096 _____ () C:\Users\Sky-GmbH\Downloads\F.1..F.4.15.P4L.EN.GER.ITA.part1.rev 2014-09-28 23:15 - 2014-09-28 23:37 - 271260732 _____ () C:\Users\Sky-GmbH\Downloads\F.1..F.4.15.P4L.EN.GER.ITA.part08.rar 2014-09-28 23:15 - 2014-09-28 23:37 - 271231080 _____ () C:\Users\Sky-GmbH\Downloads\F.1..F.4.15.P4L.EN.GER.ITA.part05.rar 2014-09-28 23:15 - 2014-09-28 23:31 - 167751092 _____ () C:\Users\Sky-GmbH\Downloads\F.1..F.4.15.P4L.EN.GER.ITA.part03.rar 2014-09-28 23:15 - 2014-09-28 23:30 - 167764824 _____ () C:\Users\Sky-GmbH\Downloads\F.1..F.4.15.P4L.EN.GER.ITA.part09.rar 2014-09-28 23:15 - 2014-09-28 23:25 - 83869976 _____ () C:\Users\Sky-GmbH\Downloads\F.1..F.4.15.P4L.EN.GER.ITA.part04.rar 2014-09-28 23:15 - 2014-09-28 23:24 - 83870496 _____ () C:\Users\Sky-GmbH\Downloads\F.1..F.4.15.P4L.EN.GER.ITA.part06.rar 2014-09-28 23:14 - 2014-09-28 23:29 - 158761724 _____ () C:\Users\Sky-GmbH\Downloads\F.1..F.4.15.P4L.EN.GER.ITA.part02.rar 2014-09-28 23:14 - 2014-09-28 23:24 - 83875624 _____ () C:\Users\Sky-GmbH\Downloads\F.1..F.4.15.P4L.EN.GER.ITA.part01.rar 2014-09-28 23:09 - 2014-10-08 14:51 - 00002408 _____ () C:\Windows\setupact.log 2014-09-28 23:09 - 2014-10-08 14:50 - 00100656 _____ () C:\Windows\PFRO.log 2014-09-28 23:09 - 2014-09-28 23:09 - 00000000 _____ () C:\Windows\setuperr.log 2014-09-28 18:17 - 2014-09-28 18:17 - 00002778 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-09-28 18:17 - 2014-09-28 18:17 - 00000871 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-09-28 18:17 - 2014-09-28 18:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-09-28 18:17 - 2014-09-28 18:17 - 00000000 ____D () C:\Program Files\CCleaner 2014-09-28 18:14 - 2014-09-28 18:16 - 03826912 _____ (Piriform Ltd) C:\Users\Sky-GmbH\Downloads\ccsetup417_slim (1).exe 2014-09-28 18:14 - 2014-09-28 18:15 - 03826912 _____ (Piriform Ltd) C:\Users\Sky-GmbH\Downloads\ccsetup417_slim.exe 2014-09-25 06:12 - 2014-09-25 06:12 - 00002378 _____ () C:\Users\Sky-GmbH\Desktop\Chrome App Launcher.lnk 2014-09-24 21:39 - 2014-09-24 21:28 - 00000664 _____ () C:\Users\Sky-GmbH\Desktop\Authorize.auz.lnk 2014-09-24 21:03 - 2014-09-24 21:28 - 00000000 ____D () C:\Users\Sky-GmbH\AppData\Roaming\Ableton 2014-09-24 16:22 - 2014-09-24 16:22 - 00007597 _____ () C:\Users\Sky-GmbH\AppData\Local\Resmon.ResmonCfg 2014-09-24 15:55 - 2014-09-24 15:55 - 00000000 ____D () C:\Users\Sky-GmbH\AppData\Roaming\Adobe 2014-09-24 15:49 - 2014-09-28 19:18 - 00000000 ____D () C:\Windows\rescache 2014-09-24 15:18 - 2014-09-24 15:18 - 00000000 ____D () C:\Users\Sky-GmbH\AppData\Roaming\ATI 2014-09-24 15:17 - 2014-09-24 15:17 - 00000000 ____D () C:\Users\Sky-GmbH\AppData\Roaming\Apple Computer 2014-09-24 15:11 - 2014-09-24 15:11 - 00003144 _____ () C:\Windows\System32\Tasks\{EFD0C31F-98C8-4B72-8429-BC1F4F038B09} 2014-09-24 14:22 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-09-24 14:22 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-09-15 23:00 - 2014-09-15 23:00 - 00325984 _____ () C:\Users\Sky-GmbH\Desktop\Skyyy.pk 2014-09-15 22:52 - 2014-09-15 22:52 - 31046444 ____T () C:\Users\Sky-GmbH\Desktop\Skyyy.wav 2014-09-15 22:52 - 2014-09-15 22:52 - 00369461 ____T () C:\Users\Sky-GmbH\Desktop\Skyyy.wav.asd 2014-09-15 22:08 - 2014-09-15 22:08 - 00003164 _____ () C:\Windows\System32\Tasks\{D600AA86-D82B-4578-9A49-B8F8E1FCBEF5} 2014-09-15 22:04 - 2014-10-08 14:33 - 00000000 ____D () C:\Program Files\Common Files\PicRec 2014-09-15 22:04 - 2014-09-15 22:12 - 00000000 ____D () C:\http_filter 2014-09-15 22:04 - 2014-08-25 12:15 - 00049880 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\netmon_wfp.sys 2014-09-15 22:03 - 2014-09-15 22:03 - 00718497 _____ () C:\Windows\unins000.exe 2014-09-15 22:03 - 2014-09-15 22:03 - 00236076 _____ () C:\Windows\unins000.dat 2014-09-15 22:03 - 2014-09-15 22:03 - 00000000 ____D () C:\Users\Sky-GmbH\AppData\Local\Maxiget 2014-09-15 22:03 - 2014-09-15 22:03 - 00000000 ____D () C:\Program Files (x86)\Maxiget 2014-09-15 19:09 - 2014-09-15 19:12 - 00000010 _____ () C:\Users\Sky-GmbH\Desktop\Neues Textdokument.txt 2014-09-12 20:32 - 2014-09-01 21:39 - 00000000 ____D () C:\Users\Sky-GmbH\Downloads\Guardians.of.the.Galaxy.2014.German.720p.HDTS.AC3D.x264-Marvel 2014-09-11 23:30 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-09-11 23:30 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-09-11 23:30 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-09-11 23:30 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-09-11 23:30 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-09-11 23:30 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-09-11 23:30 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-09-11 23:30 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-09-11 23:30 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-09-11 23:30 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-09-11 23:30 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-09-11 23:30 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-09-11 23:30 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-09-11 23:30 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-09-11 23:30 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-09-11 23:30 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-09-11 23:30 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-09-11 23:30 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-09-11 23:30 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-09-11 23:30 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-09-11 23:30 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-09-11 23:30 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-09-11 23:30 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-09-11 23:30 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-09-11 23:30 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-09-11 23:30 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-09-11 23:30 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-09-11 23:30 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-09-11 23:30 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-09-11 23:30 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-09-11 23:30 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-09-11 23:30 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-09-11 23:30 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-09-11 23:30 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-09-11 23:30 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-09-11 23:30 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-09-11 23:30 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-09-11 23:30 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-09-11 23:30 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-09-11 23:30 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-09-11 23:30 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-09-11 23:30 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-09-11 23:30 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-09-11 23:30 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-09-11 23:30 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-09-11 23:30 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-09-11 23:30 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-09-11 23:30 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-09-11 23:30 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-09-11 23:30 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-09-11 23:30 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-09-11 23:30 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-09-11 23:30 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-09-11 23:30 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-09-11 23:30 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-09-11 23:30 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-09-11 23:26 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-09-11 23:26 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2014-09-11 22:23 - 2014-09-11 22:24 - 00000000 ____D () C:\Users\Sky-GmbH\Desktop\fdfdzdzt 2014-09-11 22:23 - 2014-09-11 22:23 - 00000000 ____D () C:\Users\Sky-GmbH\Desktop\The.Expendables.3.2014.HDRip.720p.x264.AC3.German.Dubbed-Foto1 2014-09-11 21:13 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2014-09-11 21:13 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2014-09-11 21:01 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-09-11 21:01 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-09-11 21:01 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-09-11 21:01 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-09-11 21:01 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-09-11 21:01 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-09-11 21:01 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-08 14:56 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-10-08 14:56 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-10-08 14:55 - 2013-01-07 07:21 - 01618092 _____ () C:\Windows\WindowsUpdate.log 2014-10-08 14:51 - 2013-09-21 23:16 - 00000000 ___RD () C:\Users\Sky-GmbH\Dropbox 2014-10-08 14:51 - 2013-09-21 23:12 - 00000000 ____D () C:\Users\Sky-GmbH\AppData\Roaming\Dropbox 2014-10-08 14:51 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-10-08 14:48 - 2013-03-31 12:03 - 00001132 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3580576135-3699304626-4257408890-1000UA.job 2014-10-08 14:48 - 2013-03-31 12:03 - 00001080 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3580576135-3699304626-4257408890-1000Core.job 2014-10-08 14:43 - 2013-10-19 18:00 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-10-08 14:36 - 2013-03-31 12:04 - 00000000 ____D () C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-10-08 14:36 - 2013-01-07 07:20 - 00001050 _____ () C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-10-08 14:07 - 2013-12-12 22:42 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-10-08 09:16 - 2013-01-26 10:36 - 00737390 _____ () C:\Windows\system32\perfh00A.dat 2014-10-08 09:16 - 2013-01-26 10:36 - 00158472 _____ () C:\Windows\system32\perfc00A.dat 2014-10-08 09:16 - 2013-01-26 10:15 - 00384278 _____ () C:\Windows\system32\perfh00D.dat 2014-10-08 09:16 - 2013-01-26 10:15 - 00084756 _____ () C:\Windows\system32\perfc00D.dat 2014-10-08 09:16 - 2013-01-26 09:33 - 00731980 _____ () C:\Windows\system32\perfh010.dat 2014-10-08 09:16 - 2013-01-26 09:33 - 00146844 _____ () C:\Windows\system32\perfc010.dat 2014-10-08 09:16 - 2013-01-26 09:14 - 00682558 _____ () C:\Windows\system32\perfh00C.dat 2014-10-08 09:16 - 2013-01-26 09:14 - 00470948 _____ () C:\Windows\system32\perfh001.dat 2014-10-08 09:16 - 2013-01-26 09:14 - 00130230 _____ () C:\Windows\system32\perfc00C.dat 2014-10-08 09:16 - 2013-01-26 09:14 - 00094770 _____ () C:\Windows\system32\perfc001.dat 2014-10-08 09:16 - 2009-07-14 19:58 - 00699432 _____ () C:\Windows\system32\perfh007.dat 2014-10-08 09:16 - 2009-07-14 19:58 - 00149572 _____ () C:\Windows\system32\perfc007.dat 2014-10-08 09:16 - 2009-07-14 07:13 - 05236968 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-10-07 20:39 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2014-10-07 20:38 - 2009-07-14 04:34 - 94601216 _____ () C:\Windows\system32\config\software.bak 2014-10-07 20:38 - 2009-07-14 04:34 - 19922944 _____ () C:\Windows\system32\config\system.bak 2014-10-07 20:38 - 2009-07-14 04:34 - 118751232 _____ () C:\Windows\system32\config\components.bak 2014-10-07 20:38 - 2009-07-14 04:34 - 00294912 _____ () C:\Windows\system32\config\default.bak 2014-10-07 20:38 - 2009-07-14 04:34 - 00032768 _____ () C:\Windows\system32\config\sam.bak 2014-10-07 20:38 - 2009-07-14 04:34 - 00024576 _____ () C:\Windows\system32\config\security.bak 2014-10-07 20:30 - 2014-01-26 12:45 - 00002150 _____ () C:\Windows\epplauncher.mif 2014-10-07 20:20 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default 2014-10-07 19:17 - 2014-09-04 22:44 - 00000000 ____D () C:\Users\TEMP 2014-09-28 18:38 - 2013-01-07 07:22 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-09-28 18:37 - 2009-10-14 08:04 - 00000000 ____D () C:\Windows\Panther 2014-09-25 21:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\uk-UA 2014-09-25 21:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI 2014-09-25 21:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK 2014-09-25 21:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\he-IL 2014-09-25 21:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA 2014-09-25 21:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\uk-UA 2014-09-25 21:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sl-SI 2014-09-25 21:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sk-SK 2014-09-25 21:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\he-IL 2014-09-25 21:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\ar-SA 2014-09-25 14:54 - 2014-06-19 02:53 - 00000000 ____D () C:\Users\Public\Steam 2014-09-25 06:04 - 2014-06-18 22:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-09-25 06:04 - 2013-12-12 23:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-09-24 15:17 - 2013-11-26 01:27 - 00000000 ____D () C:\Program Files (x86)\Sk.Enhancer 2014-09-24 15:14 - 2013-04-26 19:02 - 00000000 ____D () C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ 2014-09-24 15:14 - 2013-04-26 19:02 - 00000000 ____D () C:\Program Files (x86)\VirtualDJ 2014-09-24 15:11 - 2013-11-26 01:28 - 00000000 ____D () C:\Program Files (x86)\SearchNewTab 2014-09-24 15:11 - 2013-11-26 01:26 - 00000000 ____D () C:\ProgramData\904306d03d380de3 2014-09-24 14:44 - 2013-10-19 18:00 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-09-24 14:44 - 2013-10-19 18:00 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-09-24 14:44 - 2013-10-19 18:00 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-09-24 14:33 - 2014-06-18 02:28 - 00001478 _____ () C:\Users\Sky-GmbH\AppData\Local\RecConfig.xml 2014-09-24 14:16 - 2013-09-21 23:13 - 00000000 ____D () C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-09-15 22:52 - 2014-08-21 21:06 - 00000000 ___RD () C:\Users\Sky-GmbH\Desktop\Unbenannt Project 2014-09-15 19:15 - 2014-08-15 23:11 - 00000000 ____D () C:\Users\Sky-GmbH\Desktop\Aero Bilder 1 2014-09-15 19:09 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries 2014-09-15 13:30 - 2014-08-20 20:04 - 00000000 ____D () C:\Users\Sky-GmbH\Documents\Max 2014-09-15 09:06 - 2009-10-14 07:13 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-09-11 23:30 - 2013-01-07 23:14 - 05121062 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-09-11 23:29 - 2013-08-14 19:03 - 00000000 ____D () C:\Windows\system32\MRT 2014-09-11 23:26 - 2009-10-14 07:12 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-09-11 20:38 - 2009-07-14 06:45 - 00270704 _____ () C:\Windows\system32\FNTCACHE.DAT Some content of TEMP: ==================== C:\Users\Sky-GmbH\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpj3dkku.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-07 21:39 ==================== End Of Log ============================ --- --- --- --- --- --- Geändert von Skyler (08.10.2014 um 14:13 Uhr) |
|
08.10.2014, 14:17
| #10 |
| | PC Langsam Hab ich einen Virus ?Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 08.10.2014 Suchlauf-Zeit: 14:08:36 Logdatei: logdatei.txt Administrator: Ja Version: 2.00.2.1012 Malware Datenbank: v2014.10.08.03 Rootkit Datenbank: v2014.09.19.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Self-protection: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Sky-GmbH Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 368985 Verstrichene Zeit: 22 Min, 15 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristics: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 1 PUP.Optional.WindowsProtectManger.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, 1312, , [e063a66c08740531928e734206fbb848] Module: 0 (No malicious items detected) Registrierungsschlüssel: 32 PUP.Optional.WindowsProtectManger.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, , [e063a66c08740531928e734206fbb848], PUP.Optional.Delta.A, HKLM\SOFTWARE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, , [92b114fe83f90f27895f23ada55d619f], PUP.Optional.Delta.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}, , [92b114fe83f90f27895f23ada55d619f], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [6bd8e52da2da4fe709f4b5e6b84a52ae], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}, , [6bd8e52da2da4fe709f4b5e6b84a52ae], PUP.Optional.Snapdo.T, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006ee092-9658-4fd6-bd8e-a21a348e59f5}, , [c380d141f389bb7bdb86449038cae11f], PUP.Optional.Snapdo.T, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{006EE092-9658-4FD6-BD8E-A21A348E59F5}, , [c380d141f389bb7bdb86449038cae11f], PUP.Optional.Babylon.A, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}, , [e0635db5aece072f4a30336403ff1de3], PUP.Optional.DomaIQ.A, HKLM\SOFTWARE\DomaIQ, , [c28162b0adcf6ec8793c03463bc83dc3], PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [ac9738dacfad92a4d1e69acea460c63a], PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\DataMngr, , [ea59739fd6a69b9b3ae52703c73c44bc], PUP.Optional.Iminent.A, HKLM\SOFTWARE\WOW6432NODE\Iminent, , [7ac936dce09c74c206b6dd6af11238c8], PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\istartsurfSoftware, , [9ea5ae6480fcdc5a30abb06849ba5ca4], PUP.Optional.WPM.A, HKLM\SOFTWARE\WOW6432NODE\supWindowsMangerProtect, , [85be13ff2f4d02340023ceaf2dd741bf], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\supWPM, , [ad967a980f6de650f12d22f5ae554db3], PUP.Optional.Wajam.A, HKLM\SOFTWARE\WOW6432NODE\Wajam, , [d76c17fb5c2076c0cdc3562155af1be5], PUP.Optional.QuickStart.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\pelmeidfhdlhlbjimpabfcbnnojbboma, , [79ca749e4339e0568e986dce2ad9d42c], PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [55ee809289f35adcbcfb71f72cd83cc4], PUP.Optional.FastSearchings, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}, , [340f888a4735dd59863497e709fbc33d], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPDP, , [98ab52c0d6a6de58fbefeb2bd52e4db3], PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB, , [6dd6fe145d1f57df9b82cc4bf50e44bc], PUP.Optional.BundleInstaller.A, HKLM\SOFTWARE\WOW6432NODE\VITTALIA\AxtanInstaller, , [b78ca270c5b7e84e401a63e132d1c33d], PUP.Optional.DataMngr.A, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr_Toolbar, , [cc77f022b6c65adc8e6c0458a65ec63a], PUP.Optional.WebSearches.A, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SupHpUISoft, , [6ed5030f2c5037ffb42161b7bf4436ca], PUP.Optional.DVDVideoSoftTB.A, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\nikpibnbobmbdbheedjfogjlikpgpnhp, , [6bd8e2305626c373cfadcc46dd26cd33], PUP.Optional.InstallCore.A, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, , [bc87d63cc3b948ee6764ef577f842fd1], PUP.Optional.InstallCore.A, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, , [68dbf51de795fc3a71adf36af70d8a76], PUP.Optional.SuperFish.A, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\DOMSTORAGE\superfish.com, , [fc472be71567cc6a78cbed364eb56c94], PUP.Optional.Qone8, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33BB0A4E-99AF-4226-BDF6-49120163DE86}, , [281bd53d6e0ede580aac37318d7748b8], PUP.Optional.WebSearchInfo, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}, , [c57e46ccfb8151e5a49f05664bb9659b], PUP.Optional.FastStart.A, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS, , [76cd0a08c2bab77f0f16e92b1fe41fe1], PUP.Optional.Wajam.A, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WAJAM, , [2a19c2507309cf67dd8ee47cfe069070], Registrierungswerte: 8 PUP.Optional.SmartBar, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, , [76cdd73bc6b6db5bab1247ce27dcfd03] PUP.Optional.SmartBar, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{ae07101b-46d4-4a98-af68-0333ea26e113}, Smartbar, , [e55eb9599ddfad89437a21f4e71c936d] PUP.Optional.FastStart.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|faststartff@gmail.com, C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\extensions\faststartff@gmail.com, , [f1520a082458dc5ac5767804ba4a4db3] PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPDP|dir, C:\Program Files (x86)\SupTab, , [98ab52c0d6a6de58fbefeb2bd52e4db3] PUP.Optional.SupTab.A, HKLM\SOFTWARE\WOW6432NODE\SUPTAB|ptid, smt, , [6dd6fe145d1f57df9b82cc4bf50e44bc] PUP.Optional.InstallCore.A, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 1V2X1Q1R1M1F, , [68dbf51de795fc3a71adf36af70d8a76] PUP.Optional.FastStart.A, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, , [76cd0a08c2bab77f0f16e92b1fe41fe1] PUP.Optional.Wajam.A, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\WAJAM|affiliate_id, 8755, , [2a19c2507309cf67dd8ee47cfe069070] Registrierungsdaten: 10 PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.istartsurf.com/?type=hp&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/?type=hp&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584),,[49fab35fe79559dd15b1ff0c31d4fe02] PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[2f14d43ef6861e184e8da472ab5a22de] PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Search_URL, hxxp://www.istartsurf.com/web/?type=ds&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584&q={searchTerms}, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/web/?type=ds&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584&q={searchTerms}),,[dc671101f78584b216aeba51a560ab55] PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Default_Page_URL, hxxp://www.istartsurf.com/?type=hp&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/?type=hp&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584),,[0c37e929c9b372c47d45c5467293be42] PUP.Optional.IStartSurf.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://www.istartsurf.com/?type=hp&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584, Gut: (www.google.com), Schlecht: (hxxp://www.istartsurf.com/?type=hp&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584),,[7dc6a66c4339db5baf17e8231fe6c739] PUP.Optional.Qone8, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Gut: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Schlecht: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),,[71d260b2215b68ce1fbc53c3c5409b65] PUP.Optional.SnapDo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f28fb807-b9fd-409c-a311-c66ea75b232a&searchtype=ds&q={searchTerms}&installDate=01/01/1970, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f28fb807-b9fd-409c-a311-c66ea75b232a&searchtype=ds&q={searchTerms}&installDate=01/01/1970),,[84bffb17de9e33036487868664a15ba5] PUP.Optional.Snapdo, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f28fb807-b9fd-409c-a311-c66ea75b232a&searchtype=ds&q={searchTerms}&installDate=01/01/1970, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f28fb807-b9fd-409c-a311-c66ea75b232a&searchtype=ds&q={searchTerms}&installDate=01/01/1970),,[64dfb85aabd115213a1520f606ff4db3] PUP.Optional.Snapdo, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SearchAssistant, hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f28fb807-b9fd-409c-a311-c66ea75b232a&searchtype=ds&q={searchTerms}&installDate=01/01/1970, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f28fb807-b9fd-409c-a311-c66ea75b232a&searchtype=ds&q={searchTerms}&installDate=01/01/1970),,[241f5eb47a022d0927292aeced1804fc] PUP.Optional.SnapDo.A, HKU\S-1-5-21-3580576135-3699304626-4257408890-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f28fb807-b9fd-409c-a311-c66ea75b232a&searchtype=ds&q={searchTerms}&installDate=01/01/1970, Gut: (www.google.com), Schlecht: (hxxp://feed.snapdo.com/?publisher=SnapdoOCYB&dpid=SnapdoOCYB&co=DE&userid=f28fb807-b9fd-409c-a311-c66ea75b232a&searchtype=ds&q={searchTerms}&installDate=01/01/1970),,[96ad3dd5720aec4aad3f6e9ee71e2fd1] Ordner: 74 Adware.PicRec, C:\Users\Sky-GmbH\AppData\Local\PicRec, , [83c057bbd6a6c76ff894110118eb58a8], PUP.Optional.eSafe.A, C:\ProgramData\eSafe\log, , [1f242ce61864e155100a2c17b152a65a], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\1, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\3, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\35, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\36, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\39, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\4, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\41, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\42, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\components, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\desk_bkg, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\sysicons, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\wp, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Program Files (x86)\Desk 365, , [a1a2e032225ab680678ca3b7e3210bf5], PUP.Optional.DealPly.A, C:\Users\Sky-GmbH\AppData\Roaming\DealPly, , [0c372be795e7a59160c1b43011f19e62], PUP.Optional.DealPly.A, C:\Users\Sky-GmbH\AppData\Roaming\DealPly\UpdateProc, , [0c372be795e7a59160c1b43011f19e62], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\04EF6AFC4BAE4F5CBF52E05FA59AD774, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\394692FCCF1B4C5F84DE8C77F82767E1, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\7CE63C9703E94FB8ADFD8E43D1AF0EEA, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\A9AD9E2716F4432A98EE8A7E7E89541E, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\D0094371F3F849D9B294DAA11F1740EA, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\D0677A1A5D74454297C54CBDF9BBC65B, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\DCC14DE66C2441D4A647ADCEF4ED8E48, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\OpenCandy_A9AD9E2716F4432A98EE8A7E7E89541E, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.337Technologies.A, C:\Program Files (x86)\Common Files\337\libcef, , [40036aa8d0ac1e1888f96480fb0746ba], PUP.Optional.337Technologies.A, C:\Program Files (x86)\Common Files\337\libcef\1.1364.1123, , [40036aa8d0ac1e1888f96480fb0746ba], PUP.Optional.337Technologies.A, C:\Program Files (x86)\Common Files\337\libcef\1.1364.1123\locales, , [40036aa8d0ac1e1888f96480fb0746ba], PUP.Optional.FreeGames.A, C:\Users\Sky-GmbH\AppData\Roaming\freegames4357, , [61e27d95bac2a096ce4f8264d32f5ca4], PUP.Optional.SpeedTest.A, C:\Users\Sky-GmbH\AppData\Roaming\speedtest4354, , [84bfc54d4e2e8fa7bb659056669cbc44], PUP.Optional.YoutubeAdblocker.A, C:\ProgramData\YoutubeAdblocker, , [ea599a78dd9f01356ef5d711847ec838], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\baodmgdpdoelldjmkhknbolcldnfjegg, , [b390f61c196376c063a136c19e6439c7], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cokhadepfhgbjhnngnmkkbcclhgjelkn, , [004335dd5923e94de6378773a26049b7], PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, , [0d361101d4a83204332fe21ac939bc44], PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log, , [0d361101d4a83204332fe21ac939bc44], PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, , [0d361101d4a83204332fe21ac939bc44], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\code, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\log, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.DSearchLink.A, C:\ProgramData\DSearchLink, , [b192fe1488f486b0685f2adf0cf7b24e], Adware.PicRec, C:\Program Files\Common Files\PicRec\PicRecHelper, , [3310050dc1bbf6408f60cf3cfa0938c8], Dateien: 259 PUP.Optional.WindowsProtectManger.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, , [e063a66c08740531928e734206fbb848], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\SupTab.dll, , [6bd8e52da2da4fe709f4b5e6b84a52ae], PUP.Optional.Delta.A, C:\ProgramData\DSearchLink\DSearchLink.exe, , [b39064aee597ab8be1fb7751fb099b65], PUP.Optional.MultiPlug.A, C:\ProgramData\YoutubeAdblocker\bAG.exe, , [b3902fe33b4192a41f2c0e4f56ab857b], PUP.Optional.MultiPlug.A, C:\ProgramData\YoutubeBookmark\yVuNUFv.exe, , [5ee5b1611c60c571f358b0adcd3411ef], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\components\component_libcef_1.1364.1123.exe, , [ff4472a096e6c86e5bb590adf90cb44c], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Omiga Plus\wallpaper_components.exe, , [99aade34bfbd6ec88d83132a2ed7ec14], PUP.Optional.Conduit.A, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\04EF6AFC4BAE4F5CBF52E05FA59AD774\mconduitinstaller.exe, , [96ad62b09ddfe84e439859c50af6c13f], PUP.Optional.Delta.A, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\D0094371F3F849D9B294DAA11F1740EA\DeltaTB.exe, , [4ff40012f4882a0cda9ea674dd241ce4], PUP.Optional.OpenCandy.A, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\DCC14DE66C2441D4A647ADCEF4ED8E48\Setupsft_chr_p1v7.exe, , [350e5ab880fc1125cbe5fcee29dba65a], PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\DpInterface32.dll, , [350eb55dd3a993a3c5198b0dc43dd52b], PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\DpInterface64.dll, , [fa490e04d6a670c6548a841459a89c64], PUP.Optional.IEPluginService.A, C:\Program Files (x86)\SupTab\RSHP.exe, , [d17238da8bf1e74ff710f983cf32b64a], PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\SearchProtect32.dll, , [f74c0d05c5b73501a638b6e259a81ae6], PUP.Optional.Skytech.A, C:\Program Files (x86)\SupTab\SearchProtect64.dll, , [65de36dc2a52c76f23bbc2d614edb947], PUP.Optional.IePluginService.A, C:\Program Files (x86)\SupTab\SupIePluginServiceUpdate.exe, , [94afcc46f5871026b4a8db8e09f8df21], PUP.Optional.Bandoo, C:\Users\Sky-GmbH\Downloads\jZipSetup-r230-n-bc.exe, , [92b1fd15fe7e49ed5a73c00ae021916f], PUP.Optional.SmartBar, C:\Windows\Installer\MSI5409.tmp-\Smartbar.Installer.CustomActions.dll, , [0f346da586f6d165bf921d1103fdd42c], Adware.PicRec, C:\Users\Sky-GmbH\AppData\Local\PicRec\BaseLibrary.dll, , [83c057bbd6a6c76ff894110118eb58a8], Adware.PicRec, C:\Users\Sky-GmbH\AppData\Local\PicRec\ConfigurationData.dll, , [83c057bbd6a6c76ff894110118eb58a8], Adware.PicRec, C:\Users\Sky-GmbH\AppData\Local\PicRec\InstallerLibrary.dll, , [83c057bbd6a6c76ff894110118eb58a8], Adware.PicRec, C:\Users\Sky-GmbH\AppData\Local\PicRec\Interop.SHDocVw.dll, , [83c057bbd6a6c76ff894110118eb58a8], Adware.PicRec, C:\Users\Sky-GmbH\AppData\Local\PicRec\LinqBridge.dll, , [83c057bbd6a6c76ff894110118eb58a8], Adware.PicRec, C:\Users\Sky-GmbH\AppData\Local\PicRec\NDde.DLL, , [83c057bbd6a6c76ff894110118eb58a8], Adware.PicRec, C:\Users\Sky-GmbH\AppData\Local\PicRec\SQLite.Interop.dll, , [83c057bbd6a6c76ff894110118eb58a8], Adware.PicRec, C:\Users\Sky-GmbH\AppData\Local\PicRec\System.Data.SQLite.dll, , [83c057bbd6a6c76ff894110118eb58a8], Adware.PicRec, C:\Users\Sky-GmbH\AppData\Local\PicRec\wsystem.exe, , [83c057bbd6a6c76ff894110118eb58a8], PUP.Optional.IStartSurf.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\istartsurf.xml, , [172c50c28af2a195d03fae6cb053b050], PUP.Optional.DealPly.A, C:\Windows\System32\Tasks\DealPly, , [68dbe230b4c88da98b9c4adaab58e11f], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cokhadepfhgbjhnngnmkkbcclhgjelkn_0.localstorage, , [80c309098fed4ee83d56b670bd469b65], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_baodmgdpdoelldjmkhknbolcldnfjegg_0.localstorage, , [c47ff41eceae88ae3d4465c53cc79d63], PUP.Optional.Speedial.A, C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\searchplugins\Speedial.xml, , [51f2ac66ceaef442beadc56bc34049b7], PUP.Optional.eSafe.A, C:\ProgramData\eSafe\log\eGdpSvc.LOG, , [1f242ce61864e155100a2c17b152a65a], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote.xml, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\accelerate, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\desk_bkg_list.xml, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\desk_list.xml, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\desk_settings.ini, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\process_mgr.xml, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\1\angrybirds.db, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\1\angrybirds.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\3\BigFarm.db, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\3\BigFarm.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\35\Gmail.db, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\35\Gmail.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\36\Outlook.db, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\36\Outlook.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\39\ESPN.db, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\39\ESPN.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\4\Empire.db, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\4\Empire.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\41\gcalendar.db, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\41\gcalendar.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\42\pulse.db, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\app\config\42\pulse.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_1.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_2.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_3.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_4.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_5.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\desk_bkg\desk_bkg_default.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\337_7c9140b13c049fd26989f7fa25b77cb1_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\angrybirds_00ff92c12703baaf0130d6aec427d047_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\Barbie_00a67ff4ef657679a6c88553135d62ad_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\BigFarm_de933b0e5218a4db24bebe3d55ed3558_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\chrome_483ac4d2c86667bf6a11770a58608c76.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\chrome_483ac4d2c86667bf6a11770a58608c76_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\Empire_22b42f57d1c467841280810e218d5510_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\ESPN_a7b078f5f5f5b87efcef66ab5783cf9d_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\Facebook_aab07bc79cf599b25c0110f32d46a3ef_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\gcalendar_50b3e3c5fc202f0cfcae8032b2465c1b_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\Gmail_731b6d011bd9f67463a916a496775935_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\Google_60d75cb277f0c452fa60dba8350caf65_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\iexplore_7306874f6ecd2bc134bbab44894967ce.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\iexplore_7306874f6ecd2bc134bbab44894967ce_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\Mario_52934d81761dc31187a93a3a0be7fecc_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\Outlook_6f817b67fa6af1a9c8abfa3813a8595c_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\pulse_b5a242da04cc06eacd02b1ca41e3583c_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\sys_computer_20_20.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\sys_computer_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\sys_control_panel_20_20.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\sys_control_panel_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\sys_downloads_20_20.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\sys_my_documents_20_20.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\sys_my_documents_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\Twitter_ebddd85ec04b7b94a2b2e97b73a90a4a_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\icons\Youtube_bf18fdfc4aefd6417a8bacae4be5b415_48_48.png, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\337.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\337_7c9140b13c049fd26989f7fa25b77cb1.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\barbie.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\Barbie_00a67ff4ef657679a6c88553135d62ad.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\facebook.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\Facebook_aab07bc79cf599b25c0110f32d46a3ef.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\GameCenter.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\google.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\Google_60d75cb277f0c452fa60dba8350caf65.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\mario.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\Mario_52934d81761dc31187a93a3a0be7fecc.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\twitter.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\Twitter_ebddd85ec04b7b94a2b2e97b73a90a4a.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\v9.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\youtube.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\promote\Youtube_bf18fdfc4aefd6417a8bacae4be5b415.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\sysicons\07584c03a5dd11a6104e45e8ad03b3fe_104.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\sysicons\07584c03a5dd11a6104e45e8ad03b3fe_107.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\sysicons\07584c03a5dd11a6104e45e8ad03b3fe_175.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\sysicons\83f241e79de36dffdfbd037cd1780688_21.ico, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\wp\r0.jpg, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\wp\r1.jpg, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\wp\r2.jpg, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\wp\r3.jpg, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\wp\r4.jpg, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\wp\r5.jpg, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\wp\r6.jpg, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\wp\r7.jpg, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\wp\r8.jpg, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Users\Sky-GmbH\AppData\Roaming\Desk 365\wp\r9.jpg, , [c083f2201c60a78f1fd395c5c044718f], PUP.Optional.Desk365.A, C:\Program Files (x86)\Desk 365\promote.xml, , [a1a2e032225ab680678ca3b7e3210bf5], PUP.Optional.Desk365.A, C:\Program Files (x86)\Desk 365\desk_bkg_list.xml, , [a1a2e032225ab680678ca3b7e3210bf5], PUP.Optional.Desk365.A, C:\Program Files (x86)\Desk 365\desk_list.xml, , [a1a2e032225ab680678ca3b7e3210bf5], PUP.Optional.Desk365.A, C:\Program Files (x86)\Desk 365\desk_settings.ini, , [a1a2e032225ab680678ca3b7e3210bf5], PUP.Optional.Desk365.A, C:\Program Files (x86)\Desk 365\process_mgr.xml, , [a1a2e032225ab680678ca3b7e3210bf5], PUP.Optional.Desk365.A, C:\Program Files (x86)\Desk 365\recent.xml, , [a1a2e032225ab680678ca3b7e3210bf5], PUP.Optional.DealPly.A, C:\Users\Sky-GmbH\AppData\Roaming\DealPly\UpdateProc\config.dat, , [0c372be795e7a59160c1b43011f19e62], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\394692FCCF1B4C5F84DE8C77F82767E1\TuneUpUtilities2013-2200217_de-DE.exe, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\7CE63C9703E94FB8ADFD8E43D1AF0EEA\TuneUpUtilities2013-2200218_de-DE.exe, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\A9AD9E2716F4432A98EE8A7E7E89541E\3708.ico, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\A9AD9E2716F4432A98EE8A7E7E89541E\EBB77268-338F-4C6A-8590-AD88FED26F4A, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\A9AD9E2716F4432A98EE8A7E7E89541E\Installer.exe, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\A9AD9E2716F4432A98EE8A7E7E89541E\OCBrowserHelper_1.0.5.112.dll, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\D0094371F3F849D9B294DAA11F1740EA\5471.ico, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\D0094371F3F849D9B294DAA11F1740EA\EBB77268-338F-4C6A-8590-AD88FED26F4A, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\D0094371F3F849D9B294DAA11F1740EA\OCBrowserHelper_1.0.6.125.exe, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\D0677A1A5D74454297C54CBDF9BBC65B\3708.ico, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\D0677A1A5D74454297C54CBDF9BBC65B\EBB77268-338F-4C6A-8590-AD88FED26F4A, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\D0677A1A5D74454297C54CBDF9BBC65B\Installer.exe, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.OpenCandy, C:\Users\Sky-GmbH\AppData\Roaming\OpenCandy\D0677A1A5D74454297C54CBDF9BBC65B\OCBrowserHelper_1.0.6.128.exe, , [261d52c06f0d44f2e275d70d5ea4d927], PUP.Optional.337Technologies.A, C:\Program Files (x86)\Common Files\337\libcef\1.1364.1123\icudt.dll, , [40036aa8d0ac1e1888f96480fb0746ba], PUP.Optional.337Technologies.A, C:\Program Files (x86)\Common Files\337\libcef\1.1364.1123\libcef.dll, , [40036aa8d0ac1e1888f96480fb0746ba], PUP.Optional.337Technologies.A, C:\Program Files (x86)\Common Files\337\libcef\1.1364.1123\locales\en-US.pak, , [40036aa8d0ac1e1888f96480fb0746ba], PUP.Optional.FreeGames.A, C:\Users\Sky-GmbH\AppData\Roaming\freegames4357\freegames4357.crx, , [61e27d95bac2a096ce4f8264d32f5ca4], PUP.Optional.FreeGames.A, C:\Users\Sky-GmbH\AppData\Roaming\freegames4357\freegames4357DeskTopIcon.ico, , [61e27d95bac2a096ce4f8264d32f5ca4], PUP.Optional.FreeGames.A, C:\Users\Sky-GmbH\AppData\Roaming\freegames4357\install_helper.exe, , [61e27d95bac2a096ce4f8264d32f5ca4], PUP.Optional.SpeedTest.A, C:\Users\Sky-GmbH\AppData\Roaming\speedtest4354\install_helper.exe, , [84bfc54d4e2e8fa7bb659056669cbc44], PUP.Optional.SpeedTest.A, C:\Users\Sky-GmbH\AppData\Roaming\speedtest4354\speedtest4354.crx, , [84bfc54d4e2e8fa7bb659056669cbc44], PUP.Optional.SpeedTest.A, C:\Users\Sky-GmbH\AppData\Roaming\speedtest4354\speedtest4354DeskTopIcon.ico, , [84bfc54d4e2e8fa7bb659056669cbc44], PUP.Optional.YoutubeAdblocker.A, C:\ProgramData\YoutubeAdblocker\bAG.dat, , [ea599a78dd9f01356ef5d711847ec838], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\baodmgdpdoelldjmkhknbolcldnfjegg\000005.sst, , [b390f61c196376c063a136c19e6439c7], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\baodmgdpdoelldjmkhknbolcldnfjegg\000012.log, , [b390f61c196376c063a136c19e6439c7], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\baodmgdpdoelldjmkhknbolcldnfjegg\CURRENT, , [b390f61c196376c063a136c19e6439c7], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\baodmgdpdoelldjmkhknbolcldnfjegg\LOCK, , [b390f61c196376c063a136c19e6439c7], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\baodmgdpdoelldjmkhknbolcldnfjegg\LOG, , [b390f61c196376c063a136c19e6439c7], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\baodmgdpdoelldjmkhknbolcldnfjegg\LOG.old, , [b390f61c196376c063a136c19e6439c7], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\baodmgdpdoelldjmkhknbolcldnfjegg\MANIFEST-000010, , [b390f61c196376c063a136c19e6439c7], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cokhadepfhgbjhnngnmkkbcclhgjelkn\000005.sst, , [004335dd5923e94de6378773a26049b7], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cokhadepfhgbjhnngnmkkbcclhgjelkn\000015.log, , [004335dd5923e94de6378773a26049b7], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cokhadepfhgbjhnngnmkkbcclhgjelkn\CURRENT, , [004335dd5923e94de6378773a26049b7], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cokhadepfhgbjhnngnmkkbcclhgjelkn\LOCK, , [004335dd5923e94de6378773a26049b7], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cokhadepfhgbjhnngnmkkbcclhgjelkn\LOG, , [004335dd5923e94de6378773a26049b7], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cokhadepfhgbjhnngnmkkbcclhgjelkn\LOG.old, , [004335dd5923e94de6378773a26049b7], PUP.Optional.CrossRider.A, C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\cokhadepfhgbjhnngnmkkbcclhgjelkn\MANIFEST-000013, , [004335dd5923e94de6378773a26049b7], PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\log\ProtectWindowsManager_2014-09-15[22-04-59-478].log, , [0d361101d4a83204332fe21ac939bc44], PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, , [0d361101d4a83204332fe21ac939bc44], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\HpUI.exe, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\ient.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\install.data, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\Loader32.exe, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\Loader64.exe, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcp110.dll, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\msvcr110.dll, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\uninstall.exe, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\bk_shadow.png, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\btn.png, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\close.png, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\main.xml, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\main.xml.bak, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\ck_box.png, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\ck_check.png, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\radio_bk.png, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\skin\image\radio_check.png, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\data.html, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE.html, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\indexIE8.html, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\main.css, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\ver.txt, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\google_trends.png, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon128.png, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon16.png, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\icon48.png, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\loading.gif, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\img\logo32.ico, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\common.js, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\ga.js, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery-1.11.0.min.js, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\jquery.autocomplete.js, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\js.js, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\library.js, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\xagainit-ie8.js, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\js\xagainit2.0.js, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\en-US\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-419\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\es-ES\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-BE\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CA\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-CH\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-FR\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\fr-LU\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-CH\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\it-IT\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pl\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\pt-BR\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\ru-MO\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\tr-TR\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\vi-VI\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-CN\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.SupTab.A, C:\Program Files (x86)\SupTab\web\_locales\zh-TW\messages.json, , [6ad981913a42c86e1d57ac5631d245bb], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\278.json, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\MessageBox.xml, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\uninstallDlg2.xml, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\uninstalled2.ini, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\UninstallManager.exe, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\bg.png, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\bg1.png, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\bk_shadow.png, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\button.png, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\button1.png, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\checkbox.png, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\checkbox_select.png, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\checked.png, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\close.png, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\loading_bg.png, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\loading_light.png, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\min.png, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\scrollbar.bmp, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\Thumbs.db, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\unchecked.png, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\code\code1.jpg, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\code\code2.jpg, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\code\code3.jpg, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\code\code4.jpg, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\code\code5.jpg, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\code\code6.jpg, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\images\code\Thumbs.db, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\log\UninstallManager_2014-09-15[22-08-28-536].log, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\log\UninstallManager_2014-09-15[22-08-49-040].log, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\log\UninstallManager_2014-09-15[22-08-57-688].log, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\log\UninstallManager_2014-09-15[22-09-15-533].log, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\log\UninstallManager_2014-09-15[22-09-21-924].log, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\log\UninstallManager_2014-09-15[22-10-45-138].log, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\log\UninstallManager_2014-09-15[22-10-55-245].log, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\log\UninstallManager_2014-09-24[15-04-47-716].log, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.IStartSurf.A, C:\Users\Sky-GmbH\AppData\Roaming\istartsurf\log\UninstallManager_2014-09-24[15-06-50-122].log, , [af9453bfe29a7cba8b18aa5a60a3c23e], PUP.Optional.QuickStart.A, C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");), ,[8eb5a66c423aa98d58494801b84d8080] PUP.Optional.Babylon.A, C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.prtkDS", 0);), ,[f0537d95205c1f17dc1734168e778a76] PUP.Optional.Babylon.A, C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\prefs.js, Gut: (), Schlecht: (user_pref("extensions.BabylonToolbar.prtkHmpg", 0);), ,[c380d63cd2aaac8adc1739119372cf31] Physische Sektoren: 0 (No malicious items detected) (end) Code:
ATTFilter # AdwCleaner v3.311 - Bericht erstellt am 08/10/2014 um 14:34:06
# Aktualisiert 30/09/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : Sky-GmbH - SKY-GMBH-PC
# Gestartet von : G:\Downloads\AdwCleaner_3.311.exe
# Option : Suchen
***** [ Dienste ] *****
Dienst Gefunden : WindowsMangerProtect
Dienst Gefunden : winzipersvc
***** [ Dateien / Ordner ] *****
Ordner Gefunden : C:\Program Files (x86)\Common Files\337
Ordner Gefunden : C:\Program Files (x86)\MyPC Backup
Ordner Gefunden : C:\Program Files (x86)\PicRec (x86)
Ordner Gefunden : C:\Program Files (x86)\suurF And keeep
Ordner Gefunden : C:\Program Files (x86)\WinZipper
Ordner Gefunden : C:\ProgramData\~0
Ordner Gefunden : C:\ProgramData\Babylon
Ordner Gefunden : C:\ProgramData\eSafe
Ordner Gefunden : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Ordner Gefunden : C:\ProgramData\PicRec
Ordner Gefunden : C:\ProgramData\QuickSet
Ordner Gefunden : C:\ProgramData\simplitec
Ordner Gefunden : C:\ProgramData\suurF And keeep
Ordner Gefunden : C:\ProgramData\WindowsMangerProtect
Ordner Gefunden : C:\ProgramData\YoutubeBookmark
Ordner Gefunden : C:\Users\Sky-GmbH\AppData\Local\jZip
Ordner Gefunden : C:\Users\Sky-GmbH\AppData\Local\webplayer
Ordner Gefunden : C:\Users\Sky-GmbH\AppData\LocalLow\Conduit
Ordner Gefunden : C:\Users\Sky-GmbH\AppData\LocalLow\Delta
Ordner Gefunden : C:\Users\Sky-GmbH\AppData\LocalLow\Opti Toolbar
Ordner Gefunden : C:\Users\Sky-GmbH\AppData\LocalLow\Softonic
Ordner Gefunden : C:\Users\Sky-GmbH\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gefunden : C:\Users\Sky-GmbH\AppData\Roaming\Omiga Plus
Ordner Gefunden : C:\Users\Sky-GmbH\AppData\Roaming\Security System 2
Ordner Gefunden : C:\Users\Sky-GmbH\AppData\Roaming\SendSpace
Ordner Gefunden : C:\Users\Sky-GmbH\AppData\Roaming\simplitec
Ordner Gefunden : C:\Users\Sky-GmbH\AppData\Roaming\WinZipper
Ordner Gefunden : C:\Users\Sky-GmbH\Documents\Optimizer Pro
***** [ Tasks ] *****
Task Gefunden : Dealply
Task Gefunden : Desk 365 RunAsStdUser
Task Gefunden : LaunchApp
Task Gefunden : Omiga Plus RunAsStdUser
***** [ Verknüpfungen ] *****
Verknüpfung Gefunden : C:\Users\Sky-GmbH\Desktop\Musik\alles\Search.lnk ( -url hxxp://www2.delta-search.com/?babsrc=DT_ss&mntrId=C2308C89A532303F&affID=119887&tl=162546700&tt=160913_m1&tsp=5011 -wbr 4 )
Verknüpfung Gefunden : C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584 )
Verknüpfung Gefunden : C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584 )
Verknüpfung Gefunden : C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://www.istartsurf.com/?type=sc&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584 )
Verknüpfung Gefunden : C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584 )
Verknüpfung Gefunden : C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584 )
Verknüpfung Gefunden : C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584 )
Verknüpfung Gefunden : C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584 )
***** [ Registrierungsdatenbank ] *****
Schlüssel Gefunden : HKCU\Software\84ddd9b26dee12
Schlüssel Gefunden : HKCU\Software\APN PIP
Schlüssel Gefunden : HKCU\Software\AppDataLow\Software\lyricsmonkey
Schlüssel Gefunden : HKCU\Software\BI
Schlüssel Gefunden : HKCU\Software\Classes\pokki
Schlüssel Gefunden : HKCU\Software\Delta
Schlüssel Gefunden : HKCU\Software\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
Schlüssel Gefunden : HKCU\Software\jZip
Schlüssel Gefunden : HKCU\Software\lollipop
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}
Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKCU\Software\Opti Toolbar
Schlüssel Gefunden : HKCU\Software\RegisteredApplicationsEx
Schlüssel Gefunden : [x64] HKCU\Software\APN PIP
Schlüssel Gefunden : [x64] HKCU\Software\BI
Schlüssel Gefunden : [x64] HKCU\Software\Delta
Schlüssel Gefunden : [x64] HKCU\Software\jZip
Schlüssel Gefunden : [x64] HKCU\Software\lollipop
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}
Schlüssel Gefunden : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Schlüssel Gefunden : [x64] HKCU\Software\Opti Toolbar
Schlüssel Gefunden : [x64] HKCU\Software\RegisteredApplicationsEx
Schlüssel Gefunden : HKLM\SOFTWARE\84ddd9b26dee12
Schlüssel Gefunden : HKLM\SOFTWARE\Babylon
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{CA1FF14A-9541-4610-7A9E-8CA87A2F4235}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gefunden : HKLM\SOFTWARE\Delta
Schlüssel Gefunden : HKLM\SOFTWARE\Desksvc
Schlüssel Gefunden : HKLM\SOFTWARE\eSafeSecControl
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
Schlüssel Gefunden : HKLM\SOFTWARE\Google\Chrome\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg
Schlüssel Gefunden : HKLM\SOFTWARE\hdcode
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA1FF14A-9541-4610-7A9E-8CA87A2F4235}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CA1FF14A-9541-4610-7A9E-8CA87A2F4235}
Schlüssel Gefunden : HKLM\SOFTWARE\omigaplusSvc
Schlüssel Gefunden : HKLM\SOFTWARE\Opti Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\PIP
Schlüssel Gefunden : HKLM\SOFTWARE\SoftwareUpdater
Schlüssel Gefunden : HKLM\SOFTWARE\SP Global
Schlüssel Gefunden : HKLM\SOFTWARE\SProtector
Schlüssel Gefunden : HKLM\SOFTWARE\Uniblue
Schlüssel Gefunden : HKLM\SOFTWARE\V9
Schlüssel Gefunden : HKLM\SOFTWARE\Vittalia
Schlüssel Gefunden : HKLM\SOFTWARE\winzipersvc
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\omigaplussvc
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gefunden : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Schlüssel Gefunden : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48e4-AD47-84E31C44796C}]
Wert Gefunden : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17280
Einstellung Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page] - hxxp://www.istartsurf.com/web/?type=ds&ts=1410811444&from=smt&uid=WDCXWD10EZEX-00RKKA0_WD-WMC1S093158431584&q={searchTerms}
-\\ Mozilla Firefox v
[ Datei : C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\prefs.js ]
Zeile gefunden : user_pref("aol_toolbar.default.homepage.check", false);
Zeile gefunden : user_pref("aol_toolbar.default.search.check", false);
Zeile gefunden : user_pref("browser.search.defaultenginename", "istartsurf");
Zeile gefunden : user_pref("browser.search.selectedEngine", "istartsurf");
Zeile gefunden : user_pref("extensions.quick_start.enable_search1", false);
Zeile gefunden : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
Zeile gefunden : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Zeile gefunden : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Zeile gefunden : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Zeile gefunden : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Zeile gefunden : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Zeile gefunden : user_pref("sweetim.toolbar.searchguard.enable", "");
-\\ Google Chrome v
[ Datei : C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [12295 octets] - [08/10/2014 14:34:06]
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [12356 octets] ##########
Code:
ATTFilter # AdwCleaner v3.311 - Bericht erstellt am 08/10/2014 um 14:36:14
# Aktualisiert 30/09/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : Sky-GmbH - SKY-GMBH-PC
# Gestartet von : G:\Downloads\AdwCleaner_3.311.exe
# Option : Löschen
***** [ Dienste ] *****
Dienst Gelöscht : WindowsMangerProtect
Dienst Gelöscht : winzipersvc
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\~0
Ordner Gelöscht : C:\ProgramData\Babylon
Ordner Gelöscht : C:\ProgramData\eSafe
Ordner Gelöscht : C:\ProgramData\PicRec
Ordner Gelöscht : C:\ProgramData\QuickSet
Ordner Gelöscht : C:\ProgramData\simplitec
Ordner Gelöscht : C:\ProgramData\WindowsMangerProtect
Ordner Gelöscht : C:\ProgramData\suurF And keeep
Ordner Gelöscht : C:\ProgramData\YoutubeBookmark
Ordner Gelöscht : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup
Ordner Gelöscht : C:\Program Files (x86)\PicRec (x86)
Ordner Gelöscht : C:\Program Files (x86)\WinZipper
Ordner Gelöscht : C:\Program Files (x86)\suurF And keeep
Ordner Gelöscht : C:\Program Files (x86)\Common Files\337
Ordner Gelöscht : C:\Users\Sky-GmbH\AppData\Local\jZip
Ordner Gelöscht : C:\Users\Sky-GmbH\AppData\Local\webplayer
Ordner Gelöscht : C:\Users\Sky-GmbH\AppData\LocalLow\Conduit
Ordner Gelöscht : C:\Users\Sky-GmbH\AppData\LocalLow\Delta
Ordner Gelöscht : C:\Users\Sky-GmbH\AppData\LocalLow\Opti Toolbar
Ordner Gelöscht : C:\Users\Sky-GmbH\AppData\LocalLow\Softonic
Ordner Gelöscht : C:\Users\Sky-GmbH\AppData\Roaming\dvdvideosoftiehelpers
Ordner Gelöscht : C:\Users\Sky-GmbH\AppData\Roaming\Omiga Plus
Ordner Gelöscht : C:\Users\Sky-GmbH\AppData\Roaming\Security System 2
Ordner Gelöscht : C:\Users\Sky-GmbH\AppData\Roaming\SendSpace
Ordner Gelöscht : C:\Users\Sky-GmbH\AppData\Roaming\simplitec
Ordner Gelöscht : C:\Users\Sky-GmbH\AppData\Roaming\WinZipper
Ordner Gelöscht : C:\Users\Sky-GmbH\Documents\Optimizer Pro
***** [ Tasks ] *****
Task Gelöscht : Dealply
Task Gelöscht : Desk 365 RunAsStdUser
Task Gelöscht : LaunchApp
Task Gelöscht : Omiga Plus RunAsStdUser
***** [ Verknüpfungen ] *****
Verknüpfung Desinfiziert : C:\Users\Sky-GmbH\Desktop\Musik\alles\Search.lnk
Verknüpfung Desinfiziert : C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Verknüpfung Desinfiziert : C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Verknüpfung Desinfiziert : C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Verknüpfung Desinfiziert : C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk
***** [ Registrierungsdatenbank ] *****
Wert Gelöscht : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{ACAA314B-EEBA-48E4-AD47-84E31C44796C}]
Schlüssel Gelöscht : HKCU\Software\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\bakijjialdiiboeaknfpmflphhmljfkd
Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\mkcedibhemacmilmkpndpkoidlnmgngg
Schlüssel Gelöscht : HKCU\Software\Classes\pokki
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\www.superfish.com
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\speedupmypc
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\jZip_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\SnapDo_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\omigaplussvc
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Schlüssel Gelöscht : HKCU\Software\84ddd9b26dee12
Schlüssel Gelöscht : HKLM\SOFTWARE\84ddd9b26dee12
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{CA1FF14A-9541-4610-7A9E-8CA87A2F4235}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA1FF14A-9541-4610-7A9E-8CA87A2F4235}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CA1FF14A-9541-4610-7A9E-8CA87A2F4235}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4B71-B0A3-3D82E62A6909}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{31090377-0740-419E-BEFC-A56E50500D5B}
Schlüssel Gelöscht : HKCU\Software\APN PIP
Schlüssel Gelöscht : HKCU\Software\BI
Schlüssel Gelöscht : HKCU\Software\Delta
Schlüssel Gelöscht : HKCU\Software\jZip
Schlüssel Gelöscht : HKCU\Software\lollipop
Schlüssel Gelöscht : HKCU\Software\Opti Toolbar
Schlüssel Gelöscht : HKCU\Software\RegisteredApplicationsEx
Schlüssel Gelöscht : HKCU\Software\AppDataLow\Software\lyricsmonkey
Schlüssel Gelöscht : HKLM\SOFTWARE\Babylon
Schlüssel Gelöscht : HKLM\SOFTWARE\Delta
Schlüssel Gelöscht : HKLM\SOFTWARE\Desksvc
Schlüssel Gelöscht : HKLM\SOFTWARE\eSafeSecControl
Schlüssel Gelöscht : HKLM\SOFTWARE\hdcode
Schlüssel Gelöscht : HKLM\SOFTWARE\omigaplusSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\Opti Toolbar
Schlüssel Gelöscht : HKLM\SOFTWARE\PIP
Schlüssel Gelöscht : HKLM\SOFTWARE\SoftwareUpdater
Schlüssel Gelöscht : HKLM\SOFTWARE\SP Global
Schlüssel Gelöscht : HKLM\SOFTWARE\SProtector
Schlüssel Gelöscht : HKLM\SOFTWARE\Uniblue
Schlüssel Gelöscht : HKLM\SOFTWARE\V9
Schlüssel Gelöscht : HKLM\SOFTWARE\Vittalia
Schlüssel Gelöscht : HKLM\SOFTWARE\winzipersvc
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
***** [ Browser ] *****
-\\ Internet Explorer v11.0.9600.17280
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v
[ Datei : C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\prefs.js ]
Zeile gelöscht : user_pref("aol_toolbar.default.homepage.check", false);
Zeile gelöscht : user_pref("aol_toolbar.default.search.check", false);
Zeile gelöscht : user_pref("browser.search.defaultenginename", "istartsurf");
Zeile gelöscht : user_pref("browser.search.selectedEngine", "istartsurf");
Zeile gelöscht : user_pref("extensions.quick_start.enable_search1", false);
Zeile gelöscht : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Zeile gelöscht : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Zeile gelöscht : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Zeile gelöscht : user_pref("sweetim.toolbar.searchguard.enable", "");
-\\ Google Chrome v
[ Datei : C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\preferences ]
*************************
AdwCleaner[R0].txt - [12509 octets] - [08/10/2014 14:34:06]
AdwCleaner[S0].txt - [10715 octets] - [08/10/2014 14:36:14]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [10776 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.1 (10.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by Sky-GmbH on 08.10.2014 at 14:46:34,46
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricsMonkeyUpdater_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricsMonkeyUpdater_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricsPal_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\LyricsPal_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\pricepeep_130001_1001_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\pricepeep_130001_1001_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\LyricsMonkeyUpdater_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\LyricsMonkeyUpdater_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\LyricsPal_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\LyricsPal_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\pricepeep_130001_1001_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\pricepeep_130001_1001_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{A05A4538-1D9E-478D-84A6-337DCAE8E684}
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08.10.2014 at 14:49:39,89
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 06-10-2014 01 Ran by Sky-GmbH (administrator) on SKY-GMBH-PC on 08-10-2014 15:02:37 Running from G:\Downloads Loaded Profile: Sky-GmbH (Available profiles: Sky-GmbH) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe (AMD) C:\Windows\System32\atieclxx.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (AVM Berlin) C:\Program Files (x86)\avmwlanstick\WLanNetService.exe (Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe (Hercules®) C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe (Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTSched.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe (Logitech Inc.) C:\Program Files (x86)\Common Files\LogiShrd\LVMVFM\LVPrS64H.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\HDJSeriesCPL.exe (Dropbox, Inc.) C:\Users\Sky-GmbH\AppData\Roaming\Dropbox\bin\Dropbox.exe (Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe (Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe (Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE (Hercules®) C:\Program Files\Hercules\Audio\DJ Console Series\cpl2\HDJSeries2CPL.exe (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\AllShare\AllShareDMS\AllShareDMS.exe (Google Inc.) C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-10-01] (Microsoft Corporation) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642728 2012-09-28] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [AsioThk32Reg] => REGSVR32.EXE /S CTASIO.DLL HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2011-10-26] (Nullsoft, Inc.) HKU\S-1-5-21-3580576135-3699304626-4257408890-1000\...\Run: [CreativeTaskScheduler] => C:\Program Files (x86)\Creative\Shared Files\CTSched.exe [53341 2006-11-17] (Creative Technology Ltd) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) ProxyServer: http=127.0.0.1:52865;https=127.0.0.1:52865 HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x516A01B772FBCD01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKCU - URL hxxp://isearch.babylon.com/?q={searchTerms}&babsrc=SP_ss_Btisdt5&mntrId=C2308C89A532303F&affID=121562&tl=162546700&tt=250613_gr1&tsp=4926 BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Microsoft-Konto-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab DPF: HKLM-x32 {E705A591-DA3C-4228-B0D5-A356DBA42FBF} hxxp://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/121022/CTPID.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default FF Homepage: hxxp://google.de/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Sky-GmbH\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Sky-GmbH\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Extension: Easy YouTube to MP3 Converter - C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\Extensions\jid0-SQnwtgW1b8BsMB5PLV5WScEDWOw@jetpack.xpi [2013-12-19] FF Extension: Speed Dial - C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2014-09-24] FF Extension: {6653afde-c1ab-43c4-ba73-af5f7614d9de} - C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\Extensions\{6653afde-c1ab-43c4-ba73-af5f7614d9de}.xpi [2014-04-19] FF Extension: S7 Airlines - C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\Extensions\{b6abf390-66f1-11e2-bcfd-0800200c9a66}.xpi [2014-09-24] FF Extension: SoundCloud Downloader - Technowise - C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\Extensions\{c8d3bc80-0810-4d21-a2c2-be5f2b2832ac}.xpi [2013-12-19] FF Extension: Theme Font & Size Changer - C:\Users\Sky-GmbH\AppData\Roaming\Mozilla\Firefox\Profiles\av76s32l.default\Extensions\{f69e22c7-bc50-414a-9269-0f5c344cd94c}.xpi [2014-09-24] FF Extension: DVDVideoSoft YouTube MP3 and Video Download - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff [2013-10-30] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found] Chrome: ======= CHR Profile: C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (New Tab Page by Speed Dial Team) - C:\Users\Sky-GmbH\AppData\Local\Google\Chrome\User Data\Default\Extensions\idgeoanibcknhniccgaoaiolihidecjn [2014-09-25] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-09-28] (Advanced Micro Devices, Inc.) [File not signed] R2 AVM WLAN Connection Service; C:\Program Files (x86)\avmwlanstick\WlanNetService.exe [376832 2010-10-22] (AVM Berlin) [File not signed] S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2013-03-07] (Creative Labs) [File not signed] S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2013-01-07] (Creative Labs) [File not signed] R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed] R2 HerculesDJControlMP3; C:\Program Files\Hercules\Audio\DJ Console Series\drivers\amd64\HerculesDJControlMP3.EXE [50688 2014-03-04] (Hercules®) [File not signed] R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 a4djavs; C:\Windows\System32\Drivers\a4djavs.sys [359784 2012-12-18] (Native Instruments GmbH) R3 a4djusb_svc; C:\Windows\System32\Drivers\a4djusb.sys [99688 2012-12-18] (Native Instruments GmbH) S3 avmeject; C:\Windows\System32\drivers\avmeject.sys [14120 2010-10-22] (AVM Berlin) S3 Bulk; C:\Windows\System32\Drivers\HDJBulk.sys [296240 2014-03-05] (© Guillemot R&D, 2014. All rights reserved.) S3 FWLANUSB; C:\Windows\System32\DRIVERS\fwlanusb.sys [460800 2010-10-22] (AVM GmbH) S3 HDJMidi; C:\Windows\System32\DRIVERS\HDJMidi.sys [276272 2014-03-05] (© Guillemot R&D, 2014. All rights reserved.) R3 LVPr2M64; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () S3 LVPr2Mon; C:\Windows\System32\DRIVERS\LVPr2M64.sys [30232 2009-10-07] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-08] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) S3 pfc; C:\Windows\SysWOW64\drivers\pfc.sys [10368 2004-04-01] (Padus, Inc.) [File not signed] S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.) S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed] S3 catchme; \??\C:\ComboFix\catchme.sys [X] S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X] S3 tsusbhub; system32\drivers\tsusbhub.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-08 14:49 - 2014-10-08 14:49 - 00002167 _____ () C:\Users\Sky-GmbH\Desktop\JRT.txt 2014-10-08 14:46 - 2014-10-08 14:46 - 00000000 ____D () C:\Windows\ERUNT 2014-10-08 14:46 - 2014-10-08 14:22 - 01705141 _____ (Thisisu) C:\Users\Sky-GmbH\Desktop\JRT.exe 2014-10-08 14:45 - 2014-10-08 14:59 - 00000000 ____D () C:\Users\Sky-GmbH\Desktop\Log Daten 2014-10-08 14:34 - 2014-10-08 14:45 - 00000000 ____D () C:\AdwCleaner 2014-10-08 14:08 - 2014-10-08 14:52 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-10-08 14:08 - 2014-10-08 14:08 - 00001106 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-10-08 14:07 - 2014-10-08 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-10-08 14:07 - 2014-10-08 14:07 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 2014-10-08 14:07 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-10-08 14:07 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-10-08 14:07 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-10-07 20:43 - 2014-10-07 20:43 - 00024100 _____ () C:\ComboFix.txt 2014-10-07 19:16 - 2011-06-26 08:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-10-07 19:16 - 2010-11-07 19:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-10-07 19:16 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-10-07 19:16 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-10-07 19:16 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-10-07 19:16 - 2000-08-31 02:00 - 00098816 _____ () C:\Windows\sed.exe 2014-10-07 19:16 - 2000-08-31 02:00 - 00080412 _____ () C:\Windows\grep.exe 2014-10-07 19:16 - 2000-08-31 02:00 - 00068096 _____ () C:\Windows\zip.exe 2014-10-07 19:15 - 2014-10-07 20:43 - 00000000 ____D () C:\Qoobox 2014-10-07 19:15 - 2014-10-07 20:38 - 00000000 ____D () C:\Windows\erdnt 2014-10-07 19:11 - 2014-10-07 19:13 - 05582481 ____R (Swearware) C:\Users\Sky-GmbH\Desktop\ComboFix.exe 2014-10-03 13:33 - 2014-10-08 15:02 - 00000000 ____D () C:\FRST 2014-09-30 20:36 - 2014-09-25 04:08 - 00371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2014-09-30 20:36 - 2014-09-25 03:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll 2014-09-30 20:27 - 2014-09-30 20:27 - 00000000 __SHD () C:\Users\Sky-GmbH\AppData\Local\EmieUserList 2014-09-30 20:27 - 2014-09-30 20:27 - 00000000 __SHD () C:\Users\Sky-GmbH\AppData\Local\EmieSiteList 2014-09-28 23:15 - 2014-09-28 23:48 - 671068532 _____ () C:\Users\Sky-GmbH\Downloads\F.1..F.4.15.P4L.EN.GER.ITA.part07.rar 2014-09-28 23:15 - 2014-09-28 23:38 - 335539096 _____ () C:\Users\Sky-GmbH\Downloads\F.1..F.4.15.P4L.EN.GER.ITA.part1.rev 2014-09-28 23:15 - 2014-09-28 23:37 - 271260732 _____ () C:\Users\Sky-GmbH\Downloads\F.1..F.4.15.P4L.EN.GER.ITA.part08.rar 2014-09-28 23:15 - 2014-09-28 23:37 - 271231080 _____ () C:\Users\Sky-GmbH\Downloads\F.1..F.4.15.P4L.EN.GER.ITA.part05.rar 2014-09-28 23:15 - 2014-09-28 23:31 - 167751092 _____ () C:\Users\Sky-GmbH\Downloads\F.1..F.4.15.P4L.EN.GER.ITA.part03.rar 2014-09-28 23:15 - 2014-09-28 23:30 - 167764824 _____ () C:\Users\Sky-GmbH\Downloads\F.1..F.4.15.P4L.EN.GER.ITA.part09.rar 2014-09-28 23:15 - 2014-09-28 23:25 - 83869976 _____ () C:\Users\Sky-GmbH\Downloads\F.1..F.4.15.P4L.EN.GER.ITA.part04.rar 2014-09-28 23:15 - 2014-09-28 23:24 - 83870496 _____ () C:\Users\Sky-GmbH\Downloads\F.1..F.4.15.P4L.EN.GER.ITA.part06.rar 2014-09-28 23:14 - 2014-09-28 23:29 - 158761724 _____ () C:\Users\Sky-GmbH\Downloads\F.1..F.4.15.P4L.EN.GER.ITA.part02.rar 2014-09-28 23:14 - 2014-09-28 23:24 - 83875624 _____ () C:\Users\Sky-GmbH\Downloads\F.1..F.4.15.P4L.EN.GER.ITA.part01.rar 2014-09-28 23:09 - 2014-10-08 14:51 - 00002408 _____ () C:\Windows\setupact.log 2014-09-28 23:09 - 2014-10-08 14:50 - 00100656 _____ () C:\Windows\PFRO.log 2014-09-28 23:09 - 2014-09-28 23:09 - 00000000 _____ () C:\Windows\setuperr.log 2014-09-28 18:17 - 2014-09-28 18:17 - 00002778 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-09-28 18:17 - 2014-09-28 18:17 - 00000871 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-09-28 18:17 - 2014-09-28 18:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-09-28 18:17 - 2014-09-28 18:17 - 00000000 ____D () C:\Program Files\CCleaner 2014-09-28 18:14 - 2014-09-28 18:16 - 03826912 _____ (Piriform Ltd) C:\Users\Sky-GmbH\Downloads\ccsetup417_slim (1).exe 2014-09-28 18:14 - 2014-09-28 18:15 - 03826912 _____ (Piriform Ltd) C:\Users\Sky-GmbH\Downloads\ccsetup417_slim.exe 2014-09-25 06:12 - 2014-09-25 06:12 - 00002378 _____ () C:\Users\Sky-GmbH\Desktop\Chrome App Launcher.lnk 2014-09-24 21:39 - 2014-09-24 21:28 - 00000664 _____ () C:\Users\Sky-GmbH\Desktop\Authorize.auz.lnk 2014-09-24 21:03 - 2014-09-24 21:28 - 00000000 ____D () C:\Users\Sky-GmbH\AppData\Roaming\Ableton 2014-09-24 16:22 - 2014-09-24 16:22 - 00007597 _____ () C:\Users\Sky-GmbH\AppData\Local\Resmon.ResmonCfg 2014-09-24 15:55 - 2014-09-24 15:55 - 00000000 ____D () C:\Users\Sky-GmbH\AppData\Roaming\Adobe 2014-09-24 15:49 - 2014-09-28 19:18 - 00000000 ____D () C:\Windows\rescache 2014-09-24 15:18 - 2014-09-24 15:18 - 00000000 ____D () C:\Users\Sky-GmbH\AppData\Roaming\ATI 2014-09-24 15:17 - 2014-09-24 15:17 - 00000000 ____D () C:\Users\Sky-GmbH\AppData\Roaming\Apple Computer 2014-09-24 15:11 - 2014-09-24 15:11 - 00003144 _____ () C:\Windows\System32\Tasks\{EFD0C31F-98C8-4B72-8429-BC1F4F038B09} 2014-09-24 14:22 - 2014-09-10 00:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-09-24 14:22 - 2014-09-09 23:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll 2014-09-15 23:00 - 2014-09-15 23:00 - 00325984 _____ () C:\Users\Sky-GmbH\Desktop\Skyyy.pk 2014-09-15 22:52 - 2014-09-15 22:52 - 31046444 ____T () C:\Users\Sky-GmbH\Desktop\Skyyy.wav 2014-09-15 22:52 - 2014-09-15 22:52 - 00369461 ____T () C:\Users\Sky-GmbH\Desktop\Skyyy.wav.asd 2014-09-15 22:08 - 2014-09-15 22:08 - 00003164 _____ () C:\Windows\System32\Tasks\{D600AA86-D82B-4578-9A49-B8F8E1FCBEF5} 2014-09-15 22:04 - 2014-10-08 14:33 - 00000000 ____D () C:\Program Files\Common Files\PicRec 2014-09-15 22:04 - 2014-09-15 22:12 - 00000000 ____D () C:\http_filter 2014-09-15 22:04 - 2014-08-25 12:15 - 00049880 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\netmon_wfp.sys 2014-09-15 22:03 - 2014-09-15 22:03 - 00718497 _____ () C:\Windows\unins000.exe 2014-09-15 22:03 - 2014-09-15 22:03 - 00236076 _____ () C:\Windows\unins000.dat 2014-09-15 22:03 - 2014-09-15 22:03 - 00000000 ____D () C:\Users\Sky-GmbH\AppData\Local\Maxiget 2014-09-15 22:03 - 2014-09-15 22:03 - 00000000 ____D () C:\Program Files (x86)\Maxiget 2014-09-15 19:09 - 2014-09-15 19:12 - 00000010 _____ () C:\Users\Sky-GmbH\Desktop\Neues Textdokument.txt 2014-09-12 20:32 - 2014-09-01 21:39 - 00000000 ____D () C:\Users\Sky-GmbH\Downloads\Guardians.of.the.Galaxy.2014.German.720p.HDTS.AC3D.x264-Marvel 2014-09-11 23:30 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-09-11 23:30 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-09-11 23:30 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-09-11 23:30 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-09-11 23:30 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-09-11 23:30 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-09-11 23:30 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-09-11 23:30 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-09-11 23:30 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-09-11 23:30 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-09-11 23:30 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-09-11 23:30 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-09-11 23:30 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-09-11 23:30 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-09-11 23:30 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-09-11 23:30 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-09-11 23:30 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-09-11 23:30 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-09-11 23:30 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-09-11 23:30 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-09-11 23:30 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-09-11 23:30 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-09-11 23:30 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-09-11 23:30 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-09-11 23:30 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-09-11 23:30 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-09-11 23:30 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-09-11 23:30 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-09-11 23:30 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-09-11 23:30 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-09-11 23:30 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-09-11 23:30 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-09-11 23:30 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-09-11 23:30 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-09-11 23:30 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-09-11 23:30 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-09-11 23:30 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-09-11 23:30 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-09-11 23:30 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-09-11 23:30 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-09-11 23:30 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-09-11 23:30 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-09-11 23:30 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-09-11 23:30 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-09-11 23:30 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-09-11 23:30 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-09-11 23:30 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-09-11 23:30 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-09-11 23:30 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-09-11 23:30 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-09-11 23:30 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-09-11 23:30 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-09-11 23:30 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-09-11 23:30 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-09-11 23:30 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-09-11 23:30 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-09-11 23:26 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-09-11 23:26 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2014-09-11 22:23 - 2014-09-11 22:24 - 00000000 ____D () C:\Users\Sky-GmbH\Desktop\fdfdzdzt 2014-09-11 22:23 - 2014-09-11 22:23 - 00000000 ____D () C:\Users\Sky-GmbH\Desktop\The.Expendables.3.2014.HDRip.720p.x264.AC3.German.Dubbed-Foto1 2014-09-11 21:13 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll 2014-09-11 21:13 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll 2014-09-11 21:01 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-09-11 21:01 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-09-11 21:01 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-09-11 21:01 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-09-11 21:01 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-09-11 21:01 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-09-11 21:01 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-08 14:56 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-10-08 14:56 - 2009-07-14 06:45 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-10-08 14:55 - 2013-01-07 07:21 - 01618092 _____ () C:\Windows\WindowsUpdate.log 2014-10-08 14:51 - 2013-09-21 23:16 - 00000000 ___RD () C:\Users\Sky-GmbH\Dropbox 2014-10-08 14:51 - 2013-09-21 23:12 - 00000000 ____D () C:\Users\Sky-GmbH\AppData\Roaming\Dropbox 2014-10-08 14:51 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-10-08 14:48 - 2013-03-31 12:03 - 00001132 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3580576135-3699304626-4257408890-1000UA.job 2014-10-08 14:48 - 2013-03-31 12:03 - 00001080 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3580576135-3699304626-4257408890-1000Core.job 2014-10-08 14:43 - 2013-10-19 18:00 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-10-08 14:36 - 2013-03-31 12:04 - 00000000 ____D () C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome 2014-10-08 14:36 - 2013-01-07 07:20 - 00001050 _____ () C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-10-08 14:07 - 2013-12-12 22:42 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-10-08 09:16 - 2013-01-26 10:36 - 00737390 _____ () C:\Windows\system32\perfh00A.dat 2014-10-08 09:16 - 2013-01-26 10:36 - 00158472 _____ () C:\Windows\system32\perfc00A.dat 2014-10-08 09:16 - 2013-01-26 10:15 - 00384278 _____ () C:\Windows\system32\perfh00D.dat 2014-10-08 09:16 - 2013-01-26 10:15 - 00084756 _____ () C:\Windows\system32\perfc00D.dat 2014-10-08 09:16 - 2013-01-26 09:33 - 00731980 _____ () C:\Windows\system32\perfh010.dat 2014-10-08 09:16 - 2013-01-26 09:33 - 00146844 _____ () C:\Windows\system32\perfc010.dat 2014-10-08 09:16 - 2013-01-26 09:14 - 00682558 _____ () C:\Windows\system32\perfh00C.dat 2014-10-08 09:16 - 2013-01-26 09:14 - 00470948 _____ () C:\Windows\system32\perfh001.dat 2014-10-08 09:16 - 2013-01-26 09:14 - 00130230 _____ () C:\Windows\system32\perfc00C.dat 2014-10-08 09:16 - 2013-01-26 09:14 - 00094770 _____ () C:\Windows\system32\perfc001.dat 2014-10-08 09:16 - 2009-07-14 19:58 - 00699432 _____ () C:\Windows\system32\perfh007.dat 2014-10-08 09:16 - 2009-07-14 19:58 - 00149572 _____ () C:\Windows\system32\perfc007.dat 2014-10-08 09:16 - 2009-07-14 07:13 - 05236968 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-10-07 20:39 - 2009-07-14 04:34 - 00000215 _____ () C:\Windows\system.ini 2014-10-07 20:38 - 2009-07-14 04:34 - 94601216 _____ () C:\Windows\system32\config\software.bak 2014-10-07 20:38 - 2009-07-14 04:34 - 19922944 _____ () C:\Windows\system32\config\system.bak 2014-10-07 20:38 - 2009-07-14 04:34 - 118751232 _____ () C:\Windows\system32\config\components.bak 2014-10-07 20:38 - 2009-07-14 04:34 - 00294912 _____ () C:\Windows\system32\config\default.bak 2014-10-07 20:38 - 2009-07-14 04:34 - 00032768 _____ () C:\Windows\system32\config\sam.bak 2014-10-07 20:38 - 2009-07-14 04:34 - 00024576 _____ () C:\Windows\system32\config\security.bak 2014-10-07 20:30 - 2014-01-26 12:45 - 00002150 _____ () C:\Windows\epplauncher.mif 2014-10-07 20:20 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Default 2014-10-07 19:17 - 2014-09-04 22:44 - 00000000 ____D () C:\Users\TEMP 2014-09-28 18:38 - 2013-01-07 07:22 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-09-28 18:37 - 2009-10-14 08:04 - 00000000 ____D () C:\Windows\Panther 2014-09-25 21:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\uk-UA 2014-09-25 21:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\sl-SI 2014-09-25 21:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK 2014-09-25 21:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\he-IL 2014-09-25 21:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\ar-SA 2014-09-25 21:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\uk-UA 2014-09-25 21:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sl-SI 2014-09-25 21:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\sk-SK 2014-09-25 21:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\he-IL 2014-09-25 21:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\ar-SA 2014-09-25 14:54 - 2014-06-19 02:53 - 00000000 ____D () C:\Users\Public\Steam 2014-09-25 06:04 - 2014-06-18 22:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-09-25 06:04 - 2013-12-12 23:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-09-24 15:17 - 2013-11-26 01:27 - 00000000 ____D () C:\Program Files (x86)\Sk.Enhancer 2014-09-24 15:14 - 2013-04-26 19:02 - 00000000 ____D () C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ 2014-09-24 15:14 - 2013-04-26 19:02 - 00000000 ____D () C:\Program Files (x86)\VirtualDJ 2014-09-24 15:11 - 2013-11-26 01:28 - 00000000 ____D () C:\Program Files (x86)\SearchNewTab 2014-09-24 15:11 - 2013-11-26 01:26 - 00000000 ____D () C:\ProgramData\904306d03d380de3 2014-09-24 14:44 - 2013-10-19 18:00 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-09-24 14:44 - 2013-10-19 18:00 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-09-24 14:44 - 2013-10-19 18:00 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-09-24 14:33 - 2014-06-18 02:28 - 00001478 _____ () C:\Users\Sky-GmbH\AppData\Local\RecConfig.xml 2014-09-24 14:16 - 2013-09-21 23:13 - 00000000 ____D () C:\Users\Sky-GmbH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2014-09-15 22:52 - 2014-08-21 21:06 - 00000000 ___RD () C:\Users\Sky-GmbH\Desktop\Unbenannt Project 2014-09-15 19:15 - 2014-08-15 23:11 - 00000000 ____D () C:\Users\Sky-GmbH\Desktop\Aero Bilder 1 2014-09-15 19:09 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries 2014-09-15 13:30 - 2014-08-20 20:04 - 00000000 ____D () C:\Users\Sky-GmbH\Documents\Max 2014-09-15 09:06 - 2009-10-14 07:13 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-09-11 23:30 - 2013-01-07 23:14 - 05121062 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI 2014-09-11 23:29 - 2013-08-14 19:03 - 00000000 ____D () C:\Windows\system32\MRT 2014-09-11 23:26 - 2009-10-14 07:12 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-09-11 20:38 - 2009-07-14 06:45 - 00270704 _____ () C:\Windows\system32\FNTCACHE.DAT Some content of TEMP: ==================== C:\Users\Sky-GmbH\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpj3dkku.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-07 21:39 ==================== End Of Log ============================ --- --- --- --- --- --- Vielen Dank. habe das jetzt aus versehen zwei mal schrieben hoffe es macht keine Umstände. |
|
09.10.2014, 10:46
| #11 |
| /// the machine /// TB-Ausbilder | PC Langsam Hab ich einen Virus ?ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
WARNUNG an die MITLESER: 
Linear-Darstellung
